Example 36 with BomComponentDetails
use of com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails in project hub-alert by blackducksoftware.
the class PolicyOverrideNotificationMessageExtractorTest method createBomComponentDetailsMissingBomComponentTest.
@Test
public void createBomComponentDetailsMissingBomComponentTest() throws IntegrationException {
BlackDuckServicesFactory blackDuckServicesFactory = Mockito.mock(BlackDuckServicesFactory.class);
BlackDuckApiClient blackDuckApiClient = Mockito.mock(BlackDuckApiClient.class);
Mockito.when(blackDuckServicesFactory.getBlackDuckApiClient()).thenReturn(blackDuckApiClient);
Mockito.doThrow(new IntegrationRestException(HttpMethod.GET, new HttpUrl("https://google.com"), HttpStatus.NOT_FOUND.value(), "httpStatusMessageTest", "httpResponseContentTest", "IntegrationRestExceptionForAlertTest")).when(blackDuckApiClient).getResponse(Mockito.any(), Mockito.any());
List<BomComponentDetails> bomComponentDetailsList = extractor.createBomComponentDetails(policyOverrideUniquePolicyNotificationContent, blackDuckServicesFactory);
assertEquals(1, bomComponentDetailsList.size());
BomComponentDetails testBomComponentDetails = bomComponentDetailsList.get(0);
assertEquals(COMPONENT, testBomComponentDetails.getComponent());
assertEquals(1, testBomComponentDetails.getComponentConcerns().size());
assertTrue(testBomComponentDetails.getComponentVersion().isPresent());
assertEquals(COMPONENT_VERSION.getValue(), testBomComponentDetails.getComponentVersion().get().getValue());
assertTrue(testBomComponentDetails.getRelevantPolicies().isEmpty());
assertEquals(BlackDuckMessageLabels.VALUE_UNKNOWN_LICENSE, testBomComponentDetails.getLicense().getValue());
assertEquals(BlackDuckMessageLabels.VALUE_UNKNOWN_USAGE, testBomComponentDetails.getUsage());
}
Also used :
IntegrationRestException(com.synopsys.integration.rest.exception.IntegrationRestException)
BlackDuckApiClient(com.synopsys.integration.blackduck.service.BlackDuckApiClient)
BlackDuckServicesFactory(com.synopsys.integration.blackduck.service.BlackDuckServicesFactory)
HttpUrl(com.synopsys.integration.rest.HttpUrl)
BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)
Test(org.junit.jupiter.api.Test)
Example 37 with BomComponentDetails
use of com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails in project hub-alert by blackducksoftware.
the class IssueTrackerSearcherTest method findIssuesProjectIssueModel.
@Test
public void findIssuesProjectIssueModel() throws AlertException {
BomComponentDetails bomComponentDetails = Mockito.mock(BomComponentDetails.class);
ProjectMessage projectMessage = ProjectMessage.componentConcern(PROVIDER_DETAILS, PROJECT_ITEM, PROJECT_VERSION_ITEM, List.of(bomComponentDetails));
ProjectIssueModel projectIssueModel1 = Mockito.mock(ProjectIssueModel.class);
ExistingIssueDetails<String> issue1 = new ExistingIssueDetails<>("issue-1", "issue-1", "issue 1", "https://issue-1", IssueStatus.RESOLVABLE, IssueCategory.POLICY);
IssuePolicyDetails policyDetails = new IssuePolicyDetails("A policy", ItemOperation.DELETE, ComponentConcernSeverity.UNSPECIFIED_UNKNOWN);
ProjectIssueModel projectIssueModel2 = Mockito.mock(ProjectIssueModel.class);
Mockito.when(projectIssueModel2.getPolicyDetails()).thenReturn(Optional.of(policyDetails));
IssueVulnerabilityDetails vulnerabilityDetails = new IssueVulnerabilityDetails(true, List.of(), List.of(), List.of());
ProjectIssueModel projectIssueModel3 = Mockito.mock(ProjectIssueModel.class);
Mockito.when(projectIssueModel3.getVulnerabilityDetails()).thenReturn(Optional.of(vulnerabilityDetails));
