use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance in project hub-alert by blackducksoftware.
the class JiraIssueCreator method createCustomFieldReplacementValues.
protected MessageReplacementValues createCustomFieldReplacementValues(ProjectIssueModel alertIssueSource) {
IssueBomComponentDetails bomComponent = alertIssueSource.getBomComponentDetails();
ComponentUpgradeGuidance upgradeGuidance = bomComponent.getComponentUpgradeGuidance();
Optional<String> severity = Optional.empty();
Optional<String> policyCategory = Optional.empty();
Optional<IssuePolicyDetails> issuePolicyDetails = alertIssueSource.getPolicyDetails();
Optional<IssueVulnerabilityDetails> vulnerabilityDetails = alertIssueSource.getVulnerabilityDetails();
if (issuePolicyDetails.isPresent()) {
IssuePolicyDetails policyDetails = issuePolicyDetails.get();
severity = Optional.ofNullable(policyDetails.getSeverity().getPolicyLabel());
policyCategory = bomComponent.getRelevantPolicies().stream().filter(policy -> policyDetails.getName().equals(policy.getPolicyName())).findAny().flatMap(ComponentPolicy::getCategory);
}
if (vulnerabilityDetails.isPresent()) {
severity = vulnerabilityDetails.get().getHighestSeverityAddedOrUpdated();
}
return new MessageReplacementValues.Builder(alertIssueSource.getProvider().getLabel(), alertIssueSource.getProject().getValue()).projectVersionName(alertIssueSource.getProjectVersion().map(LinkableItem::getValue).orElse(MessageReplacementValues.DEFAULT_NOTIFICATION_REPLACEMENT_VALUE)).componentName(bomComponent.getComponent().getValue()).componentVersionName(bomComponent.getComponentVersion().map(LinkableItem::getValue).orElse(MessageReplacementValues.DEFAULT_NOTIFICATION_REPLACEMENT_VALUE)).componentUsage(bomComponent.getUsage()).componentLicense(bomComponent.getLicense().getValue()).severity(severity.orElse(MessageReplacementValues.DEFAULT_NOTIFICATION_REPLACEMENT_VALUE)).policyCategory(policyCategory.orElse(MessageReplacementValues.DEFAULT_NOTIFICATION_REPLACEMENT_VALUE)).shortTermUpgradeGuidance(upgradeGuidance.getShortTermUpgradeGuidance().map(LinkableItem::getValue).orElse(MessageReplacementValues.DEFAULT_NOTIFICATION_REPLACEMENT_VALUE)).longTermUpgradeGuidance(upgradeGuidance.getLongTermUpgradeGuidance().map(LinkableItem::getValue).orElse(MessageReplacementValues.DEFAULT_NOTIFICATION_REPLACEMENT_VALUE)).build();
}
use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance in project hub-alert by blackducksoftware.
the class BomComponentDetailConverter method gatherAttributeStrings.
private List<String> gatherAttributeStrings(LinkableItem licenseItem, String usageText, ComponentUpgradeGuidance componentUpgradeGuidance, List<LinkableItem> additionalAttributes) {
List<String> componentAttributeStrings = new ArrayList<>(additionalAttributes.size() + 2);
String licenseString = linkableItemConverter.convertToString(licenseItem, false);
componentAttributeStrings.add(licenseString);
LinkableItem usageItem = new LinkableItem("Usage", usageText);
String usageString = linkableItemConverter.convertToString(usageItem, false);
componentAttributeStrings.add(usageString);
componentUpgradeGuidance.getShortTermUpgradeGuidance().stream().map(attr -> linkableItemConverter.convertToString(attr, false)).forEach(componentAttributeStrings::add);
componentUpgradeGuidance.getLongTermUpgradeGuidance().stream().map(attr -> linkableItemConverter.convertToString(attr, false)).forEach(componentAttributeStrings::add);
additionalAttributes.stream().map(attr -> linkableItemConverter.convertToString(attr, false)).forEach(componentAttributeStrings::add);
return componentAttributeStrings;
}
use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance in project hub-alert by blackducksoftware.
the class BomComponentDetailConverterTest method createBomComponentDetails.
private static AbstractBomComponentDetails createBomComponentDetails() {
ComponentPolicy componentPolicy1 = new ComponentPolicy("A Black Duck Policy", ComponentConcernSeverity.MAJOR_HIGH, true, false, null, "Uncategorized");
ComponentPolicy componentPolicy2 = new ComponentPolicy("A Different Black Duck Policy", ComponentConcernSeverity.UNSPECIFIED_UNKNOWN, false, true, null, "Uncategorized");
LinkableItem shortTermUpgradeGuidance = new LinkableItem("Upgrade Guidance - Short Term", "1.0");
LinkableItem longTermUpgradeGuidance = new LinkableItem("Upgrade Guidance - Long Term", "2.0");
ComponentUpgradeGuidance componentUpgradeGuidance = new ComponentUpgradeGuidance(shortTermUpgradeGuidance, longTermUpgradeGuidance);
LinkableItem attribute1 = new LinkableItem("Attribute", "Number 1");
LinkableItem attribute2 = new LinkableItem("Attribute", "Number 2");
return new AbstractBomComponentDetails(new LinkableItem("Component", "A BOM Component"), new LinkableItem("Component Version", "A BOM Component Version"), createComponentVulnerabilities(), List.of(componentPolicy1, componentPolicy2), new LinkableItem("License", "A Software License"), "Example Usage", componentUpgradeGuidance, List.of(attribute1, attribute2), "https://a-blackduck-url") {
};
}
use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance in project hub-alert by blackducksoftware.
the class ProjectMessageConverterTest method createBomComponentDetails.
