Example 1 with ComponentPolicy
use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy in project hub-alert by blackducksoftware.
the class RuleViolationNotificationMessageExtractorTest method createBomComponentDetailsTest.
@Test
public void createBomComponentDetailsTest() throws IntegrationException {
BlackDuckServicesFactory blackDuckServicesFactory = Mockito.mock(BlackDuckServicesFactory.class);
BlackDuckApiClient blackDuckApiClient = Mockito.mock(BlackDuckApiClient.class);
Mockito.when(blackDuckServicesFactory.getBlackDuckApiClient()).thenReturn(blackDuckApiClient);
ProjectVersionComponentVersionView projectVersionComponentVersionView = createProjectVersionComponentVersionView();
Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.eq(ProjectVersionComponentVersionView.class))).thenReturn(projectVersionComponentVersionView);
ComponentPolicyRulesView componentPolicyRulesView = new ComponentPolicyRulesView();
ResourceMetadata meta = new ResourceMetadata();
meta.setHref(new HttpUrl(COMPONENT_POLICY_URL));
componentPolicyRulesView.setMeta(meta);
componentPolicyRulesView.setName(COMPONENT_POLICY.getPolicyName());
componentPolicyRulesView.setSeverity(PolicyRuleSeverityType.BLOCKER);
componentPolicyRulesView.setPolicyApprovalStatus(ProjectVersionComponentPolicyStatusType.IN_VIOLATION_OVERRIDDEN);
Mockito.when(blackDuckApiClient.getAllResponses(Mockito.eq(projectVersionComponentVersionView.metaPolicyRulesLink()))).thenReturn(List.of(componentPolicyRulesView));
PolicyRuleView policyRuleView = new PolicyRuleView();
policyRuleView.setCategory(PolicyRuleCategoryType.UNCATEGORIZED);
Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.eq(PolicyRuleView.class))).thenReturn(policyRuleView);
RuleViolationUniquePolicyNotificationContent notificationContent = new RuleViolationUniquePolicyNotificationContent(PROJECT, PROJECT_VERSION, PROJECT_VERSION_URL, COMPONENT_VERSIONS_IN_VIOLATION, List.of(componentVersionStatus), policyInfo);
List<BomComponentDetails> bomComponentDetailsList = extractor.createBomComponentDetails(notificationContent, blackDuckServicesFactory);
assertEquals(1, bomComponentDetailsList.size());
BomComponentDetails testBomComponentDetails = bomComponentDetailsList.get(0);
assertEquals(COMPONENT, testBomComponentDetails.getComponent());
assertTrue(testBomComponentDetails.getComponentVersion().isPresent());
assertEquals(COMPONENT_VERSION.getValue(), testBomComponentDetails.getComponentVersion().get().getValue());
assertEquals(LICENSE_DISPLAY, testBomComponentDetails.getLicense().getValue());
assertEquals(UsageType.DYNAMICALLY_LINKED.prettyPrint(), testBomComponentDetails.getUsage());
assertTrue(testBomComponentDetails.getAdditionalAttributes().isEmpty());
assertEquals(1, testBomComponentDetails.getComponentConcerns().size());
assertEquals(ItemOperation.ADD, testBomComponentDetails.getComponentConcerns().get(0).getOperation());
ComponentUpgradeGuidance componentUpgradeGuidance = testBomComponentDetails.getComponentUpgradeGuidance();
assertFalse(componentUpgradeGuidance.getLongTermUpgradeGuidance().isPresent());
assertFalse(componentUpgradeGuidance.getShortTermUpgradeGuidance().isPresent());
assertEquals(1, testBomComponentDetails.getRelevantPolicies().size());
ComponentPolicy testComponentPolicy = testBomComponentDetails.getRelevantPolicies().get(0);
assertTrue(testComponentPolicy.getCategory().isPresent());
assertEquals(PolicyRuleCategoryType.UNCATEGORIZED.toString(), testComponentPolicy.getCategory().get());
}
Also used :
ComponentPolicyRulesView(com.synopsys.integration.blackduck.api.generated.view.ComponentPolicyRulesView)
ComponentUpgradeGuidance(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance)
RuleViolationUniquePolicyNotificationContent(com.synopsys.integration.alert.provider.blackduck.processor.model.RuleViolationUniquePolicyNotificationContent)
ComponentPolicy(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy)
BlackDuckApiClient(com.synopsys.integration.blackduck.service.BlackDuckApiClient)
PolicyRuleView(com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView)
BlackDuckServicesFactory(com.synopsys.integration.blackduck.service.BlackDuckServicesFactory)
ResourceMetadata(com.synopsys.integration.blackduck.api.core.ResourceMetadata)
HttpUrl(com.synopsys.integration.rest.HttpUrl)
ProjectVersionComponentVersionView(com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView)
BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)
Test(org.junit.jupiter.api.Test)
Example 2 with ComponentPolicy
use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy in project hub-alert by blackducksoftware.
the class BlackDuckComponentPolicyDetailsCreatorTest method toComponentPolicyVulnerabilityRuleTest.
