use of com.synopsys.integration.blackduck.api.core.ResourceMetadata in project hub-alert by blackducksoftware.
the class RuleViolationNotificationMessageExtractorTest method createProjectVersionComponentVersionView.
private ProjectVersionComponentVersionView createProjectVersionComponentVersionView() throws IntegrationException {
ProjectVersionComponentVersionView projectVersionComponentVersionView = new ProjectVersionComponentVersionView();
projectVersionComponentVersionView.setComponentName(COMPONENT.getValue());
projectVersionComponentVersionView.setComponentVersion(COMPONENT_VERSION_URL);
projectVersionComponentVersionView.setComponentVersionName(COMPONENT_VERSION.getValue());
projectVersionComponentVersionView.setPolicyStatus(ProjectVersionComponentPolicyStatusType.IN_VIOLATION);
projectVersionComponentVersionView.setUsages(List.of(UsageType.DYNAMICALLY_LINKED));
ProjectVersionComponentVersionLicensesView projectVersionComponentVersionLicensesView = new ProjectVersionComponentVersionLicensesView();
projectVersionComponentVersionLicensesView.setLicense("http://licenseLink");
projectVersionComponentVersionLicensesView.setLicenseDisplay(LICENSE_DISPLAY);
projectVersionComponentVersionView.setLicenses(List.of(projectVersionComponentVersionLicensesView));
ResourceLink resourceLink = new ResourceLink();
resourceLink.setHref(new HttpUrl("https://someHref"));
resourceLink.setRel("policy-rules");
ResourceMetadata meta = new ResourceMetadata();
meta.setHref(new HttpUrl("https://someUrl"));
meta.setLinks(List.of(resourceLink));
projectVersionComponentVersionView.setMeta(meta);
return projectVersionComponentVersionView;
}
use of com.synopsys.integration.blackduck.api.core.ResourceMetadata in project hub-alert by blackducksoftware.
the class RuleViolationNotificationMessageExtractorTest method createBomComponentDetailsTest.
@Test
public void createBomComponentDetailsTest() throws IntegrationException {
BlackDuckServicesFactory blackDuckServicesFactory = Mockito.mock(BlackDuckServicesFactory.class);
BlackDuckApiClient blackDuckApiClient = Mockito.mock(BlackDuckApiClient.class);
Mockito.when(blackDuckServicesFactory.getBlackDuckApiClient()).thenReturn(blackDuckApiClient);
ProjectVersionComponentVersionView projectVersionComponentVersionView = createProjectVersionComponentVersionView();
Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.eq(ProjectVersionComponentVersionView.class))).thenReturn(projectVersionComponentVersionView);
ComponentPolicyRulesView componentPolicyRulesView = new ComponentPolicyRulesView();
ResourceMetadata meta = new ResourceMetadata();
meta.setHref(new HttpUrl(COMPONENT_POLICY_URL));
componentPolicyRulesView.setMeta(meta);
componentPolicyRulesView.setName(COMPONENT_POLICY.getPolicyName());
componentPolicyRulesView.setSeverity(PolicyRuleSeverityType.BLOCKER);
componentPolicyRulesView.setPolicyApprovalStatus(ProjectVersionComponentPolicyStatusType.IN_VIOLATION_OVERRIDDEN);
Mockito.when(blackDuckApiClient.getAllResponses(Mockito.eq(projectVersionComponentVersionView.metaPolicyRulesLink()))).thenReturn(List.of(componentPolicyRulesView));
PolicyRuleView policyRuleView = new PolicyRuleView();
policyRuleView.setCategory(PolicyRuleCategoryType.UNCATEGORIZED);
Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.eq(PolicyRuleView.class))).thenReturn(policyRuleView);
RuleViolationUniquePolicyNotificationContent notificationContent = new RuleViolationUniquePolicyNotificationContent(PROJECT, PROJECT_VERSION, PROJECT_VERSION_URL, COMPONENT_VERSIONS_IN_VIOLATION, List.of(componentVersionStatus), policyInfo);
