use of com.synopsys.integration.blackduck.api.manual.component.AffectedProjectVersion in project hub-alert by blackducksoftware.
the class VulnerabilityUniqueProjectNotificationContentTest method getContentFromNotificationContentTest.
@Test
public void getContentFromNotificationContentTest() {
String componentVersionOriginName = "Component Version Origin Name";
String componentVersionOriginId = "Component Version Origin Id";
AffectedProjectVersion affectedProjectVersion = new AffectedProjectVersion();
affectedProjectVersion.setProjectName(PROJECT_NAME);
affectedProjectVersion.setProjectVersionName(PROJECT_VERSION_NAME);
affectedProjectVersion.setProjectVersion(PROJECT_VERSION_URL);
VulnerabilityNotificationContent vulnerabilityNotificationContent = new VulnerabilityNotificationContent();
vulnerabilityNotificationContent.setNewVulnerabilityCount(1);
vulnerabilityNotificationContent.setUpdatedVulnerabilityCount(1);
vulnerabilityNotificationContent.setDeletedVulnerabilityCount(1);
vulnerabilityNotificationContent.setNewVulnerabilityIds(List.of(newVulnerabilityId));
vulnerabilityNotificationContent.setUpdatedVulnerabilityIds(List.of(updatedVulnerabilityId));
vulnerabilityNotificationContent.setDeletedVulnerabilityIds(List.of(deletedVulnerabilityId));
vulnerabilityNotificationContent.setComponentVersion(COMPONENT_VERSION_URL);
vulnerabilityNotificationContent.setComponentName(COMPONENT_NAME);
vulnerabilityNotificationContent.setVersionName(VERSION_NAME);
vulnerabilityNotificationContent.setComponentVersionOriginName(componentVersionOriginName);
vulnerabilityNotificationContent.setAffectedProjectVersions(List.of(affectedProjectVersion));
vulnerabilityNotificationContent.setComponentVersionOriginId(componentVersionOriginId);
VulnerabilityUniqueProjectNotificationContent notificationContent = new VulnerabilityUniqueProjectNotificationContent(vulnerabilityNotificationContent, affectedProjectVersion);
performAssertions(notificationContent, affectedProjectVersion);
}
use of com.synopsys.integration.blackduck.api.manual.component.AffectedProjectVersion in project hub-alert by blackducksoftware.
the class VulnerabilityUniqueProjectNotificationContentTest method getContentTest.
@Test
public void getContentTest() {
AffectedProjectVersion affectedProjectVersion = new AffectedProjectVersion();
affectedProjectVersion.setProjectName(PROJECT_NAME);
affectedProjectVersion.setProjectVersionName(PROJECT_VERSION_NAME);
affectedProjectVersion.setProjectVersion(PROJECT_VERSION_URL);
VulnerabilityNotificationContent vulnerabilityNotificationContent = new VulnerabilityNotificationContent();
VulnerabilityUniqueProjectNotificationContent notificationContent = new VulnerabilityUniqueProjectNotificationContent(vulnerabilityNotificationContent, affectedProjectVersion);
notificationContent.setNewVulnerabilityIds(List.of(newVulnerabilityId));
notificationContent.setUpdatedVulnerabilityIds(List.of(updatedVulnerabilityId));
notificationContent.setDeletedVulnerabilityIds(List.of(deletedVulnerabilityId));
notificationContent.setComponentVersion(COMPONENT_VERSION_URL);
notificationContent.setComponentName(COMPONENT_NAME);
notificationContent.setVersionName(VERSION_NAME);
notificationContent.setAffectedProjectVersion(affectedProjectVersion);
performAssertions(notificationContent, affectedProjectVersion);
}
use of com.synopsys.integration.blackduck.api.manual.component.AffectedProjectVersion in project hub-alert by blackducksoftware.
the class VulnerabilityNotificationMessageExtractor method createBomComponentDetails.