ExactIssueFinder<String> exactIssueFinder = Mockito.mock(ExactIssueFinder.class);
Mockito.when(exactIssueFinder.findExistingIssuesByProjectIssueModel(projectIssueModel1)).thenReturn(List.of(issue1));
Mockito.when(exactIssueFinder.findExistingIssuesByProjectIssueModel(projectIssueModel2)).thenReturn(List.of());
ProjectMessageToIssueModelTransformer mockModelTransformer = Mockito.mock(ProjectMessageToIssueModelTransformer.class);
Mockito.when(mockModelTransformer.convertToIssueModels(Mockito.eq(projectMessage))).thenReturn(List.of(projectIssueModel1, projectIssueModel2, projectIssueModel3));
IssueTrackerSearcher<String> searcher = new IssueTrackerSearcher<>(null, null, null, exactIssueFinder, mockModelTransformer);
List<ActionableIssueSearchResult<String>> foundIssues = searcher.findIssues(projectMessage);
assertEquals(1, foundIssues.size());
ActionableIssueSearchResult<String> foundIssue = foundIssues.get(0);
assertEquals(issue1, foundIssue.getExistingIssueDetails().orElse(null));
}
Also used :
ProjectIssueModel(com.synopsys.integration.alert.api.channel.issue.model.ProjectIssueModel)
ProjectMessage(com.synopsys.integration.alert.processor.api.extract.model.project.ProjectMessage)
IssueVulnerabilityDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityDetails)
IssuePolicyDetails(com.synopsys.integration.alert.api.channel.issue.model.IssuePolicyDetails)
ProjectMessageToIssueModelTransformer(com.synopsys.integration.alert.api.channel.issue.convert.ProjectMessageToIssueModelTransformer)
BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)
Test(org.junit.jupiter.api.Test)
Example 38 with BomComponentDetails
use of com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails in project hub-alert by blackducksoftware.
the class IssueTrackerSearcherTest method findIssuesComponentUpdate.
@Test
public void findIssuesComponentUpdate() throws AlertException {
BomComponentDetails bomComponentDetails = Mockito.mock(BomComponentDetails.class);
ProjectMessage projectMessage = ProjectMessage.componentUpdate(PROVIDER_DETAILS, PROJECT_ITEM, PROJECT_VERSION_ITEM, List.of(bomComponentDetails));
ProjectIssueModel projectIssueModel = Mockito.mock(ProjectIssueModel.class);
ProjectIssueSearchResult<String> projectIssueSearchResult = new ProjectIssueSearchResult<>(EXISTING_ISSUE_DETAILS, projectIssueModel);
ProjectVersionComponentIssueFinder<String> componentIssueFinder = Mockito.mock(ProjectVersionComponentIssueFinder.class);
Mockito.when(componentIssueFinder.findIssuesByComponent(Mockito.eq(PROVIDER_DETAILS), Mockito.eq(PROJECT_ITEM), Mockito.eq(PROJECT_VERSION_ITEM), Mockito.eq(bomComponentDetails))).thenReturn(List.of(projectIssueSearchResult));
IssueTrackerSearcher<String> searcher = new IssueTrackerSearcher<>(null, null, componentIssueFinder, null, modelTransformer);
List<ActionableIssueSearchResult<String>> foundIssues = searcher.findIssues(projectMessage);
assertEquals(1, foundIssues.size());
assertSearchResult(foundIssues.get(0), projectIssueModel, ItemOperation.UPDATE);
}
Also used :
ProjectMessage(com.synopsys.integration.alert.processor.api.extract.model.project.ProjectMessage)
ProjectIssueModel(com.synopsys.integration.alert.api.channel.issue.model.ProjectIssueModel)
BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)
Test(org.junit.jupiter.api.Test)
Example 39 with BomComponentDetails
use of com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails in project hub-alert by blackducksoftware.
the class ProjectMessageToIssueModelTransformerTest method convertToIssueModelsForVulnerabilitiesTest.
@Test
public void convertToIssueModelsForVulnerabilitiesTest() {
LinkableItem vulnerabilityItem0 = createVulnerabilityItem("CVE-000");
LinkableItem vulnerabilityItem7 = createVulnerabilityItem("CVE-007");
ComponentConcern vulnConcern0 = ComponentConcern.vulnerability(ItemOperation.ADD, vulnerabilityItem0.getValue(), ComponentConcernSeverity.CRITICAL, vulnerabilityItem0.getUrl().orElse(null));
ComponentConcern vulnConcern7 = ComponentConcern.vulnerability(ItemOperation.DELETE, vulnerabilityItem7.getValue(), ComponentConcernSeverity.MINOR_MEDIUM, vulnerabilityItem7.getUrl().orElse(null));
BomComponentDetails bomComponentDetails = createBomComponentDetails(List.of(vulnConcern0, ComponentConcern.vulnerability(ItemOperation.UPDATE, VULNERABILITY_2.getValue(), ComponentConcernSeverity.MINOR_MEDIUM, VULNERABILITY_2.getUrl().orElse(null)), vulnConcern7));
ProjectMessage projectMessage = ProjectMessage.componentConcern(PROVIDER_DETAILS, PROJECT, PROJECT_VERSION, List.of(bomComponentDetails));
ProjectMessageToIssueModelTransformer modelTransformer = new ProjectMessageToIssueModelTransformer();
List<ProjectIssueModel> vulnerabilityIssueModels = modelTransformer.convertToIssueModels(projectMessage);
assertEquals(1, vulnerabilityIssueModels.size());
ProjectIssueModel policyIssueModel = vulnerabilityIssueModels.get(0);
assertRequiredDetails(policyIssueModel);
Optional<IssueVulnerabilityDetails> optionalIssueVulnerabilityDetails = policyIssueModel.getVulnerabilityDetails();
assertTrue(optionalIssueVulnerabilityDetails.isPresent(), "Expected vulnerability details to be present");
IssueVulnerabilityDetails issueVulnerabilityDetails = optionalIssueVulnerabilityDetails.get();
assertEquals(1, issueVulnerabilityDetails.getVulnerabilitiesAdded().size());
assertEquals(1, issueVulnerabilityDetails.getVulnerabilitiesUpdated().size());
assertEquals(1, issueVulnerabilityDetails.getVulnerabilitiesDeleted().size());
}
Also used :
LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem)
ProjectMessage(com.synopsys.integration.alert.processor.api.extract.model.project.ProjectMessage)
IssueVulnerabilityDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityDetails)
ProjectIssueModel(com.synopsys.integration.alert.api.channel.issue.model.ProjectIssueModel)
ComponentConcern(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern)
BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)
IssueBomComponentDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueBomComponentDetails)
Test(org.junit.jupiter.api.Test)
Example 40 with BomComponentDetails
use of com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails in project hub-alert by blackducksoftware.
the class ProjectMessageSummarizer method constructMessageDetails.
private List<LinkableItem> constructMessageDetails(ProjectMessage projectMessage) {
List<LinkableItem> details = new LinkedList<>();
details.add(projectMessage.getProject());
projectMessage.getProjectVersion().ifPresent(details::add);
Map<ComponentConcernSummaryGrouping, Integer> groupedConcernCounts = new LinkedHashMap<>();
for (BomComponentDetails bomComponent : projectMessage.getBomComponents()) {
for (ComponentConcern concern : bomComponent.getComponentConcerns()) {
ComponentConcernSummaryGrouping concernKey = new ComponentConcernSummaryGrouping(concern.getType(), concern.getOperation(), concern.getSeverity());
int currentCount = groupedConcernCounts.getOrDefault(concernKey, 0);
Number concernNumericValue = concern.getNumericValue();
int concernCount = (concernNumericValue != null) ? concernNumericValue.intValue() : 1;
groupedConcernCounts.put(concernKey, currentCount + concernCount);
}
}
Map<ComponentConcernSummaryGrouping, Integer> sortedGroupedConcernCountsBySeverity = groupedConcernCounts.entrySet().stream().sorted(Map.Entry.comparingByKey(ComponentConcernSummaryGrouping.getComparator())).collect(Collectors.toMap(Map.Entry::getKey, Map.Entry::getValue, // Merge operation is equivalent to Map::putIfAbsent
(old, newIgnored) -> old, LinkedHashMap::new));
for (Map.Entry<ComponentConcernSummaryGrouping, Integer> groupedConcernCount : sortedGroupedConcernCountsBySeverity.entrySet()) {
