Examples with BomComponentDetails com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails used on opensource projects

Search in sources :

Example 1 with BomComponentDetails

use of com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails in project hub-alert by blackducksoftware.

the class ProjectMessageSummarizerTest method groupedConcernCountTest.

@Test
public void groupedConcernCountTest() {
    ComponentConcern vulnerabilityConcern1 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-123", ComponentConcernSeverity.CRITICAL, "https://vuln-rul");
    ComponentConcern vulnerabilityConcern2 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-456", ComponentConcernSeverity.CRITICAL, "https://vuln-rul");
    ComponentConcern vulnerabilityConcern3 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-789", ComponentConcernSeverity.CRITICAL, "https://vuln-rul");
    ComponentConcern vulnerabilityConcern4 = ComponentConcern.vulnerability(ItemOperation.DELETE, "CVE-246", ComponentConcernSeverity.MINOR_MEDIUM, "https://vuln-rul");
    BomComponentDetails bomComponentDetails = createBomComponentDetails(List.of(vulnerabilityConcern1, vulnerabilityConcern2, vulnerabilityConcern3, vulnerabilityConcern4));
    ProjectMessage projectMessage = ProjectMessage.componentConcern(providerDetails, commonProject, commonProjectVersion, List.of(bomComponentDetails));
    ProcessedProviderMessage<ProjectMessage> processedProviderMessage = new ProcessedProviderMessage<>(Set.of(1L), projectMessage);
    ProcessedProviderMessage<SimpleMessage> summarizedSimpleMessage = projectMessageSummarizer.summarize(processedProviderMessage);
    SimpleMessage simpleMessage = summarizedSimpleMessage.getProviderMessage();
    printSimpleMessage(simpleMessage);
    testProjectStatus(simpleMessage);
    testComponentStatus(simpleMessage);
    assertEquals(4, simpleMessage.getDetails().size());
    assertEquals(3, Integer.valueOf(getDetailValue(simpleMessage.getDetails(), vulnerabilityConcern1.getSeverity().getVulnerabilityLabel(), "Vulnerabilities", ProjectMessageSummarizer.OP_PARTICIPLE_ADDED)));
    assertEquals(1, Integer.valueOf(getDetailValue(simpleMessage.getDetails(), vulnerabilityConcern4.getSeverity().getVulnerabilityLabel(), "Vulnerabilities", ProjectMessageSummarizer.OP_PARTICIPLE_DELETED)));
}
Also used : ProjectMessage(com.synopsys.integration.alert.processor.api.extract.model.project.ProjectMessage) ProcessedProviderMessage(com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessage) SimpleMessage(com.synopsys.integration.alert.processor.api.extract.model.SimpleMessage) ComponentConcern(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern) BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails) Test(org.junit.jupiter.api.Test)

Example 2 with BomComponentDetails

use of com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails in project hub-alert by blackducksoftware.

the class ProjectMessageSummarizerTest method summarizeComponentConcernTest.

