Search in sources :

Example 56 with LinkableItem

use of com.synopsys.integration.alert.common.message.model.LinkableItem in project hub-alert by blackducksoftware.

the class BlackDuckMessageBomComponentDetailsCreator method createBomComponentUnknownVersionDetails.

public BomComponentDetails createBomComponentUnknownVersionDetails(ProjectVersionComponentVersionView bomComponent, List<ComponentConcern> componentConcerns, ComponentUpgradeGuidance componentUpgradeGuidance, List<LinkableItem> additionalAttributes) throws IntegrationException {
    // FIXME using this query link only in a successful result and not in an unsuccessful result leads to inconsistent values in our custom fields which leads to inconsistent search results (bug).
    String componentQueryLink = BlackDuckMessageLinkUtils.createComponentQueryLink(bomComponent);
    LinkableItem component = new LinkableItem(BlackDuckMessageLabels.LABEL_COMPONENT, bomComponent.getComponentName(), componentQueryLink);
    LinkableItem componentVersion = new LinkableItem(BlackDuckMessageLabels.LABEL_COMPONENT_VERSION, COMPONENT_VERSION_UNKNOWN);
    ComponentVulnerabilities componentVulnerabilities = ComponentVulnerabilities.none();
    List<ComponentPolicy> componentPolicies = retrieveComponentPolicies(bomComponent, componentConcerns);
    LinkableItem licenseInfo = BlackDuckMessageAttributesUtils.extractLicense(bomComponent);
    String usageInfo = BlackDuckMessageAttributesUtils.extractUsage(bomComponent);
    String issuesUrl = BlackDuckMessageAttributesUtils.extractIssuesUrl(bomComponent).orElse(null);
    return new BomComponentDetails(component, componentVersion, componentVulnerabilities, componentPolicies, componentConcerns, licenseInfo, usageInfo, componentUpgradeGuidance, additionalAttributes, issuesUrl);
}
Also used : LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem) ComponentPolicy(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy) ComponentVulnerabilities(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities) BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)

Example 57 with LinkableItem

use of com.synopsys.integration.alert.common.message.model.LinkableItem in project hub-alert by blackducksoftware.

the class BlackDuckMessageBomComponentDetailsCreator method createBomComponentDetails.

public BomComponentDetails createBomComponentDetails(ProjectVersionComponentVersionView bomComponent, List<ComponentConcern> componentConcerns, ComponentUpgradeGuidance componentUpgradeGuidance, List<LinkableItem> additionalAttributes) throws IntegrationException {
    LinkableItem component;
    LinkableItem componentVersion = null;
    // FIXME using this query link only in a successful result and not in an unsuccessful result leads to inconsistent values in our custom fields which leads to inconsistent search results (bug).
    String componentQueryLink = BlackDuckMessageLinkUtils.createComponentQueryLink(bomComponent);
    String componentVersionUrl = bomComponent.getComponentVersion();
    if (StringUtils.isNotBlank(componentVersionUrl)) {
        component = new LinkableItem(BlackDuckMessageLabels.LABEL_COMPONENT, bomComponent.getComponentName());
        componentVersion = new LinkableItem(BlackDuckMessageLabels.LABEL_COMPONENT_VERSION, bomComponent.getComponentVersionName(), componentQueryLink);
    } else {
        component = new LinkableItem(BlackDuckMessageLabels.LABEL_COMPONENT, bomComponent.getComponentName(), componentQueryLink);
    }
    ComponentVulnerabilities componentVulnerabilities = retrieveComponentVulnerabilities(bomComponent);
    List<ComponentPolicy> componentPolicies = retrieveComponentPolicies(bomComponent, componentConcerns);
    LinkableItem licenseInfo = BlackDuckMessageAttributesUtils.extractLicense(bomComponent);
    String usageInfo = BlackDuckMessageAttributesUtils.extractUsage(bomComponent);
    String issuesUrl = BlackDuckMessageAttributesUtils.extractIssuesUrl(bomComponent).orElse(null);
    return new BomComponentDetails(component, componentVersion, componentVulnerabilities, componentPolicies, componentConcerns, licenseInfo, usageInfo, componentUpgradeGuidance, additionalAttributes, issuesUrl);
}
Also used : LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem) ComponentPolicy(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy) ComponentVulnerabilities(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities) BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)