ComponentConcernSummaryGrouping concernGrouping = groupedConcernCount.getKey();
String severityLabel = ComponentConcernType.POLICY.equals(concernGrouping.type) ? concernGrouping.severity.getPolicyLabel() : concernGrouping.severity.getVulnerabilityLabel();
String stateTypeString = convertToUppercasePlural(concernGrouping.type);
String stateAdjective = convertToAdjective(concernGrouping.type, concernGrouping.operation);
String label = String.format("(%s) %s %s count", severityLabel, stateTypeString, stateAdjective);
LinkableItem concernDetail = new LinkableItem(label, groupedConcernCount.getValue().toString());
concernDetail.setNumericValueFlag(true);
details.add(concernDetail);
}
return details;
}
Also used :
ComponentConcernType(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernType)
MessageReason(com.synopsys.integration.alert.processor.api.extract.model.project.MessageReason)
ComponentConcernSeverity(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity)
LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem)
ProjectMessage(com.synopsys.integration.alert.processor.api.extract.model.project.ProjectMessage)
Collectors(java.util.stream.Collectors)
BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)
LinkedHashMap(java.util.LinkedHashMap)
ProcessedProviderMessage(com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessage)
List(java.util.List)
Component(org.springframework.stereotype.Component)
Pair(org.apache.commons.lang3.tuple.Pair)
ComponentConcern(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern)
ProjectOperation(com.synopsys.integration.alert.processor.api.extract.model.project.ProjectOperation)
Map(java.util.Map)
ItemOperation(com.synopsys.integration.alert.common.enumeration.ItemOperation)
Optional(java.util.Optional)
SimpleMessage(com.synopsys.integration.alert.processor.api.extract.model.SimpleMessage)
Comparator(java.util.Comparator)
LinkedList(java.util.LinkedList)
AlertSerializableModel(com.synopsys.integration.alert.api.common.model.AlertSerializableModel)
LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem)
ComponentConcern(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern)
LinkedList(java.util.LinkedList)
LinkedHashMap(java.util.LinkedHashMap)
LinkedHashMap(java.util.LinkedHashMap)
Map(java.util.Map)
BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)
Aggregations
BomComponentDetails (com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)41
Test (org.junit.jupiter.api.Test)25
BlackDuckApiClient (com.synopsys.integration.blackduck.service.BlackDuckApiClient)19
HttpUrl (com.synopsys.integration.rest.HttpUrl)18
BlackDuckServicesFactory (com.synopsys.integration.blackduck.service.BlackDuckServicesFactory)16
ProjectVersionComponentVersionView (com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView)14
ComponentUpgradeGuidance (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance)13
ProjectMessage (com.synopsys.integration.alert.processor.api.extract.model.project.ProjectMessage)13
LinkableItem (com.synopsys.integration.alert.common.message.model.LinkableItem)12
ComponentConcern (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern)12
IntegrationRestException (com.synopsys.integration.rest.exception.IntegrationRestException)12
ProjectIssueModel (com.synopsys.integration.alert.api.channel.issue.model.ProjectIssueModel)6
ComponentPolicy (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy)6
LinkedList (java.util.LinkedList)6
ProcessedProviderMessage (com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessage)5
SimpleMessage (com.synopsys.integration.alert.processor.api.extract.model.SimpleMessage)5
VulnerabilityUniqueProjectNotificationContent (com.synopsys.integration.alert.provider.blackduck.processor.model.VulnerabilityUniqueProjectNotificationContent)5
IssueBomComponentDetails (com.synopsys.integration.alert.api.channel.issue.model.IssueBomComponentDetails)4
BlackDuckMessageBomComponentDetailsCreator (com.synopsys.integration.alert.provider.blackduck.processor.message.service.BlackDuckMessageBomComponentDetailsCreator)4
ResourceMetadata (com.synopsys.integration.blackduck.api.core.ResourceMetadata)4
