Search in sources :

Example 1 with DeveloperScanComponentResultView

use of com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView in project synopsys-detect by blackducksoftware.

the class RapidScanResultAggregatorTest method testEmptyResults.

@Test
public void testEmptyResults() {
    List<DeveloperScanComponentResultView> results = Collections.emptyList();
    RapidScanResultAggregator aggregator = new RapidScanResultAggregator();
    RapidScanAggregateResult aggregateResult = aggregator.aggregateData(results);
    BufferedIntLogger logger = new BufferedIntLogger();
    aggregateResult.logResult(logger);
    RapidScanResultSummary summary = aggregateResult.getSummary();
    assertEquals(0, summary.getPolicyErrorCount());
    assertEquals(0, summary.getPolicyWarningCount());
    assertEquals(0, summary.getSecurityErrorCount());
    assertEquals(0, summary.getSecurityWarningCount());
    assertEquals(0, summary.getLicenseErrorCount());
    assertEquals(0, summary.getLicenseWarningCount());
    assertFalse(logger.getOutputList(LogLevel.INFO).isEmpty());
}
Also used : DeveloperScanComponentResultView(com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView) RapidScanResultAggregator(com.synopsys.integration.detect.workflow.blackduck.developer.aggregate.RapidScanResultAggregator) RapidScanResultSummary(com.synopsys.integration.detect.workflow.blackduck.developer.aggregate.RapidScanResultSummary) BufferedIntLogger(com.synopsys.integration.log.BufferedIntLogger) RapidScanAggregateResult(com.synopsys.integration.detect.workflow.blackduck.developer.aggregate.RapidScanAggregateResult) Test(org.junit.jupiter.api.Test)

Example 2 with DeveloperScanComponentResultView

use of com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView in project synopsys-detect by blackducksoftware.

the class RapidModeStepRunner method runOnline.

public void runOnline(BlackDuckRunData blackDuckRunData, NameVersion projectVersion, BdioResult bdioResult) throws OperationException {
    operationFactory.phoneHome(blackDuckRunData);
    Optional<File> rapidScanConfig = operationFactory.findRapidScanConfig();
    rapidScanConfig.ifPresent(config -> logger.info("Found rapid scan config file: " + config));
    List<HttpUrl> rapidScanUrls = operationFactory.performRapidUpload(blackDuckRunData, bdioResult, rapidScanConfig.orElse(null));
    List<DeveloperScanComponentResultView> rapidResults = operationFactory.waitForRapidResults(blackDuckRunData, rapidScanUrls);
    File jsonFile = operationFactory.generateRapidJsonFile(projectVersion, rapidResults);
    RapidScanResultSummary summary = operationFactory.logRapidReport(rapidResults);
    operationFactory.publishRapidResults(jsonFile, summary);
}
Also used : DeveloperScanComponentResultView(com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView) RapidScanResultSummary(com.synopsys.integration.detect.workflow.blackduck.developer.aggregate.RapidScanResultSummary) File(java.io.File) HttpUrl(com.synopsys.integration.rest.HttpUrl)

Example 3 with DeveloperScanComponentResultView

use of com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView in project synopsys-detect by blackducksoftware.

the class RapidScanResultAggregator method aggregateComponentData.