List<BomComponentDetails> bomComponentDetailsList = extractor.createBomComponentDetails(notificationContent, blackDuckServicesFactory);
assertEquals(1, bomComponentDetailsList.size());
BomComponentDetails testBomComponentDetails = bomComponentDetailsList.get(0);
assertEquals(COMPONENT, testBomComponentDetails.getComponent());
assertTrue(testBomComponentDetails.getComponentVersion().isPresent());
assertEquals(COMPONENT_VERSION.getValue(), testBomComponentDetails.getComponentVersion().get().getValue());
assertEquals(LICENSE_DISPLAY, testBomComponentDetails.getLicense().getValue());
assertEquals(UsageType.DYNAMICALLY_LINKED.prettyPrint(), testBomComponentDetails.getUsage());
assertTrue(testBomComponentDetails.getAdditionalAttributes().isEmpty());
assertEquals(1, testBomComponentDetails.getComponentConcerns().size());
assertEquals(ItemOperation.ADD, testBomComponentDetails.getComponentConcerns().get(0).getOperation());
ComponentUpgradeGuidance componentUpgradeGuidance = testBomComponentDetails.getComponentUpgradeGuidance();
assertFalse(componentUpgradeGuidance.getLongTermUpgradeGuidance().isPresent());
assertFalse(componentUpgradeGuidance.getShortTermUpgradeGuidance().isPresent());
assertEquals(1, testBomComponentDetails.getRelevantPolicies().size());
ComponentPolicy testComponentPolicy = testBomComponentDetails.getRelevantPolicies().get(0);
assertTrue(testComponentPolicy.getCategory().isPresent());
assertEquals(PolicyRuleCategoryType.UNCATEGORIZED.toString(), testComponentPolicy.getCategory().get());
}
use of com.synopsys.integration.blackduck.api.core.ResourceMetadata in project hub-alert by blackducksoftware.
the class BlackDuckComponentPolicyDetailsCreatorTest method toComponentPolicyVulnerabilityRuleTest.
@Test
public void toComponentPolicyVulnerabilityRuleTest() throws IntegrationException {
PolicyRuleExpressionExpressionsView expression = new PolicyRuleExpressionExpressionsView();
expression.setName(EXAMPLE_VULNERABILITY_EXPRESSION);
BlackDuckApiClient blackDuckApiClient = Mockito.mock(BlackDuckApiClient.class);
PolicyRuleExpressionView policyRuleExpression = new PolicyRuleExpressionView();
policyRuleExpression.setExpressions(List.of(expression));
BlackDuckComponentPolicyDetailsCreator policyDetailsCreator = new BlackDuckComponentPolicyDetailsCreator(POLICY_SEVERITY_CONVERTER, blackDuckApiClient);
ComponentPolicyRulesView componentPolicyRulesView = new ComponentPolicyRulesView();
componentPolicyRulesView.setName("vuln-test-policy");
componentPolicyRulesView.setSeverity(PolicyRuleSeverityType.TRIVIAL);
componentPolicyRulesView.setPolicyApprovalStatus(ProjectVersionComponentPolicyStatusType.IN_VIOLATION);
componentPolicyRulesView.setExpression(policyRuleExpression);
ResourceMetadata meta = new ResourceMetadata();
meta.setHref(new HttpUrl("https://someUrl"));
componentPolicyRulesView.setMeta(meta);
PolicyRuleView policyRuleView = new PolicyRuleView();
policyRuleView.setName(componentPolicyRulesView.getName());
policyRuleView.setCategory(PolicyRuleCategoryType.UNCATEGORIZED);
Mockito.when(blackDuckApiClient.getResponse(Mockito.any(), Mockito.any())).thenReturn(policyRuleView);
ComponentPolicy componentPolicy = policyDetailsCreator.toComponentPolicy(componentPolicyRulesView);
assertTrue(componentPolicy.isVulnerabilityPolicy(), "Expected a vulnerability policy");
}
use of com.synopsys.integration.blackduck.api.core.ResourceMetadata in project hub-alert by blackducksoftware.
