Search in sources :

Example 1 with ProcessedProviderMessage

use of com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessage in project hub-alert by blackducksoftware.

the class ProjectMessageSummarizerTest method groupedConcernCountTest.

@Test
public void groupedConcernCountTest() {
    ComponentConcern vulnerabilityConcern1 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-123", ComponentConcernSeverity.CRITICAL, "https://vuln-rul");
    ComponentConcern vulnerabilityConcern2 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-456", ComponentConcernSeverity.CRITICAL, "https://vuln-rul");
    ComponentConcern vulnerabilityConcern3 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-789", ComponentConcernSeverity.CRITICAL, "https://vuln-rul");
    ComponentConcern vulnerabilityConcern4 = ComponentConcern.vulnerability(ItemOperation.DELETE, "CVE-246", ComponentConcernSeverity.MINOR_MEDIUM, "https://vuln-rul");
    BomComponentDetails bomComponentDetails = createBomComponentDetails(List.of(vulnerabilityConcern1, vulnerabilityConcern2, vulnerabilityConcern3, vulnerabilityConcern4));
    ProjectMessage projectMessage = ProjectMessage.componentConcern(providerDetails, commonProject, commonProjectVersion, List.of(bomComponentDetails));
    ProcessedProviderMessage<ProjectMessage> processedProviderMessage = new ProcessedProviderMessage<>(Set.of(1L), projectMessage);
    ProcessedProviderMessage<SimpleMessage> summarizedSimpleMessage = projectMessageSummarizer.summarize(processedProviderMessage);
    SimpleMessage simpleMessage = summarizedSimpleMessage.getProviderMessage();
    printSimpleMessage(simpleMessage);
    testProjectStatus(simpleMessage);
    testComponentStatus(simpleMessage);
    assertEquals(4, simpleMessage.getDetails().size());
    assertEquals(3, Integer.valueOf(getDetailValue(simpleMessage.getDetails(), vulnerabilityConcern1.getSeverity().getVulnerabilityLabel(), "Vulnerabilities", ProjectMessageSummarizer.OP_PARTICIPLE_ADDED)));
    assertEquals(1, Integer.valueOf(getDetailValue(simpleMessage.getDetails(), vulnerabilityConcern4.getSeverity().getVulnerabilityLabel(), "Vulnerabilities", ProjectMessageSummarizer.OP_PARTICIPLE_DELETED)));
}
Also used : ProjectMessage(com.synopsys.integration.alert.processor.api.extract.model.project.ProjectMessage) ProcessedProviderMessage(com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessage) SimpleMessage(com.synopsys.integration.alert.processor.api.extract.model.SimpleMessage) ComponentConcern(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern) BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails) Test(org.junit.jupiter.api.Test)

Example 2 with ProcessedProviderMessage

use of com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessage in project hub-alert by blackducksoftware.

the class ProjectMessageSummarizerTest method summarizeComponentConcernTest.

