Examples with Trace - com.contrastsecurity.models.Trace

Example 1 with Trace

use of com.contrastsecurity.models.Trace in project contrast-continuous-application-security-plugin by jenkinsci.

the class VulnerabilityTrendRecorder method buildResult.

/**
 * Builds a String representation of the Traces found when checking for vulnerabilities.
 *
 * @param traces - traces founding during build
 * @param build  - current build
 */
private void buildResult(Set<Trace> traces, AbstractBuild<?, ?> build) {
    Map<String, Integer> traceResult = new HashMap<>();
    Map<String, Integer> severityResult = new HashMap<>();
    for (Trace trace : traces) {
        if (severityResult.containsKey(trace.getSeverity())) {
            Integer previousCount = severityResult.get(trace.getSeverity());
            severityResult.put(trace.getSeverity(), previousCount + 1);
        } else {
            severityResult.put(trace.getSeverity(), 1);
        }
        if (traceResult.containsKey(trace.getRule())) {
            Integer previousCount = traceResult.get(trace.getRule());
            traceResult.put(trace.getRule(), previousCount + 1);
        } else {
            traceResult.put(trace.getRule(), 1);
        }
    }
    // Add remaining severities for chart
    for (String severity : VulnerabilityTrendHelper.SEVERITIES) {
        if (!severityResult.containsKey(severity)) {
            severityResult.put(severity, 0);
        }
    }
    VulnerabilityTrendResult result = new VulnerabilityTrendResult(traceResult, severityResult);
    build.addAction(new VulnerabilityFrequencyAction(result, build));
}

Also used : Trace(com.contrastsecurity.models.Trace) HashMap(java.util.HashMap)

Example 2 with Trace

use of com.contrastsecurity.models.Trace in project contrast-continuous-application-security-plugin by jenkinsci.

the class VulnerabilityTrendRecorder method perform.

@Override
public boolean perform(AbstractBuild<?, ?> build, Launcher launcher, final BuildListener listener) throws IOException {
    if (!build.isBuilding()) {
        return false;
    }
    VulnerabilityTrendHelper.logMessage(listener, "Checking the number of vulnerabilities for this application.");
    ContrastSDK contrastSDK;
    Traces traces;
    Set<Trace> resultTraces = new HashSet<>();
    TeamServerProfile profile = getProfile();
    contrastSDK = VulnerabilityTrendHelper.createSDK(profile.getUsername(), profile.getServiceKey(), profile.getApiKey(), profile.getTeamServerUrl());
    String applicationId = getApplicationId(contrastSDK, profile.getOrgUuid(), build.getParent().getDisplayName());
    if (applicationId.equals("")) {
        VulnerabilityTrendHelper.logMessage(listener, "Application with name '" + build.getParent().getDisplayName() + "' not found.");
        if (profile.isFailOnWrongApplicationName()) {
            throw new AbortException("Application with name '" + build.getParent().getDisplayName() + "' not found.");
        }
    }
    // iterate over conditions; fail on first
    for (ThresholdCondition condition : conditions) {
        VulnerabilityTrendHelper.logMessage(listener, "Checking the threshold condition where " + condition.toString());
        try {
            TraceFilterForm filterForm = new TraceFilterForm();
            filterForm.setAppVersionTags(Collections.singletonList(VulnerabilityTrendHelper.buildAppVersionTag(build)));
            if (condition.getThresholdSeverity() != null) {
                filterForm.setSeverities(VulnerabilityTrendHelper.getSeverityList(condition.getThresholdSeverity()));
            }
            if (condition.getThresholdVulnType() != null) {
                filterForm.setVulnTypes(Collections.singletonList(condition.getThresholdVulnType()));
            }
            traces = contrastSDK.getTracesInOrg(profile.getOrgUuid(), filterForm);
        } catch (Exception e) {
            VulnerabilityTrendHelper.logMessage(listener, e.getMessage());
            throw new AbortException("Unable to retrieve vulnerability information from TeamServer.");
        }
        resultTraces.addAll(traces.getTraces());
        // Integer.parseInt(condition.getThresholdCount());
        int thresholdCount = condition.getThresholdCount();
        if (traces.getCount() > thresholdCount) {
            // save results before failing build
            buildResult(resultTraces, build);
            throw new AbortException("Failed on the threshold condition where " + condition.toString());
        }
    }
    buildResult(resultTraces, build);
    VulnerabilityTrendHelper.logMessage(listener, "This build passes all vulnerability threshold conditions!");
    return true;
}

Also used : Trace(com.contrastsecurity.models.Trace) ContrastSDK(com.contrastsecurity.sdk.ContrastSDK) Traces(com.contrastsecurity.models.Traces) TraceFilterForm(com.contrastsecurity.http.TraceFilterForm) UnauthorizedException(com.contrastsecurity.exceptions.UnauthorizedException) AbortException(hudson.AbortException) IOException(java.io.IOException) HashSet(java.util.HashSet) AbortException(hudson.AbortException)

Aggregations

Trace (com.contrastsecurity.models.Trace)2 UnauthorizedException (com.contrastsecurity.exceptions.UnauthorizedException)1 TraceFilterForm (com.contrastsecurity.http.TraceFilterForm)1 Traces (com.contrastsecurity.models.Traces)1 ContrastSDK (com.contrastsecurity.sdk.ContrastSDK)1 AbortException (hudson.AbortException)1 IOException (java.io.IOException)1 HashMap (java.util.HashMap)1 HashSet (java.util.HashSet)1