Search in sources :

Example 1 with KeyStoreHelper

use of com.synopsys.integration.blackduck.keystore.KeyStoreHelper in project blackduck-common by blackducksoftware.

the class InstallAndRunSignatureScannerTestIT method testInstallingAndRunningSignatureScanner.

@Test
void testInstallingAndRunningSignatureScanner() throws IOException, InterruptedException, IntegrationException {
    // here, we do not want to automatically trust the server's certificate
    BlackDuckServerConfigBuilder blackDuckServerConfigBuilder = intHttpClientTestHelper.getBlackDuckServerConfigBuilder();
    blackDuckServerConfigBuilder.setTrustCert(false);
    BlackDuckServerConfig blackDuckServerConfig = blackDuckServerConfigBuilder.build();
    File installDirectory = new File(scannerDirectoryPath, "scanner_install");
    File outputDirectory = new File(scannerDirectoryPath, "scanner_output");
    ScanBatch scanBatch = createScanBatch(blackDuckServerConfig, outputDirectory);
    BufferedIntLogger logger = new BufferedIntLogger();
    BlackDuckServicesFactory blackDuckServicesFactory = blackDuckServerConfig.createBlackDuckServicesFactory(logger);
    IntEnvironmentVariables environmentVariables = blackDuckServicesFactory.getEnvironmentVariables();
    OperatingSystemType operatingSystemType = OperatingSystemType.determineFromSystem();
    ExecutorService executorService = BlackDuckServicesFactory.NO_THREAD_EXECUTOR_SERVICE;
    BlackDuckHttpClient blackDuckHttpClient = blackDuckServicesFactory.getBlackDuckHttpClient();
    BlackDuckRegistrationService blackDuckRegistrationService = blackDuckServicesFactory.createBlackDuckRegistrationService();
    CleanupZipExpander cleanupZipExpander = new CleanupZipExpander(logger);
    HttpUrl blackDuckServerUrl = blackDuckHttpClient.getBlackDuckUrl();
    ScanPathsUtility scanPathsUtility = new ScanPathsUtility(logger, environmentVariables, operatingSystemType);
    ScanCommandRunner scanCommandRunner = new ScanCommandRunner(logger, environmentVariables, scanPathsUtility, executorService);
    // first, run a scan with an install that will NOT update the embedded keystore, which should fail
    KeyStoreHelper noOpKeyStoreHelper = new NoOpKeyStoreHelper();
    ScannerZipInstaller installerWithoutKeyStoreManagement = new ScannerZipInstaller(logger, new SignatureScannerClient(blackDuckHttpClient), blackDuckRegistrationService, cleanupZipExpander, scanPathsUtility, noOpKeyStoreHelper, blackDuckServerUrl, operatingSystemType, installDirectory);
    ScanBatchRunner scanBatchRunnerWithout = ScanBatchRunner.createComplete(environmentVariables, scanPathsUtility, scanCommandRunner, installerWithoutKeyStoreManagement);
    SignatureScannerService signatureScannerServiceWithout = blackDuckServicesFactory.createSignatureScannerService(scanBatchRunnerWithout);
    assertScanFailure(logger, blackDuckRegistrationService, signatureScannerServiceWithout, scanBatch);
    // now, delete the failed installation
    FileUtils.deleteDirectory(installDirectory);
    // second, run a scan with an install that DOES update the embedded keystore, which should succeed
    logger.resetAllLogs();
    KeyStoreHelper keyStoreHelper = new KeyStoreHelper(logger);
    ScannerZipInstaller installerWithKeyStoreManagement = new ScannerZipInstaller(logger, new SignatureScannerClient(blackDuckHttpClient), blackDuckRegistrationService, cleanupZipExpander, scanPathsUtility, keyStoreHelper, blackDuckServerUrl, operatingSystemType, installDirectory);
    ScanBatchRunner scanBatchRunnerWith = ScanBatchRunner.createComplete(environmentVariables, scanPathsUtility, scanCommandRunner, installerWithKeyStoreManagement);
    SignatureScannerService signatureScannerServiceWith = blackDuckServicesFactory.createSignatureScannerService(scanBatchRunnerWith);
    assertScanSuccess(logger, signatureScannerServiceWith, scanBatch);
    // finally, verify the code location exists and then delete it to clean up
    CodeLocationService codeLocationService = blackDuckServicesFactory.createCodeLocationService();
    BlackDuckApiClient blackDuckApiClient = blackDuckServicesFactory.getBlackDuckApiClient();
    ResilientJobConfig jobConfig = new ResilientJobConfig(logger, 120, System.currentTimeMillis(), 10);
    WaitJob.waitFor(jobConfig, () -> codeLocationService.getCodeLocationByName(CODE_LOCATION_NAME).isPresent(), "codeLocationTest");
    Optional<CodeLocationView> codeLocationViewOptional = codeLocationService.getCodeLocationByName(CODE_LOCATION_NAME);
    assertTrue(codeLocationViewOptional.isPresent());
    blackDuckApiClient.delete(codeLocationViewOptional.get());
}
Also used : CodeLocationService(com.synopsys.integration.blackduck.service.dataservice.CodeLocationService) BlackDuckServerConfigBuilder(com.synopsys.integration.blackduck.configuration.BlackDuckServerConfigBuilder) SignatureScannerService(com.synopsys.integration.blackduck.codelocation.signaturescanner.SignatureScannerService) KeyStoreHelper(com.synopsys.integration.blackduck.keystore.KeyStoreHelper) ScannerZipInstaller(com.synopsys.integration.blackduck.codelocation.signaturescanner.command.ScannerZipInstaller) BlackDuckServicesFactory(com.synopsys.integration.blackduck.service.BlackDuckServicesFactory) CleanupZipExpander(com.synopsys.integration.util.CleanupZipExpander) CodeLocationView(com.synopsys.integration.blackduck.api.generated.view.CodeLocationView) IntEnvironmentVariables(com.synopsys.integration.util.IntEnvironmentVariables) ScanBatch(com.synopsys.integration.blackduck.codelocation.signaturescanner.ScanBatch) ScanPathsUtility(com.synopsys.integration.blackduck.codelocation.signaturescanner.command.ScanPathsUtility) SignatureScannerClient(com.synopsys.integration.blackduck.http.client.SignatureScannerClient) BlackDuckHttpClient(com.synopsys.integration.blackduck.http.client.BlackDuckHttpClient) BlackDuckApiClient(com.synopsys.integration.blackduck.service.BlackDuckApiClient) BufferedIntLogger(com.synopsys.integration.log.BufferedIntLogger) ScanCommandRunner(com.synopsys.integration.blackduck.codelocation.signaturescanner.command.ScanCommandRunner) HttpUrl(com.synopsys.integration.rest.HttpUrl) BlackDuckServerConfig(com.synopsys.integration.blackduck.configuration.BlackDuckServerConfig) BlackDuckRegistrationService(com.synopsys.integration.blackduck.service.dataservice.BlackDuckRegistrationService) ScanBatchRunner(com.synopsys.integration.blackduck.codelocation.signaturescanner.ScanBatchRunner) OperatingSystemType(com.synopsys.integration.util.OperatingSystemType) ExecutorService(java.util.concurrent.ExecutorService) ResilientJobConfig(com.synopsys.integration.wait.ResilientJobConfig) File(java.io.File) Test(org.junit.jupiter.api.Test)

Example 2 with KeyStoreHelper

use of com.synopsys.integration.blackduck.keystore.KeyStoreHelper in project blackduck-common by blackducksoftware.

the class ScannerZipInstallerTest method testActualDownload.

@Test
void testActualDownload() throws Exception {
    String signatureScannerDownloadPath = TestingPropertyKey.TEST_BLACKDUCK_SIGNATURE_SCANNER_DOWNLOAD_PATH.fromEnvironment();
    String blackDuckUrl = TestingPropertyKey.TEST_BLACK_DUCK_SERVER_URL.fromEnvironment();
    String blackDuckUsername = TestingPropertyKey.TEST_USERNAME.fromEnvironment();
    String blackDuckPassword = TestingPropertyKey.TEST_PASSWORD.fromEnvironment();
    assertTrue(StringUtils.isNotBlank(signatureScannerDownloadPath));
    IntLogger logger = new BufferedIntLogger();
    BlackDuckServerConfigBuilder blackDuckServerConfigBuilder = BlackDuckServerConfig.newCredentialsBuilder();
    blackDuckServerConfigBuilder.setUrl(blackDuckUrl);
    blackDuckServerConfigBuilder.setUsername(blackDuckUsername);
    blackDuckServerConfigBuilder.setPassword(blackDuckPassword);
    blackDuckServerConfigBuilder.setTimeoutInSeconds(120);
    blackDuckServerConfigBuilder.setTrustCert(true);
    blackDuckServerConfigBuilder.setLogger(logger);
    BlackDuckServerConfig blackDuckServerConfig = blackDuckServerConfigBuilder.build();
    BlackDuckHttpClient blackDuckHttpClient = blackDuckServerConfig.createBlackDuckHttpClient(logger);
    BlackDuckServicesFactory blackDuckServicesFactory = blackDuckServerConfig.createBlackDuckServicesFactory(blackDuckHttpClient, logger);
    BlackDuckRegistrationService blackDuckRegistrationService = blackDuckServicesFactory.createBlackDuckRegistrationService();
    OperatingSystemType operatingSystemType = OperatingSystemType.determineFromSystem();
    ScanPathsUtility scanPathsUtility = new ScanPathsUtility(logger, IntEnvironmentVariables.includeSystemEnv(), operatingSystemType);
    CleanupZipExpander cleanupZipExpander = new CleanupZipExpander(logger);
    KeyStoreHelper keyStoreHelper = new KeyStoreHelper(logger);
    File downloadTarget = new File(signatureScannerDownloadPath);
    ScannerZipInstaller scannerZipInstaller = new ScannerZipInstaller(logger, new SignatureScannerClient(blackDuckHttpClient), blackDuckRegistrationService, cleanupZipExpander, scanPathsUtility, keyStoreHelper, new HttpUrl(blackDuckUrl), operatingSystemType, downloadTarget);
    scannerZipInstaller.installOrUpdateScanner();
    ScanPaths scanPaths = scanPathsUtility.searchForScanPaths(downloadTarget);
    assertTrue(scanPaths.isManagedByLibrary());
    assertTrue(StringUtils.isNotBlank(scanPaths.getPathToJavaExecutable()));
    assertTrue(StringUtils.isNotBlank(scanPaths.getPathToOneJar()));
    assertTrue(StringUtils.isNotBlank(scanPaths.getPathToScanExecutable()));
    assertTrue(new File(scanPaths.getPathToJavaExecutable()).canExecute());
    assertTrue(new File(scanPaths.getPathToOneJar()).canExecute());
    assertTrue(new File(scanPaths.getPathToScanExecutable()).canExecute());
}
Also used : BlackDuckServerConfigBuilder(com.synopsys.integration.blackduck.configuration.BlackDuckServerConfigBuilder) BlackDuckHttpClient(com.synopsys.integration.blackduck.http.client.BlackDuckHttpClient) KeyStoreHelper(com.synopsys.integration.blackduck.keystore.KeyStoreHelper) ScannerZipInstaller(com.synopsys.integration.blackduck.codelocation.signaturescanner.command.ScannerZipInstaller) IntLogger(com.synopsys.integration.log.IntLogger) BufferedIntLogger(com.synopsys.integration.log.BufferedIntLogger) BlackDuckServicesFactory(com.synopsys.integration.blackduck.service.BlackDuckServicesFactory) BufferedIntLogger(com.synopsys.integration.log.BufferedIntLogger) HttpUrl(com.synopsys.integration.rest.HttpUrl) BlackDuckServerConfig(com.synopsys.integration.blackduck.configuration.BlackDuckServerConfig) BlackDuckRegistrationService(com.synopsys.integration.blackduck.service.dataservice.BlackDuckRegistrationService) CleanupZipExpander(com.synopsys.integration.util.CleanupZipExpander) OperatingSystemType(com.synopsys.integration.util.OperatingSystemType) ScanPaths(com.synopsys.integration.blackduck.codelocation.signaturescanner.command.ScanPaths) ScanPathsUtility(com.synopsys.integration.blackduck.codelocation.signaturescanner.command.ScanPathsUtility) File(java.io.File) SignatureScannerClient(com.synopsys.integration.blackduck.http.client.SignatureScannerClient) Test(org.junit.jupiter.api.Test)

Example 3 with KeyStoreHelper

use of com.synopsys.integration.blackduck.keystore.KeyStoreHelper in project synopsys-detect by blackducksoftware.

the class CreateScanBatchRunnerWithCustomUrl method createScanBatchRunner.

public ScanBatchRunner createScanBatchRunner(String providedUrl, ConnectionDetails connectionDetails, BlackDuckRegistrationService registrationService, File installDirectory) throws DetectUserFriendlyException {
    logger.debug("Signature scanner will use the provided url to download/update the scanner.");
    HttpUrl baseUrl;
    try {
        baseUrl = new HttpUrl(providedUrl);
    } catch (IntegrationException e) {
        throw new DetectUserFriendlyException("User provided scanner install url could not be parsed: " + providedUrl, e, ExitCodeType.FAILURE_CONFIGURATION);
    }
    CleanupZipExpander cleanupZipExpander = new CleanupZipExpander(slf4jIntLogger);
    SignatureScannerClient signatureScannerClient = new SignatureScannerClient(new SilentIntLogger(), connectionDetails.getGson(), connectionDetails.getTimeout().intValue(), connectionDetails.getAlwaysTrust(), connectionDetails.getProxyInformation());
    KeyStoreHelper keyStoreHelper = new KeyStoreHelper(slf4jIntLogger);
    ScannerZipInstaller scannerZipInstaller = new ScannerZipInstaller(slf4jIntLogger, signatureScannerClient, registrationService, cleanupZipExpander, scanPathsUtility, keyStoreHelper, baseUrl, operatingSystemType, installDirectory);
    return ScanBatchRunner.createComplete(intEnvironmentVariables, scanPathsUtility, scanCommandRunner, scannerZipInstaller);
}
Also used : SilentIntLogger(com.synopsys.integration.log.SilentIntLogger) DetectUserFriendlyException(com.synopsys.integration.detect.configuration.DetectUserFriendlyException) IntegrationException(com.synopsys.integration.exception.IntegrationException) KeyStoreHelper(com.synopsys.integration.blackduck.keystore.KeyStoreHelper) ScannerZipInstaller(com.synopsys.integration.blackduck.codelocation.signaturescanner.command.ScannerZipInstaller) SignatureScannerClient(com.synopsys.integration.blackduck.http.client.SignatureScannerClient) HttpUrl(com.synopsys.integration.rest.HttpUrl) CleanupZipExpander(com.synopsys.integration.util.CleanupZipExpander)

Example 4 with KeyStoreHelper

use of com.synopsys.integration.blackduck.keystore.KeyStoreHelper in project synopsys-detect by blackducksoftware.

the class CreateScanBatchRunnerWithBlackDuck method createScanBatchRunner.

public ScanBatchRunner createScanBatchRunner(BlackDuckServerConfig blackDuckServerConfig, File installDirectory) {
    logger.debug("Signature scanner will use the Black Duck server to download/update the scanner - this is the most likely situation.");
    SignatureScannerLogger slf4jIntLogger = new SignatureScannerLogger(logger);
    ScanPathsUtility scanPathsUtility = new ScanPathsUtility(slf4jIntLogger, intEnvironmentVariables, operatingSystemType);
    ScanCommandRunner scanCommandRunner = new ScanCommandRunner(slf4jIntLogger, intEnvironmentVariables, scanPathsUtility, executorService);
    BlackDuckHttpClient blackDuckHttpClient = blackDuckServerConfig.createBlackDuckHttpClient(slf4jIntLogger);
    CleanupZipExpander cleanupZipExpander = new CleanupZipExpander(slf4jIntLogger);
    SignatureScannerClient signatureScannerClient = new SignatureScannerClient(blackDuckHttpClient);
    BlackDuckRegistrationService blackDuckRegistrationService = blackDuckServerConfig.createBlackDuckServicesFactory(slf4jIntLogger).createBlackDuckRegistrationService();
    KeyStoreHelper keyStoreHelper = new KeyStoreHelper(slf4jIntLogger);
    ScannerZipInstaller scannerZipInstaller = new ScannerZipInstaller(slf4jIntLogger, signatureScannerClient, blackDuckRegistrationService, cleanupZipExpander, scanPathsUtility, keyStoreHelper, blackDuckServerConfig.getBlackDuckUrl(), operatingSystemType, installDirectory);
    return ScanBatchRunner.createComplete(intEnvironmentVariables, scanPathsUtility, scanCommandRunner, scannerZipInstaller);
}
Also used : BlackDuckHttpClient(com.synopsys.integration.blackduck.http.client.BlackDuckHttpClient) KeyStoreHelper(com.synopsys.integration.blackduck.keystore.KeyStoreHelper) ScannerZipInstaller(com.synopsys.integration.blackduck.codelocation.signaturescanner.command.ScannerZipInstaller) SignatureScannerLogger(com.synopsys.integration.detect.tool.signaturescanner.SignatureScannerLogger) ScanPathsUtility(com.synopsys.integration.blackduck.codelocation.signaturescanner.command.ScanPathsUtility) ScanCommandRunner(com.synopsys.integration.blackduck.codelocation.signaturescanner.command.ScanCommandRunner) SignatureScannerClient(com.synopsys.integration.blackduck.http.client.SignatureScannerClient) CleanupZipExpander(com.synopsys.integration.util.CleanupZipExpander) BlackDuckRegistrationService(com.synopsys.integration.blackduck.service.dataservice.BlackDuckRegistrationService)

Example 5 with KeyStoreHelper

use of com.synopsys.integration.blackduck.keystore.KeyStoreHelper in project blackduck-common by blackducksoftware.

the class ScanBatchRunner method createDefault.

public static ScanBatchRunner createDefault(IntLogger logger, BlackDuckHttpClient blackDuckHttpClient, BlackDuckRegistrationService blackDuckRegistrationService, IntEnvironmentVariables intEnvironmentVariables, ScanPathsUtility scanPathsUtility, OperatingSystemType operatingSystemType, ScanCommandRunner scanCommandRunner, File signatureScannerInstallDirectory) {
    CleanupZipExpander cleanupZipExpander = new CleanupZipExpander(logger);
    SignatureScannerClient signatureScannerClient = new SignatureScannerClient(blackDuckHttpClient);
    KeyStoreHelper keyStoreHelper = new KeyStoreHelper(logger);
    ScannerInstaller scannerZipInstaller = new ScannerZipInstaller(logger, signatureScannerClient, blackDuckRegistrationService, cleanupZipExpander, scanPathsUtility, keyStoreHelper, blackDuckHttpClient.getBlackDuckUrl(), operatingSystemType, signatureScannerInstallDirectory);
    return new ScanBatchRunner(intEnvironmentVariables, scanPathsUtility, scanCommandRunner, scannerZipInstaller);
}
Also used : KeyStoreHelper(com.synopsys.integration.blackduck.keystore.KeyStoreHelper) ScannerInstaller(com.synopsys.integration.blackduck.codelocation.signaturescanner.command.ScannerInstaller) ExistingScannerInstaller(com.synopsys.integration.blackduck.codelocation.signaturescanner.command.ExistingScannerInstaller) ScannerZipInstaller(com.synopsys.integration.blackduck.codelocation.signaturescanner.command.ScannerZipInstaller) SignatureScannerClient(com.synopsys.integration.blackduck.http.client.SignatureScannerClient) CleanupZipExpander(com.synopsys.integration.util.CleanupZipExpander)

Aggregations

ScannerZipInstaller (com.synopsys.integration.blackduck.codelocation.signaturescanner.command.ScannerZipInstaller)5 SignatureScannerClient (com.synopsys.integration.blackduck.http.client.SignatureScannerClient)5 KeyStoreHelper (com.synopsys.integration.blackduck.keystore.KeyStoreHelper)5 CleanupZipExpander (com.synopsys.integration.util.CleanupZipExpander)5 ScanPathsUtility (com.synopsys.integration.blackduck.codelocation.signaturescanner.command.ScanPathsUtility)3 BlackDuckHttpClient (com.synopsys.integration.blackduck.http.client.BlackDuckHttpClient)3 BlackDuckRegistrationService (com.synopsys.integration.blackduck.service.dataservice.BlackDuckRegistrationService)3 HttpUrl (com.synopsys.integration.rest.HttpUrl)3 ScanCommandRunner (com.synopsys.integration.blackduck.codelocation.signaturescanner.command.ScanCommandRunner)2 BlackDuckServerConfig (com.synopsys.integration.blackduck.configuration.BlackDuckServerConfig)2 BlackDuckServerConfigBuilder (com.synopsys.integration.blackduck.configuration.BlackDuckServerConfigBuilder)2 BlackDuckServicesFactory (com.synopsys.integration.blackduck.service.BlackDuckServicesFactory)2 BufferedIntLogger (com.synopsys.integration.log.BufferedIntLogger)2 OperatingSystemType (com.synopsys.integration.util.OperatingSystemType)2 File (java.io.File)2 Test (org.junit.jupiter.api.Test)2 CodeLocationView (com.synopsys.integration.blackduck.api.generated.view.CodeLocationView)1 ScanBatch (com.synopsys.integration.blackduck.codelocation.signaturescanner.ScanBatch)1 ScanBatchRunner (com.synopsys.integration.blackduck.codelocation.signaturescanner.ScanBatchRunner)1 SignatureScannerService (com.synopsys.integration.blackduck.codelocation.signaturescanner.SignatureScannerService)1