Skip to content

Commit

Permalink
Updated output to display "Source" per provider. Fixed the code for t…
Browse files Browse the repository at this point in the history 
…he pipeline jobs and adjusted the text indentation. (#8)

Signed-off-by: Olga Lavtar <[email protected]>
  • Loading branch information
@olavtar
olavtar authored Jan 15, 2024
1 parent 11abf64 commit 582e75f
Show file tree
Hide file tree
Showing 2 changed files with 97 additions and 129 deletions.
102 changes: 52 additions & 50 deletions src/main/java/redhat/jenkins/plugins/rhda/step/CRDAStep.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,7 @@

import com.redhat.exhort.Api;
import com.redhat.exhort.api.AnalysisReport;
//import com.redhat.exhort.api.DependenciesSummary;
//import com.redhat.exhort.api.ProviderStatus;
//import com.redhat.exhort.api.VulnerabilitiesSummary;
import com.redhat.exhort.api.ProviderReport;
import com.redhat.exhort.impl.ExhortApi;
import hudson.EnvVars;
import hudson.Extension;
Expand Down Expand Up @@ -180,6 +178,25 @@ protected Execution(CRDAStep step, StepContext context) {
System.clearProperty("EXHORT_OSS_INDEX_TOKEN");
}

String crdaUuid;
RHDAGlobalConfig globalConfig = RHDAGlobalConfig.get();
if (globalConfig == null) {
globalConfig = new RHDAGlobalConfig();
}

if (globalConfig.getUuid() == null) {
crdaUuid = UUID.randomUUID().toString();
globalConfig.setUuid(crdaUuid);
} else {
crdaUuid = globalConfig.getUuid();
}
// Setting UUID as System property to send to java-api.
System.setProperty("RHDA-TOKEN", crdaUuid);
System.setProperty("RHDA_SOURCE", "jenkins-plugin");

// flag for telemetry/uuid to pass to backend for SP
System.setProperty("CONSENT_TELEMETRY", String.valueOf(step.getConsentTelemetry()));

} catch (IOException | InterruptedException e) {
e.printStackTrace();
}
Expand All @@ -189,35 +206,11 @@ protected Execution(CRDAStep step, StepContext context) {
protected String run() throws Exception {

PrintStream logger = getContext().get(TaskListener.class).getLogger();
logger.println("Red Hat Dependency Analytics Begin");
String crdaUuid;
logger.println("----- RHDA Analysis Begins -----");
Run run = getContext().get(Run.class);
TaskListener listener = getContext().get(TaskListener.class);
FilePath workspace = getContext().get(FilePath.class);

RHDAGlobalConfig globalConfig = RHDAGlobalConfig.get();
if(RHDAGlobalConfig.get().getUuid() == null){
crdaUuid = UUID.randomUUID().toString();
globalConfig.setUuid(crdaUuid);
}
else{
crdaUuid = RHDAGlobalConfig.get().getUuid();
}
// Setting UUID as System property to send to java-api.
System.setProperty("RHDA-TOKEN", crdaUuid);
System.setProperty("RHDA_SOURCE", "jenkins-plugin");

// flag for telemetry/uuid to pass to backend for SP
System.setProperty("CONSENT_TELEMETRY", String.valueOf(step.getConsentTelemetry()));

// to get build directory
// run.getRootDir().getPath();
// String manifestPath = step.getFile();
// if (manifestPath == null) {
// logger.println("Filepath for the manifest file not provided. Please configure the build properly and retry.");
// return Config.EXIT_FAILED;
// }

Path manifestPath = Paths.get(step.getFile());
if (manifestPath.getParent() == null) {
manifestPath = Paths.get(workspace.child(step.getFile()).toURI());
Expand All @@ -241,7 +234,8 @@ protected String run() throws Exception {

logger.println("Click on the RHDA Stack Report icon to view the detailed report.");
logger.println("----- RHDA Analysis Ends -----");
run.addAction(new CRDAAction(crdaUuid, mixedStackReport.get().json, workspace + "/dependency-analysis-report.html", "pipeline"));
run.addAction(new CRDAAction(System.getProperty("RHDA-TOKEN"), mixedStackReport.get().json, workspace + "/dependency-analysis-report.html", "pipeline"));

