Search in sources :

Example 1 with PreferenceManager

use of com.epam.pipeline.manager.preference.PreferenceManager in project cloud-pipeline by epam.

the class AggregatingToolScanManagerTest method setUp.

@Before
public void setUp() throws Exception {
    MockitoAnnotations.initMocks(this);
    Whitebox.setInternalState(aggregatingToolScanManager, "preferenceManager", preferenceManager);
    when(preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_POLICY_DENY_NOT_SCANNED)).thenReturn(DENY_NOT_SCANNED);
    when(preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_POLICY_MAX_CRITICAL_VULNERABILITIES)).thenReturn(MAX_CRITICAL_VULNERABILITIES);
    when(preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_POLICY_MAX_HIGH_VULNERABILITIES)).thenReturn(MAX_HIGH_VULNERABILITIES);
    when(preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_POLICY_MAX_MEDIUM_VULNERABILITIES)).thenReturn(MAX_MEDIUM_VULNERABILITIES);
    when(preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_GRACE_HOURS)).thenReturn(0);
    // Dummy line, to shut up PMD
    Assert.assertNotNull(pipelineConfigurationManager);
    testUser.setAdmin(false);
    DockerRegistry testRegistry = new DockerRegistry();
    testTool = new Tool();
    testTool.setId(1L);
    testTool.setImage(TEST_IMAGE);
    ManifestV2 testManifest = new ManifestV2();
    testManifest.setLayers(Arrays.asList(new ManifestV2.Config(DIGEST_1, null), new ManifestV2.Config(DIGEST_2, null), new ManifestV2.Config(DIGEST_3, null)));
    toolScanResult.setLastLayerRef(DIGEST_1);
    toolScanResult.setScanDate(DateUtils.now());
    toolScanResult.setVulnerabilities(Collections.emptyList());
    ToolVersion attributes = new ToolVersion();
    attributes.setVersion(LATEST_VERSION);
    attributes.setDigest(DIGEST_3);
    ToolVersion actualAttr = new ToolVersion();
    actualAttr.setVersion(ACTUAL_SCANNED_VERSION);
    actualAttr.setDigest(DIGEST_3);
    actual.setLastLayerRef(aggregatingToolScanManager.getLayerName(TEST_IMAGE, ACTUAL_SCANNED_VERSION));
    actual.setScanDate(DateUtils.now());
    actual.setSuccessScanDate(DateUtils.now());
    actual.setDigest(DIGEST_3);
    ClairScanResult testScanResult = new ClairScanResult();
    feature = new ClairScanResult.ClairFeature();
    feature.setName("test");
    feature.setVersion("test1");
    clairVulnerability = new ClairScanResult.ClairVulnerability();
    clairVulnerability.setSeverity(VulnerabilitySeverity.Critical);
    clairVulnerability.setName(TEST_VULNERABILITY_NAME);
    clairVulnerability.setDescription(TEST_VULNERABILITY_DESCRIPTION);
    feature.setVulnerabilities(Collections.singletonList(clairVulnerability));
    testScanResult.setFeatures(Collections.singletonList(feature));
    DockerComponentScanResult dockerComponentScanResult = new DockerComponentScanResult();
    DockerComponentLayerScanResult layerScanResult = new DockerComponentLayerScanResult();
    testDependency = new ToolDependency(1, "latest", "test", "1.0", ToolDependency.Ecosystem.R_PKG, "R Package");
