Examples with ComponentConcern com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern used on opensource projects

Search in sources :

Example 6 with ComponentConcern

use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern in project hub-alert by blackducksoftware.

the class ProjectMessageToIssueModelTransformer method createEstimatedRiskProjectIssueModel.

private ProjectIssueModel createEstimatedRiskProjectIssueModel(ProjectMessage projectMessage, IssueBomComponentDetails issueBomComponent, List<ComponentConcern> estimatedRiskConcerns) {
    List<IssueEstimatedRiskModel> estimatedRiskModels = new LinkedList<>();
    ItemOperation itemOperation = estimatedRiskConcerns.stream().map(ComponentConcern::getOperation).findFirst().orElse(ItemOperation.ADD);
    // all component concerns for this type have the same operation.
    for (ComponentConcern componentConcern : estimatedRiskConcerns) {
        estimatedRiskModels.add(IssueEstimatedRiskModel.fromComponentConcern(componentConcern));
    }
    IssueComponentUnknownVersionDetails unknownVersionDetails = new IssueComponentUnknownVersionDetails(itemOperation, estimatedRiskModels);
    return ProjectIssueModel.componentUnknownVersion(projectMessage.getProviderDetails(), projectMessage.getProject(), projectMessage.getProjectVersion().orElse(null), issueBomComponent, unknownVersionDetails);
}
Also used : IssueComponentUnknownVersionDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueComponentUnknownVersionDetails) IssueEstimatedRiskModel(com.synopsys.integration.alert.api.channel.issue.model.IssueEstimatedRiskModel) ItemOperation(com.synopsys.integration.alert.common.enumeration.ItemOperation) ComponentConcern(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern) LinkedList(java.util.LinkedList)

Example 7 with ComponentConcern

use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern in project hub-alert by blackducksoftware.

the class ProjectMessageToIssueModelTransformer method createVulnerabilityProjectIssueModel.

private ProjectIssueModel createVulnerabilityProjectIssueModel(ProjectMessage projectMessage, IssueBomComponentDetails issueBomComponent, List<ComponentConcern> vulnerabilityConcerns) {
    List<IssueVulnerabilityModel> issueVulnerabilitiesAdded = new LinkedList<>();
    List<IssueVulnerabilityModel> issueVulnerabilitiesUpdated = new LinkedList<>();
    List<IssueVulnerabilityModel> issueVulnerabilitiesDeleted = new LinkedList<>();
    for (ComponentConcern vulnerabilityConcern : vulnerabilityConcerns) {
        IssueVulnerabilityModel issueVulnerabilityModel = IssueVulnerabilityModel.fromComponentConcern(vulnerabilityConcern);
        ItemOperation vulnOperation = vulnerabilityConcern.getOperation();
        if (ItemOperation.ADD.equals(vulnOperation)) {
            issueVulnerabilitiesAdded.add(issueVulnerabilityModel);
        } else if (ItemOperation.DELETE.equals(vulnOperation)) {
            issueVulnerabilitiesDeleted.add(issueVulnerabilityModel);
        } else {
            issueVulnerabilitiesUpdated.add(issueVulnerabilityModel);
        }
    }
    ComponentVulnerabilities componentVulnerabilities = issueBomComponent.getComponentVulnerabilities();
    IssueVulnerabilityDetails vulnerabilityDetails = new IssueVulnerabilityDetails(!componentVulnerabilities.hasVulnerabilities(), issueVulnerabilitiesAdded, issueVulnerabilitiesUpdated, issueVulnerabilitiesDeleted);
    return ProjectIssueModel.vulnerability(projectMessage.getProviderDetails(), projectMessage.getProject(), projectMessage.getProjectVersion().orElse(null), issueBomComponent, vulnerabilityDetails);
}
Also used : IssueVulnerabilityDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityDetails) IssueVulnerabilityModel(com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityModel) ComponentConcern(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern) ItemOperation(com.synopsys.integration.alert.common.enumeration.ItemOperation) LinkedList(java.util.LinkedList) ComponentVulnerabilities(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities)

Example 8 with ComponentConcern

use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern in project hub-alert by blackducksoftware.

the class PolicyOverrideNotificationMessageExtractor method createBomComponentDetails.

