use of io.grafeas.v1.Occurrence in project java-docs-samples by GoogleCloudPlatform.
the class SamplesTest method testOccurrencesForImage.
@Test
public void testOccurrencesForImage() throws Exception {
int newCount;
int tries = 0;
int origCount = OccurrencesForImage.getOccurrencesForImage(imageUrl, PROJECT_ID);
final Occurrence o = CreateOccurrence.createOccurrence(imageUrl, noteId, PROJECT_ID, PROJECT_ID);
do {
newCount = OccurrencesForImage.getOccurrencesForImage(imageUrl, PROJECT_ID);
sleep(SLEEP_TIME);
tries += 1;
} while (newCount != 1 && tries < TRY_LIMIT);
assertEquals(1, newCount);
assertEquals(0, origCount);
// clean up
String[] nameArr = o.getName().split("/");
String occId = nameArr[nameArr.length - 1];
DeleteOccurrence.deleteOccurrence(occId, PROJECT_ID);
}
use of io.grafeas.v1.Occurrence in project java-docs-samples by GoogleCloudPlatform.
the class SamplesTest method testFindHighSeverityVulnerabilitiesForImage.
@Test
public void testFindHighSeverityVulnerabilitiesForImage() throws Exception {
// check before creation
List<Occurrence> result = HighVulnerabilitiesForImage.findHighSeverityVulnerabilitiesForImage(imageUrl, PROJECT_ID);
assertEquals(0, result.size());
// create low severity occurrence
Occurrence low;
low = CreateOccurrence.createOccurrence(imageUrl, noteId, PROJECT_ID, PROJECT_ID);
result = HighVulnerabilitiesForImage.findHighSeverityVulnerabilitiesForImage(imageUrl, PROJECT_ID);
assertEquals(0, result.size());
// create high severity note
Note newNote = Note.newBuilder().setVulnerability(VulnerabilityNote.newBuilder().setSeverity(Severity.CRITICAL).addDetails(VulnerabilityNote.Detail.newBuilder().setAffectedCpeUri("your-uri-here").setAffectedPackage("your-package-here").setAffectedVersionStart(Version.newBuilder().setKind(Version.VersionKind.MINIMUM)).setAffectedVersionEnd(Version.newBuilder().setKind(Version.VersionKind.MAXIMUM)))).build();
String vulnNoteId = "severe-note-" + (new Date()).getTime();
ContainerAnalysisClient client = ContainerAnalysisClient.create();
client.getGrafeasClient().createNote(ProjectName.format(PROJECT_ID), vulnNoteId, newNote);
// create high severity occurrence
Occurrence critical = Occurrence.newBuilder().setNoteName(NoteName.of(PROJECT_ID, vulnNoteId).toString()).setResourceUri(imageUrl).setVulnerability(VulnerabilityOccurrence.newBuilder().setEffectiveSeverity(Severity.CRITICAL).addPackageIssue(PackageIssue.newBuilder().setAffectedCpeUri("your-uri-here").setAffectedPackage("your-package-here").setAffectedVersion(Version.newBuilder().setKind(Version.VersionKind.MINIMUM)).setFixedVersion(Version.newBuilder().setKind(Version.VersionKind.MAXIMUM)))).build();
critical = client.getGrafeasClient().createOccurrence(ProjectName.format(PROJECT_ID), critical);
// check again
int tries = 0;
do {
result = HighVulnerabilitiesForImage.findHighSeverityVulnerabilitiesForImage(imageUrl, PROJECT_ID);
sleep(SLEEP_TIME);
tries += 1;
} while (result.size() != 1 && tries < TRY_LIMIT);
assertEquals(1, result.size());
// clean up
String[] lowNameArr = low.getName().split("/");
String lowId = lowNameArr[lowNameArr.length - 1];
DeleteOccurrence.deleteOccurrence(lowId, PROJECT_ID);
String[] nameArr = critical.getName().split("/");
String occId = nameArr[nameArr.length - 1];
DeleteOccurrence.deleteOccurrence(occId, PROJECT_ID);
DeleteNote.deleteNote(vulnNoteId, PROJECT_ID);
}
use of io.grafeas.v1.Occurrence in project java-docs-samples by GoogleCloudPlatform.
the class VulnerabilityFunctionTest method testAccept.