    layerScanResult.setDependencies(Collections.singletonList(testDependency));
    dockerComponentScanResult.setLayers(Collections.singletonList(layerScanResult));
    when(dataStorageApiService.getDataStorages()).thenReturn(Collections.emptyList());
    when(versionManager.getValidDockerImage(TEST_IMAGE)).thenReturn(TEST_IMAGE);
    when(authManager.getCurrentUser()).thenReturn(testUser);
    when(dockerRegistryManager.load(testTool.getRegistryId())).thenReturn(testRegistry);
    when(dockerClientFactory.getDockerClient(eq(testRegistry), anyString())).thenReturn(mockDockerClient);
    when(mockDockerClient.getManifest(any(), Mockito.anyString(), Mockito.anyString())).thenReturn(Optional.of(testManifest));
    when(mockDockerClient.getVersionAttributes(any(), eq(TEST_IMAGE), eq(LATEST_VERSION))).thenReturn(attributes);
    when(mockDockerClient.getVersionAttributes(any(), eq(TEST_IMAGE), eq(ACTUAL_SCANNED_VERSION))).thenReturn(actualAttr);
    when(clairService.scanLayer(any(ClairScanRequest.class))).then((Answer<MockCall<ClairScanRequest>>) invocation -> new MockCall<>((ClairScanRequest) invocation.getArguments()[0]));
    when(clairService.getScanResult(Mockito.anyString())).thenReturn(new MockCall<>(testScanResult));
    when(compScanService.scanLayer(any(DockerComponentScanRequest.class))).then((Answer<MockCall<DockerComponentScanRequest>>) invocation -> new MockCall<>((DockerComponentScanRequest) invocation.getArguments()[0]));
    when(compScanService.getScanResult(Mockito.anyString())).thenReturn(new MockCall<>(dockerComponentScanResult));
    when(messageHelper.getMessage(Mockito.anyString(), Mockito.any())).thenReturn("testMessage");
    when(messageHelper.getMessage(any(), any())).thenReturn("testMessage");
    when(toolManager.loadByNameOrId(TEST_IMAGE)).thenReturn(testTool);
    when(toolManager.loadToolVersionScan(testTool.getId(), LATEST_VERSION)).thenReturn(Optional.of(toolScanResult));
    when(toolManager.loadToolVersionScan(testTool.getId(), ACTUAL_SCANNED_VERSION)).thenReturn(Optional.of(actual));
    ToolVersion actual = new ToolVersion();
    actual.setDigest(DIGEST_3);
    when(toolVersionManager.loadToolVersion(testTool.getId(), ACTUAL_SCANNED_VERSION)).thenReturn(actual);
    ToolVersion old = new ToolVersion();
    old.setDigest(DIGEST_2);
    when(toolVersionManager.loadToolVersion(testTool.getId(), LATEST_VERSION)).thenReturn(old);
    when(toolManager.getTagFromImageName(Mockito.anyString())).thenReturn(LATEST_VERSION);
}
Also used : DockerComponentScanResult(com.epam.pipeline.manager.docker.scan.dockercompscan.DockerComponentScanResult) SystemPreferences(com.epam.pipeline.manager.preference.SystemPreferences) ManifestV2(com.epam.pipeline.entity.docker.ManifestV2) MockitoAnnotations(org.mockito.MockitoAnnotations) DataStorageApiService(com.epam.pipeline.manager.datastorage.DataStorageApiService) MessageHelper(com.epam.pipeline.common.MessageHelper) Matchers.eq(org.mockito.Matchers.eq) Spy(org.mockito.Spy) TestUtils(com.epam.pipeline.util.TestUtils) PipelineUser(com.epam.pipeline.entity.user.PipelineUser) com.epam.pipeline.entity.scan(com.epam.pipeline.entity.scan) PipelineConfigurationManager(com.epam.pipeline.manager.pipeline.PipelineConfigurationManager) DateUtils(com.epam.pipeline.entity.utils.DateUtils) Request(okhttp3.Request) ClairService(com.epam.pipeline.manager.docker.scan.clair.ClairService) Matchers.any(org.mockito.Matchers.any) Tool(com.epam.pipeline.entity.pipeline.Tool) PreferenceDao(com.epam.pipeline.dao.preference.PreferenceDao) ClairScanResult(com.epam.pipeline.manager.docker.scan.clair.ClairScanResult) Whitebox(org.mockito.internal.util.reflection.Whitebox) DockerClientFactory(com.epam.pipeline.manager.docker.DockerClientFactory) ToolVersionManager(com.epam.pipeline.manager.docker.ToolVersionManager) Call(retrofit2.Call) java.util(java.util) Mock(org.mockito.Mock) ToolManager(com.epam.pipeline.manager.pipeline.ToolManager) ToolScanExternalServiceException(com.epam.pipeline.exception.ToolScanExternalServiceException) Response(retrofit2.Response) ClairScanRequest(com.epam.pipeline.manager.docker.scan.clair.ClairScanRequest) PipelineVersionManager(com.epam.pipeline.manager.pipeline.PipelineVersionManager) Matchers.anyString(org.mockito.Matchers.anyString) DockerRegistryManager(com.epam.pipeline.manager.docker.DockerRegistryManager) Answer(org.mockito.stubbing.Answer) DockerComponentScanService(com.epam.pipeline.manager.docker.scan.dockercompscan.DockerComponentScanService) ToolVersion(com.epam.pipeline.entity.docker.ToolVersion) Before(org.junit.Before) InjectMocks(org.mockito.InjectMocks) DockerComponentLayerScanResult(com.epam.pipeline.manager.docker.scan.dockercompscan.DockerComponentLayerScanResult) PreferenceManager(com.epam.pipeline.manager.preference.PreferenceManager) DockerComponentScanRequest(com.epam.pipeline.manager.docker.scan.dockercompscan.DockerComponentScanRequest) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) DockerRegistry(com.epam.pipeline.entity.pipeline.DockerRegistry) Mockito(org.mockito.Mockito) Callback(retrofit2.Callback) Preference(com.epam.pipeline.entity.preference.Preference) AuthManager(com.epam.pipeline.manager.security.AuthManager) Assert(org.junit.Assert) DockerClient(com.epam.pipeline.manager.docker.DockerClient) ManifestV2(com.epam.pipeline.entity.docker.ManifestV2) DockerComponentLayerScanResult(com.epam.pipeline.manager.docker.scan.dockercompscan.DockerComponentLayerScanResult) ClairScanResult(com.epam.pipeline.manager.docker.scan.clair.ClairScanResult) DockerRegistry(com.epam.pipeline.entity.pipeline.DockerRegistry) DockerComponentScanRequest(com.epam.pipeline.manager.docker.scan.dockercompscan.DockerComponentScanRequest) ClairScanRequest(com.epam.pipeline.manager.docker.scan.clair.ClairScanRequest) ToolVersion(com.epam.pipeline.entity.docker.ToolVersion) DockerComponentScanResult(com.epam.pipeline.manager.docker.scan.dockercompscan.DockerComponentScanResult) Tool(com.epam.pipeline.entity.pipeline.Tool) Before(org.junit.Before)