@Override
protected List<BomComponentDetails> createBomComponentDetails(PolicyOverrideUniquePolicyNotificationContent notificationContent, BlackDuckServicesFactory blackDuckServicesFactory) throws IntegrationException {
    BlackDuckApiClient blackDuckApiClient = blackDuckServicesFactory.getBlackDuckApiClient();
    BlackDuckMessageBomComponentDetailsCreator bomComponentDetailsCreator = detailsCreatorFactory.createBomComponentDetailsCreator(blackDuckServicesFactory);
    ComponentConcern policyConcern = policyComponentConcernCreator.fromPolicyInfo(notificationContent.getPolicyInfo(), ItemOperation.DELETE);
    String overriderName = String.format("%s %s", notificationContent.getFirstName(), notificationContent.getLastName());
    LinkableItem overrider = new LinkableItem(BlackDuckMessageLabels.LABEL_OVERRIDER, overriderName);
    BomComponentDetails bomComponentDetails;
    try {
        ProjectVersionComponentVersionView bomComponent = blackDuckApiClient.getResponse(new HttpUrl(notificationContent.getBomComponent()), ProjectVersionComponentVersionView.class);
        bomComponentDetails = bomComponentDetailsCreator.createBomComponentDetails(bomComponent, policyConcern, ComponentUpgradeGuidance.none(), List.of(overrider));
    } catch (IntegrationRestException e) {
        bomComponent404Handler.logIf404OrThrow(e, notificationContent.getComponentName(), notificationContent.getComponentVersionName());
        bomComponentDetails = bomComponentDetailsCreator.createMissingBomComponentDetails(notificationContent.getComponentName(), notificationContent.getBomComponent(), notificationContent.getComponentVersionName(), notificationContent.getBomComponent(), List.of(policyConcern), ComponentUpgradeGuidance.none(), List.of(overrider));
    }
    return List.of(bomComponentDetails);
}
Also used : IntegrationRestException(com.synopsys.integration.rest.exception.IntegrationRestException) LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem) BlackDuckApiClient(com.synopsys.integration.blackduck.service.BlackDuckApiClient) BlackDuckMessageBomComponentDetailsCreator(com.synopsys.integration.alert.provider.blackduck.processor.message.service.BlackDuckMessageBomComponentDetailsCreator) ComponentConcern(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern) HttpUrl(com.synopsys.integration.rest.HttpUrl) BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails) ProjectVersionComponentVersionView(com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView)

Example 9 with ComponentConcern

use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern in project hub-alert by blackducksoftware.

the class VulnerabilityNotificationMessageExtractor method createBomComponentDetails.

@Override
protected List<BomComponentDetails> createBomComponentDetails(VulnerabilityUniqueProjectNotificationContent notificationContent, BlackDuckServicesFactory blackDuckServicesFactory) throws IntegrationException {
    BlackDuckApiClient blackDuckApiClient = blackDuckServicesFactory.getBlackDuckApiClient();
    BlackDuckMessageBomComponentDetailsCreator bomComponentDetailsCreator = detailsCreatorFactory.createBomComponentDetailsCreator(blackDuckServicesFactory);
    AffectedProjectVersion affectedProjectVersion = notificationContent.getAffectedProjectVersion();
    String bomComponentUrl = affectedProjectVersion.getBomComponent();
    List<ComponentConcern> componentConcerns = createComponentConcerns(notificationContent);
    BomComponentDetails bomComponentDetails;
    try {
        ProjectVersionComponentVersionView bomComponent = blackDuckApiClient.getResponse(new HttpUrl(bomComponentUrl), ProjectVersionComponentVersionView.class);
        ComponentUpgradeGuidance componentUpgradeGuidance = createComponentUpgradeGuidance(blackDuckApiClient, bomComponent);
        bomComponentDetails = bomComponentDetailsCreator.createBomComponentDetails(bomComponent, componentConcerns, componentUpgradeGuidance, List.of());
    } catch (IntegrationRestException e) {
        bomComponent404Handler.logIf404OrThrow(e, notificationContent.getComponentName(), notificationContent.getVersionName());
        ComponentUpgradeGuidance componentUpgradeGuidance = createComponentUpgradeGuidance(blackDuckApiClient, notificationContent);
        bomComponentDetails = bomComponentDetailsCreator.createMissingBomComponentDetailsForVulnerability(notificationContent.getComponentName(), bomComponentUrl, notificationContent.getVersionName(), componentConcerns, componentUpgradeGuidance, List.of());
    }
    return List.of(bomComponentDetails);
}
Also used : IntegrationRestException(com.synopsys.integration.rest.exception.IntegrationRestException) AffectedProjectVersion(com.synopsys.integration.blackduck.api.manual.component.AffectedProjectVersion) ComponentUpgradeGuidance(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance) BlackDuckApiClient(com.synopsys.integration.blackduck.service.BlackDuckApiClient) BlackDuckMessageBomComponentDetailsCreator(com.synopsys.integration.alert.provider.blackduck.processor.message.service.BlackDuckMessageBomComponentDetailsCreator) ComponentConcern(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern) HttpUrl(com.synopsys.integration.rest.HttpUrl) BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails) ProjectVersionComponentVersionView(com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView)