private static BomComponentDetails createBomComponentDetails() {
ComponentPolicy componentPolicy1 = new ComponentPolicy("A component policy", ComponentConcernSeverity.UNSPECIFIED_UNKNOWN, true, false, null, "Uncategorized");
ComponentPolicy componentPolicy2 = new ComponentPolicy("A different policy", ComponentConcernSeverity.MAJOR_HIGH, false, true, null, "Uncategorized");
ComponentConcern policyConcern1 = ComponentConcern.policy(ItemOperation.DELETE, "A non-severe policy", "https://policy");
ComponentConcern policyConcern2 = ComponentConcern.severePolicy(ItemOperation.ADD, "A severe policy", ComponentConcernSeverity.TRIVIAL_LOW, "https://severe-policy");
ComponentConcern vulnerabilityConcern1 = createVulnerabilityConcern(ItemOperation.ADD, "CVE-123", ComponentConcernSeverity.CRITICAL);
ComponentConcern vulnerabilityConcern2 = createVulnerabilityConcern(ItemOperation.UPDATE, "CVE-135", ComponentConcernSeverity.TRIVIAL_LOW);
ComponentConcern vulnerabilityConcern3 = createVulnerabilityConcern(ItemOperation.DELETE, "CVE-246", ComponentConcernSeverity.MINOR_MEDIUM);
LinkableItem shortTermUpgradeGuidance = new LinkableItem("Upgrade Guidance - Short Term", "1.0");
LinkableItem longTermUpgradeGuidance = new LinkableItem("Upgrade Guidance - Long Term", "2.0");
ComponentUpgradeGuidance componentUpgradeGuidance = new ComponentUpgradeGuidance(shortTermUpgradeGuidance, longTermUpgradeGuidance);
ComponentConcern unknownVersionConcern1 = ComponentConcern.unknownComponentVersion(ItemOperation.ADD, "Component-Unknown-Version-01", ComponentConcernSeverity.CRITICAL, 0, "https://synopsys.com");
ComponentConcern unknownVersionConcern2 = ComponentConcern.unknownComponentVersion(ItemOperation.ADD, "Component-Unknown-Version-01", ComponentConcernSeverity.MAJOR_HIGH, 1, "https://synopsys.com");
ComponentConcern unknownVersionConcern3 = ComponentConcern.unknownComponentVersion(ItemOperation.ADD, "Component-Unknown-Version-01", ComponentConcernSeverity.MINOR_MEDIUM, 2, "https://synopsys.com");
ComponentConcern unknownVersionConcern4 = ComponentConcern.unknownComponentVersion(ItemOperation.ADD, "Component-Unknown-Version-01", ComponentConcernSeverity.TRIVIAL_LOW, 3, "https://synopsys.com");
LinkableItem attribute1 = new LinkableItem("Attribute", "The first attribute");
LinkableItem attribute2 = new LinkableItem("Attribute Prime", "The second attribute");
return new BomComponentDetails(new LinkableItem("Component", "The component"), new LinkableItem("Component Version", "The component version"), createComponentVulnerabilities(), List.of(componentPolicy1, componentPolicy2), List.of(policyConcern1, policyConcern2, vulnerabilityConcern1, vulnerabilityConcern2, vulnerabilityConcern3, unknownVersionConcern1, unknownVersionConcern2, unknownVersionConcern3, unknownVersionConcern4), new LinkableItem("License", "The software license name", "https://license-url"), "The usage of the component", componentUpgradeGuidance, List.of(attribute1, attribute2), "https://blackduck-issues-url");
}
use of com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance in project hub-alert by blackducksoftware.
the class ProjectMessageToMessageContentGroupConversionUtils method convertToComponentItems.
private static List<ComponentItem> convertToComponentItems(BomComponentDetails bomComponent) {
List<ComponentItem> componentItems = new LinkedList<>();
for (ComponentConcern componentConcern : bomComponent.getComponentConcerns()) {
ComponentItem.Builder componentItemBuilder = new ComponentItem.Builder();
componentItemBuilder.applyOperation(componentConcern.getOperation());
ComponentConcernType type = componentConcern.getType();
String category = StringUtils.capitalize(StringUtils.lowerCase(type.name()));
componentItemBuilder.applyCategory(category);
componentItemBuilder.applyComponentData(bomComponent.getComponent());
bomComponent.getComponentVersion().ifPresent(componentItemBuilder::applySubComponent);
String categoryItemLabel = convertToCategoryLabel(type);
LinkableItem categoryItem = new LinkableItem(categoryItemLabel, componentConcern.getName(), componentConcern.getUrl().orElse(null));
componentItemBuilder.applyCategoryItem(categoryItem);
String severity = componentConcern.getSeverity().name();
componentItemBuilder.applyCategoryGroupingAttribute("Severity", severity);
boolean collapseOnCategory = ComponentConcernType.VULNERABILITY.equals(type);
componentItemBuilder.applyCollapseOnCategory(collapseOnCategory);
List<LinkableItem> componentAttributes = new LinkedList<>();
componentAttributes.add(bomComponent.getLicense());
LinkableItem usageItem = new LinkableItem("Usage", bomComponent.getUsage());
componentAttributes.add(usageItem);
ComponentUpgradeGuidance upgradeGuidance = bomComponent.getComponentUpgradeGuidance();
upgradeGuidance.getLongTermUpgradeGuidance().ifPresent(componentAttributes::add);
upgradeGuidance.getShortTermUpgradeGuidance().ifPresent(componentAttributes::add);
componentAttributes.addAll(bomComponent.getAdditionalAttributes());
componentItemBuilder.applyAllComponentAttributes(componentAttributes);
try {
componentItems.add(componentItemBuilder.build());
} catch (AlertException e) {
// Ignored for feature parity
}
}
return componentItems;
}
Aggregations