Example 2 with PreferenceManager

use of com.epam.pipeline.manager.preference.PreferenceManager in project cloud-pipeline by epam.

the class AttachmentFileManagerTest method setUp.

@Before
public void setUp() throws Exception {
    MockitoAnnotations.initMocks(this);
    attachmentFileManager = new AttachmentFileManager(dataStorageManager, preferenceManager, attachmentManager, messageHelper, authManager);
    Preference systemDataStorage = SystemPreferences.DATA_STORAGE_SYSTEM_DATA_STORAGE_NAME.toPreference();
    systemDataStorage.setName(TEST_SYSTEM_DATA_STORAGE);
    when(preferenceManager.getPreference(SystemPreferences.DATA_STORAGE_SYSTEM_DATA_STORAGE_NAME)).thenReturn(TEST_SYSTEM_DATA_STORAGE);
    when(dataStorageManager.loadByNameOrId(TEST_SYSTEM_DATA_STORAGE)).thenReturn(testSystemDataStorage);
    when(dataStorageManager.createDataStorageFile(Mockito.eq(1L), Mockito.anyString(), Mockito.anyString(), Mockito.any(InputStream.class))).then((Answer<DataStorageFile>) invocation -> {
        String path = invocation.getArgumentAt(1, String.class);
        String name = invocation.getArgumentAt(2, String.class);
        DataStorageFile file = new DataStorageFile();
        file.setPath(path + "/" + name);
        return file;
    });
    when(attachmentManager.load(Mockito.anyLong())).thenAnswer(invocation -> {
        Attachment attachment = new Attachment();
        attachment.setId(invocation.getArgumentAt(0, Long.class));
        attachment.setName(TEST_ATTACHMENT_NAME);
        attachment.setPath(TEST_ATTACHMENT_PATH);
        return attachment;
    });
    DataStorageStreamingContent content = new DataStorageStreamingContent(new ByteArrayInputStream(new byte[] { 1 }), TEST_ATTACHMENT_NAME);
    when(dataStorageManager.getStreamingContent(testSystemDataStorage.getId(), TEST_ATTACHMENT_PATH, null)).thenReturn(content);
    when(authManager.getAuthorizedUser()).thenReturn(TEST_USER);
}
Also used : PreferenceManager(com.epam.pipeline.manager.preference.PreferenceManager) Mock(org.mockito.Mock) SystemPreferences(com.epam.pipeline.manager.preference.SystemPreferences) Test(org.junit.Test) Mockito.when(org.mockito.Mockito.when) Attachment(com.epam.pipeline.entity.issue.Attachment) Mockito.verify(org.mockito.Mockito.verify) DataStorageFile(com.epam.pipeline.entity.datastorage.DataStorageFile) Mockito(org.mockito.Mockito) MockitoAnnotations(org.mockito.MockitoAnnotations) Answer(org.mockito.stubbing.Answer) ArgumentCaptor(org.mockito.ArgumentCaptor) ByteArrayInputStream(java.io.ByteArrayInputStream) MessageHelper(com.epam.pipeline.common.MessageHelper) DataStorageStreamingContent(com.epam.pipeline.entity.datastorage.DataStorageStreamingContent) Matchers.eq(org.mockito.Matchers.eq) Preference(com.epam.pipeline.entity.preference.Preference) S3bucketDataStorage(com.epam.pipeline.entity.datastorage.aws.S3bucketDataStorage) AuthManager(com.epam.pipeline.manager.security.AuthManager) Assert(org.junit.Assert) DataStorageManager(com.epam.pipeline.manager.datastorage.DataStorageManager) InputStream(java.io.InputStream) Before(org.junit.Before) DataStorageFile(com.epam.pipeline.entity.datastorage.DataStorageFile) Preference(com.epam.pipeline.entity.preference.Preference) DataStorageStreamingContent(com.epam.pipeline.entity.datastorage.DataStorageStreamingContent) ByteArrayInputStream(java.io.ByteArrayInputStream) ByteArrayInputStream(java.io.ByteArrayInputStream) InputStream(java.io.InputStream) Attachment(com.epam.pipeline.entity.issue.Attachment) Before(org.junit.Before)

Example 3 with PreferenceManager

use of com.epam.pipeline.manager.preference.PreferenceManager in project cloud-pipeline by epam.

the class AggregatingToolScanManagerTest method testInit.

