use of io.grafeas.v1.Occurrence in project java-docs-samples by GoogleCloudPlatform.
the class PollDiscoveryOccurrenceFinished method pollDiscoveryOccurrenceFinished.
// Repeatedly query the Container Analysis API for the latest discovery occurrence until it is
// either in a terminal state, or the timeout value has been exceeded
public static Occurrence pollDiscoveryOccurrenceFinished(String resourceUrl, String projectId, long timeoutSeconds) throws IOException, TimeoutException, InterruptedException {
// String resourceUrl = "https://gcr.io/project/image@sha256:123";
// String projectId = "my-project-id";
// long timeoutSeconds = 30;
final String projectName = ProjectName.format(projectId);
long deadline = System.currentTimeMillis() + timeoutSeconds * 1000;
// Initialize client that will be used to send requests. After completing all of your requests,
// call the "close" method on the client to safely clean up any remaining background resources.
GrafeasClient client = ContainerAnalysisClient.create().getGrafeasClient();
// find the discovery occurrence using a filter string
Occurrence discoveryOccurrence = null;
// vulbnerability discovery occurrences are always associated with the
// PACKAGE_VULNERABILITY note in the "goog-analysis" GCP project
String filter = String.format("resourceUrl=\"%s\" AND noteProjectId=\"%s\" AND noteId=\"%s\"", resourceUrl, "goog-analysis", "PACKAGE_VULNERABILITY");
// [END containeranalysis_poll_discovery_occurrence_finished]
// the above filter isn't testable, since it looks for occurrences in a locked down project
// fall back to a more permissive filter for testing
filter = String.format("kind=\"DISCOVERY\" AND resourceUrl=\"%s\"", resourceUrl);
// [START containeranalysis_poll_discovery_occurrence_finished]
while (discoveryOccurrence == null) {
for (Occurrence o : client.listOccurrences(projectName, filter).iterateAll()) {
if (o.getDiscovery() != null) {
// there should be only one valid discovery occurrence returned by the given filter
discoveryOccurrence = o;
}
}
TimeUnit.SECONDS.sleep(1);
// check for timeout
if (System.currentTimeMillis() > deadline) {
throw new TimeoutException("discovery occurrence not found");
}
}
// wait for discovery occurrence to enter a terminal state
AnalysisStatus status = AnalysisStatus.PENDING;
while (status != AnalysisStatus.FINISHED_SUCCESS && status != AnalysisStatus.FINISHED_FAILED && status != AnalysisStatus.FINISHED_UNSUPPORTED) {
// update the occurrence state
discoveryOccurrence = client.getOccurrence(discoveryOccurrence.getName());
status = discoveryOccurrence.getDiscovery().getAnalysisStatus();
TimeUnit.SECONDS.sleep(1);
// check for timeout
if (System.currentTimeMillis() > deadline) {
throw new TimeoutException("discovery occurrence not in terminal state");
}
}
return discoveryOccurrence;
}
use of io.grafeas.v1.Occurrence in project java-docs-samples by GoogleCloudPlatform.
the class VulnerabilityOccurrencesForImage method findVulnerabilityOccurrencesForImage.
// Retrieve a list of vulnerability occurrences assoviated with a resource
public static List<Occurrence> findVulnerabilityOccurrencesForImage(String resourceUrl, String projectId) throws IOException {
// String resourceUrl = "https://gcr.io/project/image@sha256:123";
// String projectId = "my-project-id";
final String projectName = ProjectName.format(projectId);
String filterStr = String.format("kind=\"VULNERABILITY\" AND resourceUrl=\"%s\"", resourceUrl);
// Initialize client that will be used to send requests. After completing all of your requests,
// call the "close" method on the client to safely clean up any remaining background resources.
GrafeasClient client = ContainerAnalysisClient.create().getGrafeasClient();
LinkedList<Occurrence> vulnerabilitylist = new LinkedList<Occurrence>();
for (Occurrence o : client.listOccurrences(projectName, filterStr).iterateAll()) {
vulnerabilitylist.add(o);
}
return vulnerabilitylist;
}
use of io.grafeas.v1.Occurrence in project java-docs-samples by GoogleCloudPlatform.
the class VulnerabilityFunction method accept.
@Override
public void accept(PubSubMessage payload, Context context) {
String json = new String(Base64.getDecoder().decode(payload.getData()), StandardCharsets.UTF_8);
OccurrenceNotification notification = gson.fromJson(json, OccurrenceNotification.class);
// Retrieve the occurrence detials from the notification
// https://cloud.google.com/container-registry/docs/reference/rest/v1/projects.occurrences#Occurrence
Occurrence occurrence = grafeasClient.getOccurrence(notification.getName());
// If the occurence is a vulnerability, output the log line base on severity
if (NoteKind.VULNERABILITY.equals(occurrence.getKind())) {
VulnerabilityOccurrence vulnerability = occurrence.getVulnerability();
if (vulnerability.getSeverity().getNumber() >= Severity.HIGH_VALUE) {
logger.warning(String.format("Image: %s, CVE: %s, Severity: %s", occurrence.getResourceUri(), vulnerability.getShortDescription(), vulnerability.getSeverity()));
}
}
}
use of io.grafeas.v1.Occurrence in project java-containeranalysis by googleapis.
the class GrafeasV1Beta1ClientTest method createOccurrenceExceptionTest.
@Test
@SuppressWarnings("all")
public void createOccurrenceExceptionTest() throws Exception {
StatusRuntimeException exception = new StatusRuntimeException(Status.INVALID_ARGUMENT);
mockGrafeasV1Beta1.addException(exception);
try {
ProjectName parent = ProjectName.of("[PROJECT]");
Occurrence occurrence = Occurrence.newBuilder().build();
client.createOccurrence(parent, occurrence);
Assert.fail("No exception raised");
} catch (InvalidArgumentException e) {
// Expected exception
}
}
use of io.grafeas.v1.Occurrence in project java-containeranalysis by googleapis.
the class GrafeasV1Beta1ClientTest method getOccurrenceTest.
@Test
@SuppressWarnings("all")
public void getOccurrenceTest() {
String name2 = "name2-1052831874";
String noteName = "noteName1780787896";
String remediation = "remediation779381797";
Occurrence expectedResponse = Occurrence.newBuilder().setName(name2).setNoteName(noteName).setRemediation(remediation).build();
mockGrafeasV1Beta1.addResponse(expectedResponse);
OccurrenceName name = OccurrenceName.of("[PROJECT]", "[OCCURRENCE]");
Occurrence actualResponse = client.getOccurrence(name);
Assert.assertEquals(expectedResponse, actualResponse);
List<AbstractMessage> actualRequests = mockGrafeasV1Beta1.getRequests();
Assert.assertEquals(1, actualRequests.size());
GetOccurrenceRequest actualRequest = (GetOccurrenceRequest) actualRequests.get(0);
Assert.assertEquals(name, OccurrenceName.parse(actualRequest.getName()));
Assert.assertTrue(channelProvider.isHeaderSent(ApiClientHeaderProvider.getDefaultApiClientHeaderKey(), GaxGrpcProperties.getDefaultApiClientHeaderPattern()));
}
Aggregations