Example 16 with ToolVersionScanResult
use of com.epam.pipeline.entity.scan.ToolVersionScanResult in project cloud-pipeline by epam.
the class ToolManagerTest method testUpdateToolScanStatus.
@Test()
@Transactional(propagation = Propagation.REQUIRES_NEW, rollbackFor = Exception.class)
public void testUpdateToolScanStatus() {
Tool tool = generateTool(TEST_GROUP_ID1);
tool.setToolGroupId(firstToolGroup.getId());
toolManager.create(tool, true);
String layerRef = "layerref";
String digest = "digest";
Date now = new Date();
ToolScanStatus status = ToolScanStatus.COMPLETED;
toolManager.updateToolVersionScanStatus(tool.getId(), status, now, LATEST_TAG, layerRef, digest);
toolManager.updateWhiteListWithToolVersionStatus(tool.getId(), LATEST_TAG, true);
ToolVersionScanResult versionScan = toolManager.loadToolVersionScan(tool.getId(), LATEST_TAG).get();
Assert.assertEquals(status, versionScan.getStatus());
Assert.assertEquals(now, versionScan.getScanDate());
Assert.assertEquals(now, versionScan.getSuccessScanDate());
Assert.assertEquals(layerRef, versionScan.getLastLayerRef());
layerRef = "newlayerref";
digest = "newdigest";
now = new Date();
toolManager.updateToolVersionScanStatus(tool.getId(), status, now, LATEST_TAG, layerRef, digest);
Assert.assertEquals(1, toolManager.loadToolScanResult(tool).getToolVersionScanResults().values().size());
versionScan = toolManager.loadToolVersionScan(tool.getId(), LATEST_TAG).get();
Assert.assertEquals(now, versionScan.getScanDate());
Assert.assertEquals(now, versionScan.getSuccessScanDate());
Assert.assertEquals(layerRef, versionScan.getLastLayerRef());
Assert.assertFalse(versionScan.isFromWhiteList());
}
Also used :
ToolVersionScanResult(com.epam.pipeline.entity.scan.ToolVersionScanResult)
Matchers.anyString(org.mockito.Matchers.anyString)
AbstractManagerTest(com.epam.pipeline.manager.AbstractManagerTest)
Test(org.junit.Test)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 17 with ToolVersionScanResult
use of com.epam.pipeline.entity.scan.ToolVersionScanResult in project cloud-pipeline by epam.
the class ToolManagerTest method testLoadToolScanResult.
@Test()
@Transactional(propagation = Propagation.REQUIRES_NEW, rollbackFor = Exception.class)
public void testLoadToolScanResult() {
String latestVersion = "latest", testRef = "testRef", prevVersion = "prev";
Date scanDate = new Date();
Mockito.doReturn(Arrays.asList(latestVersion, prevVersion)).when(dockerClient).getImageTags(any(), anyString());
Tool tool = generateTool(TEST_GROUP_ID1);
tool.setToolGroupId(firstToolGroup.getId());
toolManager.create(tool, true);
toolManager.updateToolVersionScanStatus(tool.getId(), ToolScanStatus.COMPLETED, scanDate, latestVersion, testRef, testRef);
ToolScanResult loaded = toolManager.loadToolScanResult(tool);
Assert.assertEquals(ToolScanStatus.COMPLETED, loaded.getToolVersionScanResults().get(latestVersion).getStatus());
Assert.assertEquals(scanDate, loaded.getToolVersionScanResults().get(latestVersion).getSuccessScanDate());
Assert.assertEquals(scanDate, loaded.getToolVersionScanResults().get(latestVersion).getScanDate());
Optional<String> loadedRef = toolManager.loadToolVersionScan(tool.getId(), latestVersion).map(ToolVersionScanResult::getLastLayerRef);
Assert.assertTrue(loadedRef.isPresent());
Assert.assertEquals(testRef, loadedRef.get());
Optional<String> loadedDigest = toolManager.loadToolVersionScan(tool.getId(), latestVersion).map(ToolVersionScanResult::getDigest);
Assert.assertTrue(loadedDigest.isPresent());
Assert.assertEquals(testRef, loadedDigest.get());
// check that we will get empty ToolVersionScanResult for not scanned version
Assert.assertEquals(ToolScanStatus.NOT_SCANNED, loaded.getToolVersionScanResults().get(prevVersion).getStatus());
Assert.assertEquals(null, loaded.getToolVersionScanResults().get(prevVersion).getSuccessScanDate());
}
Also used :
ToolScanResult(com.epam.pipeline.entity.scan.ToolScanResult)
ToolVersionScanResult(com.epam.pipeline.entity.scan.ToolVersionScanResult)
Matchers.anyString(org.mockito.Matchers.anyString)
AbstractManagerTest(com.epam.pipeline.manager.AbstractManagerTest)
Test(org.junit.Test)
Transactional(org.springframework.transaction.annotation.Transactional)
Example 18 with ToolVersionScanResult
use of com.epam.pipeline.entity.scan.ToolVersionScanResult in project cloud-pipeline by epam.