@Test
public void summarizeComponentConcernTest() {
    ComponentConcern policyConcern = ComponentConcern.severePolicy(ItemOperation.ADD, "A severe policy", ComponentConcernSeverity.TRIVIAL_LOW, "https://severe-policy");
    ComponentConcern vulnerabilityConcern1 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-123", ComponentConcernSeverity.CRITICAL, "https://vuln-rul");
    ComponentConcern vulnerabilityConcern2 = ComponentConcern.vulnerability(ItemOperation.UPDATE, "CVE-135", ComponentConcernSeverity.TRIVIAL_LOW, "https://vuln-rul");
    ComponentConcern vulnerabilityConcern3 = ComponentConcern.vulnerability(ItemOperation.DELETE, "CVE-246", ComponentConcernSeverity.MINOR_MEDIUM, "https://vuln-rul");
    BomComponentDetails bomComponentDetails = createBomComponentDetails(List.of(policyConcern, vulnerabilityConcern1, vulnerabilityConcern2, vulnerabilityConcern3));
    ProjectMessage projectMessage = ProjectMessage.componentConcern(providerDetails, commonProject, commonProjectVersion, List.of(bomComponentDetails));
    ProcessedProviderMessage<ProjectMessage> processedProviderMessage = new ProcessedProviderMessage<>(Set.of(1L), projectMessage);
    ProcessedProviderMessage<SimpleMessage> summarizedSimpleMessage = projectMessageSummarizer.summarize(processedProviderMessage);
    SimpleMessage simpleMessage = summarizedSimpleMessage.getProviderMessage();
    printSimpleMessage(simpleMessage);
    testProjectStatus(simpleMessage);
    testComponentStatus(simpleMessage);
    assertEquals(6, simpleMessage.getDetails().size());
    assertTrue(doesLabelExist(simpleMessage.getDetails(), policyConcern.getSeverity().getPolicyLabel(), "Policies", ProjectMessageSummarizer.OP_PARTICIPLE_VIOLATED));
    assertTrue(doesLabelExist(simpleMessage.getDetails(), vulnerabilityConcern1.getSeverity().getVulnerabilityLabel(), "Vulnerabilities", ProjectMessageSummarizer.OP_PARTICIPLE_ADDED));
    assertTrue(doesLabelExist(simpleMessage.getDetails(), vulnerabilityConcern2.getSeverity().getVulnerabilityLabel(), "Vulnerabilities", ProjectMessageSummarizer.OP_PARTICIPLE_UPDATED));
    assertTrue(doesLabelExist(simpleMessage.getDetails(), vulnerabilityConcern3.getSeverity().getVulnerabilityLabel(), "Vulnerabilities", ProjectMessageSummarizer.OP_PARTICIPLE_DELETED));
    assertTrue(simpleMessage.getDescription().contains("problems"));
}
Also used : ProjectMessage(com.synopsys.integration.alert.processor.api.extract.model.project.ProjectMessage) ProcessedProviderMessage(com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessage) SimpleMessage(com.synopsys.integration.alert.processor.api.extract.model.SimpleMessage) ComponentConcern(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern) BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails) Test(org.junit.jupiter.api.Test)

Example 3 with ProcessedProviderMessage

use of com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessage in project hub-alert by blackducksoftware.

the class ProjectMessageSummarizerTest method summarizeProjectStatusTest.

@Test
public void summarizeProjectStatusTest() {
    ProjectOperation commonOperation = ProjectOperation.CREATE;
    ProjectMessage projectMessage = ProjectMessage.projectStatusInfo(providerDetails, commonProject, commonOperation);
    ProcessedProviderMessage<ProjectMessage> processedProviderMessage = new ProcessedProviderMessage<>(Set.of(1L), projectMessage);
    ProcessedProviderMessage<SimpleMessage> summarizedSimpleMessage = projectMessageSummarizer.summarize(processedProviderMessage);
    SimpleMessage simpleMessage = summarizedSimpleMessage.getProviderMessage();
    printSimpleMessage(simpleMessage);
    testProjectStatus(simpleMessage);
    assertEquals(1, simpleMessage.getDetails().size());
    assertTrue(simpleMessage.getDetails().contains(commonProject));
    assertTrue(simpleMessage.getSummary().contains(ProjectMessageSummarizer.OP_PARTICIPLE_CREATED));
}
Also used : ProjectMessage(com.synopsys.integration.alert.processor.api.extract.model.project.ProjectMessage) ProcessedProviderMessage(com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessage) SimpleMessage(com.synopsys.integration.alert.processor.api.extract.model.SimpleMessage) ProjectOperation(com.synopsys.integration.alert.processor.api.extract.model.project.ProjectOperation) Test(org.junit.jupiter.api.Test)

Example 4 with ProcessedProviderMessage

use of com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessage in project hub-alert by blackducksoftware.

the class ProjectMessageSummarizerTest method sortedConcernsTest.