@Test
public void testAccept() throws IOException {
AtomicInteger occurrenceCallCount = new AtomicInteger();
Mockito.when(grafeasStub.getOccurrenceCallable()).thenReturn(new UnaryCallable<>() {
@Override
public ApiFuture<Occurrence> futureCall(GetOccurrenceRequest request, ApiCallContext context) {
occurrenceCallCount.incrementAndGet();
return ApiFutures.immediateFuture(Occurrence.newBuilder().setKind(NoteKind.VULNERABILITY).setResourceUri("gcr.io/test-project/some-image").setVulnerability(VulnerabilityOccurrence.newBuilder().setSeverity(Severity.CRITICAL).setShortDescription("CVE-CRITICAL").build()).build());
}
});
VulnerabilityFunction function = new VulnerabilityFunction(containerAnalysisClient);
String notificationPayload = "{\"name\":\"projects/test-project/occurrences/some-uuid\",\"kind\":\"VULNERABILITY\"," + "\"notificationTime\":\"2020-09-04T00:38:25.575543Z\"}";
PubSubMessage msg = new PubSubMessage();
msg.setData(Base64.getEncoder().encodeToString(notificationPayload.getBytes(StandardCharsets.UTF_8)));
function.accept(msg, null);
Assert.assertEquals(1, occurrenceCallCount.get());
}
use of io.grafeas.v1.Occurrence in project java-docs-samples by GoogleCloudPlatform.
the class CreateOccurrence method createOccurrence.
// Creates and returns a new vulnerability Occurrence associated with an existing Note
public static Occurrence createOccurrence(String resourceUrl, String noteId, String occProjectId, String noteProjectId) throws IOException, InterruptedException {
// String resourceUrl = "https://gcr.io/project/image@sha256:123";
// String noteId = "my-note";
// String occProjectId = "my-project-id";
// String noteProjectId = "my-project-id";
final NoteName noteName = NoteName.of(noteProjectId, noteId);
final String occProjectName = ProjectName.format(occProjectId);
Occurrence newOcc = Occurrence.newBuilder().setNoteName(noteName.toString()).setResourceUri(resourceUrl).setVulnerability(VulnerabilityOccurrence.newBuilder().addPackageIssue(PackageIssue.newBuilder().setAffectedCpeUri("your-uri-here").setAffectedPackage("your-package-here").setAffectedVersion(Version.newBuilder().setKind(Version.VersionKind.MINIMUM)).setFixedVersion(Version.newBuilder().setKind(Version.VersionKind.MAXIMUM)))).build();
// Initialize client that will be used to send requests. After completing all of your requests,
// call the "close" method on the client to safely clean up any remaining background resources.
GrafeasClient client = ContainerAnalysisClient.create().getGrafeasClient();
Occurrence result = client.createOccurrence(occProjectName, newOcc);
return result;
}
use of io.grafeas.v1.Occurrence in project java-docs-samples by GoogleCloudPlatform.
the class DeleteOccurrence method deleteOccurrence.
// Deletes an existing Occurrence from the server
public static void deleteOccurrence(String occurrenceId, String projectId) throws IOException, InterruptedException {
// String occurrenceId = "123-456-789";
// String projectId = "my-project-id";
final OccurrenceName occurrenceName = OccurrenceName.of(projectId, occurrenceId);
// Initialize client that will be used to send requests. After completing all of your requests,
// call the "close" method on the client to safely clean up any remaining background resources.
GrafeasClient client = ContainerAnalysisClient.create().getGrafeasClient();
client.deleteOccurrence(occurrenceName);
}
Aggregations