// return (mixedStackReport.get().json.getSummary().getVulnerabilities().getTotal()).intValue() == 0 ? Config.EXIT_SUCCESS : Config.EXIT_VULNERABLE;
return Config.EXIT_SUCCESS ;

Expand All @@ -255,27 +249,35 @@ protected String run() throws Exception {

private void processReport(AnalysisReport report, TaskListener listener) throws ExecutionException, InterruptedException {
PrintStream logger = listener.getLogger();
logger.println("Multi source step");
logger.println(report);
// DependenciesSummary dependenciesSummary = report.getSummary().getDependencies();
// VulnerabilitiesSummary vulnerabilitiesSummary = report.getSummary().getVulnerabilities();
// for (ProviderStatus providerStatus : report.getSummary().getProviderStatuses()) {
// if(providerStatus.getStatus() != 200){
// logger.println("WARNING: " + providerStatus.getProvider() + ": " + providerStatus.getMessage());
// }
// }
// logger.println("Summary");
// logger.println(" Dependencies");
// logger.println(" Scanned dependencies: " + dependenciesSummary.getScanned());
// logger.println(" Transitive dependencies: " + dependenciesSummary.getTransitive());
// logger.println(" Vulnerabilities");
// logger.println(" Total: " + vulnerabilitiesSummary.getTotal());
// logger.println(" Direct: " + vulnerabilitiesSummary.getDirect());
// logger.println(" Critical: " + vulnerabilitiesSummary.getCritical());
// logger.println(" High: " + vulnerabilitiesSummary.getHigh());
// logger.println(" Medium: " + vulnerabilitiesSummary.getMedium());
// logger.println(" Low: " + vulnerabilitiesSummary.getLow());
// logger.println("");
logger.println("Dependencies");
logger.println(" Total Scanned: " + report.getScanned().getTotal());
logger.println(" Total Direct: " + report.getScanned().getDirect());
logger.println(" Total Transitive: " + report.getScanned().getTransitive());
Map<String, ProviderReport> providers = report.getProviders();
providers.forEach((key, value) -> {
if (!key.equalsIgnoreCase("trusted-content")) {
logger.println("");
logger.println("Provider: " + key);
logger.println(" Provider Status: " + value.getStatus().getMessage());
if (value.getStatus().getCode() == 200) {
value.getSources().forEach((s, source) -> {
logger.println(" Source: " + s);
if (value.getSources() != null) {
logger.println(" Vulnerabilities");
logger.println(" Total: " + source.getSummary().getTotal());
logger.println(" Direct: " + source.getSummary().getDirect());
logger.println(" Transitive: " + source.getSummary().getTransitive());
logger.println(" Critical: " + source.getSummary().getCritical());
logger.println(" High: " + source.getSummary().getHigh());
logger.println(" Medium: " + source.getSummary().getMedium());
logger.println(" Low: " + source.getSummary().getLow());
logger.println("");
}
});
}
}
});
logger.println("");

Check warning on line 280 in src/main/java/redhat/jenkins/plugins/rhda/step/CRDAStep.java

View check run for this annotation

ci.jenkins.io / Code Coverage

Not covered lines 

Lines 182-280 are not covered by tests
}

private void saveHtmlReport(byte[] html, TaskListener listener, FilePath workspace) throws Exception {
Expand Down
124 changes: 45 additions & 79 deletions src/main/java/redhat/jenkins/plugins/rhda/task/CRDABuilder.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,9 +18,6 @@

import com.redhat.exhort.Api;
import com.redhat.exhort.api.AnalysisReport;
//import com.redhat.exhort.api.DependenciesSummary;
//import com.redhat.exhort.api.ProviderStatus;
//import com.redhat.exhort.api.VulnerabilitiesSummary;
import com.redhat.exhort.api.ProviderReport;
import com.redhat.exhort.impl.ExhortApi;
import hudson.EnvVars;
Expand Down Expand Up @@ -107,82 +104,71 @@ public void perform(Run<?, ?> run, FilePath workspace, EnvVars env, Launcher lau

