Examples with Occurrence io.grafeas.v1beta1.Occurrence used on opensource projects

Example 6 with Occurrence

use of io.grafeas.v1beta1.Occurrence in project java-docs-samples by GoogleCloudPlatform.

the class SamplesTest method testOccurrencesForImage.

@Test
public void testOccurrencesForImage() throws Exception {
    int newCount;
    int tries = 0;
    int origCount = OccurrencesForImage.getOccurrencesForImage(imageUrl, PROJECT_ID);
    final Occurrence o = CreateOccurrence.createOccurrence(imageUrl, noteId, PROJECT_ID, PROJECT_ID);
    do {
        newCount = OccurrencesForImage.getOccurrencesForImage(imageUrl, PROJECT_ID);
        sleep(SLEEP_TIME);
        tries += 1;
    } while (newCount != 1 && tries < TRY_LIMIT);
    assertEquals(1, newCount);
    assertEquals(0, origCount);
    // clean up
    String[] nameArr = o.getName().split("/");
    String occId = nameArr[nameArr.length - 1];
    DeleteOccurrence.deleteOccurrence(occId, PROJECT_ID);
}

Example 7 with Occurrence

use of io.grafeas.v1beta1.Occurrence in project java-docs-samples by GoogleCloudPlatform.

the class SamplesTest method testFindHighSeverityVulnerabilitiesForImage.

@Test
public void testFindHighSeverityVulnerabilitiesForImage() throws Exception {
    // check before creation
    List<Occurrence> result = HighVulnerabilitiesForImage.findHighSeverityVulnerabilitiesForImage(imageUrl, PROJECT_ID);
    assertEquals(0, result.size());
    // create low severity occurrence
    Occurrence low;
    low = CreateOccurrence.createOccurrence(imageUrl, noteId, PROJECT_ID, PROJECT_ID);
    result = HighVulnerabilitiesForImage.findHighSeverityVulnerabilitiesForImage(imageUrl, PROJECT_ID);
    assertEquals(0, result.size());
    // create high severity note
    Note newNote = Note.newBuilder().setVulnerability(VulnerabilityNote.newBuilder().setSeverity(Severity.CRITICAL).addDetails(VulnerabilityNote.Detail.newBuilder().setAffectedCpeUri("your-uri-here").setAffectedPackage("your-package-here").setAffectedVersionStart(Version.newBuilder().setKind(Version.VersionKind.MINIMUM)).setAffectedVersionEnd(Version.newBuilder().setKind(Version.VersionKind.MAXIMUM)))).build();
    String vulnNoteId = "severe-note-" + (new Date()).getTime();
    ContainerAnalysisClient client = ContainerAnalysisClient.create();
    client.getGrafeasClient().createNote(ProjectName.format(PROJECT_ID), vulnNoteId, newNote);
    // create high severity occurrence
    Occurrence critical = Occurrence.newBuilder().setNoteName(NoteName.of(PROJECT_ID, vulnNoteId).toString()).setResourceUri(imageUrl).setVulnerability(VulnerabilityOccurrence.newBuilder().setEffectiveSeverity(Severity.CRITICAL).addPackageIssue(PackageIssue.newBuilder().setAffectedCpeUri("your-uri-here").setAffectedPackage("your-package-here").setAffectedVersion(Version.newBuilder().setKind(Version.VersionKind.MINIMUM)).setFixedVersion(Version.newBuilder().setKind(Version.VersionKind.MAXIMUM)))).build();
    critical = client.getGrafeasClient().createOccurrence(ProjectName.format(PROJECT_ID), critical);
    // check again
    int tries = 0;
    do {
        result = HighVulnerabilitiesForImage.findHighSeverityVulnerabilitiesForImage(imageUrl, PROJECT_ID);
        sleep(SLEEP_TIME);
        tries += 1;
    } while (result.size() != 1 && tries < TRY_LIMIT);
    assertEquals(1, result.size());
    // clean up
    String[] lowNameArr = low.getName().split("/");
    String lowId = lowNameArr[lowNameArr.length - 1];
    DeleteOccurrence.deleteOccurrence(lowId, PROJECT_ID);
    String[] nameArr = critical.getName().split("/");
    String occId = nameArr[nameArr.length - 1];
    DeleteOccurrence.deleteOccurrence(occId, PROJECT_ID);
    DeleteNote.deleteNote(vulnNoteId, PROJECT_ID);
}

Example 8 with Occurrence

use of io.grafeas.v1beta1.Occurrence in project java-docs-samples by GoogleCloudPlatform.

the class CreateOccurrence method createOccurrence.

