use of com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView in project synopsys-detect by blackducksoftware.
the class RapidScanResultAggregatorTest method testEmptyResults.
@Test
public void testEmptyResults() {
List<DeveloperScanComponentResultView> results = Collections.emptyList();
RapidScanResultAggregator aggregator = new RapidScanResultAggregator();
RapidScanAggregateResult aggregateResult = aggregator.aggregateData(results);
BufferedIntLogger logger = new BufferedIntLogger();
aggregateResult.logResult(logger);
RapidScanResultSummary summary = aggregateResult.getSummary();
assertEquals(0, summary.getPolicyErrorCount());
assertEquals(0, summary.getPolicyWarningCount());
assertEquals(0, summary.getSecurityErrorCount());
assertEquals(0, summary.getSecurityWarningCount());
assertEquals(0, summary.getLicenseErrorCount());
assertEquals(0, summary.getLicenseWarningCount());
assertFalse(logger.getOutputList(LogLevel.INFO).isEmpty());
}
use of com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView in project synopsys-detect by blackducksoftware.
the class RapidModeStepRunner method runOnline.
public void runOnline(BlackDuckRunData blackDuckRunData, NameVersion projectVersion, BdioResult bdioResult) throws OperationException {
operationFactory.phoneHome(blackDuckRunData);
Optional<File> rapidScanConfig = operationFactory.findRapidScanConfig();
rapidScanConfig.ifPresent(config -> logger.info("Found rapid scan config file: " + config));
List<HttpUrl> rapidScanUrls = operationFactory.performRapidUpload(blackDuckRunData, bdioResult, rapidScanConfig.orElse(null));
List<DeveloperScanComponentResultView> rapidResults = operationFactory.waitForRapidResults(blackDuckRunData, rapidScanUrls);
File jsonFile = operationFactory.generateRapidJsonFile(projectVersion, rapidResults);
RapidScanResultSummary summary = operationFactory.logRapidReport(rapidResults);
operationFactory.publishRapidResults(jsonFile, summary);
}
use of com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView in project synopsys-detect by blackducksoftware.
the class RapidScanResultAggregator method aggregateComponentData.
private List<RapidScanComponentDetail> aggregateComponentData(List<DeveloperScanComponentResultView> results) {
// the key is the component identifier
List<RapidScanComponentDetail> componentDetails = new LinkedList<>();
for (DeveloperScanComponentResultView resultView : results) {
String componentName = resultView.getComponentName();
RapidScanComponentDetail componentDetail = createDetail(resultView);
componentDetails.add(componentDetail);
RapidScanComponentGroupDetail componentGroupDetail = componentDetail.getComponentDetails();
RapidScanComponentGroupDetail securityGroupDetail = componentDetail.getSecurityDetails();
RapidScanComponentGroupDetail licenseGroupDetail = componentDetail.getLicenseDetails();
// violating policy names is a super set of policy names so we have to remove the vulnerability and license.
Set<String> policyNames = new LinkedHashSet<>(resultView.getViolatingPolicyNames());
Set<PolicyViolationVulnerabilityView> vulnerabilityViolations = resultView.getPolicyViolationVulnerabilities();
Set<PolicyViolationLicenseView> licenseViolations = resultView.getPolicyViolationLicenses();
Set<String> vulnerabilityPolicyNames = vulnerabilityViolations.stream().map(PolicyViolationVulnerabilityView::getViolatingPolicyNames).flatMap(Collection::stream).collect(Collectors.toSet());
Set<String> licensePolicyNames = licenseViolations.stream().map(PolicyViolationLicenseView::getViolatingPolicyNames).flatMap(Collection::stream).collect(Collectors.toSet());
policyNames.removeAll(vulnerabilityPolicyNames);
policyNames.removeAll(licensePolicyNames);
componentGroupDetail.addPolicies(policyNames);
securityGroupDetail.addPolicies(vulnerabilityPolicyNames);
licenseGroupDetail.addPolicies(licensePolicyNames);
componentGroupDetail.addMessages(resultView::getErrorMessage, resultView::getWarningMessage);
addVulnerabilityData(vulnerabilityViolations, securityGroupDetail);
addLicenseData(licenseViolations, licenseGroupDetail);
}
return componentDetails;
}
use of com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView in project synopsys-detect by blackducksoftware.
the class RapidModeGenerateJsonOperationTest method test.
@Test
void test(@TempDir Path tempPath) throws IOException, DetectUserFriendlyException {
Gson gson = Mockito.mock(Gson.class);
File tempDir = tempPath.toFile();
File scanDir = new File(tempDir, "scan");
DirectoryOptions directoryOptions = new DirectoryOptions(null, null, null, scanDir.toPath(), null, null);
DetectRunId detectRunId = new DetectRunId("testId");
DirectoryManager directoryManager = new DirectoryManager(directoryOptions, detectRunId);
RapidModeGenerateJsonOperation op = new RapidModeGenerateJsonOperation(gson, directoryManager);
NameVersion projectNameVersion = new NameVersion("testName", "testVersion");
List<DeveloperScanComponentResultView> results = new LinkedList<>();
DeveloperScanComponentResultView resultView = Mockito.mock(DeveloperScanComponentResultView.class);
results.add(resultView);
String mockedResultsJsonString = "mocked json string for results";
Mockito.when(gson.toJson(results)).thenReturn(mockedResultsJsonString);
File generatedFile = op.generateJsonFile(projectNameVersion, results);
String expectedFilename = String.format("%s_%s_BlackDuck_DeveloperMode_Result.json", projectNameVersion.getName(), projectNameVersion.getVersion());
String expectedPath = new File(scanDir, expectedFilename).getAbsolutePath();
assertEquals(expectedPath, generatedFile.getAbsolutePath());
String generatedString = FileUtils.readFileToString(generatedFile);
assertEquals(mockedResultsJsonString, generatedString);
}
use of com.synopsys.integration.blackduck.api.manual.view.DeveloperScanComponentResultView in project synopsys-detect by blackducksoftware.
the class RapidModeLogReportOperationTest method testPublishesPolicyViolation.
@Test
void testPublishesPolicyViolation() throws DetectUserFriendlyException {
ExitCodePublisher exitCodePublisher = Mockito.mock(ExitCodePublisher.class);
RapidScanResultAggregator rapidScanResultAggregator = Mockito.mock(RapidScanResultAggregator.class);
RapidModeLogReportOperation op = new RapidModeLogReportOperation(exitCodePublisher, rapidScanResultAggregator);
List<DeveloperScanComponentResultView> results = new LinkedList<>();
DeveloperScanComponentResultView resultView = Mockito.mock(DeveloperScanComponentResultView.class);
results.add(resultView);
RapidScanAggregateResult aggregateResult = Mockito.mock(RapidScanAggregateResult.class);
Mockito.when(rapidScanResultAggregator.aggregateData(results)).thenReturn(aggregateResult);
RapidScanResultSummary summary = Mockito.mock(RapidScanResultSummary.class);
Mockito.when(summary.hasErrors()).thenReturn(true);
Mockito.when(aggregateResult.getSummary()).thenReturn(summary);
Set<String> policyViolationNames = new HashSet<>();
policyViolationNames.add("testPolicy1");
policyViolationNames.add("testPolicy2");
Mockito.when(summary.getPolicyViolationNames()).thenReturn(policyViolationNames);
RapidScanResultSummary returnedSummary = op.perform(results);
assertEquals(summary, returnedSummary);
Mockito.verify(exitCodePublisher, Mockito.times(1)).publishExitCode(Mockito.eq(ExitCodeType.FAILURE_POLICY_VIOLATION), org.mockito.AdditionalMatchers.find(".* 2.*violation.*"));
}
Aggregations