EnvVars envVars = getEnvVars(run, listener);
System.setProperty("CONSENT_TELEMETRY", String.valueOf(this.getConsentTelemetry()));
if(envVars != null){
if (envVars != null) {
// setting system properties to pass to java-api
if(envVars.get("EXHORT_MVN_PATH") != null ){
if (envVars.get("EXHORT_MVN_PATH") != null) {
System.setProperty("EXHORT_MVN_PATH", envVars.get("EXHORT_MVN_PATH"));
}
else{
} else {
System.clearProperty("EXHORT_MVN_PATH");
}

if(envVars.get("EXHORT_NPM_PATH") != null ){
if (envVars.get("EXHORT_NPM_PATH") != null) {
System.setProperty("EXHORT_NPM_PATH", envVars.get("EXHORT_NPM_PATH"));
}
else{
} else {
System.clearProperty("EXHORT_NPM_PATH");
}

if(envVars.get("EXHORT_GO_PATH") != null ){
if (envVars.get("EXHORT_GO_PATH") != null) {
System.setProperty("EXHORT_GO_PATH", envVars.get("EXHORT_GO_PATH"));
}
else{
} else {
System.clearProperty("EXHORT_GO_PATH");
}

if(envVars.get("EXHORT_URL") != null ){
if (envVars.get("EXHORT_URL") != null) {
System.setProperty("EXHORT_URL", envVars.get("EXHORT_URL"));
}
else{
} else {
System.clearProperty("EXHORT_URL");
}

if(envVars.get("EXHORT_SNYK_TOKEN") != null ){
if (envVars.get("EXHORT_SNYK_TOKEN") != null) {
System.setProperty("EXHORT_SNYK_TOKEN", envVars.get("EXHORT_SNYK_TOKEN"));
}
else {
} else {
System.clearProperty("EXHORT_SNYK_TOKEN");
}

if(envVars.get("EXHORT_PYTHON3_PATH") != null ){
if (envVars.get("EXHORT_PYTHON3_PATH") != null) {
System.setProperty("EXHORT_PYTHON3_PATH", envVars.get("EXHORT_PYTHON3_PATH"));
}
else{
} else {
System.clearProperty("EXHORT_PYTHON3_PATH");
}

if(envVars.get("EXHORT_PIP3_PATH") != null ){
if (envVars.get("EXHORT_PIP3_PATH") != null) {
System.setProperty("EXHORT_PIP3_PATH", envVars.get("EXHORT_PIP3_PATH"));
}
else{
} else {
System.clearProperty("EXHORT_PIP3_PATH");
}

if(envVars.get("EXHORT_PYTHON_PATH") != null ){
if (envVars.get("EXHORT_PYTHON_PATH") != null) {
System.setProperty("EXHORT_PYTHON_PATH", envVars.get("EXHORT_PYTHON_PATH"));
}
else{
} else {
System.clearProperty("EXHORT_PYTHON_PATH");
}

if(envVars.get("EXHORT_PIP_PATH") != null ){
if (envVars.get("EXHORT_PIP_PATH") != null) {
System.setProperty("EXHORT_PIP_PATH", envVars.get("EXHORT_PIP_PATH"));
}
else{
} else {
System.clearProperty("EXHORT_PIP_PATH");
}

if(envVars.get("EXHORT_OSS_INDEX_USER") != null ){
if (envVars.get("EXHORT_OSS_INDEX_USER") != null) {
System.setProperty("EXHORT_OSS_INDEX_USER", envVars.get("EXHORT_OSS_INDEX_USER"));
}
else{
} else {
System.clearProperty("EXHORT_OSS_INDEX_USER");
}

if(envVars.get("EXHORT_OSS_INDEX_TOKEN") != null ){
if (envVars.get("EXHORT_OSS_INDEX_TOKEN") != null) {
System.setProperty("EXHORT_OSS_INDEX_TOKEN", envVars.get("EXHORT_OSS_INDEX_TOKEN"));
}
else{
} else {
System.clearProperty("EXHORT_OSS_INDEX_TOKEN");
}
}
Expand Down Expand Up @@ -220,7 +206,7 @@ public void perform(Run<?, ?> run, FilePath workspace, EnvVars env, Launcher lau
}
}

private EnvVars getEnvVars(Run<?,?> run, TaskListener listener) {
private EnvVars getEnvVars(Run<?, ?> run, TaskListener listener) {
if (run == null || listener == null) {
return null;
}
Expand Down Expand Up @@ -259,55 +245,35 @@ public String getDisplayName() {