@Test
public void sortedConcernsTest() {
    ComponentConcern policyConcern1 = ComponentConcern.severePolicy(ItemOperation.ADD, "A severe policy", ComponentConcernSeverity.TRIVIAL_LOW, "https://severe-policy");
    ComponentConcern policyConcern2 = ComponentConcern.severePolicy(ItemOperation.ADD, "A severe policy", ComponentConcernSeverity.BLOCKER, "https://severe-policy");
    ComponentConcern policyConcern3 = ComponentConcern.severePolicy(ItemOperation.ADD, "A severe policy", ComponentConcernSeverity.MINOR_MEDIUM, "https://severe-policy");
    ComponentConcern vulnerabilityConcern1 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-123", ComponentConcernSeverity.CRITICAL, "https://vuln-rul");
    ComponentConcern vulnerabilityConcern2 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-135", ComponentConcernSeverity.TRIVIAL_LOW, "https://vuln-rul");
    ComponentConcern vulnerabilityConcern3 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-246", ComponentConcernSeverity.MINOR_MEDIUM, "https://vuln-rul");
    ComponentConcern policyConcern4 = ComponentConcern.severePolicy(ItemOperation.ADD, "A severe policy", ComponentConcernSeverity.BLOCKER, "https://severe-policy");
    ComponentConcern policyConcern5 = ComponentConcern.severePolicy(ItemOperation.ADD, "A severe policy", ComponentConcernSeverity.MAJOR_HIGH, "https://severe-policy");
    ComponentConcern policyConcern6 = ComponentConcern.severePolicy(ItemOperation.ADD, "A severe policy", ComponentConcernSeverity.CRITICAL, "https://severe-policy");
    ComponentConcern policyConcern7 = ComponentConcern.severePolicy(ItemOperation.ADD, "A severe policy", ComponentConcernSeverity.UNSPECIFIED_UNKNOWN, "https://severe-policy");
    ComponentConcern vulnerabilityConcern4 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-123", ComponentConcernSeverity.BLOCKER, "https://vuln-rul");
    ComponentConcern vulnerabilityConcern5 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-123", ComponentConcernSeverity.UNSPECIFIED_UNKNOWN, "https://vuln-rul");
    ComponentConcern vulnerabilityConcern6 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-123", ComponentConcernSeverity.MAJOR_HIGH, "https://vuln-rul");
    BomComponentDetails bomComponentDetails = createBomComponentDetails(List.of(policyConcern1, policyConcern2, policyConcern3, policyConcern4, policyConcern5, policyConcern6, policyConcern7, vulnerabilityConcern1, vulnerabilityConcern2, vulnerabilityConcern3, vulnerabilityConcern4, vulnerabilityConcern5, vulnerabilityConcern6));
    ProjectMessage projectMessage = ProjectMessage.componentConcern(providerDetails, commonProject, commonProjectVersion, List.of(bomComponentDetails));
    ProcessedProviderMessage<ProjectMessage> processedProviderMessage = new ProcessedProviderMessage<>(Set.of(1L), projectMessage);
    ProcessedProviderMessage<SimpleMessage> summarizedSimpleMessage = projectMessageSummarizer.summarize(processedProviderMessage);
    SimpleMessage simpleMessage = summarizedSimpleMessage.getProviderMessage();
    printSimpleMessage(simpleMessage);
    // There are a total of 14 details, the latter 12 being policies and vulnerabilities sorted by type then severity
    assertEquals(14, simpleMessage.getDetails().size());
    List<LinkableItem> details = simpleMessage.getDetails();
    assertTrue(details.get(2).getLabel().contains(ComponentConcernSeverity.BLOCKER.getPolicyLabel()));
    assertTrue(details.get(3).getLabel().contains(ComponentConcernSeverity.CRITICAL.getPolicyLabel()));
    assertTrue(details.get(4).getLabel().contains(ComponentConcernSeverity.MAJOR_HIGH.getPolicyLabel()));
    assertTrue(details.get(5).getLabel().contains(ComponentConcernSeverity.MINOR_MEDIUM.getPolicyLabel()));
    assertTrue(details.get(6).getLabel().contains(ComponentConcernSeverity.TRIVIAL_LOW.getPolicyLabel()));
    assertTrue(details.get(7).getLabel().contains(ComponentConcernSeverity.UNSPECIFIED_UNKNOWN.getPolicyLabel()));
    assertTrue(details.get(8).getLabel().contains(ComponentConcernSeverity.BLOCKER.getVulnerabilityLabel()));
    assertTrue(details.get(9).getLabel().contains(ComponentConcernSeverity.CRITICAL.getVulnerabilityLabel()));
    assertTrue(details.get(10).getLabel().contains(ComponentConcernSeverity.MAJOR_HIGH.getVulnerabilityLabel()));
    assertTrue(details.get(11).getLabel().contains(ComponentConcernSeverity.MINOR_MEDIUM.getVulnerabilityLabel()));
    assertTrue(details.get(12).getLabel().contains(ComponentConcernSeverity.TRIVIAL_LOW.getVulnerabilityLabel()));
    assertTrue(details.get(13).getLabel().contains(ComponentConcernSeverity.UNSPECIFIED_UNKNOWN.getVulnerabilityLabel()));
}
Also used : LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem) ProjectMessage(com.synopsys.integration.alert.processor.api.extract.model.project.ProjectMessage) ProcessedProviderMessage(com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessage) SimpleMessage(com.synopsys.integration.alert.processor.api.extract.model.SimpleMessage) ComponentConcern(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern) BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails) Test(org.junit.jupiter.api.Test)

