Examples with ReportData com.synopsys.integration.detect.workflow.blackduck.report.ReportData used on opensource projects

Example 1 with ReportData

use of com.synopsys.integration.detect.workflow.blackduck.report.ReportData in project synopsys-detect by blackducksoftware.

the class ReportService method getRiskReportData.

public ReportData getRiskReportData(ProjectView project, ProjectVersionView version) throws IntegrationException {
    ReportData reportData = new ReportData();
    reportData.setProjectName(project.getName());
    reportData.setProjectURL(project.getHref().string());
    reportData.setProjectVersion(version.getVersionName());
    reportData.setProjectVersionURL(getReportVersionUrl(version));
    reportData.setPhase(version.getPhase().toString());
    reportData.setDistribution(version.getDistribution().toString());
    List<BomComponent> components = new ArrayList<>();
    logger.trace("Getting the Report Contents using the Aggregate Bom Rest Server");
    List<ProjectVersionComponentVersionView> bomEntries;
    try {
        bomEntries = blackDuckApiClient.getAllResponses(version.metaComponentsLink());
    } catch (NoSuchElementException e) {
        throw new BlackDuckIntegrationException("BOM could not be read.  This is likely because you lack sufficient permissions.  Please check your permissions.");
    }
    HttpUrl originalVersionUrl = version.getHref();
    boolean policyFailure = false;
    for (ProjectVersionComponentVersionView projectVersionComponentView : bomEntries) {
        String policyStatus = projectVersionComponentView.getApprovalStatus().toString();
        if (StringUtils.isBlank(policyStatus)) {
            HttpUrl componentPolicyStatusURL;
            if (!StringUtils.isBlank(projectVersionComponentView.getComponentVersion())) {
                componentPolicyStatusURL = getComponentPolicyURL(originalVersionUrl, projectVersionComponentView.getComponentVersion());
            } else {
                componentPolicyStatusURL = getComponentPolicyURL(originalVersionUrl, projectVersionComponentView.getComponent());
            }
            if (!policyFailure) {
                // FIXME if we could check if Black Duck has the policy module we could remove a lot of the mess
                try {
                    PolicyStatusView bomPolicyStatus = blackDuckApiClient.getResponse(componentPolicyStatusURL, PolicyStatusView.class);
                    policyStatus = bomPolicyStatus.getApprovalStatus().toString();
                } catch (IntegrationException e) {
                    policyFailure = true;
                    logger.debug("Could not get the component policy status, the Black Duck policy module is not enabled");
                }
            }
        }
        BomComponent component = createBomComponentFromBomComponentView(projectVersionComponentView);
        component.setPolicyStatus(policyStatus);
        populatePolicyRuleInfo(component, projectVersionComponentView);
        components.add(component);
    }
    reportData.setComponents(components);
    LocalDateTime dateTime = getDateTimeOfLatestScanForProjectVersion(version, project.getName());
    reportData.setDateTimeOfLatestScan(dateTime);
    return reportData;
}

Example 2 with ReportData

use of com.synopsys.integration.detect.workflow.blackduck.report.ReportData in project synopsys-detect by blackducksoftware.

the class ReportDataTest method testCountsCorrect.

@Test
public void testCountsCorrect() {
    List<BomComponent> components = new LinkedList<>();
    BomComponent component1 = new BomComponent();
    RiskProfileView riskProfileView1 = new RiskProfileView();
    List<RiskProfileCountsView> counts1 = new LinkedList<>();
    RiskProfileCountsView countsView1 = new RiskProfileCountsView();
    countsView1.setCountType(RiskPriorityType.CRITICAL);
    countsView1.setCount(new BigDecimal(1));
    counts1.add(countsView1);
    riskProfileView1.setCounts(counts1);
    component1.addSecurityRiskProfile(riskProfileView1);
    components.add(component1);
    BomComponent component2 = new BomComponent();
    RiskProfileView riskProfileView2 = new RiskProfileView();
    List<RiskProfileCountsView> counts2 = new LinkedList<>();
    RiskProfileCountsView countsView2 = new RiskProfileCountsView();
    countsView2.setCountType(RiskPriorityType.HIGH);
    countsView2.setCount(new BigDecimal(1));
    counts2.add(countsView2);
    riskProfileView2.setCounts(counts2);
    component2.addSecurityRiskProfile(riskProfileView2);
    components.add(component2);
    BomComponent component3 = new BomComponent();
    RiskProfileView riskProfileView3 = new RiskProfileView();
    List<RiskProfileCountsView> counts3 = new LinkedList<>();
    RiskProfileCountsView countsView3 = new RiskProfileCountsView();
    countsView3.setCountType(RiskPriorityType.CRITICAL);
    countsView3.setCount(new BigDecimal(2));
    counts3.add(countsView3);
    riskProfileView3.setCounts(counts3);
    component3.addSecurityRiskProfile(riskProfileView3);
    components.add(component3);
    BomComponent component4 = new BomComponent();
    RiskProfileView riskProfileView4 = new RiskProfileView();
    component4.addSecurityRiskProfile(riskProfileView4);
    components.add(component4);
    ReportData reportData = new ReportData();
    reportData.setComponents(components);
    Assertions.assertEquals(2, reportData.getVulnerabilityRiskCriticalCount());
    Assertions.assertEquals(1, reportData.getVulnerabilityRiskHighCount());
    Assertions.assertEquals(0, reportData.getVulnerabilityRiskLowCount());
    Assertions.assertEquals(1, reportData.getVulnerabilityRiskNoneCount());
}