@Test
public void toComponentPolicyVulnerabilityRuleTest() throws IntegrationException {
PolicyRuleExpressionExpressionsView expression = new PolicyRuleExpressionExpressionsView();
expression.setName(EXAMPLE_VULNERABILITY_EXPRESSION);
BlackDuckApiClient blackDuckApiClient = Mockito.mock(BlackDuckApiClient.class);
PolicyRuleExpressionView policyRuleExpression = new PolicyRuleExpressionView();
policyRuleExpression.setExpressions(List.of(expression));
BlackDuckComponentPolicyDetailsCreator policyDetailsCreator = new BlackDuckComponentPolicyDetailsCreator(POLICY_SEVERITY_CONVERTER, blackDuckApiClient);
ComponentPolicyRulesView componentPolicyRulesView = new ComponentPolicyRulesView();
componentPolicyRulesView.setName("vuln-test-policy");
componentPolicyRulesView.setSeverity(PolicyRuleSeverityType.TRIVIAL);
componentPolicyRulesView.setPolicyApprovalStatus(ProjectVersionComponentPolicyStatusType.IN_VIOLATION);
componentPolicyRulesView.setExpression(policyRuleExpression);
ResourceMetadata meta = new ResourceMetadata();
meta.setHref(new HttpUrl("https://someUrl"));
componentPolicyRulesView.setMeta(meta);
PolicyRuleView policyRuleView = new PolicyRuleView();
policyRuleView.setName(componentPolicyRulesView.getName());
policyRuleView.setCategory(PolicyRuleCategoryType.UNCATEGORIZED);
Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.any())).thenReturn(policyRuleView);
ComponentPolicy componentPolicy = policyDetailsCreator.toComponentPolicy(componentPolicyRulesView);
assertTrue(componentPolicy.isVulnerabilityPolicy(), "Expected a vulnerability policy");
}
Also used :
PolicyRuleExpressionView(com.synopsys.integration.blackduck.api.generated.component.PolicyRuleExpressionView)
BlackDuckComponentPolicyDetailsCreator(com.synopsys.integration.alert.provider.blackduck.processor.message.service.policy.BlackDuckComponentPolicyDetailsCreator)
ComponentPolicyRulesView(com.synopsys.integration.blackduck.api.generated.view.ComponentPolicyRulesView)
ComponentPolicy(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy)
PolicyRuleExpressionExpressionsView(com.synopsys.integration.blackduck.api.generated.component.PolicyRuleExpressionExpressionsView)
BlackDuckApiClient(com.synopsys.integration.blackduck.service.BlackDuckApiClient)
PolicyRuleView(com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView)
ResourceMetadata(com.synopsys.integration.blackduck.api.core.ResourceMetadata)
HttpUrl(com.synopsys.integration.rest.HttpUrl)
Test(org.junit.jupiter.api.Test)
Example 3 with ComponentPolicy
use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy in project hub-alert by blackducksoftware.
the class PolicyOverrideNotificationMessageExtractorTest method createBomComponentDetailsTest.