@Override
protected List<BomComponentDetails> createBomComponentDetails(VulnerabilityUniqueProjectNotificationContent notificationContent, BlackDuckServicesFactory blackDuckServicesFactory) throws IntegrationException {
BlackDuckApiClient blackDuckApiClient = blackDuckServicesFactory.getBlackDuckApiClient();
BlackDuckMessageBomComponentDetailsCreator bomComponentDetailsCreator = detailsCreatorFactory.createBomComponentDetailsCreator(blackDuckServicesFactory);
AffectedProjectVersion affectedProjectVersion = notificationContent.getAffectedProjectVersion();
String bomComponentUrl = affectedProjectVersion.getBomComponent();
List<ComponentConcern> componentConcerns = createComponentConcerns(notificationContent);
BomComponentDetails bomComponentDetails;
try {
ProjectVersionComponentVersionView bomComponent = blackDuckApiClient.getResponse(new HttpUrl(bomComponentUrl), ProjectVersionComponentVersionView.class);
ComponentUpgradeGuidance componentUpgradeGuidance = createComponentUpgradeGuidance(blackDuckApiClient, bomComponent);
bomComponentDetails = bomComponentDetailsCreator.createBomComponentDetails(bomComponent, componentConcerns, componentUpgradeGuidance, List.of());
} catch (IntegrationRestException e) {
bomComponent404Handler.logIf404OrThrow(e, notificationContent.getComponentName(), notificationContent.getVersionName());
ComponentUpgradeGuidance componentUpgradeGuidance = createComponentUpgradeGuidance(blackDuckApiClient, notificationContent);
bomComponentDetails = bomComponentDetailsCreator.createMissingBomComponentDetailsForVulnerability(notificationContent.getComponentName(), bomComponentUrl, notificationContent.getVersionName(), componentConcerns, componentUpgradeGuidance, List.of());
}
return List.of(bomComponentDetails);
}
use of com.synopsys.integration.blackduck.api.manual.component.AffectedProjectVersion in project hub-alert by blackducksoftware.
the class ProcessingJobAccessorTestIT method createVulnerabilityUniqueProjectNotificationContent.
private VulnerabilityUniqueProjectNotificationContent createVulnerabilityUniqueProjectNotificationContent(String projectName) {
AffectedProjectVersion affectedProjectVersion = new AffectedProjectVersion();
affectedProjectVersion.setProjectName(projectName);
return new VulnerabilityUniqueProjectNotificationContent(new VulnerabilityNotificationContent(), affectedProjectVersion);
}
use of com.synopsys.integration.blackduck.api.manual.component.AffectedProjectVersion in project hub-alert by blackducksoftware.
the class VulnerabilityNotificationMessageExtractorTest method createVulnerabilityUniqueProjectNotificationContent.
private VulnerabilityUniqueProjectNotificationContent createVulnerabilityUniqueProjectNotificationContent() {
AffectedProjectVersion affectedProjectVersion = new AffectedProjectVersion();
affectedProjectVersion.setProjectName(PROJECT);
affectedProjectVersion.setProjectVersionName(PROJECT_VERSION);
affectedProjectVersion.setProjectVersion(PROJECT_VERSION_URL);
affectedProjectVersion.setComponentIssueUrl(COMPONENT_URL);
affectedProjectVersion.setBomComponent(COMPONENT_URL);
VulnerabilitySourceQualifiedId vulnerabilityNew = new VulnerabilitySourceQualifiedId();
vulnerabilityNew.setSeverity(VulnerabilitySeverityType.CRITICAL.name());
vulnerabilityNew.setVulnerability(VULNERABILITY_URL);
VulnerabilitySourceQualifiedId vulnerabilityUpdated = new VulnerabilitySourceQualifiedId();
vulnerabilityUpdated.setVulnerability(VULNERABILITY_URL);
VulnerabilitySourceQualifiedId vulnerabilityDeleted = new VulnerabilitySourceQualifiedId();
vulnerabilityDeleted.setSeverity(VulnerabilitySeverityType.LOW.name());
vulnerabilityDeleted.setVulnerability(VULNERABILITY_URL);
VulnerabilityNotificationContent vulnerabilityNotificationContent = new VulnerabilityNotificationContent();
vulnerabilityNotificationContent.setAffectedProjectVersions(List.of(affectedProjectVersion));
vulnerabilityNotificationContent.setComponentName(COMPONENT.getValue());
vulnerabilityNotificationContent.setVersionName(COMPONENT_VERSION.getValue());
vulnerabilityNotificationContent.setNewVulnerabilityCount(1);
vulnerabilityNotificationContent.setNewVulnerabilityIds(List.of(vulnerabilityNew));
vulnerabilityNotificationContent.setUpdatedVulnerabilityCount(1);
vulnerabilityNotificationContent.setUpdatedVulnerabilityIds(List.of(vulnerabilityUpdated));
vulnerabilityNotificationContent.setDeletedVulnerabilityCount(1);
vulnerabilityNotificationContent.setDeletedVulnerabilityIds(List.of(vulnerabilityDeleted));
VulnerabilityUniqueProjectNotificationContent notificationContent = new VulnerabilityUniqueProjectNotificationContent(vulnerabilityNotificationContent, affectedProjectVersion);
notificationContent.setComponentVersion(COMPONENT_VERSION_URL);
return notificationContent;
}
Aggregations