the class VulnerabilityNotificationMessageExtractorTest method createProjectVersionComponentVersionView.
private ProjectVersionComponentVersionView createProjectVersionComponentVersionView(boolean withOrigin) throws IntegrationException {
ProjectVersionComponentVersionView projectVersionComponentVersionView = new ProjectVersionComponentVersionView();
projectVersionComponentVersionView.setComponentName(COMPONENT.getValue());
projectVersionComponentVersionView.setComponentVersion(COMPONENT_VERSION_URL);
projectVersionComponentVersionView.setComponentVersionName(COMPONENT_VERSION.getValue());
projectVersionComponentVersionView.setPolicyStatus(ProjectVersionComponentPolicyStatusType.IN_VIOLATION);
projectVersionComponentVersionView.setUsages(List.of(UsageType.DYNAMICALLY_LINKED));
ProjectVersionComponentVersionLicensesView projectVersionComponentVersionLicensesView = new ProjectVersionComponentVersionLicensesView();
projectVersionComponentVersionLicensesView.setLicense("http://licenseLink");
projectVersionComponentVersionLicensesView.setLicenseDisplay(LICENSE_DISPLAY);
projectVersionComponentVersionView.setLicenses(List.of(projectVersionComponentVersionLicensesView));
ResourceLink resourceLink = new ResourceLink();
resourceLink.setHref(new HttpUrl("https://policyRulesLink"));
resourceLink.setRel("policy-rules");
ResourceMetadata meta = new ResourceMetadata();
meta.setHref(new HttpUrl("https://bomComponentHref"));
meta.setLinks(List.of(resourceLink));
projectVersionComponentVersionView.setMeta(meta);
ResourceLink resourceLinkUpgradeGuidance = new ResourceLink();
resourceLinkUpgradeGuidance.setHref(new HttpUrl(UPGRADE_GUIDANCE_URL));
resourceLinkUpgradeGuidance.setRel("upgrade-guidance");
ResourceMetadata metaUpgradeGuidance = new ResourceMetadata();
metaUpgradeGuidance.setHref(new HttpUrl("https://upgradeGuidance"));
metaUpgradeGuidance.setLinks(List.of(resourceLinkUpgradeGuidance));
RiskProfileView riskProfileView = new RiskProfileView();
RiskProfileCountsView riskProfileCountsView = new RiskProfileCountsView();
riskProfileCountsView.setCount(BigDecimal.ONE);
riskProfileCountsView.setCountType(RiskPriorityType.HIGH);
riskProfileView.setCounts(List.of(riskProfileCountsView));
projectVersionComponentVersionView.setSecurityRiskProfile(riskProfileView);
if (withOrigin) {
VersionBomOriginView versionBomOriginView = new VersionBomOriginView();
versionBomOriginView.setMeta(metaUpgradeGuidance);
projectVersionComponentVersionView.setOrigins(List.of(versionBomOriginView));
} else {
projectVersionComponentVersionView.setOrigins(List.of());
}
return projectVersionComponentVersionView;
}
use of com.synopsys.integration.blackduck.api.core.ResourceMetadata in project hub-alert by blackducksoftware.
the class VulnerabilityNotificationMessageExtractorTest method createComponentVersionView.
private ComponentVersionView createComponentVersionView() throws IntegrationException {
ComponentVersionView componentVersionView = new ComponentVersionView();
ResourceLink resourceLinkUpgradeGuidance = new ResourceLink();
resourceLinkUpgradeGuidance.setHref(new HttpUrl(UPGRADE_GUIDANCE_URL));
resourceLinkUpgradeGuidance.setRel("upgrade-guidance");
ResourceMetadata metaUpgradeGuidance = new ResourceMetadata();
metaUpgradeGuidance.setHref(new HttpUrl("https://upgradeGuidance"));
metaUpgradeGuidance.setLinks(List.of(resourceLinkUpgradeGuidance));
componentVersionView.setMeta(metaUpgradeGuidance);
return componentVersionView;
}
Aggregations