@Test
public void createBomComponentDetailsTest() throws IntegrationException {
BlackDuckServicesFactory blackDuckServicesFactory = Mockito.mock(BlackDuckServicesFactory.class);
BlackDuckApiClient blackDuckApiClient = Mockito.mock(BlackDuckApiClient.class);
Mockito.when(blackDuckServicesFactory.getBlackDuckApiClient()).thenReturn(blackDuckApiClient);
ProjectVersionComponentVersionView projectVersionComponentVersionView = createProjectVersionComponentVersionView();
Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.any())).thenReturn(projectVersionComponentVersionView);
ComponentPolicyRulesView componentPolicyRulesView = new ComponentPolicyRulesView();
ResourceMetadata meta = new ResourceMetadata();
meta.setHref(new HttpUrl("https://someUrlPolicyRuleView"));
componentPolicyRulesView.setMeta(meta);
componentPolicyRulesView.setName(COMPONENT_POLICY.getPolicyName());
componentPolicyRulesView.setSeverity(PolicyRuleSeverityType.BLOCKER);
componentPolicyRulesView.setPolicyApprovalStatus(ProjectVersionComponentPolicyStatusType.IN_VIOLATION_OVERRIDDEN);
Mockito.when(blackDuckApiClient.getAllResponses(Mockito.eq(projectVersionComponentVersionView.metaPolicyRulesLink()))).thenReturn(List.of(componentPolicyRulesView));
PolicyRuleView policyRuleView = new PolicyRuleView();
policyRuleView.setCategory(PolicyRuleCategoryType.UNCATEGORIZED);
Mockito.when(blackDuckApiClient.getResponse(Mockito.eq(componentPolicyRulesView.getHref()), Mockito.any())).thenReturn(policyRuleView);
List<BomComponentDetails> bomComponentDetailsList = extractor.createBomComponentDetails(policyOverrideUniquePolicyNotificationContent, blackDuckServicesFactory);
assertEquals(1, bomComponentDetailsList.size());
BomComponentDetails testBomComponentDetails = bomComponentDetailsList.get(0);
assertEquals(COMPONENT, testBomComponentDetails.getComponent());
assertEquals(1, testBomComponentDetails.getComponentConcerns().size());
assertTrue(testBomComponentDetails.getComponentVersion().isPresent());
assertEquals(COMPONENT_VERSION.getValue(), testBomComponentDetails.getComponentVersion().get().getValue());
assertEquals(LICENSE_DISPLAY, testBomComponentDetails.getLicense().getValue());
assertEquals(UsageType.DYNAMICALLY_LINKED.prettyPrint(), testBomComponentDetails.getUsage());
assertEquals(1, testBomComponentDetails.getAdditionalAttributes().size());
ComponentUpgradeGuidance componentUpgradeGuidance = testBomComponentDetails.getComponentUpgradeGuidance();
assertFalse(componentUpgradeGuidance.getLongTermUpgradeGuidance().isPresent());
assertFalse(componentUpgradeGuidance.getShortTermUpgradeGuidance().isPresent());
assertEquals(1, testBomComponentDetails.getRelevantPolicies().size());
ComponentPolicy testComponentPolicy = testBomComponentDetails.getRelevantPolicies().get(0);
assertTrue(testComponentPolicy.getCategory().isPresent());
assertEquals(PolicyRuleCategoryType.UNCATEGORIZED.toString(), testComponentPolicy.getCategory().get());
}
Also used :
ComponentPolicyRulesView(com.synopsys.integration.blackduck.api.generated.view.ComponentPolicyRulesView)
ComponentUpgradeGuidance(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance)
ComponentPolicy(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy)
BlackDuckApiClient(com.synopsys.integration.blackduck.service.BlackDuckApiClient)
PolicyRuleView(com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView)
BlackDuckServicesFactory(com.synopsys.integration.blackduck.service.BlackDuckServicesFactory)
ResourceMetadata(com.synopsys.integration.blackduck.api.core.ResourceMetadata)
HttpUrl(com.synopsys.integration.rest.HttpUrl)
ProjectVersionComponentVersionView(com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView)
BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)
Test(org.junit.jupiter.api.Test)
Example 4 with ComponentPolicy
use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy in project hub-alert by blackducksoftware.
the class BlackDuckComponentPolicyDetailsCreator method toComponentPolicy.
public ComponentPolicy toComponentPolicy(ComponentPolicyRulesView componentPolicyRulesView) {
ComponentConcernSeverity componentConcernSeverity = policySeverityConverter.toComponentConcernSeverity(componentPolicyRulesView.getSeverity().name());
boolean overridden = ProjectVersionComponentPolicyStatusType.IN_VIOLATION_OVERRIDDEN.equals(componentPolicyRulesView.getPolicyApprovalStatus());
boolean vulnerabilityPolicy = isVulnerabilityPolicy(componentPolicyRulesView);
Optional<PolicyRuleView> policyRuleView = retrievePolicyRuleView(componentPolicyRulesView.getHref());
String category = policyRuleView.map(PolicyRuleView::getCategory).map(PolicyRuleCategoryType::name).orElse(null);
return new ComponentPolicy(componentPolicyRulesView.getName(), componentConcernSeverity, overridden, vulnerabilityPolicy, componentPolicyRulesView.getDescription(), category);
}
Also used :
ComponentConcernSeverity(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernSeverity)
ComponentPolicy(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy)
PolicyRuleView(com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView)
Example 5 with ComponentPolicy
use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy in project hub-alert by blackducksoftware.