Example 10 with ComponentConcern

use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern in project hub-alert by blackducksoftware.

the class BlackDuckMessageBomComponentDetailsCreator method hasConcernForPolicy.

private boolean hasConcernForPolicy(ComponentPolicyRulesView policyRulesView, List<ComponentConcern> policyConcerns) {
    for (ComponentConcern policyConcern : policyConcerns) {
        Optional<String> optionalUrl = policyConcern.getUrl();
        HttpUrl policyRulesViewHref = policyRulesView.getHref();
        if (null != policyRulesViewHref && optionalUrl.isPresent()) {
            String componentConcernPolicyUrl = optionalUrl.get();
            if (componentConcernPolicyUrl.equals(policyRulesViewHref.string())) {
                return true;
            }
        } else if (policyConcern.getName().equals(policyRulesView.getName())) {
            return true;
        }
    }
    return false;
}
Also used : ComponentConcern(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern) HttpUrl(com.synopsys.integration.rest.HttpUrl)

Aggregations

ComponentConcern (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcern)24 BomComponentDetails (com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)13 ProjectMessage (com.synopsys.integration.alert.processor.api.extract.model.project.ProjectMessage)9 LinkedList (java.util.LinkedList)9 Test (org.junit.jupiter.api.Test)7 ItemOperation (com.synopsys.integration.alert.common.enumeration.ItemOperation)6 LinkableItem (com.synopsys.integration.alert.common.message.model.LinkableItem)6 ProcessedProviderMessage (com.synopsys.integration.alert.processor.api.extract.model.ProcessedProviderMessage)5 SimpleMessage (com.synopsys.integration.alert.processor.api.extract.model.SimpleMessage)5 HttpUrl (com.synopsys.integration.rest.HttpUrl)5 IssueBomComponentDetails (com.synopsys.integration.alert.api.channel.issue.model.IssueBomComponentDetails)4 ProjectIssueModel (com.synopsys.integration.alert.api.channel.issue.model.ProjectIssueModel)4 BlackDuckMessageBomComponentDetailsCreator (com.synopsys.integration.alert.provider.blackduck.processor.message.service.BlackDuckMessageBomComponentDetailsCreator)4 ProjectVersionComponentVersionView (com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView)4 BlackDuckApiClient (com.synopsys.integration.blackduck.service.BlackDuckApiClient)4 IntegrationRestException (com.synopsys.integration.rest.exception.IntegrationRestException)4 IssueComponentUnknownVersionDetails (com.synopsys.integration.alert.api.channel.issue.model.IssueComponentUnknownVersionDetails)3 IssueEstimatedRiskModel (com.synopsys.integration.alert.api.channel.issue.model.IssueEstimatedRiskModel)3 IssueVulnerabilityDetails (com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityDetails)3 ComponentConcernType (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernType)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial