Search in sources :

Example 1 with ResourceMetadata

use of com.synopsys.integration.blackduck.api.core.ResourceMetadata in project hub-alert by blackducksoftware.

the class RuleViolationNotificationMessageExtractorTest method createProjectVersionComponentVersionView.

private ProjectVersionComponentVersionView createProjectVersionComponentVersionView() throws IntegrationException {
    ProjectVersionComponentVersionView projectVersionComponentVersionView = new ProjectVersionComponentVersionView();
    projectVersionComponentVersionView.setComponentName(COMPONENT.getValue());
    projectVersionComponentVersionView.setComponentVersion(COMPONENT_VERSION_URL);
    projectVersionComponentVersionView.setComponentVersionName(COMPONENT_VERSION.getValue());
    projectVersionComponentVersionView.setPolicyStatus(ProjectVersionComponentPolicyStatusType.IN_VIOLATION);
    projectVersionComponentVersionView.setUsages(List.of(UsageType.DYNAMICALLY_LINKED));
    ProjectVersionComponentVersionLicensesView projectVersionComponentVersionLicensesView = new ProjectVersionComponentVersionLicensesView();
    projectVersionComponentVersionLicensesView.setLicense("http://licenseLink");
    projectVersionComponentVersionLicensesView.setLicenseDisplay(LICENSE_DISPLAY);
    projectVersionComponentVersionView.setLicenses(List.of(projectVersionComponentVersionLicensesView));
    ResourceLink resourceLink = new ResourceLink();
    resourceLink.setHref(new HttpUrl("https://someHref"));
    resourceLink.setRel("policy-rules");
    ResourceMetadata meta = new ResourceMetadata();
    meta.setHref(new HttpUrl("https://someUrl"));
    meta.setLinks(List.of(resourceLink));
    projectVersionComponentVersionView.setMeta(meta);
    return projectVersionComponentVersionView;
}
Also used : ProjectVersionComponentVersionLicensesView(com.synopsys.integration.blackduck.api.generated.component.ProjectVersionComponentVersionLicensesView) ResourceLink(com.synopsys.integration.blackduck.api.core.ResourceLink) ResourceMetadata(com.synopsys.integration.blackduck.api.core.ResourceMetadata) HttpUrl(com.synopsys.integration.rest.HttpUrl) ProjectVersionComponentVersionView(com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView)

Example 2 with ResourceMetadata

use of com.synopsys.integration.blackduck.api.core.ResourceMetadata in project hub-alert by blackducksoftware.

the class RuleViolationNotificationMessageExtractorTest method createBomComponentDetailsTest.

@Test
public void createBomComponentDetailsTest() throws IntegrationException {
    BlackDuckServicesFactory blackDuckServicesFactory = Mockito.mock(BlackDuckServicesFactory.class);
    BlackDuckApiClient blackDuckApiClient = Mockito.mock(BlackDuckApiClient.class);
    Mockito.when(blackDuckServicesFactory.getBlackDuckApiClient()).thenReturn(blackDuckApiClient);
    ProjectVersionComponentVersionView projectVersionComponentVersionView = createProjectVersionComponentVersionView();
    Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.eq(ProjectVersionComponentVersionView.class))).thenReturn(projectVersionComponentVersionView);
    ComponentPolicyRulesView componentPolicyRulesView = new ComponentPolicyRulesView();
    ResourceMetadata meta = new ResourceMetadata();
    meta.setHref(new HttpUrl(COMPONENT_POLICY_URL));
    componentPolicyRulesView.setMeta(meta);
    componentPolicyRulesView.setName(COMPONENT_POLICY.getPolicyName());
    componentPolicyRulesView.setSeverity(PolicyRuleSeverityType.BLOCKER);
    componentPolicyRulesView.setPolicyApprovalStatus(ProjectVersionComponentPolicyStatusType.IN_VIOLATION_OVERRIDDEN);
    Mockito.when(blackDuckApiClient.getAllResponses(Mockito.eq(projectVersionComponentVersionView.metaPolicyRulesLink()))).thenReturn(List.of(componentPolicyRulesView));
    PolicyRuleView policyRuleView = new PolicyRuleView();
    policyRuleView.setCategory(PolicyRuleCategoryType.UNCATEGORIZED);
    Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.eq(PolicyRuleView.class))).thenReturn(policyRuleView);
    RuleViolationUniquePolicyNotificationContent notificationContent = new RuleViolationUniquePolicyNotificationContent(PROJECT, PROJECT_VERSION, PROJECT_VERSION_URL, COMPONENT_VERSIONS_IN_VIOLATION, List.of(componentVersionStatus), policyInfo);
    List<BomComponentDetails> bomComponentDetailsList = extractor.createBomComponentDetails(notificationContent, blackDuckServicesFactory);
    assertEquals(1, bomComponentDetailsList.size());
    BomComponentDetails testBomComponentDetails = bomComponentDetailsList.get(0);
    assertEquals(COMPONENT, testBomComponentDetails.getComponent());
    assertTrue(testBomComponentDetails.getComponentVersion().isPresent());
    assertEquals(COMPONENT_VERSION.getValue(), testBomComponentDetails.getComponentVersion().get().getValue());
    assertEquals(LICENSE_DISPLAY, testBomComponentDetails.getLicense().getValue());
    assertEquals(UsageType.DYNAMICALLY_LINKED.prettyPrint(), testBomComponentDetails.getUsage());
    assertTrue(testBomComponentDetails.getAdditionalAttributes().isEmpty());
    assertEquals(1, testBomComponentDetails.getComponentConcerns().size());
    assertEquals(ItemOperation.ADD, testBomComponentDetails.getComponentConcerns().get(0).getOperation());
    ComponentUpgradeGuidance componentUpgradeGuidance = testBomComponentDetails.getComponentUpgradeGuidance();
    assertFalse(componentUpgradeGuidance.getLongTermUpgradeGuidance().isPresent());
    assertFalse(componentUpgradeGuidance.getShortTermUpgradeGuidance().isPresent());
    assertEquals(1, testBomComponentDetails.getRelevantPolicies().size());
    ComponentPolicy testComponentPolicy = testBomComponentDetails.getRelevantPolicies().get(0);
    assertTrue(testComponentPolicy.getCategory().isPresent());
    assertEquals(PolicyRuleCategoryType.UNCATEGORIZED.toString(), testComponentPolicy.getCategory().get());
}
Also used : ComponentPolicyRulesView(com.synopsys.integration.blackduck.api.generated.view.ComponentPolicyRulesView) ComponentUpgradeGuidance(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance) RuleViolationUniquePolicyNotificationContent(com.synopsys.integration.alert.provider.blackduck.processor.model.RuleViolationUniquePolicyNotificationContent) ComponentPolicy(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy) BlackDuckApiClient(com.synopsys.integration.blackduck.service.BlackDuckApiClient) PolicyRuleView(com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView) BlackDuckServicesFactory(com.synopsys.integration.blackduck.service.BlackDuckServicesFactory) ResourceMetadata(com.synopsys.integration.blackduck.api.core.ResourceMetadata) HttpUrl(com.synopsys.integration.rest.HttpUrl) ProjectVersionComponentVersionView(com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView) BomComponentDetails(com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails) Test(org.junit.jupiter.api.Test)

Example 3 with ResourceMetadata

use of com.synopsys.integration.blackduck.api.core.ResourceMetadata in project hub-alert by blackducksoftware.

the class BlackDuckComponentPolicyDetailsCreatorTest method toComponentPolicyVulnerabilityRuleTest.

@Test
public void toComponentPolicyVulnerabilityRuleTest() throws IntegrationException {
    PolicyRuleExpressionExpressionsView expression = new PolicyRuleExpressionExpressionsView();
    expression.setName(EXAMPLE_VULNERABILITY_EXPRESSION);
    BlackDuckApiClient blackDuckApiClient = Mockito.mock(BlackDuckApiClient.class);
    PolicyRuleExpressionView policyRuleExpression = new PolicyRuleExpressionView();
    policyRuleExpression.setExpressions(List.of(expression));
    BlackDuckComponentPolicyDetailsCreator policyDetailsCreator = new BlackDuckComponentPolicyDetailsCreator(POLICY_SEVERITY_CONVERTER, blackDuckApiClient);
    ComponentPolicyRulesView componentPolicyRulesView = new ComponentPolicyRulesView();
    componentPolicyRulesView.setName("vuln-test-policy");
    componentPolicyRulesView.setSeverity(PolicyRuleSeverityType.TRIVIAL);
    componentPolicyRulesView.setPolicyApprovalStatus(ProjectVersionComponentPolicyStatusType.IN_VIOLATION);
    componentPolicyRulesView.setExpression(policyRuleExpression);
    ResourceMetadata meta = new ResourceMetadata();
    meta.setHref(new HttpUrl("https://someUrl"));
    componentPolicyRulesView.setMeta(meta);
    PolicyRuleView policyRuleView = new PolicyRuleView();
    policyRuleView.setName(componentPolicyRulesView.getName());
    policyRuleView.setCategory(PolicyRuleCategoryType.UNCATEGORIZED);
    Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.any())).thenReturn(policyRuleView);
    ComponentPolicy componentPolicy = policyDetailsCreator.toComponentPolicy(componentPolicyRulesView);
    assertTrue(componentPolicy.isVulnerabilityPolicy(), "Expected a vulnerability policy");
}
Also used : PolicyRuleExpressionView(com.synopsys.integration.blackduck.api.generated.component.PolicyRuleExpressionView) BlackDuckComponentPolicyDetailsCreator(com.synopsys.integration.alert.provider.blackduck.processor.message.service.policy.BlackDuckComponentPolicyDetailsCreator) ComponentPolicyRulesView(com.synopsys.integration.blackduck.api.generated.view.ComponentPolicyRulesView) ComponentPolicy(com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy) PolicyRuleExpressionExpressionsView(com.synopsys.integration.blackduck.api.generated.component.PolicyRuleExpressionExpressionsView) BlackDuckApiClient(com.synopsys.integration.blackduck.service.BlackDuckApiClient) PolicyRuleView(com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView) ResourceMetadata(com.synopsys.integration.blackduck.api.core.ResourceMetadata) HttpUrl(com.synopsys.integration.rest.HttpUrl) Test(org.junit.jupiter.api.Test)