@Test
public void summarizeComponentConcernTest() {
    ComponentConcern policyConcern = ComponentConcern.severePolicy(ItemOperation.ADD, "A severe policy", ComponentConcernSeverity.TRIVIAL_LOW, "https://severe-policy");
    ComponentConcern vulnerabilityConcern1 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-123", ComponentConcernSeverity.CRITICAL, "https://vuln-rul");
    ComponentConcern vulnerabilityConcern2 = ComponentConcern.vulnerability(ItemOperation.UPDATE, "CVE-135", ComponentConcernSeverity.TRIVIAL_LOW, "https://vuln-rul");
    ComponentConcern vulnerabilityConcern3 = ComponentConcern.vulnerability(ItemOperation.DELETE, "CVE-246", ComponentConcernSeverity.MINOR_MEDIUM, "https://vuln-rul");
    BomComponentDetails bomComponentDetails = createBomComponentDetails(List.of(policyConcern, vulnerabilityConcern1, vulnerabilityConcern2, vulnerabilityConcern3));
    ProjectMessage projectMessage = ProjectMessage.componentConcern(providerDetails, commonProject, commonProjectVersion, List.of(bomComponentDetails));
    ProcessedProviderMessage<ProjectMessage> processedProviderMessage = new ProcessedProviderMessage<>(Set.of(1L), projectMessage);
    ProcessedProviderMessage<SimpleMessage> summarizedSimpleMessage = projectMessageSummarizer.summarize(processedProviderMessage);
    SimpleMessage simpleMessage = summarizedSimpleMessage.getProviderMessage();
    printSimpleMessage(simpleMessage);
    testProjectStatus(simpleMessage);
    testComponentStatus(simpleMessage);
    assertEquals(6, simpleMessage.getDetails().size());
    assertTrue(doesLabelExist(simpleMessage.getDetails(), policyConcern.getSeverity().getPolicyLabel(), "Policies", ProjectMessageSummarizer.OP_PARTICIPLE_VIOLATED));
    assertTrue(doesLabelExist(simpleMessage.getDetails(), vulnerabilityConcern1.getSeverity().getVulnerabilityLabel(), "Vulnerabilities", ProjectMessageSummarizer.OP_PARTICIPLE_ADDED));
    assertTrue(doesLabelExist(simpleMessage.getDetails(), vulnerabilityConcern2.getSeverity().getVulnerabilityLabel(), "Vulnerabilities", ProjectMessageSummarizer.OP_PARTICIPLE_UPDATED));
    assertTrue(doesLabelExist(simpleMessage.getDetails(), vulnerabilityConcern3.getSeverity().getVulnerabilityLabel(), "Vulnerabilities", ProjectMessageSummarizer.OP_PARTICIPLE_DELETED));
    assertTrue(simpleMessage.getDescription().contains("problems"));
}
Also used : ProjectMessage(com.synopsys.integration.alert.processor.api.extract.model.project.ProjectMessage) ProcessedProviderMessage(com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessage) SimpleMessage(com.synopsys.integration.alert.processor.api.extract.model.SimpleMessage) ComponentConcern(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern) BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails) Test(org.junit.jupiter.api.Test)

Example 3 with BomComponentDetails

use of com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails in project hub-alert by blackducksoftware.

the class ProjectMessageSummarizerTest method sortedConcernsTest.

@Test
public void sortedConcernsTest() {
    ComponentConcern policyConcern1 = ComponentConcern.severePolicy(ItemOperation.ADD, "A severe policy", ComponentConcernSeverity.TRIVIAL_LOW, "https://severe-policy");
    ComponentConcern policyConcern2 = ComponentConcern.severePolicy(ItemOperation.ADD, "A severe policy", ComponentConcernSeverity.BLOCKER, "https://severe-policy");
    ComponentConcern policyConcern3 = ComponentConcern.severePolicy(ItemOperation.ADD, "A severe policy", ComponentConcernSeverity.MINOR_MEDIUM, "https://severe-policy");
    ComponentConcern vulnerabilityConcern1 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-123", ComponentConcernSeverity.CRITICAL, "https://vuln-rul");
    ComponentConcern vulnerabilityConcern2 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-135", ComponentConcernSeverity.TRIVIAL_LOW, "https://vuln-rul");
    ComponentConcern vulnerabilityConcern3 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-246", ComponentConcernSeverity.MINOR_MEDIUM, "https://vuln-rul");
    ComponentConcern policyConcern4 = ComponentConcern.severePolicy(ItemOperation.ADD, "A severe policy", ComponentConcernSeverity.BLOCKER, "https://severe-policy");
    ComponentConcern policyConcern5 = ComponentConcern.severePolicy(ItemOperation.ADD, "A severe policy", ComponentConcernSeverity.MAJOR_HIGH, "https://severe-policy");
    ComponentConcern policyConcern6 = ComponentConcern.severePolicy(ItemOperation.ADD, "A severe policy", ComponentConcernSeverity.CRITICAL, "https://severe-policy");
    ComponentConcern policyConcern7 = ComponentConcern.severePolicy(ItemOperation.ADD, "A severe policy", ComponentConcernSeverity.UNSPECIFIED_UNKNOWN, "https://severe-policy");
    ComponentConcern vulnerabilityConcern4 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-123", ComponentConcernSeverity.BLOCKER, "https://vuln-rul");
    ComponentConcern vulnerabilityConcern5 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-123", ComponentConcernSeverity.UNSPECIFIED_UNKNOWN, "https://vuln-rul");
    ComponentConcern vulnerabilityConcern6 = ComponentConcern.vulnerability(ItemOperation.ADD, "CVE-123", ComponentConcernSeverity.MAJOR_HIGH, "https://vuln-rul");
    BomComponentDetails bomComponentDetails = createBomComponentDetails(List.of(policyConcern1, policyConcern2, policyConcern3, policyConcern4, policyConcern5, policyConcern6, policyConcern7, vulnerabilityConcern1, vulnerabilityConcern2, vulnerabilityConcern3, vulnerabilityConcern4, vulnerabilityConcern5, vulnerabilityConcern6));
    ProjectMessage projectMessage = ProjectMessage.componentConcern(providerDetails, commonProject, commonProjectVersion, List.of(bomComponentDetails));
    ProcessedProviderMessage<ProjectMessage> processedProviderMessage = new ProcessedProviderMessage<>(Set.of(1L), projectMessage);
    ProcessedProviderMessage<SimpleMessage> summarizedSimpleMessage = projectMessageSummarizer.summarize(processedProviderMessage);
    SimpleMessage simpleMessage = summarizedSimpleMessage.getProviderMessage();
    printSimpleMessage(simpleMessage);
    // There are a total of 14 details, the latter 12 being policies and vulnerabilities sorted by type then severity
    assertEquals(14, simpleMessage.getDetails().size());
    List<LinkableItem> details = simpleMessage.getDetails();
    assertTrue(details.get(2).getLabel().contains(ComponentConcernSeverity.BLOCKER.getPolicyLabel()));
    assertTrue(details.get(3).getLabel().contains(ComponentConcernSeverity.CRITICAL.getPolicyLabel()));
    assertTrue(details.get(4).getLabel().contains(ComponentConcernSeverity.MAJOR_HIGH.getPolicyLabel()));
    assertTrue(details.get(5).getLabel().contains(ComponentConcernSeverity.MINOR_MEDIUM.getPolicyLabel()));
    assertTrue(details.get(6).getLabel().contains(ComponentConcernSeverity.TRIVIAL_LOW.getPolicyLabel()));
    assertTrue(details.get(7).getLabel().contains(ComponentConcernSeverity.UNSPECIFIED_UNKNOWN.getPolicyLabel()));
    assertTrue(details.get(8).getLabel().contains(ComponentConcernSeverity.BLOCKER.getVulnerabilityLabel()));
    assertTrue(details.get(9).getLabel().contains(ComponentConcernSeverity.CRITICAL.getVulnerabilityLabel()));
    assertTrue(details.get(10).getLabel().contains(ComponentConcernSeverity.MAJOR_HIGH.getVulnerabilityLabel()));
    assertTrue(details.get(11).getLabel().contains(ComponentConcernSeverity.MINOR_MEDIUM.getVulnerabilityLabel()));
    assertTrue(details.get(12).getLabel().contains(ComponentConcernSeverity.TRIVIAL_LOW.getVulnerabilityLabel()));
    assertTrue(details.get(13).getLabel().contains(ComponentConcernSeverity.UNSPECIFIED_UNKNOWN.getVulnerabilityLabel()));
}
Also used : LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem) ProjectMessage(com.synopsys.integration.alert.processor.api.extract.model.project.ProjectMessage) ProcessedProviderMessage(com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessage) SimpleMessage(com.synopsys.integration.alert.processor.api.extract.model.SimpleMessage) ComponentConcern(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern) BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails) Test(org.junit.jupiter.api.Test)

Example 4 with BomComponentDetails

use of com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails in project hub-alert by blackducksoftware.

the class RuleViolationNotificationMessageExtractorTest method createBomComponentDetailsMissingBomComponentTest.

