use of com.epam.pipeline.manager.preference.PreferenceManager in project cloud-pipeline by epam.
the class AggregatingToolScanManagerTest method setUp.
@Before
public void setUp() throws Exception {
MockitoAnnotations.initMocks(this);
Whitebox.setInternalState(aggregatingToolScanManager, "preferenceManager", preferenceManager);
when(preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_POLICY_DENY_NOT_SCANNED)).thenReturn(DENY_NOT_SCANNED);
when(preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_POLICY_MAX_CRITICAL_VULNERABILITIES)).thenReturn(MAX_CRITICAL_VULNERABILITIES);
when(preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_POLICY_MAX_HIGH_VULNERABILITIES)).thenReturn(MAX_HIGH_VULNERABILITIES);
when(preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_POLICY_MAX_MEDIUM_VULNERABILITIES)).thenReturn(MAX_MEDIUM_VULNERABILITIES);
when(preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_GRACE_HOURS)).thenReturn(0);
// Dummy line, to shut up PMD
Assert.assertNotNull(pipelineConfigurationManager);
testUser.setAdmin(false);
DockerRegistry testRegistry = new DockerRegistry();
testTool = new Tool();
testTool.setId(1L);
testTool.setImage(TEST_IMAGE);
ManifestV2 testManifest = new ManifestV2();
testManifest.setLayers(Arrays.asList(new ManifestV2.Config(DIGEST_1, null), new ManifestV2.Config(DIGEST_2, null), new ManifestV2.Config(DIGEST_3, null)));
toolScanResult.setLastLayerRef(DIGEST_1);
toolScanResult.setScanDate(DateUtils.now());
toolScanResult.setVulnerabilities(Collections.emptyList());
ToolVersion attributes = new ToolVersion();
attributes.setVersion(LATEST_VERSION);
attributes.setDigest(DIGEST_3);
ToolVersion actualAttr = new ToolVersion();
actualAttr.setVersion(ACTUAL_SCANNED_VERSION);
actualAttr.setDigest(DIGEST_3);
actual.setLastLayerRef(aggregatingToolScanManager.getLayerName(TEST_IMAGE, ACTUAL_SCANNED_VERSION));
actual.setScanDate(DateUtils.now());
actual.setSuccessScanDate(DateUtils.now());
actual.setDigest(DIGEST_3);
ClairScanResult testScanResult = new ClairScanResult();
feature = new ClairScanResult.ClairFeature();
feature.setName("test");
feature.setVersion("test1");
clairVulnerability = new ClairScanResult.ClairVulnerability();
clairVulnerability.setSeverity(VulnerabilitySeverity.Critical);
clairVulnerability.setName(TEST_VULNERABILITY_NAME);
clairVulnerability.setDescription(TEST_VULNERABILITY_DESCRIPTION);
feature.setVulnerabilities(Collections.singletonList(clairVulnerability));
testScanResult.setFeatures(Collections.singletonList(feature));
DockerComponentScanResult dockerComponentScanResult = new DockerComponentScanResult();
DockerComponentLayerScanResult layerScanResult = new DockerComponentLayerScanResult();
testDependency = new ToolDependency(1, "latest", "test", "1.0", ToolDependency.Ecosystem.R_PKG, "R Package");
layerScanResult.setDependencies(Collections.singletonList(testDependency));
dockerComponentScanResult.setLayers(Collections.singletonList(layerScanResult));
when(dataStorageApiService.getDataStorages()).thenReturn(Collections.emptyList());
when(versionManager.getValidDockerImage(TEST_IMAGE)).thenReturn(TEST_IMAGE);
when(authManager.getCurrentUser()).thenReturn(testUser);
when(dockerRegistryManager.load(testTool.getRegistryId())).thenReturn(testRegistry);
when(dockerClientFactory.getDockerClient(eq(testRegistry), anyString())).thenReturn(mockDockerClient);
when(mockDockerClient.getManifest(any(), Mockito.anyString(), Mockito.anyString())).thenReturn(Optional.of(testManifest));
when(mockDockerClient.getVersionAttributes(any(), eq(TEST_IMAGE), eq(LATEST_VERSION))).thenReturn(attributes);
when(mockDockerClient.getVersionAttributes(any(), eq(TEST_IMAGE), eq(ACTUAL_SCANNED_VERSION))).thenReturn(actualAttr);
when(clairService.scanLayer(any(ClairScanRequest.class))).then((Answer<MockCall<ClairScanRequest>>) invocation -> new MockCall<>((ClairScanRequest) invocation.getArguments()[0]));
when(clairService.getScanResult(Mockito.anyString())).thenReturn(new MockCall<>(testScanResult));
when(compScanService.scanLayer(any(DockerComponentScanRequest.class))).then((Answer<MockCall<DockerComponentScanRequest>>) invocation -> new MockCall<>((DockerComponentScanRequest) invocation.getArguments()[0]));
when(compScanService.getScanResult(Mockito.anyString())).thenReturn(new MockCall<>(dockerComponentScanResult));
when(messageHelper.getMessage(Mockito.anyString(), Mockito.any())).thenReturn("testMessage");
when(messageHelper.getMessage(any(), any())).thenReturn("testMessage");
when(toolManager.loadByNameOrId(TEST_IMAGE)).thenReturn(testTool);
when(toolManager.loadToolVersionScan(testTool.getId(), LATEST_VERSION)).thenReturn(Optional.of(toolScanResult));
when(toolManager.loadToolVersionScan(testTool.getId(), ACTUAL_SCANNED_VERSION)).thenReturn(Optional.of(actual));
ToolVersion actual = new ToolVersion();
actual.setDigest(DIGEST_3);
when(toolVersionManager.loadToolVersion(testTool.getId(), ACTUAL_SCANNED_VERSION)).thenReturn(actual);
ToolVersion old = new ToolVersion();
old.setDigest(DIGEST_2);
when(toolVersionManager.loadToolVersion(testTool.getId(), LATEST_VERSION)).thenReturn(old);
when(toolManager.getTagFromImageName(Mockito.anyString())).thenReturn(LATEST_VERSION);
}
use of com.epam.pipeline.manager.preference.PreferenceManager in project cloud-pipeline by epam.