Example 58 with LinkableItem

use of com.synopsys.integration.alert.common.message.model.LinkableItem in project hub-alert by blackducksoftware.

the class BlackDuckComponentVulnerabilityDetailsCreator method toComponentVulnerabilities.

public ComponentVulnerabilities toComponentVulnerabilities(List<BlackDuckProjectVersionComponentVulnerabilitiesView> vulnerabilities) {
    List<LinkableItem> criticalVulns = new LinkedList<>();
    List<LinkableItem> highVulns = new LinkedList<>();
    List<LinkableItem> mediumVulns = new LinkedList<>();
    List<LinkableItem> lowVulns = new LinkedList<>();
    for (BlackDuckProjectVersionComponentVulnerabilitiesView vulnerability : vulnerabilities) {
        if (requiresRemediation(vulnerability)) {
            AlertVulnerability alertVulnerability = toAlertVulnerabilityView(vulnerability);
            VulnerabilitySeverityType severity = alertVulnerability.severity;
            LinkableItem vulnerabilityInfo = alertVulnerability.vulnerabilityInfo;
            if (VulnerabilitySeverityType.CRITICAL.equals(severity)) {
                criticalVulns.add(vulnerabilityInfo);
            } else if (VulnerabilitySeverityType.HIGH.equals(severity)) {
                highVulns.add(vulnerabilityInfo);
            } else if (VulnerabilitySeverityType.MEDIUM.equals(severity)) {
                mediumVulns.add(vulnerabilityInfo);
            } else if (VulnerabilitySeverityType.LOW.equals(severity)) {
                lowVulns.add(vulnerabilityInfo);
            }
        }
    }
    return new ComponentVulnerabilities(criticalVulns, highVulns, mediumVulns, lowVulns);
}
Also used : LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem) VulnerabilitySeverityType(com.synopsys.integration.blackduck.api.generated.enumeration.VulnerabilitySeverityType) LinkedList(java.util.LinkedList) ComponentVulnerabilities(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities)

Example 59 with LinkableItem

use of com.synopsys.integration.alert.common.message.model.LinkableItem in project hub-alert by blackducksoftware.

the class BlackDuckComponentVulnerabilityDetailsCreator method toAlertVulnerabilityView.

private AlertVulnerability toAlertVulnerabilityView(BlackDuckProjectVersionComponentVulnerabilitiesView vulnerability) {
    String name = vulnerability.getId();
    String url = vulnerability.getFirstLinkSafely("vulnerability").map(HttpUrl::toString).orElse(null);
    String severity;
    ProjectVersionComponentVersionVulnerabilityRemediationCvss3View cvss3 = vulnerability.getCvss3();
    if (vulnerability.getUseCvss3() && null != cvss3) {
        severity = Optional.ofNullable(cvss3.getSeverity()).map(Enum::name).orElse(VulnerabilitySeverityType.HIGH.name());
    } else {
        ProjectVersionComponentVersionVulnerabilityRemediationCvss2View cvss2 = vulnerability.getCvss2();
        severity = Optional.ofNullable(cvss2.getSeverity()).map(Enum::name).orElse(VulnerabilitySeverityType.HIGH.name());
    }
    VulnerabilitySeverityType vulnSeverity = EnumUtils.getEnum(VulnerabilitySeverityType.class, severity, VulnerabilitySeverityType.HIGH);
    LinkableItem vulnInfo = new LinkableItem(LABEL_VULNERABILITY, name, url);
    return new AlertVulnerability(vulnSeverity, vulnInfo);
}
Also used : ProjectVersionComponentVersionVulnerabilityRemediationCvss2View(com.synopsys.integration.blackduck.api.generated.component.ProjectVersionComponentVersionVulnerabilityRemediationCvss2View) LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem) ProjectVersionComponentVersionVulnerabilityRemediationCvss3View(com.synopsys.integration.blackduck.api.generated.component.ProjectVersionComponentVersionVulnerabilityRemediationCvss3View) VulnerabilitySeverityType(com.synopsys.integration.blackduck.api.generated.enumeration.VulnerabilitySeverityType)