private void processReport(AnalysisReport report, TaskListener listener) throws ExecutionException, InterruptedException {
PrintStream logger = listener.getLogger();
logger.println("Summary");
logger.println(" Dependencies");
logger.println(" Total Scanned dependencies: " + report.getScanned().getTotal());
logger.println(" Total Direct dependencies: " + report.getScanned().getDirect());
logger.println(" Transitive dependencies: " + report.getScanned().getTransitive());
logger.println("Dependencies");
logger.println(" Total Scanned: " + report.getScanned().getTotal());
logger.println(" Total Direct: " + report.getScanned().getDirect());
logger.println(" Total Transitive: " + report.getScanned().getTransitive());
Map<String, ProviderReport> providers = report.getProviders();
providers.forEach((key, value) -> {
if(!key.equalsIgnoreCase("trusted-content")) {
if (!key.equalsIgnoreCase("trusted-content")) {
logger.println("");
logger.println("Provider: " + key);
if (value.getStatus().getCode() != 200) {
logger.println("WARNING: " + key + ": " + value.getStatus().getMessage());
}
if (value.getSources() != null) {
logger.println(" Vulnerabilities");
logger.println(" Total: " + value.getSources().get(key).getSummary().getTotal());
logger.println(" Direct: " + value.getSources().get(key).getSummary().getDirect());
logger.println(" Transitive: " + value.getSources().get(key).getSummary().getTransitive());
logger.println(" Critical: " + value.getSources().get(key).getSummary().getCritical());
logger.println(" High: " + value.getSources().get(key).getSummary().getHigh());
logger.println(" Medium: " + value.getSources().get(key).getSummary().getMedium());
logger.println(" Low: " + value.getSources().get(key).getSummary().getLow());
logger.println("");
logger.println(" Provider Status: " + value.getStatus().getMessage());
if (value.getStatus().getCode() == 200) {
value.getSources().forEach((s, source) -> {
logger.println(" Source: " + s);
if (value.getSources() != null) {
logger.println(" Vulnerabilities");
logger.println(" Total: " + source.getSummary().getTotal());
logger.println(" Direct: " + source.getSummary().getDirect());
logger.println(" Transitive: " + source.getSummary().getTransitive());
logger.println(" Critical: " + source.getSummary().getCritical());
logger.println(" High: " + source.getSummary().getHigh());
logger.println(" Medium: " + source.getSummary().getMedium());
logger.println(" Low: " + source.getSummary().getLow());
logger.println("");
}
});

Check warning on line 272 in src/main/java/redhat/jenkins/plugins/rhda/task/CRDABuilder.java

View check run for this annotation

ci.jenkins.io / Code Coverage

Not covered lines 

Lines 249-272 are not covered by tests
}
}
});

logger.println("");

// logger.println(report);
// DependenciesSummary dependenciesSummary = report.getSummary().getDependencies();
// VulnerabilitiesSummary vulnerabilitiesSummary = report.getSummary().getVulnerabilities();
// for (ProviderStatus providerStatus : report.getSummary().getProviderStatuses()) {
// if(providerStatus.getStatus() != 200){
// logger.println("WARNING: " + providerStatus.getProvider() + ": " + providerStatus.getMessage());
// }
// }
// logger.println("Summary");
// logger.println(" Dependencies");
// logger.println(" Scanned dependencies: " + dependenciesSummary.getScanned());
// logger.println(" Transitive dependencies: " + dependenciesSummary.getTransitive());
// logger.println(" Vulnerabilities");
// logger.println(" Total: " + vulnerabilitiesSummary.getTotal());
// logger.println(" Direct: " + vulnerabilitiesSummary.getDirect());
// logger.println(" Critical: " + vulnerabilitiesSummary.getCritical());
// logger.println(" High: " + vulnerabilitiesSummary.getHigh());
// logger.println(" Medium: " + vulnerabilitiesSummary.getMedium());
// logger.println(" Low: " + vulnerabilitiesSummary.getLow());
// logger.println("");
}

private void saveHtmlReport(byte[] html, TaskListener listener, FilePath workspace) throws IOException, InterruptedException {
Expand Down

0 comments on commit 582e75f

Please sign in to comment.