the class JiraIssueCreator method createCustomFieldReplacementValues.
protected MessageReplacementValues createCustomFieldReplacementValues(ProjectIssueModel alertIssueSource) {
IssueBomComponentDetails bomComponent = alertIssueSource.getBomComponentDetails();
ComponentUpgradeGuidance upgradeGuidance = bomComponent.getComponentUpgradeGuidance();
Optional<String> severity = Optional.empty();
Optional<String> policyCategory = Optional.empty();
Optional<IssuePolicyDetails> issuePolicyDetails = alertIssueSource.getPolicyDetails();
Optional<IssueVulnerabilityDetails> vulnerabilityDetails = alertIssueSource.getVulnerabilityDetails();
if (issuePolicyDetails.isPresent()) {
IssuePolicyDetails policyDetails = issuePolicyDetails.get();
severity = Optional.ofNullable(policyDetails.getSeverity().getPolicyLabel());
policyCategory = bomComponent.getRelevantPolicies().stream().filter(policy -> policyDetails.getName().equals(policy.getPolicyName())).findAny().flatMap(ComponentPolicy::getCategory);
}
if (vulnerabilityDetails.isPresent()) {
severity = vulnerabilityDetails.get().getHighestSeverityAddedOrUpdated();
}
return new MessageReplacementValues.Builder(alertIssueSource.getProvider().getLabel(), alertIssueSource.getProject().getValue()).projectVersionName(alertIssueSource.getProjectVersion().map(LinkableItem::getValue).orElse(MessageReplacementValues.DEFAULT_NOTIFICATION_REPLACEMENT_VALUE)).componentName(bomComponent.getComponent().getValue()).componentVersionName(bomComponent.getComponentVersion().map(LinkableItem::getValue).orElse(MessageReplacementValues.DEFAULT_NOTIFICATION_REPLACEMENT_VALUE)).componentUsage(bomComponent.getUsage()).componentLicense(bomComponent.getLicense().getValue()).severity(severity.orElse(MessageReplacementValues.DEFAULT_NOTIFICATION_REPLACEMENT_VALUE)).policyCategory(policyCategory.orElse(MessageReplacementValues.DEFAULT_NOTIFICATION_REPLACEMENT_VALUE)).shortTermUpgradeGuidance(upgradeGuidance.getShortTermUpgradeGuidance().map(LinkableItem::getValue).orElse(MessageReplacementValues.DEFAULT_NOTIFICATION_REPLACEMENT_VALUE)).longTermUpgradeGuidance(upgradeGuidance.getLongTermUpgradeGuidance().map(LinkableItem::getValue).orElse(MessageReplacementValues.DEFAULT_NOTIFICATION_REPLACEMENT_VALUE)).build();
}
Also used :
IntegrationException(com.synopsys.integration.exception.IntegrationException)
MessageReplacementValues(com.synopsys.integration.alert.api.channel.jira.distribution.custom.MessageReplacementValues)
ComponentConcernType(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentConcernType)
ExistingIssueDetails(com.synopsys.integration.alert.api.channel.issue.search.ExistingIssueDetails)
StringUtils(org.apache.commons.lang3.StringUtils)
IssuePolicyDetails(com.synopsys.integration.alert.api.channel.issue.model.IssuePolicyDetails)
IssueResponseModel(com.synopsys.integration.jira.common.model.response.IssueResponseModel)
IssueVulnerabilityDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityDetails)
JiraIssueSearchProperties(com.synopsys.integration.alert.api.channel.jira.JiraIssueSearchProperties)
AlertRuntimeException(com.synopsys.integration.alert.api.common.model.exception.AlertRuntimeException)
ComponentPolicy(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy)
IssueCreationResponseModel(com.synopsys.integration.jira.common.model.response.IssueCreationResponseModel)
IssueCategoryRetriever(com.synopsys.integration.alert.api.channel.issue.search.IssueCategoryRetriever)
ComponentUpgradeGuidance(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance)
IssueStatus(com.synopsys.integration.alert.api.channel.issue.search.enumeration.IssueStatus)
IssueTrackerIssueCommenter(com.synopsys.integration.alert.api.channel.issue.send.IssueTrackerIssueCommenter)
JiraPreconditionNotMetException(com.synopsys.integration.jira.common.exception.JiraPreconditionNotMetException)
JiraIssueAlertPropertiesUrlCorrector(com.synopsys.integration.alert.api.channel.jira.distribution.search.JiraIssueAlertPropertiesUrlCorrector)