Example 60 with LinkableItem

use of com.synopsys.integration.alert.common.message.model.LinkableItem in project hub-alert by blackducksoftware.

the class ProjectIssueModelConverter method toIssueTransitionModel.

public <T extends Serializable> IssueTransitionModel<T> toIssueTransitionModel(ExistingIssueDetails<T> existingIssueDetails, ProjectIssueModel projectIssueModel, ItemOperation requiredOperation) {
    IssueOperation issueOperation;
    if (ItemOperation.ADD.equals(requiredOperation)) {
        issueOperation = IssueOperation.OPEN;
    } else {
        issueOperation = IssueOperation.RESOLVE;
    }
    IssueCommentModel<T> commentModel = toIssueCommentModel(existingIssueDetails, projectIssueModel);
    List<String> transitionComments = new LinkedList<>(commentModel.getComments());
    LinkableItem provider = projectIssueModel.getProvider();
    ChunkedStringBuilder commentBuilder = new ChunkedStringBuilder(formatter.getMaxCommentLength());
    commentBuilder.append(String.format("The %s operation was performed on this component in %s.", requiredOperation.name(), provider.getLabel()));
    transitionComments.addAll(commentBuilder.collectCurrentChunks());
    return new IssueTransitionModel<>(existingIssueDetails, issueOperation, transitionComments, projectIssueModel);
}
Also used : LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem) IssueTransitionModel(com.synopsys.integration.alert.api.channel.issue.model.IssueTransitionModel) ChunkedStringBuilder(com.synopsys.integration.alert.common.channel.message.ChunkedStringBuilder) IssueOperation(com.synopsys.integration.alert.common.channel.issuetracker.enumeration.IssueOperation) LinkedList(java.util.LinkedList)

Aggregations

LinkableItem (com.synopsys.integration.alert.common.message.model.LinkableItem)94 Test (org.junit.jupiter.api.Test)39 ProviderDetails (com.synopsys.integration.alert.processor.api.extract.model.ProviderDetails)26 ProjectMessage (com.synopsys.integration.alert.processor.api.extract.model.project.ProjectMessage)22 IssueBomComponentDetails (com.synopsys.integration.alert.api.channel.issue.model.IssueBomComponentDetails)18 ProjectIssueModel (com.synopsys.integration.alert.api.channel.issue.model.ProjectIssueModel)15 BomComponentDetails (com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)13 SimpleMessage (com.synopsys.integration.alert.processor.api.extract.model.SimpleMessage)11 ProjectOperation (com.synopsys.integration.alert.processor.api.extract.model.project.ProjectOperation)11 ArrayList (java.util.ArrayList)11 LinkedList (java.util.LinkedList)11 IssuePolicyDetails (com.synopsys.integration.alert.api.channel.issue.model.IssuePolicyDetails)9 ProviderMessageHolder (com.synopsys.integration.alert.processor.api.extract.model.ProviderMessageHolder)9 List (java.util.List)9 ComponentVulnerabilities (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities)8 Optional (java.util.Optional)7 IssueVulnerabilityDetails (com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityDetails)6 AlertException (com.synopsys.integration.alert.api.common.model.exception.AlertException)6 ComponentConcern (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern)6 ComponentConcernType (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernType)6