the class AttachmentFileManagerTest method setUp.
@Before
public void setUp() throws Exception {
MockitoAnnotations.initMocks(this);
attachmentFileManager = new AttachmentFileManager(dataStorageManager, preferenceManager, attachmentManager, messageHelper, authManager);
Preference systemDataStorage = SystemPreferences.DATA_STORAGE_SYSTEM_DATA_STORAGE_NAME.toPreference();
systemDataStorage.setName(TEST_SYSTEM_DATA_STORAGE);
when(preferenceManager.getPreference(SystemPreferences.DATA_STORAGE_SYSTEM_DATA_STORAGE_NAME)).thenReturn(TEST_SYSTEM_DATA_STORAGE);
when(dataStorageManager.loadByNameOrId(TEST_SYSTEM_DATA_STORAGE)).thenReturn(testSystemDataStorage);
when(dataStorageManager.createDataStorageFile(Mockito.eq(1L), Mockito.anyString(), Mockito.anyString(), Mockito.any(InputStream.class))).then((Answer<DataStorageFile>) invocation -> {
String path = invocation.getArgumentAt(1, String.class);
String name = invocation.getArgumentAt(2, String.class);
DataStorageFile file = new DataStorageFile();
file.setPath(path + "/" + name);
return file;
});
when(attachmentManager.load(Mockito.anyLong())).thenAnswer(invocation -> {
Attachment attachment = new Attachment();
attachment.setId(invocation.getArgumentAt(0, Long.class));
attachment.setName(TEST_ATTACHMENT_NAME);
attachment.setPath(TEST_ATTACHMENT_PATH);
return attachment;
});
DataStorageStreamingContent content = new DataStorageStreamingContent(new ByteArrayInputStream(new byte[] { 1 }), TEST_ATTACHMENT_NAME);
when(dataStorageManager.getStreamingContent(testSystemDataStorage.getId(), TEST_ATTACHMENT_PATH, null)).thenReturn(content);
when(authManager.getAuthorizedUser()).thenReturn(TEST_USER);
}
use of com.epam.pipeline.manager.preference.PreferenceManager in project cloud-pipeline by epam.
the class AggregatingToolScanManagerTest method testInit.
@Test
public void testInit() {
AggregatingToolScanManager toolScanManager = new AggregatingToolScanManager();
PreferenceManager preferenceManager = new PreferenceManager();
PreferenceDao preferenceDao = Mockito.mock(PreferenceDao.class);
SystemPreferences systemPreferences = Mockito.mock(SystemPreferences.class);
Whitebox.setInternalState(preferenceManager, "preferenceDao", preferenceDao);
Whitebox.setInternalState(preferenceManager, "messageHelper", messageHelper);
Whitebox.setInternalState(preferenceManager, "systemPreferences", systemPreferences);
Whitebox.setInternalState(toolScanManager, "preferenceManager", preferenceManager);
toolScanManager.init();
ClairService service = (ClairService) Whitebox.getInternalState(toolScanManager, "clairService");
Assert.assertNull(service);
Preference toolScanEnabled = SystemPreferences.DOCKER_SECURITY_TOOL_SCAN_ENABLED.toPreference();
toolScanEnabled.setValue("true");
when(preferenceDao.loadPreferenceByName(toolScanEnabled.getName())).thenReturn(toolScanEnabled);
Preference clairRootUrl = SystemPreferences.DOCKER_SECURITY_TOOL_SCAN_CLAIR_ROOT_URL.toPreference();
clairRootUrl.setValue("http://localhost:9000/");
when(preferenceDao.loadPreferenceByName(clairRootUrl.getName())).thenReturn(clairRootUrl);
preferenceManager.update(Arrays.asList(toolScanEnabled, clairRootUrl));
service = (ClairService) Whitebox.getInternalState(toolScanManager, "clairService");
Assert.assertNotNull(service);
}
use of com.epam.pipeline.manager.preference.PreferenceManager in project cloud-pipeline by epam.
the class ToolScanSchedulerTest method testForceScheduleToolScan.