@Test
public void createBomComponentDetailsMissingBomComponentTest() throws IntegrationException {
    BlackDuckServicesFactory blackDuckServicesFactory = Mockito.mock(BlackDuckServicesFactory.class);
    BlackDuckApiClient blackDuckApiClient = Mockito.mock(BlackDuckApiClient.class);
    Mockito.when(blackDuckServicesFactory.getBlackDuckApiClient()).thenReturn(blackDuckApiClient);
    Mockito.doThrow(new IntegrationRestException(HttpMethod.GET, new HttpUrl("https://google.com"), HttpStatus.NOT_FOUND.value(), "httpStatusMessageTest", "httpResponseContentTest", "IntegrationRestExceptionForAlertTest")).when(blackDuckApiClient).getResponse(Mockito.any(), Mockito.any());
    RuleViolationUniquePolicyNotificationContent notificationContent = new RuleViolationUniquePolicyNotificationContent(PROJECT, PROJECT_VERSION, PROJECT_VERSION_URL, COMPONENT_VERSIONS_IN_VIOLATION, List.of(componentVersionStatus), policyInfo);
    List<BomComponentDetails> bomComponentDetailsList = extractor.createBomComponentDetails(notificationContent, blackDuckServicesFactory);
    assertEquals(1, bomComponentDetailsList.size());
    BomComponentDetails testBomComponentDetails = bomComponentDetailsList.get(0);
    assertEquals(COMPONENT, testBomComponentDetails.getComponent());
    assertTrue(testBomComponentDetails.getComponentVersion().isPresent());
    assertEquals(COMPONENT_VERSION.getValue(), testBomComponentDetails.getComponentVersion().get().getValue());
    assertTrue(testBomComponentDetails.getRelevantPolicies().isEmpty());
    assertEquals(BlackDuckMessageLabels.VALUE_UNKNOWN_LICENSE, testBomComponentDetails.getLicense().getValue());
    assertEquals(BlackDuckMessageLabels.VALUE_UNKNOWN_USAGE, testBomComponentDetails.getUsage());
    assertEquals(1, testBomComponentDetails.getComponentConcerns().size());
    assertEquals(ItemOperation.ADD, testBomComponentDetails.getComponentConcerns().get(0).getOperation());
}
Also used : IntegrationRestException(com.synopsys.integration.rest.exception.IntegrationRestException) RuleViolationUniquePolicyNotificationContent(com.synopsys.integration.alert.provider.blackduck.processor.model.RuleViolationUniquePolicyNotificationContent) BlackDuckApiClient(com.synopsys.integration.blackduck.service.BlackDuckApiClient) BlackDuckServicesFactory(com.synopsys.integration.blackduck.service.BlackDuckServicesFactory) HttpUrl(com.synopsys.integration.rest.HttpUrl) BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails) Test(org.junit.jupiter.api.Test)

Example 5 with BomComponentDetails

use of com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails in project hub-alert by blackducksoftware.

the class RuleViolationNotificationMessageExtractorTest method createBomComponentDetailsTest.