Example 4 with ResourceMetadata

use of com.synopsys.integration.blackduck.api.core.ResourceMetadata in project hub-alert by blackducksoftware.

the class VulnerabilityNotificationMessageExtractorTest method createProjectVersionComponentVersionView.

private ProjectVersionComponentVersionView createProjectVersionComponentVersionView(boolean withOrigin) throws IntegrationException {
    ProjectVersionComponentVersionView projectVersionComponentVersionView = new ProjectVersionComponentVersionView();
    projectVersionComponentVersionView.setComponentName(COMPONENT.getValue());
    projectVersionComponentVersionView.setComponentVersion(COMPONENT_VERSION_URL);
    projectVersionComponentVersionView.setComponentVersionName(COMPONENT_VERSION.getValue());
    projectVersionComponentVersionView.setPolicyStatus(ProjectVersionComponentPolicyStatusType.IN_VIOLATION);
    projectVersionComponentVersionView.setUsages(List.of(UsageType.DYNAMICALLY_LINKED));
    ProjectVersionComponentVersionLicensesView projectVersionComponentVersionLicensesView = new ProjectVersionComponentVersionLicensesView();
    projectVersionComponentVersionLicensesView.setLicense("http://licenseLink");
    projectVersionComponentVersionLicensesView.setLicenseDisplay(LICENSE_DISPLAY);
    projectVersionComponentVersionView.setLicenses(List.of(projectVersionComponentVersionLicensesView));
    ResourceLink resourceLink = new ResourceLink();
    resourceLink.setHref(new HttpUrl("https://policyRulesLink"));
    resourceLink.setRel("policy-rules");
    ResourceMetadata meta = new ResourceMetadata();
    meta.setHref(new HttpUrl("https://bomComponentHref"));
    meta.setLinks(List.of(resourceLink));
    projectVersionComponentVersionView.setMeta(meta);
    ResourceLink resourceLinkUpgradeGuidance = new ResourceLink();
    resourceLinkUpgradeGuidance.setHref(new HttpUrl(UPGRADE_GUIDANCE_URL));
    resourceLinkUpgradeGuidance.setRel("upgrade-guidance");
    ResourceMetadata metaUpgradeGuidance = new ResourceMetadata();
    metaUpgradeGuidance.setHref(new HttpUrl("https://upgradeGuidance"));
    metaUpgradeGuidance.setLinks(List.of(resourceLinkUpgradeGuidance));
    RiskProfileView riskProfileView = new RiskProfileView();
    RiskProfileCountsView riskProfileCountsView = new RiskProfileCountsView();
    riskProfileCountsView.setCount(BigDecimal.ONE);
    riskProfileCountsView.setCountType(RiskPriorityType.HIGH);
    riskProfileView.setCounts(List.of(riskProfileCountsView));
    projectVersionComponentVersionView.setSecurityRiskProfile(riskProfileView);
    if (withOrigin) {
        VersionBomOriginView versionBomOriginView = new VersionBomOriginView();
        versionBomOriginView.setMeta(metaUpgradeGuidance);
        projectVersionComponentVersionView.setOrigins(List.of(versionBomOriginView));
    } else {
        projectVersionComponentVersionView.setOrigins(List.of());
    }
    return projectVersionComponentVersionView;
}
Also used : RiskProfileCountsView(com.synopsys.integration.blackduck.api.generated.component.RiskProfileCountsView) VersionBomOriginView(com.synopsys.integration.blackduck.api.manual.temporary.component.VersionBomOriginView) RiskProfileView(com.synopsys.integration.blackduck.api.generated.view.RiskProfileView) ProjectVersionComponentVersionLicensesView(com.synopsys.integration.blackduck.api.generated.component.ProjectVersionComponentVersionLicensesView) ResourceLink(com.synopsys.integration.blackduck.api.core.ResourceLink) ResourceMetadata(com.synopsys.integration.blackduck.api.core.ResourceMetadata) HttpUrl(com.synopsys.integration.rest.HttpUrl) ProjectVersionComponentVersionView(com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView)

Example 5 with ResourceMetadata

use of com.synopsys.integration.blackduck.api.core.ResourceMetadata in project hub-alert by blackducksoftware.

the class VulnerabilityNotificationMessageExtractorTest method createComponentVersionView.

private ComponentVersionView createComponentVersionView() throws IntegrationException {
    ComponentVersionView componentVersionView = new ComponentVersionView();
    ResourceLink resourceLinkUpgradeGuidance = new ResourceLink();
    resourceLinkUpgradeGuidance.setHref(new HttpUrl(UPGRADE_GUIDANCE_URL));
    resourceLinkUpgradeGuidance.setRel("upgrade-guidance");
    ResourceMetadata metaUpgradeGuidance = new ResourceMetadata();
    metaUpgradeGuidance.setHref(new HttpUrl("https://upgradeGuidance"));
    metaUpgradeGuidance.setLinks(List.of(resourceLinkUpgradeGuidance));
    componentVersionView.setMeta(metaUpgradeGuidance);
    return componentVersionView;
}
Also used : ResourceLink(com.synopsys.integration.blackduck.api.core.ResourceLink) ProjectVersionComponentVersionView(com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView) ComponentVersionView(com.synopsys.integration.blackduck.api.generated.view.ComponentVersionView) ResourceMetadata(com.synopsys.integration.blackduck.api.core.ResourceMetadata) HttpUrl(com.synopsys.integration.rest.HttpUrl)

Aggregations

ResourceMetadata (com.synopsys.integration.blackduck.api.core.ResourceMetadata)21 HttpUrl (com.synopsys.integration.rest.HttpUrl)21 ProjectVersionComponentVersionView (com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView)12 ResourceLink (com.synopsys.integration.blackduck.api.core.ResourceLink)9 ProjectVersionComponentVersionLicensesView (com.synopsys.integration.blackduck.api.generated.component.ProjectVersionComponentVersionLicensesView)7 BlackDuckApiClient (com.synopsys.integration.blackduck.service.BlackDuckApiClient)7 Test (org.junit.jupiter.api.Test)7 ComponentPolicy (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentPolicy)6 ComponentPolicyRulesView (com.synopsys.integration.blackduck.api.generated.view.ComponentPolicyRulesView)6 PolicyRuleView (com.synopsys.integration.blackduck.api.generated.view.PolicyRuleView)6 BomComponentDetails (com.synopsys.integration.alert.processor.api.extract.model.project.BomComponentDetails)4 ComponentUpgradeGuidance (com.synopsys.integration.alert.processor.api.extract.model.project.ComponentUpgradeGuidance)4 ProjectView (com.synopsys.integration.blackduck.api.generated.view.ProjectView)4 BlackDuckServicesFactory (com.synopsys.integration.blackduck.service.BlackDuckServicesFactory)4 BlackDuckComponentPolicyDetailsCreator (com.synopsys.integration.alert.provider.blackduck.processor.message.service.policy.BlackDuckComponentPolicyDetailsCreator)3 PolicyRuleExpressionExpressionsView (com.synopsys.integration.blackduck.api.generated.component.PolicyRuleExpressionExpressionsView)2 PolicyRuleExpressionView (com.synopsys.integration.blackduck.api.generated.component.PolicyRuleExpressionView)2 RuleViolationClearedUniquePolicyNotificationContent (com.synopsys.integration.alert.provider.blackduck.processor.model.RuleViolationClearedUniquePolicyNotificationContent)1 RuleViolationUniquePolicyNotificationContent (com.synopsys.integration.alert.provider.blackduck.processor.model.RuleViolationUniquePolicyNotificationContent)1 ProjectVersionComponentVersionVulnerabilityRemediationCvss2View (com.synopsys.integration.blackduck.api.generated.component.ProjectVersionComponentVersionVulnerabilityRemediationCvss2View)1