the class TestUtils method generateScanResult.
public static ToolVersionScanResult generateScanResult(int criticalVulnerabilitiesCount, int highVulnerabilitiesCount, int mediumVulnerabilitiesCount) {
ToolVersionScanResult result = new ToolVersionScanResult();
generateScanResult(criticalVulnerabilitiesCount, highVulnerabilitiesCount, mediumVulnerabilitiesCount, result);
return result;
}
Also used :
ToolVersionScanResult(com.epam.pipeline.entity.scan.ToolVersionScanResult)
Example 19 with ToolVersionScanResult
use of com.epam.pipeline.entity.scan.ToolVersionScanResult in project cloud-pipeline by epam.
the class TestUtils method generateScanResult.
public static void generateScanResult(int criticalVulnerabilitiesCount, int highVulnerabilitiesCount, int mediumVulnerabilitiesCount, ToolVersionScanResult versionScanResult) {
List<Vulnerability> testVulnerabilities = IntStream.range(0, criticalVulnerabilitiesCount).mapToObj(i -> createVulnerability(VulnerabilitySeverity.Critical)).collect(Collectors.toList());
testVulnerabilities.addAll(IntStream.range(0, highVulnerabilitiesCount).mapToObj(i -> createVulnerability(VulnerabilitySeverity.High)).collect(Collectors.toList()));
testVulnerabilities.addAll(IntStream.range(0, mediumVulnerabilitiesCount).mapToObj(i -> createVulnerability(VulnerabilitySeverity.Medium)).collect(Collectors.toList()));
versionScanResult.setVulnerabilities(testVulnerabilities);
versionScanResult.setScanDate(new Date());
versionScanResult.setSuccessScanDate(new Date());
versionScanResult.setStatus(ToolScanStatus.COMPLETED);
}
Also used :
IntStream(java.util.stream.IntStream)
Date(java.util.Date)
ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper)
ManifestV2(com.epam.pipeline.entity.docker.ManifestV2)
Vulnerability(com.epam.pipeline.entity.scan.Vulnerability)
Collectors(java.util.stream.Collectors)
Matchers.anyString(org.mockito.Matchers.anyString)
Matchers.any(org.mockito.Matchers.any)
Mockito(org.mockito.Mockito)
List(java.util.List)
ToolVersionScanResult(com.epam.pipeline.entity.scan.ToolVersionScanResult)
Map(java.util.Map)
Optional(java.util.Optional)
VulnerabilitySeverity(com.epam.pipeline.entity.scan.VulnerabilitySeverity)
DockerClientFactory(com.epam.pipeline.manager.docker.DockerClientFactory)
Assert(org.junit.Assert)
Collections(java.util.Collections)
DockerClient(com.epam.pipeline.manager.docker.DockerClient)
ToolVersion(com.epam.pipeline.entity.docker.ToolVersion)
ToolScanStatus(com.epam.pipeline.entity.pipeline.ToolScanStatus)
Vulnerability(com.epam.pipeline.entity.scan.Vulnerability)
Date(java.util.Date)
Aggregations
ToolVersionScanResult (com.epam.pipeline.entity.scan.ToolVersionScanResult)19
DockerClient (com.epam.pipeline.manager.docker.DockerClient)6
DockerRegistry (com.epam.pipeline.entity.pipeline.DockerRegistry)5
Tool (com.epam.pipeline.entity.pipeline.Tool)5
ToolScanStatus (com.epam.pipeline.entity.pipeline.ToolScanStatus)5
ToolScanExternalServiceException (com.epam.pipeline.exception.ToolScanExternalServiceException)5
List (java.util.List)5
Transactional (org.springframework.transaction.annotation.Transactional)5
ManifestV2 (com.epam.pipeline.entity.docker.ManifestV2)4
Vulnerability (com.epam.pipeline.entity.scan.Vulnerability)4
AbstractManagerTest (com.epam.pipeline.manager.AbstractManagerTest)4
Date (java.util.Date)4
Matchers.anyString (org.mockito.Matchers.anyString)4
MessageConstants (com.epam.pipeline.common.MessageConstants)3
MessageHelper (com.epam.pipeline.common.MessageHelper)3
ToolDependency (com.epam.pipeline.entity.scan.ToolDependency)3
ToolScanResult (com.epam.pipeline.entity.scan.ToolScanResult)3
VulnerabilitySeverity (com.epam.pipeline.entity.scan.VulnerabilitySeverity)3
DateUtils (com.epam.pipeline.entity.utils.DateUtils)3
DockerClientFactory (com.epam.pipeline.manager.docker.DockerClientFactory)3