@Test
public void testInit() {
    AggregatingToolScanManager toolScanManager = new AggregatingToolScanManager();
    PreferenceManager preferenceManager = new PreferenceManager();
    PreferenceDao preferenceDao = Mockito.mock(PreferenceDao.class);
    SystemPreferences systemPreferences = Mockito.mock(SystemPreferences.class);
    Whitebox.setInternalState(preferenceManager, "preferenceDao", preferenceDao);
    Whitebox.setInternalState(preferenceManager, "messageHelper", messageHelper);
    Whitebox.setInternalState(preferenceManager, "systemPreferences", systemPreferences);
    Whitebox.setInternalState(toolScanManager, "preferenceManager", preferenceManager);
    toolScanManager.init();
    ClairService service = (ClairService) Whitebox.getInternalState(toolScanManager, "clairService");
    Assert.assertNull(service);
    Preference toolScanEnabled = SystemPreferences.DOCKER_SECURITY_TOOL_SCAN_ENABLED.toPreference();
    toolScanEnabled.setValue("true");
    when(preferenceDao.loadPreferenceByName(toolScanEnabled.getName())).thenReturn(toolScanEnabled);
    Preference clairRootUrl = SystemPreferences.DOCKER_SECURITY_TOOL_SCAN_CLAIR_ROOT_URL.toPreference();
    clairRootUrl.setValue("http://localhost:9000/");
    when(preferenceDao.loadPreferenceByName(clairRootUrl.getName())).thenReturn(clairRootUrl);
    preferenceManager.update(Arrays.asList(toolScanEnabled, clairRootUrl));
    service = (ClairService) Whitebox.getInternalState(toolScanManager, "clairService");
    Assert.assertNotNull(service);
}
Also used : ClairService(com.epam.pipeline.manager.docker.scan.clair.ClairService) Preference(com.epam.pipeline.entity.preference.Preference) SystemPreferences(com.epam.pipeline.manager.preference.SystemPreferences) PreferenceDao(com.epam.pipeline.dao.preference.PreferenceDao) PreferenceManager(com.epam.pipeline.manager.preference.PreferenceManager) Test(org.junit.Test)

Example 4 with PreferenceManager

use of com.epam.pipeline.manager.preference.PreferenceManager in project cloud-pipeline by epam.

the class ToolScanSchedulerTest method testForceScheduleToolScan.

@Test
@Transactional(propagation = Propagation.NEVER, rollbackFor = Throwable.class)
public void testForceScheduleToolScan() throws ExecutionException, InterruptedException {
    PreferenceManager preferenceManager = mock(PreferenceManager.class);
    Whitebox.setInternalState(toolScanScheduler, "preferenceManager", preferenceManager);
    when(preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_SCAN_ENABLED)).thenReturn(true);
    when(preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_SCAN_SCHEDULE_CRON)).thenReturn(SystemPreferences.DOCKER_SECURITY_TOOL_SCAN_SCHEDULE_CRON.getDefaultValue());
    Subject<String> subject = PublishSubject.create();
    when(preferenceManager.getObservablePreference(SystemPreferences.DOCKER_SECURITY_TOOL_SCAN_SCHEDULE_CRON)).thenReturn(subject);
    toolScanScheduler.init();
    try {
        ToolManagerMock toolManagerMock = new ToolManagerMock(tool);
        Whitebox.setInternalState(toolScanScheduler, "toolManager", toolManagerMock);
        Future<ToolVersionScanResult> result = toolScanScheduler.forceScheduleScanTool(null, tool.getImage(), LATEST_VERSION, false);
        // wait for execution to complete
        result.get();
        ToolScanResult toolScanResult = toolManagerMock.loadToolScanResult(null, tool.getImage());
        Assert.assertFalse(toolScanResult.getToolVersionScanResults().isEmpty());
        Assert.assertEquals(ToolScanStatus.COMPLETED, toolScanResult.getToolVersionScanResults().get(LATEST_VERSION).getStatus());
        Assert.assertNotNull(toolScanResult.getToolVersionScanResults().get(LATEST_VERSION).getScanDate());
        Vulnerability loaded = toolScanResult.getToolVersionScanResults().get(LATEST_VERSION).getVulnerabilities().get(0);
        TestUtils.checkEquals(vulnerability, loaded, objectMapper);
        ToolVersionScanResult versionScan = toolManagerMock.loadToolVersionScan(tool.getId(), LATEST_VERSION).get();
        Assert.assertNotNull(versionScan);
        Assert.assertNotNull(versionScan.getScanDate());
        Assert.assertNotNull(versionScan.getSuccessScanDate());
        Assert.assertEquals(TEST_LAYER_REF, versionScan.getLastLayerRef());
    } finally {
        toolScanScheduler.shutDown();
    }
}
Also used : PreferenceManager(com.epam.pipeline.manager.preference.PreferenceManager) AbstractSpringTest(com.epam.pipeline.AbstractSpringTest) Test(org.junit.Test) ToolDaoTest(com.epam.pipeline.dao.tool.ToolDaoTest) Transactional(org.springframework.transaction.annotation.Transactional)

Example 5 with PreferenceManager

use of com.epam.pipeline.manager.preference.PreferenceManager in project cloud-pipeline by epam.

the class ToolScanSchedulerTest method testScheduledToolScan.