// Creates and returns a new vulnerability Occurrence associated with an existing Note
public static Occurrence createOccurrence(String resourceUrl, String noteId, String occProjectId, String noteProjectId) throws IOException, InterruptedException {
    // String resourceUrl = "https://gcr.io/project/image@sha256:123";
    // String noteId = "my-note";
    // String occProjectId = "my-project-id";
    // String noteProjectId = "my-project-id";
    final NoteName noteName = NoteName.of(noteProjectId, noteId);
    final String occProjectName = ProjectName.format(occProjectId);
    Occurrence newOcc = Occurrence.newBuilder().setNoteName(noteName.toString()).setResourceUri(resourceUrl).setVulnerability(VulnerabilityOccurrence.newBuilder().addPackageIssue(PackageIssue.newBuilder().setAffectedCpeUri("your-uri-here").setAffectedPackage("your-package-here").setAffectedVersion(Version.newBuilder().setKind(Version.VersionKind.MINIMUM)).setFixedVersion(Version.newBuilder().setKind(Version.VersionKind.MAXIMUM)))).build();
    // Initialize client that will be used to send requests. After completing all of your requests,
    // call the "close" method on the client to safely clean up any remaining background resources.
    GrafeasClient client = ContainerAnalysisClient.create().getGrafeasClient();
    Occurrence result = client.createOccurrence(occProjectName, newOcc);
    return result;
}

Example 9 with Occurrence

use of io.grafeas.v1beta1.Occurrence in project java-docs-samples by GoogleCloudPlatform.

the class HighVulnerabilitiesForImage method findHighSeverityVulnerabilitiesForImage.

// Retrieve a list of vulnerability occurrences with a severity level of 'HIGH' or greater
public static List<Occurrence> findHighSeverityVulnerabilitiesForImage(String resourceUrl, String projectId) throws IOException {
    // String resourceUrl = "https://gcr.io/project/image@sha256:123";
    // String projectId = "my-project-id";
    final String projectName = ProjectName.format(projectId);
    String filterStr = String.format("kind=\"VULNERABILITY\" AND resourceUrl=\"%s\"", resourceUrl);
    // Initialize client that will be used to send requests. After completing all of your requests,
    // call the "close" method on the client to safely clean up any remaining background resources.
    GrafeasClient client = ContainerAnalysisClient.create().getGrafeasClient();
    LinkedList<Occurrence> vulnerabilitylist = new LinkedList<Occurrence>();
    for (Occurrence o : client.listOccurrences(projectName, filterStr).iterateAll()) {
        Severity severity = o.getVulnerability().getEffectiveSeverity();
        if (severity == Severity.HIGH || severity == Severity.CRITICAL) {
            vulnerabilitylist.add(o);
        }
    }
    return vulnerabilitylist;
}

Example 10 with Occurrence

use of io.grafeas.v1beta1.Occurrence in project java-docs-samples by GoogleCloudPlatform.

the class OccurrencesForNote method getOccurrencesForNote.

// Retrieves all the Occurrences associated with a specified Note
// Here, all Occurrences are printed and counted
public static int getOccurrencesForNote(String noteId, String projectId) throws IOException, InterruptedException {
    // String noteId = "my-note";
    // String projectId = "my-project-id";
    final NoteName noteName = NoteName.of(projectId, noteId);
    ListNoteOccurrencesRequest request = ListNoteOccurrencesRequest.newBuilder().setName(noteName.toString()).build();
    // Initialize client that will be used to send requests. After completing all of your requests,
    // call the "close" method on the client to safely clean up any remaining background resources.
    GrafeasClient client = ContainerAnalysisClient.create().getGrafeasClient();
    int i = 0;
    for (Occurrence o : client.listNoteOccurrences(request).iterateAll()) {
        // Write custom code to process each Occurrence here
        System.out.println(o.getName());
        i = i + 1;
    }
    return i;
}