Examples with ContainerAnalysisClient com.google.cloud.devtools.containeranalysis.v1.ContainerAnalysisClient used on opensource projects

Example 6 with ContainerAnalysisClient

use of com.google.cloud.devtools.containeranalysis.v1.ContainerAnalysisClient in project java-docs-samples by GoogleCloudPlatform.

the class SamplesTest method testFindHighSeverityVulnerabilitiesForImage.

@Test
public void testFindHighSeverityVulnerabilitiesForImage() throws Exception {
    // check before creation
    List<Occurrence> result = HighVulnerabilitiesForImage.findHighSeverityVulnerabilitiesForImage(imageUrl, PROJECT_ID);
    assertEquals(0, result.size());
    // create low severity occurrence
    Occurrence low;
    low = CreateOccurrence.createOccurrence(imageUrl, noteId, PROJECT_ID, PROJECT_ID);
    result = HighVulnerabilitiesForImage.findHighSeverityVulnerabilitiesForImage(imageUrl, PROJECT_ID);
    assertEquals(0, result.size());
    // create high severity note
    Note newNote = Note.newBuilder().setVulnerability(VulnerabilityNote.newBuilder().setSeverity(Severity.CRITICAL).addDetails(VulnerabilityNote.Detail.newBuilder().setAffectedCpeUri("your-uri-here").setAffectedPackage("your-package-here").setAffectedVersionStart(Version.newBuilder().setKind(Version.VersionKind.MINIMUM)).setAffectedVersionEnd(Version.newBuilder().setKind(Version.VersionKind.MAXIMUM)))).build();
    String vulnNoteId = "severe-note-" + (new Date()).getTime();
    ContainerAnalysisClient client = ContainerAnalysisClient.create();
    client.getGrafeasClient().createNote(ProjectName.format(PROJECT_ID), vulnNoteId, newNote);
    // create high severity occurrence
    Occurrence critical = Occurrence.newBuilder().setNoteName(NoteName.of(PROJECT_ID, vulnNoteId).toString()).setResourceUri(imageUrl).setVulnerability(VulnerabilityOccurrence.newBuilder().setEffectiveSeverity(Severity.CRITICAL).addPackageIssue(PackageIssue.newBuilder().setAffectedCpeUri("your-uri-here").setAffectedPackage("your-package-here").setAffectedVersion(Version.newBuilder().setKind(Version.VersionKind.MINIMUM)).setFixedVersion(Version.newBuilder().setKind(Version.VersionKind.MAXIMUM)))).build();
    critical = client.getGrafeasClient().createOccurrence(ProjectName.format(PROJECT_ID), critical);
    // check again
    int tries = 0;
    do {
        result = HighVulnerabilitiesForImage.findHighSeverityVulnerabilitiesForImage(imageUrl, PROJECT_ID);
        sleep(SLEEP_TIME);
        tries += 1;
    } while (result.size() != 1 && tries < TRY_LIMIT);
    assertEquals(1, result.size());
    // clean up
    String[] lowNameArr = low.getName().split("/");
    String lowId = lowNameArr[lowNameArr.length - 1];
    DeleteOccurrence.deleteOccurrence(lowId, PROJECT_ID);
    String[] nameArr = critical.getName().split("/");
    String occId = nameArr[nameArr.length - 1];
    DeleteOccurrence.deleteOccurrence(occId, PROJECT_ID);
    DeleteNote.deleteNote(vulnNoteId, PROJECT_ID);
}

Example 7 with ContainerAnalysisClient

use of com.google.cloud.devtools.containeranalysis.v1.ContainerAnalysisClient in project java-docs-samples by GoogleCloudPlatform.

the class Samples method createOccurrence.

// [END create_note]
// [START create_occurrence]
/**
 * Creates and returns a new occurrence
 *
 * @param imageUrl the Container Registry URL associated with the image
 *                 example: "https://gcr.io/project/image@sha256:foo"
 * @param parentNoteId the identifier of the note associated with this occurrence
 * @param projectId the GCP project the occurrence will be created under
 * @return an Occurrence object representing the new occurrence
 * @throws Exception on errors while closing the client
 */
public static Occurrence createOccurrence(String imageUrl, String parentNoteId, String projectId) throws Exception {
    try (ContainerAnalysisClient client = ContainerAnalysisClient.create()) {
        final String parentNoteName = client.formatNoteName(projectId, parentNoteId);
        final String projectName = client.formatProjectName(projectId);
        Occurrence.Builder occBuilder = Occurrence.newBuilder();
        occBuilder.setNoteName(parentNoteName);
        occBuilder.setResourceUrl(imageUrl);
        VulnerabilityDetails vd = VulnerabilityType.VulnerabilityDetails.newBuilder().build();
        occBuilder.setVulnerabilityDetails(vd);
        Occurrence newOcc = occBuilder.build();
        return client.createOccurrence(projectName, newOcc);
    }
}

Example 8 with ContainerAnalysisClient

use of com.google.cloud.devtools.containeranalysis.v1.ContainerAnalysisClient in project java-docs-samples by GoogleCloudPlatform.

the class Samples method getDiscoveryInfo.

// [END get_note]
// [START discovery_info]
/**
 * Retrieves the Discovery occurrence created for a specified image
 * This occurrence contains information about the initial scan on the image
 *
 * @param imageUrl the Container Registry URL associated with the image
 *                 example: "https://gcr.io/project/image@sha256:foo"
 * @param projectId the GCP project the occurrence will be created under
 * @throws Exception on errors while closing the client
 */
public static void getDiscoveryInfo(String imageUrl, String projectId) throws Exception {
    String filterStr = "kind=\"DISCOVERY\" AND resourceUrl=\"" + imageUrl + "\"";
    try (ContainerAnalysisClient client = ContainerAnalysisClient.create()) {
        final String projectName = client.formatProjectName(projectId);
        ListOccurrencesRequest.Builder req = ListOccurrencesRequest.newBuilder();
        req.setFilter(filterStr).setParent(projectName);
        ListOccurrencesPagedResponse response = client.listOccurrences(req.build());
        for (Occurrence o : response.iterateAll()) {
            System.out.println(o);
        }
    }
}