@Test
public void createBomComponentDetailsTest() throws IntegrationException {
    BlackDuckServicesFactory blackDuckServicesFactory = Mockito.mock(BlackDuckServicesFactory.class);
    BlackDuckApiClient blackDuckApiClient = Mockito.mock(BlackDuckApiClient.class);
    Mockito.when(blackDuckServicesFactory.getBlackDuckApiClient()).thenReturn(blackDuckApiClient);
    ProjectVersionComponentVersionView projectVersionComponentVersionView = createProjectVersionComponentVersionView();
    Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.eq(ProjectVersionComponentVersionView.class))).thenReturn(projectVersionComponentVersionView);
    ComponentPolicyRulesView componentPolicyRulesView = new ComponentPolicyRulesView();
    ResourceMetadata meta = new ResourceMetadata();
    meta.setHref(new HttpUrl(COMPONENT_POLICY_URL));
    componentPolicyRulesView.setMeta(meta);
    componentPolicyRulesView.setName(COMPONENT_POLICY.getPolicyName());
    componentPolicyRulesView.setSeverity(PolicyRuleSeverityType.BLOCKER);
    componentPolicyRulesView.setPolicyApprovalStatus(ProjectVersionComponentPolicyStatusType.IN_VIOLATION_OVERRIDDEN);
    Mockito.when(blackDuckApiClient.getAllResponses(Mockito.eq(projectVersionComponentVersionView.metaPolicyRulesLink()))).thenReturn(List.of(componentPolicyRulesView));
    PolicyRuleView policyRuleView = new PolicyRuleView();
    policyRuleView.setCategory(PolicyRuleCategoryType.UNCATEGORIZED);
    Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.eq(PolicyRuleView.class))).thenReturn(policyRuleView);
    RuleViolationUniquePolicyNotificationContent notificationContent = new RuleViolationUniquePolicyNotificationContent(PROJECT, PROJECT_VERSION, PROJECT_VERSION_URL, COMPONENT_VERSIONS_IN_VIOLATION, List.of(componentVersionStatus), policyInfo);
    List<BomComponentDetails> bomComponentDetailsList = extractor.createBomComponentDetails(notificationContent, blackDuckServicesFactory);
    assertEquals(1, bomComponentDetailsList.size());
    BomComponentDetails testBomComponentDetails = bomComponentDetailsList.get(0);
    assertEquals(COMPONENT, testBomComponentDetails.getComponent());
    assertTrue(testBomComponentDetails.getComponentVersion().isPresent());
    assertEquals(COMPONENT_VERSION.getValue(), testBomComponentDetails.getComponentVersion().get().getValue());
    assertEquals(LICENSE_DISPLAY, testBomComponentDetails.getLicense().getValue());
    assertEquals(UsageType.DYNAMICALLY_LINKED.prettyPrint(), testBomComponentDetails.getUsage());
    assertTrue(testBomComponentDetails.getAdditionalAttributes().isEmpty());
    assertEquals(1, testBomComponentDetails.getComponentConcerns().size());
    assertEquals(ItemOperation.ADD, testBomComponentDetails.getComponentConcerns().get(0).getOperation());
    ComponentUpgradeGuidance componentUpgradeGuidance = testBomComponentDetails.getComponentUpgradeGuidance();
    assertFalse(componentUpgradeGuidance.getLongTermUpgradeGuidance().isPresent());
    assertFalse(componentUpgradeGuidance.getShortTermUpgradeGuidance().isPresent());
    assertEquals(1, testBomComponentDetails.getRelevantPolicies().size());
    ComponentPolicy testComponentPolicy = testBomComponentDetails.getRelevantPolicies().get(0);
    assertTrue(testComponentPolicy.getCategory().isPresent());
    assertEquals(PolicyRuleCategoryType.UNCATEGORIZED.toString(), testComponentPolicy.getCategory().get());
}
Also used : ComponentPolicyRulesView(com.synopsys.integration.blackduck.api.generated.view.ComponentPolicyRulesView) ComponentUpgradeGuidance(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance) RuleViolationUniquePolicyNotificationContent(com.synopsys.integration.alert.provider.blackduck.processor.model.RuleViolationUniquePolicyNotificationContent) ComponentPolicy(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy) BlackDuckApiClient(com.synopsys.integration.blackduck.service.BlackDuckApiClient) PolicyRuleView(com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView) BlackDuckServicesFactory(com.synopsys.integration.blackduck.service.BlackDuckServicesFactory) ResourceMetadata(com.synopsys.integration.blackduck.api.core.ResourceMetadata) HttpUrl(com.synopsys.integration.rest.HttpUrl) ProjectVersionComponentVersionView(com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView) BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails) Test(org.junit.jupiter.api.Test)

Aggregations

BomComponentDetails (com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)41 Test (org.junit.jupiter.api.Test)25 BlackDuckApiClient (com.synopsys.integration.blackduck.service.BlackDuckApiClient)19 HttpUrl (com.synopsys.integration.rest.HttpUrl)18 BlackDuckServicesFactory (com.synopsys.integration.blackduck.service.BlackDuckServicesFactory)16 ProjectVersionComponentVersionView (com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView)14 ComponentUpgradeGuidance (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance)13 ProjectMessage (com.synopsys.integration.alert.processor.api.extract.model.project.ProjectMessage)13 LinkableItem (com.synopsys.integration.alert.common.message.model.LinkableItem)12 ComponentConcern (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern)12 IntegrationRestException (com.synopsys.integration.rest.exception.IntegrationRestException)12 ProjectIssueModel (com.synopsys.integration.alert.api.channel.issue.model.ProjectIssueModel)6 ComponentPolicy (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy)6 LinkedList (java.util.LinkedList)6 ProcessedProviderMessage (com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessage)5 SimpleMessage (com.synopsys.integration.alert.processor.api.extract.model.SimpleMessage)5 VulnerabilityUniqueProjectNotificationContent (com.synopsys.integration.alert.provider.blackduck.processor.model.VulnerabilityUniqueProjectNotificationContent)5 IssueBomComponentDetails (com.synopsys.integration.alert.api.channel.issue.model.IssueBomComponentDetails)4 BlackDuckMessageBomComponentDetailsCreator (com.synopsys.integration.alert.provider.blackduck.processor.message.service.BlackDuckMessageBomComponentDetailsCreator)4 ResourceMetadata (com.synopsys.integration.blackduck.api.core.ResourceMetadata)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial