Example 1 with BomComponent
use of com.synopsys.integration.detect.workflow.blackduck.report.BomComponent in project synopsys-detect by blackducksoftware.
the class RiskReportPdfWriter method writeComponentTable.
private PDRectangle writeComponentTable(float pageWidth, float startingHeight, ReportData reportData) throws IOException, URISyntaxException {
// new Color(221, 221, 221)
float height = startingHeight - 40;
PDRectangle rectangle = pdfManager.writeText(30, height, "BOM Entries " + reportData.getTotalComponents(), font, fontSize, textColor);
// header row
PDRectangle rowRectangle = pdfManager.drawRectangle(10, rectangle.getLowerLeftY() - 22, pageWidth - 20, 18, new Color(221, 221, 221));
float rowY = rowRectangle.getLowerLeftY() + 5;
pdfManager.writeText(50, rowY, "Component", boldFont, 12, textColor);
pdfManager.writeText(190, rowY, "Version", boldFont, 12, textColor);
pdfManager.writeText(310, rowY, "License", boldFont, 12, textColor);
pdfManager.writeText(430, rowY, "C", boldFont, 12, textColor);
pdfManager.writeText(460, rowY, "H", boldFont, 12, textColor);
pdfManager.writeText(490, rowY, "M", boldFont, 12, textColor);
pdfManager.writeText(520, rowY, "L", boldFont, 12, textColor);
pdfManager.writeText(550, rowY, "Opt R", boldFont, 12, textColor);
boolean isOdd = false;
for (BomComponent component : reportData.getComponents()) {
if (null != component) {
rowRectangle = writeComponentRow(pageWidth, rowRectangle.getLowerLeftY(), component, isOdd);
isOdd = !isOdd;
}
}
logger.trace("Finished writing the component table.");
return rowRectangle;
}
Also used :
BomComponent(com.synopsys.integration.detect.workflow.blackduck.report.BomComponent)
PDRectangle(org.apache.pdfbox.pdmodel.common.PDRectangle)
Example 2 with BomComponent
use of com.synopsys.integration.detect.workflow.blackduck.report.BomComponent in project synopsys-detect by blackducksoftware.
the class ReportService method createBomComponentFromBomComponentView.
private BomComponent createBomComponentFromBomComponentView(ProjectVersionComponentVersionView bomEntry) {
BomComponent component = new BomComponent();
component.setComponentName(bomEntry.getComponentName());
component.setComponentURL(bomEntry.getComponent());
component.setComponentVersion(bomEntry.getComponentVersionName());
component.setComponentVersionURL(bomEntry.getComponentVersion());
component.setLicense(bomEntry.getLicenses().get(0).getLicenseDisplay());
component.addSecurityRiskProfile(bomEntry.getSecurityRiskProfile());
component.addLicenseRiskProfile(bomEntry.getLicenseRiskProfile());
component.addOperationalRiskProfile(bomEntry.getOperationalRiskProfile());
return component;
}
Also used :
BomComponent(com.synopsys.integration.detect.workflow.blackduck.report.BomComponent)
Example 3 with BomComponent
use of com.synopsys.integration.detect.workflow.blackduck.report.BomComponent in project synopsys-detect by blackducksoftware.
the class ReportService method getRiskReportData.
public ReportData getRiskReportData(ProjectView project, ProjectVersionView version) throws IntegrationException {
ReportData reportData = new ReportData();
reportData.setProjectName(project.getName());
reportData.setProjectURL(project.getHref().string());
reportData.setProjectVersion(version.getVersionName());
reportData.setProjectVersionURL(getReportVersionUrl(version));
reportData.setPhase(version.getPhase().toString());
reportData.setDistribution(version.getDistribution().toString());
List<BomComponent> components = new ArrayList<>();
logger.trace("Getting the Report Contents using the Aggregate Bom Rest Server");
List<ProjectVersionComponentVersionView> bomEntries;
try {
bomEntries = blackDuckApiClient.getAllResponses(version.metaComponentsLink());
} catch (NoSuchElementException e) {
throw new BlackDuckIntegrationException("BOM could not be read. This is likely because you lack sufficient permissions. Please check your permissions.");
}
HttpUrl originalVersionUrl = version.getHref();
boolean policyFailure = false;
for (ProjectVersionComponentVersionView projectVersionComponentView : bomEntries) {
String policyStatus = projectVersionComponentView.getApprovalStatus().toString();
if (StringUtils.isBlank(policyStatus)) {
HttpUrl componentPolicyStatusURL;
if (!StringUtils.isBlank(projectVersionComponentView.getComponentVersion())) {
componentPolicyStatusURL = getComponentPolicyURL(originalVersionUrl, projectVersionComponentView.getComponentVersion());
} else {
componentPolicyStatusURL = getComponentPolicyURL(originalVersionUrl, projectVersionComponentView.getComponent());
}
if (!policyFailure) {
// FIXME if we could check if Black Duck has the policy module we could remove a lot of the mess
try {
PolicyStatusView bomPolicyStatus = blackDuckApiClient.getResponse(componentPolicyStatusURL, PolicyStatusView.class);
policyStatus = bomPolicyStatus.getApprovalStatus().toString();
} catch (IntegrationException e) {
policyFailure = true;
logger.debug("Could not get the component policy status, the Black Duck policy module is not enabled");
}
}
}
BomComponent component = createBomComponentFromBomComponentView(projectVersionComponentView);
component.setPolicyStatus(policyStatus);
populatePolicyRuleInfo(component, projectVersionComponentView);
components.add(component);
}
reportData.setComponents(components);
LocalDateTime dateTime = getDateTimeOfLatestScanForProjectVersion(version, project.getName());
reportData.setDateTimeOfLatestScan(dateTime);
return reportData;
}
Also used :
LocalDateTime(java.time.LocalDateTime)
BomComponent(com.synopsys.integration.detect.workflow.blackduck.report.BomComponent)
PolicyStatusView(com.synopsys.integration.blackduck.api.generated.deprecated.view.PolicyStatusView)
IntegrationException(com.synopsys.integration.exception.IntegrationException)
BlackDuckIntegrationException(com.synopsys.integration.blackduck.exception.BlackDuckIntegrationException)
BlackDuckIntegrationException(com.synopsys.integration.blackduck.exception.BlackDuckIntegrationException)
ArrayList(java.util.ArrayList)
HttpUrl(com.synopsys.integration.rest.HttpUrl)
ReportData(com.synopsys.integration.detect.workflow.blackduck.report.ReportData)
NoSuchElementException(java.util.NoSuchElementException)
ProjectVersionComponentVersionView(com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView)
Example 4 with BomComponent
use of com.synopsys.integration.detect.workflow.blackduck.report.BomComponent in project synopsys-detect by blackducksoftware.
the class ReportDataTest method testCountsCorrect.
@Test
public void testCountsCorrect() {
List<BomComponent> components = new LinkedList<>();
BomComponent component1 = new BomComponent();
RiskProfileView riskProfileView1 = new RiskProfileView();
List<RiskProfileCountsView> counts1 = new LinkedList<>();
RiskProfileCountsView countsView1 = new RiskProfileCountsView();
countsView1.setCountType(RiskPriorityType.CRITICAL);
countsView1.setCount(new BigDecimal(1));
counts1.add(countsView1);
riskProfileView1.setCounts(counts1);
component1.addSecurityRiskProfile(riskProfileView1);
components.add(component1);
BomComponent component2 = new BomComponent();
RiskProfileView riskProfileView2 = new RiskProfileView();
List<RiskProfileCountsView> counts2 = new LinkedList<>();
RiskProfileCountsView countsView2 = new RiskProfileCountsView();
countsView2.setCountType(RiskPriorityType.HIGH);
countsView2.setCount(new BigDecimal(1));
counts2.add(countsView2);
riskProfileView2.setCounts(counts2);
component2.addSecurityRiskProfile(riskProfileView2);
components.add(component2);
BomComponent component3 = new BomComponent();
RiskProfileView riskProfileView3 = new RiskProfileView();
List<RiskProfileCountsView> counts3 = new LinkedList<>();
RiskProfileCountsView countsView3 = new RiskProfileCountsView();
countsView3.setCountType(RiskPriorityType.CRITICAL);
countsView3.setCount(new BigDecimal(2));
counts3.add(countsView3);
riskProfileView3.setCounts(counts3);
component3.addSecurityRiskProfile(riskProfileView3);
components.add(component3);
BomComponent component4 = new BomComponent();
RiskProfileView riskProfileView4 = new RiskProfileView();
component4.addSecurityRiskProfile(riskProfileView4);
components.add(component4);
ReportData reportData = new ReportData();
reportData.setComponents(components);
Assertions.assertEquals(2, reportData.getVulnerabilityRiskCriticalCount());
Assertions.assertEquals(1, reportData.getVulnerabilityRiskHighCount());
Assertions.assertEquals(0, reportData.getVulnerabilityRiskLowCount());
Assertions.assertEquals(1, reportData.getVulnerabilityRiskNoneCount());
}
Also used :
RiskProfileCountsView(com.synopsys.integration.blackduck.api.generated.component.RiskProfileCountsView)
BomComponent(com.synopsys.integration.detect.workflow.blackduck.report.BomComponent)
RiskProfileView(com.synopsys.integration.blackduck.api.generated.view.RiskProfileView)
ReportData(com.synopsys.integration.detect.workflow.blackduck.report.ReportData)
LinkedList(java.util.LinkedList)
BigDecimal(java.math.BigDecimal)
Test(org.junit.jupiter.api.Test)
Aggregations
BomComponent (com.synopsys.integration.detect.workflow.blackduck.report.BomComponent)4
ReportData (com.synopsys.integration.detect.workflow.blackduck.report.ReportData)2
RiskProfileCountsView (com.synopsys.integration.blackduck.api.generated.component.RiskProfileCountsView)1
PolicyStatusView (com.synopsys.integration.blackduck.api.generated.deprecated.view.PolicyStatusView)1
ProjectVersionComponentVersionView (com.synopsys.integration.blackduck.api.generated.view.ProjectVersionComponentVersionView)1
RiskProfileView (com.synopsys.integration.blackduck.api.generated.view.RiskProfileView)1
BlackDuckIntegrationException (com.synopsys.integration.blackduck.exception.BlackDuckIntegrationException)1
IntegrationException (com.synopsys.integration.exception.IntegrationException)1
HttpUrl (com.synopsys.integration.rest.HttpUrl)1
BigDecimal (java.math.BigDecimal)1
LocalDateTime (java.time.LocalDateTime)1
ArrayList (java.util.ArrayList)1
LinkedList (java.util.LinkedList)1
NoSuchElementException (java.util.NoSuchElementException)1
PDRectangle (org.apache.pdfbox.pdmodel.common.PDRectangle)1
Test (org.junit.jupiter.api.Test)1
