Examples with Vulnerability com.hp.octane.integrations.services.vulnerabilities.fod.dto.pojos.Vulnerability used on opensource projects

Example 1 with Vulnerability

use of com.hp.octane.integrations.services.vulnerabilities.fod.dto.pojos.Vulnerability in project octane-ci-java-sdk by MicroFocus.

the class FODServiceImpl method getVulnerabilityAllDataMap.

private Map<String, VulnerabilityAllData> getVulnerabilityAllDataMap(Long releaseId, List<Vulnerability> requiredExtendedData) {
    long SLEEP_MS = 2000;
    // used to compute waiting time
    long EXPECTED_REQUEST_TIME_MS = 1000;
    logger.warn(configurer.octaneConfiguration.getLocationForLog() + String.format("getVulnerabilityAllDataMap, requiredExtendedData.size=%s, expected processing duration is %s sec", requiredExtendedData.size(), requiredExtendedData.size() * (SLEEP_MS + EXPECTED_REQUEST_TIME_MS) / 1000));
    Map<String, VulnerabilityAllData> idToAllData = new HashMap<>();
    for (int i = 0; i < requiredExtendedData.size(); i++) {
        Vulnerability t = requiredExtendedData.get(i);
        if (i > 0) {
            // adding sleep in order to avoid FOD DOS filter that might block our requests
            doWait(SLEEP_MS);
        }
        if (i > 0 && i % 50 == 0) {
            logger.warn(configurer.octaneConfiguration.getLocationForLog() + String.format("getVulnerabilityAllDataMap, %s/%s is done, remaining processing duration is %s sec", i, requiredExtendedData.size(), (requiredExtendedData.size() - i) * (SLEEP_MS + EXPECTED_REQUEST_TIME_MS) / 1000));
        }
        idToAllData.put(t.id, FODVulnerabilityService.getSingleVulnAlldata(releaseId, t.vulnId));
    }
    return idToAllData;
}

Example 2 with Vulnerability

use of com.hp.octane.integrations.services.vulnerabilities.fod.dto.pojos.Vulnerability in project octane-ci-java-sdk by MicroFocus.

the class FODServiceImpl method fetchIssues.

private List<OctaneIssue> fetchIssues(VulnerabilitiesQueueItem queueItem, String remoteTag) throws IOException {
    logger.warn(configurer.octaneConfiguration.getLocationForLog() + "Security scan is done.");
    List<Vulnerability> allVulnerabilities = FODVulnerabilityService.getAllVulnerabilities(getRelease(queueItem));
    List<Vulnerability> nonClosedIssues = filterOutBeforeBaselineIssues(queueItem.getBaselineDate(), allVulnerabilities);
    ExistingIssuesInOctane existingIssuesInOctane = new ExistingIssuesInOctane(this.restService.obtainOctaneRestClient(), this.configurer.octaneConfiguration);
    List<String> existingIssuesInOc = existingIssuesInOctane.getRemoteIdsOpenVulnsFromOctane(queueItem.getJobId(), queueItem.getBuildId(), remoteTag);
    PackIssuesToOctaneUtils.SortedIssues<Vulnerability> sortedIssues = PackIssuesToOctaneUtils.packToOctaneIssues(nonClosedIssues, existingIssuesInOc, true);
    FODValuesConverter securityIssueValuesHelper = new FODValuesConverter();
    securityIssueValuesHelper.init();
    Map<String, VulnerabilityAllData> idToAllData = getVulnerabilityAllDataMap(getRelease(queueItem), sortedIssues.issuesRequiredExtendedData);
    logger.warn(configurer.octaneConfiguration.getLocationForLog() + "fetch existing issues from Octane");
    List<OctaneIssue> octaneIssuesToUpdate = securityIssueValuesHelper.createOctaneIssuesFromVulns(sortedIssues.issuesToUpdate, remoteTag, idToAllData, queueItem.getBaselineDate());
    List<OctaneIssue> total = new ArrayList<>();
    total.addAll(octaneIssuesToUpdate);
    logger.warn(configurer.octaneConfiguration.getLocationForLog() + "ToUpdate " + octaneIssuesToUpdate.size() + " items : " + octaneIssuesToUpdate);
    total.addAll(sortedIssues.issuesToClose);
    logger.warn(configurer.octaneConfiguration.getLocationForLog() + "ToClose " + sortedIssues.issuesToClose.size() + " items : " + sortedIssues.issuesToClose);
    return total;
}