@Test
@Transactional(propagation = Propagation.NEVER, rollbackFor = Throwable.class)
public void testForceScheduleToolScan() throws ExecutionException, InterruptedException {
PreferenceManager preferenceManager = mock(PreferenceManager.class);
Whitebox.setInternalState(toolScanScheduler, "preferenceManager", preferenceManager);
when(preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_SCAN_ENABLED)).thenReturn(true);
when(preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_SCAN_SCHEDULE_CRON)).thenReturn(SystemPreferences.DOCKER_SECURITY_TOOL_SCAN_SCHEDULE_CRON.getDefaultValue());
Subject<String> subject = PublishSubject.create();
when(preferenceManager.getObservablePreference(SystemPreferences.DOCKER_SECURITY_TOOL_SCAN_SCHEDULE_CRON)).thenReturn(subject);
toolScanScheduler.init();
try {
ToolManagerMock toolManagerMock = new ToolManagerMock(tool);
Whitebox.setInternalState(toolScanScheduler, "toolManager", toolManagerMock);
Future<ToolVersionScanResult> result = toolScanScheduler.forceScheduleScanTool(null, tool.getImage(), LATEST_VERSION, false);
// wait for execution to complete
result.get();
ToolScanResult toolScanResult = toolManagerMock.loadToolScanResult(null, tool.getImage());
Assert.assertFalse(toolScanResult.getToolVersionScanResults().isEmpty());
Assert.assertEquals(ToolScanStatus.COMPLETED, toolScanResult.getToolVersionScanResults().get(LATEST_VERSION).getStatus());
Assert.assertNotNull(toolScanResult.getToolVersionScanResults().get(LATEST_VERSION).getScanDate());
Vulnerability loaded = toolScanResult.getToolVersionScanResults().get(LATEST_VERSION).getVulnerabilities().get(0);
TestUtils.checkEquals(vulnerability, loaded, objectMapper);
ToolVersionScanResult versionScan = toolManagerMock.loadToolVersionScan(tool.getId(), LATEST_VERSION).get();
Assert.assertNotNull(versionScan);
Assert.assertNotNull(versionScan.getScanDate());
Assert.assertNotNull(versionScan.getSuccessScanDate());
Assert.assertEquals(TEST_LAYER_REF, versionScan.getLastLayerRef());
} finally {
toolScanScheduler.shutDown();
}
}
use of com.epam.pipeline.manager.preference.PreferenceManager in project cloud-pipeline by epam.
the class ToolScanSchedulerTest method testScheduledToolScan.
@Test
@Transactional(propagation = Propagation.REQUIRES_NEW, rollbackFor = Throwable.class)
public void testScheduledToolScan() {
PreferenceManager preferenceManager = mock(PreferenceManager.class);
Whitebox.setInternalState(toolScanScheduler, "preferenceManager", preferenceManager);
when(preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_SCAN_ENABLED)).thenReturn(true);
when(preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_SCAN_ALL_REGISTRIES)).thenReturn(false);
registry.setPath(TEST_REPO);
registry.setOwner(TEST_USER);
registry.setSecurityScanEnabled(true);
dockerRegistryDao.createDockerRegistry(registry);
toolGroup.setName("testGroup");
toolGroup.setRegistryId(registry.getId());
toolGroup.setOwner(TEST_USER);
toolGroupDao.createToolGroup(toolGroup);
tool.setId(1L);
tool.setRegistryId(registry.getId());
tool.setToolGroupId(toolGroup.getId());
toolManager.create(tool, false);
toolScanScheduler.scheduledToolScan();
ToolVersionScanResult versionScanResult = toolManager.loadToolVersionScan(tool.getId(), LATEST_VERSION).get();
Assert.assertNotNull(versionScanResult);
Assert.assertEquals(ToolScanStatus.COMPLETED, versionScanResult.getStatus());
Assert.assertNotNull(versionScanResult.getScanDate());
Vulnerability loaded = versionScanResult.getVulnerabilities().get(0);
TestUtils.checkEquals(vulnerability, loaded, objectMapper);
Optional<String> loadedRef = toolManager.loadToolVersionScan(tool.getId(), LATEST_VERSION).map(ToolVersionScanResult::getLastLayerRef);
Assert.assertTrue(loadedRef.isPresent());
Assert.assertEquals(TEST_LAYER_REF, loadedRef.get());
}
Aggregations