Example 5 with ProcessedProviderMessage

use of com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessage in project hub-alert by blackducksoftware.

the class ProjectMessageSummarizerTest method summarizeProjectVersionStatusTest.

@Test
public void summarizeProjectVersionStatusTest() {
    ProjectOperation commonOperation = ProjectOperation.CREATE;
    ProjectMessage projectMessage = ProjectMessage.projectVersionStatusInfo(providerDetails, commonProject, commonProjectVersion, commonOperation);
    ProcessedProviderMessage<ProjectMessage> processedProviderMessage = new ProcessedProviderMessage<>(Set.of(1L), projectMessage);
    ProcessedProviderMessage<SimpleMessage> summarizedSimpleMessage = projectMessageSummarizer.summarize(processedProviderMessage);
    SimpleMessage simpleMessage = summarizedSimpleMessage.getProviderMessage();
    printSimpleMessage(simpleMessage);
    testProjectStatus(simpleMessage);
    assertEquals(2, simpleMessage.getDetails().size(), "Expected 2 LinkableItems. One for project the other for project-version.");
    assertTrue(simpleMessage.getDetails().contains(commonProject));
    assertTrue(simpleMessage.getDetails().contains(commonProjectVersion));
    assertTrue(simpleMessage.getSummary().contains(commonProjectVersion.getValue()));
    assertTrue(simpleMessage.getSummary().contains(ProjectMessageSummarizer.OP_PARTICIPLE_CREATED));
    assertTrue(simpleMessage.getDescription().contains(commonProjectVersion.getValue()));
}
Also used : ProjectMessage(com.synopsys.integration.alert.processor.api.extract.model.project.ProjectMessage) ProcessedProviderMessage(com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessage) SimpleMessage(com.synopsys.integration.alert.processor.api.extract.model.SimpleMessage) ProjectOperation(com.synopsys.integration.alert.processor.api.extract.model.project.ProjectOperation) Test(org.junit.jupiter.api.Test)

Aggregations

ProcessedProviderMessage (com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessage)12 ProjectMessage (com.synopsys.integration.alert.processor.api.extract.model.project.ProjectMessage)12 SimpleMessage (com.synopsys.integration.alert.processor.api.extract.model.SimpleMessage)10 Test (org.junit.jupiter.api.Test)8 LinkableItem (com.synopsys.integration.alert.common.message.model.LinkableItem)4 BomComponentDetails (com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)4 ComponentConcern (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern)4 ProjectOperation (com.synopsys.integration.alert.processor.api.extract.model.project.ProjectOperation)4 ProcessedProviderMessageHolder (com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessageHolder)2 AlertNotificationModel (com.synopsys.integration.alert.common.rest.model.AlertNotificationModel)1 ProviderDetails (com.synopsys.integration.alert.processor.api.extract.model.ProviderDetails)1 NotificationContentWrapper (com.synopsys.integration.alert.processor.api.filter.NotificationContentWrapper)1 RuleViolationUniquePolicyNotificationContent (com.synopsys.integration.alert.provider.blackduck.processor.model.RuleViolationUniquePolicyNotificationContent)1 ArrayList (java.util.ArrayList)1