@Test
@Transactional(propagation = Propagation.REQUIRES_NEW, rollbackFor = Throwable.class)
public void testScheduledToolScan() {
    PreferenceManager preferenceManager = mock(PreferenceManager.class);
    Whitebox.setInternalState(toolScanScheduler, "preferenceManager", preferenceManager);
    when(preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_SCAN_ENABLED)).thenReturn(true);
    when(preferenceManager.getPreference(SystemPreferences.DOCKER_SECURITY_TOOL_SCAN_ALL_REGISTRIES)).thenReturn(false);
    registry.setPath(TEST_REPO);
    registry.setOwner(TEST_USER);
    registry.setSecurityScanEnabled(true);
    dockerRegistryDao.createDockerRegistry(registry);
    toolGroup.setName("testGroup");
    toolGroup.setRegistryId(registry.getId());
    toolGroup.setOwner(TEST_USER);
    toolGroupDao.createToolGroup(toolGroup);
    tool.setId(1L);
    tool.setRegistryId(registry.getId());
    tool.setToolGroupId(toolGroup.getId());
    toolManager.create(tool, false);
    toolScanScheduler.scheduledToolScan();
    ToolVersionScanResult versionScanResult = toolManager.loadToolVersionScan(tool.getId(), LATEST_VERSION).get();
    Assert.assertNotNull(versionScanResult);
    Assert.assertEquals(ToolScanStatus.COMPLETED, versionScanResult.getStatus());
    Assert.assertNotNull(versionScanResult.getScanDate());
    Vulnerability loaded = versionScanResult.getVulnerabilities().get(0);
    TestUtils.checkEquals(vulnerability, loaded, objectMapper);
    Optional<String> loadedRef = toolManager.loadToolVersionScan(tool.getId(), LATEST_VERSION).map(ToolVersionScanResult::getLastLayerRef);
    Assert.assertTrue(loadedRef.isPresent());
    Assert.assertEquals(TEST_LAYER_REF, loadedRef.get());
}
Also used : PreferenceManager(com.epam.pipeline.manager.preference.PreferenceManager) AbstractSpringTest(com.epam.pipeline.AbstractSpringTest) Test(org.junit.Test) ToolDaoTest(com.epam.pipeline.dao.tool.ToolDaoTest) Transactional(org.springframework.transaction.annotation.Transactional)

Aggregations

PreferenceManager (com.epam.pipeline.manager.preference.PreferenceManager)6 Test (org.junit.Test)5 Preference (com.epam.pipeline.entity.preference.Preference)3 SystemPreferences (com.epam.pipeline.manager.preference.SystemPreferences)3 Before (org.junit.Before)3 AbstractSpringTest (com.epam.pipeline.AbstractSpringTest)2 MessageHelper (com.epam.pipeline.common.MessageHelper)2 PreferenceDao (com.epam.pipeline.dao.preference.PreferenceDao)2 ToolDaoTest (com.epam.pipeline.dao.tool.ToolDaoTest)2 ClairService (com.epam.pipeline.manager.docker.scan.clair.ClairService)2 AuthManager (com.epam.pipeline.manager.security.AuthManager)2 Assert (org.junit.Assert)2 Matchers.eq (org.mockito.Matchers.eq)2 Mock (org.mockito.Mock)2 Mockito (org.mockito.Mockito)2 Mockito.when (org.mockito.Mockito.when)2 MockitoAnnotations (org.mockito.MockitoAnnotations)2 Answer (org.mockito.stubbing.Answer)2 Transactional (org.springframework.transaction.annotation.Transactional)2 DataStorageFile (com.epam.pipeline.entity.datastorage.DataStorageFile)1