JiraIssueAlertPropertiesManager(com.synopsys.integration.alert.api.channel.jira.distribution.search.JiraIssueAlertPropertiesManager)
JiraErrorMessageUtility(com.synopsys.integration.alert.api.channel.jira.distribution.JiraErrorMessageUtility)
IssueCategory(com.synopsys.integration.alert.api.channel.issue.search.enumeration.IssueCategory)
LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem)
IssueFieldsComponent(com.synopsys.integration.jira.common.model.components.IssueFieldsComponent)
IssueCreationModel(com.synopsys.integration.alert.api.channel.issue.model.IssueCreationModel)
AlertException(com.synopsys.integration.alert.api.common.model.exception.AlertException)
IssueTrackerIssueCreator(com.synopsys.integration.alert.api.channel.issue.send.IssueTrackerIssueCreator)
IntegrationRestException(com.synopsys.integration.rest.exception.IntegrationRestException)
Optional(java.util.Optional)
JiraIssueSearchPropertyStringCompatibilityUtils(com.synopsys.integration.alert.api.channel.jira.distribution.search.JiraIssueSearchPropertyStringCompatibilityUtils)
ProjectIssueModel(com.synopsys.integration.alert.api.channel.issue.model.ProjectIssueModel)
IssueTrackerCallbackInfoCreator(com.synopsys.integration.alert.api.channel.issue.callback.IssueTrackerCallbackInfoCreator)
JiraCallbackUtils(com.synopsys.integration.alert.api.channel.jira.util.JiraCallbackUtils)
IssueBomComponentDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueBomComponentDetails)
IssueTrackerChannelKey(com.synopsys.integration.alert.descriptor.api.model.IssueTrackerChannelKey)
LinkableItem(com.synopsys.integration.alert.common.message.model.LinkableItem)
IssueBomComponentDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueBomComponentDetails)
IssueVulnerabilityDetails(com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityDetails)
ComponentUpgradeGuidance(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance)
IssuePolicyDetails(com.synopsys.integration.alert.api.channel.issue.model.IssuePolicyDetails)
Aggregations
ComponentPolicy (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy)12
PolicyRuleView (com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView)7
BomComponentDetails (com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)6
ComponentUpgradeGuidance (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance)6
ResourceMetadata (com.synopsys.integration.blackduck.api.core.ResourceMetadata)6
ComponentPolicyRulesView (com.synopsys.integration.blackduck.api.generated.view.ComponentPolicyRulesView)6
BlackDuckApiClient (com.synopsys.integration.blackduck.service.BlackDuckApiClient)6
HttpUrl (com.synopsys.integration.rest.HttpUrl)6
Test (org.junit.jupiter.api.Test)6
LinkableItem (com.synopsys.integration.alert.common.message.model.LinkableItem)5
BlackDuckComponentPolicyDetailsCreator (com.synopsys.integration.alert.provider.blackduck.processor.message.service.policy.BlackDuckComponentPolicyDetailsCreator)3
ProjectVersionComponentVersionView (com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView)3
BlackDuckServicesFactory (com.synopsys.integration.blackduck.service.BlackDuckServicesFactory)3
ComponentVulnerabilities (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentVulnerabilities)2
IssueTrackerCallbackInfoCreator (com.synopsys.integration.alert.api.channel.issue.callback.IssueTrackerCallbackInfoCreator)1
IssueBomComponentDetails (com.synopsys.integration.alert.api.channel.issue.model.IssueBomComponentDetails)1
IssueCreationModel (com.synopsys.integration.alert.api.channel.issue.model.IssueCreationModel)1
IssuePolicyDetails (com.synopsys.integration.alert.api.channel.issue.model.IssuePolicyDetails)1
IssueVulnerabilityDetails (com.synopsys.integration.alert.api.channel.issue.model.IssueVulnerabilityDetails)1
ProjectIssueModel (com.synopsys.integration.alert.api.channel.issue.model.ProjectIssueModel)1