private List<RapidScanComponentDetail> aggregateComponentData(List<DeveloperScanComponentResultView> results) {
    // the key is the component identifier
    List<RapidScanComponentDetail> componentDetails = new LinkedList<>();
    for (DeveloperScanComponentResultView resultView : results) {
        String componentName = resultView.getComponentName();
        RapidScanComponentDetail componentDetail = createDetail(resultView);
        componentDetails.add(componentDetail);
        RapidScanComponentGroupDetail componentGroupDetail = componentDetail.getComponentDetails();
        RapidScanComponentGroupDetail securityGroupDetail = componentDetail.getSecurityDetails();
        RapidScanComponentGroupDetail licenseGroupDetail = componentDetail.getLicenseDetails();
        // violating policy names is a super set of policy names so we have to remove the vulnerability and license.
        Set<String> policyNames = new LinkedHashSet<>(resultView.getViolatingPolicyNames());
        Set<PolicyViolationVulnerabilityView> vulnerabilityViolations = resultView.getPolicyViolationVulnerabilities();
        Set<PolicyViolationLicenseView> licenseViolations = resultView.getPolicyViolationLicenses();
        Set<String> vulnerabilityPolicyNames = vulnerabilityViolations.stream().map(PolicyViolationVulnerabilityView::getViolatingPolicyNames).flatMap(Collection::stream).collect(Collectors.toSet());
        Set<String> licensePolicyNames = licenseViolations.stream().map(PolicyViolationLicenseView::getViolatingPolicyNames).flatMap(Collection::stream).collect(Collectors.toSet());
        policyNames.removeAll(vulnerabilityPolicyNames);
        policyNames.removeAll(licensePolicyNames);
        componentGroupDetail.addPolicies(policyNames);
        securityGroupDetail.addPolicies(vulnerabilityPolicyNames);
        licenseGroupDetail.addPolicies(licensePolicyNames);
        componentGroupDetail.addMessages(resultView::getErrorMessage, resultView::getWarningMessage);
        addVulnerabilityData(vulnerabilityViolations, securityGroupDetail);
        addLicenseData(licenseViolations, licenseGroupDetail);
    }
    return componentDetails;
}
Also used : LinkedHashSet(java.util.LinkedHashSet) PolicyViolationVulnerabilityView(com.synopsys.integration.blackduck.api.manual.view.PolicyViolationVulnerabilityView) LinkedList(java.util.LinkedList) DeveloperScanComponentResultView(com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView) PolicyViolationLicenseView(com.synopsys.integration.blackduck.api.manual.view.PolicyViolationLicenseView)

Example 4 with DeveloperScanComponentResultView

use of com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView in project synopsys-detect by blackducksoftware.

the class RapidModeGenerateJsonOperationTest method test.

@Test
void test(@TempDir Path tempPath) throws IOException, DetectUserFriendlyException {
    Gson gson = Mockito.mock(Gson.class);
    File tempDir = tempPath.toFile();
    File scanDir = new File(tempDir, "scan");
    DirectoryOptions directoryOptions = new DirectoryOptions(null, null, null, scanDir.toPath(), null, null);
    DetectRunId detectRunId = new DetectRunId("testId");
    DirectoryManager directoryManager = new DirectoryManager(directoryOptions, detectRunId);
    RapidModeGenerateJsonOperation op = new RapidModeGenerateJsonOperation(gson, directoryManager);
    NameVersion projectNameVersion = new NameVersion("testName", "testVersion");
    List<DeveloperScanComponentResultView> results = new LinkedList<>();
    DeveloperScanComponentResultView resultView = Mockito.mock(DeveloperScanComponentResultView.class);
    results.add(resultView);
    String mockedResultsJsonString = "mocked json string for results";
    Mockito.when(gson.toJson(results)).thenReturn(mockedResultsJsonString);
    File generatedFile = op.generateJsonFile(projectNameVersion, results);
    String expectedFilename = String.format("%s_%s_BlackDuck_DeveloperMode_Result.json", projectNameVersion.getName(), projectNameVersion.getVersion());
    String expectedPath = new File(scanDir, expectedFilename).getAbsolutePath();
    assertEquals(expectedPath, generatedFile.getAbsolutePath());
    String generatedString = FileUtils.readFileToString(generatedFile);
    assertEquals(mockedResultsJsonString, generatedString);
}
Also used : DeveloperScanComponentResultView(com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView) DirectoryOptions(com.synopsys.integration.detect.workflow.file.DirectoryOptions) DetectRunId(com.synopsys.integration.detect.workflow.DetectRunId) NameVersion(com.synopsys.integration.util.NameVersion) DirectoryManager(com.synopsys.integration.detect.workflow.file.DirectoryManager) Gson(com.google.gson.Gson) File(java.io.File) LinkedList(java.util.LinkedList) Test(org.junit.jupiter.api.Test)

Example 5 with DeveloperScanComponentResultView

use of com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView in project synopsys-detect by blackducksoftware.

the class RapidModeLogReportOperationTest method testPublishesPolicyViolation.

@Test
void testPublishesPolicyViolation() throws DetectUserFriendlyException {
    ExitCodePublisher exitCodePublisher = Mockito.mock(ExitCodePublisher.class);
    RapidScanResultAggregator rapidScanResultAggregator = Mockito.mock(RapidScanResultAggregator.class);
    RapidModeLogReportOperation op = new RapidModeLogReportOperation(exitCodePublisher, rapidScanResultAggregator);
    List<DeveloperScanComponentResultView> results = new LinkedList<>();
    DeveloperScanComponentResultView resultView = Mockito.mock(DeveloperScanComponentResultView.class);
    results.add(resultView);
    RapidScanAggregateResult aggregateResult = Mockito.mock(RapidScanAggregateResult.class);
    Mockito.when(rapidScanResultAggregator.aggregateData(results)).thenReturn(aggregateResult);
    RapidScanResultSummary summary = Mockito.mock(RapidScanResultSummary.class);
    Mockito.when(summary.hasErrors()).thenReturn(true);
    Mockito.when(aggregateResult.getSummary()).thenReturn(summary);
    Set<String> policyViolationNames = new HashSet<>();
    policyViolationNames.add("testPolicy1");
    policyViolationNames.add("testPolicy2");
    Mockito.when(summary.getPolicyViolationNames()).thenReturn(policyViolationNames);
    RapidScanResultSummary returnedSummary = op.perform(results);
    assertEquals(summary, returnedSummary);
    Mockito.verify(exitCodePublisher, Mockito.times(1)).publishExitCode(Mockito.eq(ExitCodeType.FAILURE_POLICY_VIOLATION), org.mockito.AdditionalMatchers.find(".* 2.*violation.*"));
}
Also used : RapidScanResultAggregator(com.synopsys.integration.detect.workflow.blackduck.developer.aggregate.RapidScanResultAggregator) DeveloperScanComponentResultView(com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView) RapidScanResultSummary(com.synopsys.integration.detect.workflow.blackduck.developer.aggregate.RapidScanResultSummary) RapidScanAggregateResult(com.synopsys.integration.detect.workflow.blackduck.developer.aggregate.RapidScanAggregateResult) ExitCodePublisher(com.synopsys.integration.detect.lifecycle.shutdown.ExitCodePublisher) LinkedList(java.util.LinkedList) HashSet(java.util.HashSet) Test(org.junit.jupiter.api.Test)

Aggregations

DeveloperScanComponentResultView (com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView)8 RapidScanResultSummary (com.synopsys.integration.detect.workflow.blackduck.developer.aggregate.RapidScanResultSummary)4 Test (org.junit.jupiter.api.Test)4 RapidScanAggregateResult (com.synopsys.integration.detect.workflow.blackduck.developer.aggregate.RapidScanAggregateResult)3 RapidScanResultAggregator (com.synopsys.integration.detect.workflow.blackduck.developer.aggregate.RapidScanResultAggregator)3 LinkedList (java.util.LinkedList)3 PolicyViolationLicenseView (com.synopsys.integration.blackduck.api.manual.view.PolicyViolationLicenseView)2 PolicyViolationVulnerabilityView (com.synopsys.integration.blackduck.api.manual.view.PolicyViolationVulnerabilityView)2 BufferedIntLogger (com.synopsys.integration.log.BufferedIntLogger)2 File (java.io.File)2 HashSet (java.util.HashSet)2 Gson (com.google.gson.Gson)1 ExitCodePublisher (com.synopsys.integration.detect.lifecycle.shutdown.ExitCodePublisher)1 DetectRunId (com.synopsys.integration.detect.workflow.DetectRunId)1 DirectoryManager (com.synopsys.integration.detect.workflow.file.DirectoryManager)1 DirectoryOptions (com.synopsys.integration.detect.workflow.file.DirectoryOptions)1 HttpUrl (com.synopsys.integration.rest.HttpUrl)1 NameVersion (com.synopsys.integration.util.NameVersion)1 ArrayList (java.util.ArrayList)1 LinkedHashSet (java.util.LinkedHashSet)1