Example 1 with VulnerabilityAllData
use of com.hp.octane.integrations.services.vulnerabilities.fod.dto.pojos.VulnerabilityAllData in project octane-ci-java-sdk by MicroFocus.
the class FODServiceImpl method getVulnerabilityAllDataMap.
private Map<String, VulnerabilityAllData> getVulnerabilityAllDataMap(Long releaseId, List<Vulnerability> requiredExtendedData) {
long SLEEP_MS = 2000;
// used to compute waiting time
long EXPECTED_REQUEST_TIME_MS = 1000;
logger.warn(configurer.octaneConfiguration.getLocationForLog() + String.format("getVulnerabilityAllDataMap, requiredExtendedData.size=%s, expected processing duration is %s sec", requiredExtendedData.size(), requiredExtendedData.size() * (SLEEP_MS + EXPECTED_REQUEST_TIME_MS) / 1000));
Map<String, VulnerabilityAllData> idToAllData = new HashMap<>();
for (int i = 0; i < requiredExtendedData.size(); i++) {
Vulnerability t = requiredExtendedData.get(i);
if (i > 0) {
// adding sleep in order to avoid FOD DOS filter that might block our requests
doWait(SLEEP_MS);
}
if (i > 0 && i % 50 == 0) {
logger.warn(configurer.octaneConfiguration.getLocationForLog() + String.format("getVulnerabilityAllDataMap, %s/%s is done, remaining processing duration is %s sec", i, requiredExtendedData.size(), (requiredExtendedData.size() - i) * (SLEEP_MS + EXPECTED_REQUEST_TIME_MS) / 1000));
}
idToAllData.put(t.id, FODVulnerabilityService.getSingleVulnAlldata(releaseId, t.vulnId));
}
return idToAllData;
}
Also used :
Vulnerability(com.hp.octane.integrations.services.vulnerabilities.fod.dto.pojos.Vulnerability)
VulnerabilityAllData(com.hp.octane.integrations.services.vulnerabilities.fod.dto.pojos.VulnerabilityAllData)
Example 2 with VulnerabilityAllData
use of com.hp.octane.integrations.services.vulnerabilities.fod.dto.pojos.VulnerabilityAllData in project octane-ci-java-sdk by MicroFocus.
the class FODServiceImpl method fetchIssues.
private List<OctaneIssue> fetchIssues(VulnerabilitiesQueueItem queueItem, String remoteTag) throws IOException {
logger.warn(configurer.octaneConfiguration.getLocationForLog() + "Security scan is done.");
List<Vulnerability> allVulnerabilities = FODVulnerabilityService.getAllVulnerabilities(getRelease(queueItem));
List<Vulnerability> nonClosedIssues = filterOutBeforeBaselineIssues(queueItem.getBaselineDate(), allVulnerabilities);
ExistingIssuesInOctane existingIssuesInOctane = new ExistingIssuesInOctane(this.restService.obtainOctaneRestClient(), this.configurer.octaneConfiguration);
List<String> existingIssuesInOc = existingIssuesInOctane.getRemoteIdsOpenVulnsFromOctane(queueItem.getJobId(), queueItem.getBuildId(), remoteTag);
PackIssuesToOctaneUtils.SortedIssues<Vulnerability> sortedIssues = PackIssuesToOctaneUtils.packToOctaneIssues(nonClosedIssues, existingIssuesInOc, true);
FODValuesConverter securityIssueValuesHelper = new FODValuesConverter();
securityIssueValuesHelper.init();
Map<String, VulnerabilityAllData> idToAllData = getVulnerabilityAllDataMap(getRelease(queueItem), sortedIssues.issuesRequiredExtendedData);
logger.warn(configurer.octaneConfiguration.getLocationForLog() + "fetch existing issues from Octane");
List<OctaneIssue> octaneIssuesToUpdate = securityIssueValuesHelper.createOctaneIssuesFromVulns(sortedIssues.issuesToUpdate, remoteTag, idToAllData, queueItem.getBaselineDate());
List<OctaneIssue> total = new ArrayList<>();
total.addAll(octaneIssuesToUpdate);
logger.warn(configurer.octaneConfiguration.getLocationForLog() + "ToUpdate " + octaneIssuesToUpdate.size() + " items : " + octaneIssuesToUpdate);
total.addAll(sortedIssues.issuesToClose);
logger.warn(configurer.octaneConfiguration.getLocationForLog() + "ToClose " + sortedIssues.issuesToClose.size() + " items : " + sortedIssues.issuesToClose);
return total;
}
Also used :
ExistingIssuesInOctane(com.hp.octane.integrations.services.vulnerabilities.ExistingIssuesInOctane)
Vulnerability(com.hp.octane.integrations.services.vulnerabilities.fod.dto.pojos.Vulnerability)
OctaneIssue(com.hp.octane.integrations.dto.securityscans.OctaneIssue)
PackIssuesToOctaneUtils(com.hp.octane.integrations.services.vulnerabilities.PackIssuesToOctaneUtils)
VulnerabilityAllData(com.hp.octane.integrations.services.vulnerabilities.fod.dto.pojos.VulnerabilityAllData)
Example 3 with VulnerabilityAllData
use of com.hp.octane.integrations.services.vulnerabilities.fod.dto.pojos.VulnerabilityAllData in project octane-ci-java-sdk by MicroFocus.
the class FODVulnerabilityService method getSingleVulnAlldata.
public static VulnerabilityAllData getSingleVulnAlldata(Long releaseId, String vulnId) {
String url = String.format(urlSingleVulnAllData, FodConnectionFactory.instance().getEntitiesURL(), releaseId, vulnId);
VulnerabilityAllData vulnerabilityAllData = FodConnectionFactory.instance().getSpeceficFODEntity(url, VulnerabilityAllData.class);
return vulnerabilityAllData;
}
Also used :
VulnerabilityAllData(com.hp.octane.integrations.services.vulnerabilities.fod.dto.pojos.VulnerabilityAllData)
Aggregations
VulnerabilityAllData (com.hp.octane.integrations.services.vulnerabilities.fod.dto.pojos.VulnerabilityAllData)3
Vulnerability (com.hp.octane.integrations.services.vulnerabilities.fod.dto.pojos.Vulnerability)2
OctaneIssue (com.hp.octane.integrations.dto.securityscans.OctaneIssue)1
ExistingIssuesInOctane (com.hp.octane.integrations.services.vulnerabilities.ExistingIssuesInOctane)1
PackIssuesToOctaneUtils (com.hp.octane.integrations.services.vulnerabilities.PackIssuesToOctaneUtils)1
