use of com.epam.pipeline.entity.scan.ToolVersionScanResult in project cloud-pipeline by epam.
the class ToolManagerTest method testUpdateToolScanStatus.
@Test()
@Transactional(propagation = Propagation.REQUIRES_NEW, rollbackFor = Exception.class)
public void testUpdateToolScanStatus() {
Tool tool = generateTool(TEST_GROUP_ID1);
tool.setToolGroupId(firstToolGroup.getId());
toolManager.create(tool, true);
String layerRef = "layerref";
String digest = "digest";
Date now = new Date();
ToolScanStatus status = ToolScanStatus.COMPLETED;
toolManager.updateToolVersionScanStatus(tool.getId(), status, now, LATEST_TAG, layerRef, digest);
toolManager.updateWhiteListWithToolVersionStatus(tool.getId(), LATEST_TAG, true);
ToolVersionScanResult versionScan = toolManager.loadToolVersionScan(tool.getId(), LATEST_TAG).get();
Assert.assertEquals(status, versionScan.getStatus());
Assert.assertEquals(now, versionScan.getScanDate());
Assert.assertEquals(now, versionScan.getSuccessScanDate());
Assert.assertEquals(layerRef, versionScan.getLastLayerRef());
layerRef = "newlayerref";
digest = "newdigest";
now = new Date();
toolManager.updateToolVersionScanStatus(tool.getId(), status, now, LATEST_TAG, layerRef, digest);
Assert.assertEquals(1, toolManager.loadToolScanResult(tool).getToolVersionScanResults().values().size());
versionScan = toolManager.loadToolVersionScan(tool.getId(), LATEST_TAG).get();
Assert.assertEquals(now, versionScan.getScanDate());
Assert.assertEquals(now, versionScan.getSuccessScanDate());
Assert.assertEquals(layerRef, versionScan.getLastLayerRef());
Assert.assertFalse(versionScan.isFromWhiteList());
}
use of com.epam.pipeline.entity.scan.ToolVersionScanResult in project cloud-pipeline by epam.
the class ToolManagerTest method testLoadToolScanResult.
@Test()
@Transactional(propagation = Propagation.REQUIRES_NEW, rollbackFor = Exception.class)
public void testLoadToolScanResult() {
String latestVersion = "latest", testRef = "testRef", prevVersion = "prev";
Date scanDate = new Date();
Mockito.doReturn(Arrays.asList(latestVersion, prevVersion)).when(dockerClient).getImageTags(any(), anyString());
Tool tool = generateTool(TEST_GROUP_ID1);
tool.setToolGroupId(firstToolGroup.getId());
toolManager.create(tool, true);
toolManager.updateToolVersionScanStatus(tool.getId(), ToolScanStatus.COMPLETED, scanDate, latestVersion, testRef, testRef);
ToolScanResult loaded = toolManager.loadToolScanResult(tool);
Assert.assertEquals(ToolScanStatus.COMPLETED, loaded.getToolVersionScanResults().get(latestVersion).getStatus());
Assert.assertEquals(scanDate, loaded.getToolVersionScanResults().get(latestVersion).getSuccessScanDate());
Assert.assertEquals(scanDate, loaded.getToolVersionScanResults().get(latestVersion).getScanDate());
Optional<String> loadedRef = toolManager.loadToolVersionScan(tool.getId(), latestVersion).map(ToolVersionScanResult::getLastLayerRef);
Assert.assertTrue(loadedRef.isPresent());
Assert.assertEquals(testRef, loadedRef.get());
Optional<String> loadedDigest = toolManager.loadToolVersionScan(tool.getId(), latestVersion).map(ToolVersionScanResult::getDigest);
Assert.assertTrue(loadedDigest.isPresent());
Assert.assertEquals(testRef, loadedDigest.get());
// check that we will get empty ToolVersionScanResult for not scanned version
Assert.assertEquals(ToolScanStatus.NOT_SCANNED, loaded.getToolVersionScanResults().get(prevVersion).getStatus());
Assert.assertEquals(null, loaded.getToolVersionScanResults().get(prevVersion).getSuccessScanDate());
}
use of com.epam.pipeline.entity.scan.ToolVersionScanResult in project cloud-pipeline by epam.
the class TestUtils method generateScanResult.
public static ToolVersionScanResult generateScanResult(int criticalVulnerabilitiesCount, int highVulnerabilitiesCount, int mediumVulnerabilitiesCount) {
ToolVersionScanResult result = new ToolVersionScanResult();
generateScanResult(criticalVulnerabilitiesCount, highVulnerabilitiesCount, mediumVulnerabilitiesCount, result);
return result;
}
use of com.epam.pipeline.entity.scan.ToolVersionScanResult in project cloud-pipeline by epam.
the class TestUtils method generateScanResult.
public static void generateScanResult(int criticalVulnerabilitiesCount, int highVulnerabilitiesCount, int mediumVulnerabilitiesCount, ToolVersionScanResult versionScanResult) {
List<Vulnerability> testVulnerabilities = IntStream.range(0, criticalVulnerabilitiesCount).mapToObj(i -> createVulnerability(VulnerabilitySeverity.Critical)).collect(Collectors.toList());
testVulnerabilities.addAll(IntStream.range(0, highVulnerabilitiesCount).mapToObj(i -> createVulnerability(VulnerabilitySeverity.High)).collect(Collectors.toList()));
testVulnerabilities.addAll(IntStream.range(0, mediumVulnerabilitiesCount).mapToObj(i -> createVulnerability(VulnerabilitySeverity.Medium)).collect(Collectors.toList()));
versionScanResult.setVulnerabilities(testVulnerabilities);
versionScanResult.setScanDate(new Date());
versionScanResult.setSuccessScanDate(new Date());
versionScanResult.setStatus(ToolScanStatus.COMPLETED);
}
Aggregations