All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.hp.octane.integrations.services.vulnerabilities.sonar.SonarToOctaneIssueUtil Maven / Gradle / Ivy

There is a newer version: 2.24.3.5
Show newest version
/*
 *     Copyright 2017 EntIT Software LLC, a Micro Focus company, L.P.
 *     Licensed under the Apache License, Version 2.0 (the "License");
 *     you may not use this file except in compliance with the License.
 *     You may obtain a copy of the License at
 *
 *       http://www.apache.org/licenses/LICENSE-2.0
 *
 *     Unless required by applicable law or agreed to in writing, software
 *     distributed under the License is distributed on an "AS IS" BASIS,
 *     WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 *     See the License for the specific language governing permissions and
 *     limitations under the License.
 */

package com.hp.octane.integrations.services.vulnerabilities.sonar;

import com.hp.octane.integrations.dto.DTOFactory;
import com.hp.octane.integrations.dto.entities.Entity;
import com.hp.octane.integrations.dto.securityscans.OctaneIssue;
import com.hp.octane.integrations.services.vulnerabilities.sonar.dto.SonarIssue;
import com.hp.octane.integrations.services.vulnerabilities.sonar.dto.SonarRule;
import com.hp.octane.integrations.services.vulnerabilities.ssc.SSCToOctaneIssueUtil;
import com.hp.octane.integrations.utils.CIPluginSDKUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;

import java.text.DateFormat;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.*;

import static com.hp.octane.integrations.services.vulnerabilities.OctaneIssueConsts.*;

public class SonarToOctaneIssueUtil {

    private final static Logger logger = LogManager.getLogger(SSCToOctaneIssueUtil.class);


    public static final String SONAR_SEVERITY_BLOCKER = "BLOCKER";
    public static final String SONAR_SEVERITY_CRITICAL = "CRITICAL";
    public static final String SONAR_SEVERITY_MAJOR = "MAJOR";
    public static final String SONAR_SEVERITY_MINOR = "MINOR";


    public static final String EXTERNAL_TOOL_NAME = "SonarQube";

    public static List createOctaneIssues(List issues, String remoteTag, String sonarUrl, Set issuesRequiredExtendedDataKeys, Map rules) {
        if (issues == null) {
            return new ArrayList<>();
        }
        DTOFactory dtoFactory = DTOFactory.getInstance();
        List octaneIssues = new ArrayList<>();
        for (SonarIssue issue : issues) {
            OctaneIssue octaneIssue = createOctaneIssue(dtoFactory, issue, rules, sonarUrl);
            octaneIssue.setRemoteTag(remoteTag);
            octaneIssues.add(octaneIssue);
            if (issuesRequiredExtendedDataKeys.contains(issue.getKey())) {
                Map extendedData = prepareExtendedData(issue, rules);
                octaneIssue.setExtendedData(extendedData);
                setOctaneStatus(issue, octaneIssue, true);
            } else {
                setOctaneStatus(issue, octaneIssue, false);
            }
        }


        return octaneIssues;
    }

    private static OctaneIssue createOctaneIssue(DTOFactory dtoFactory,
                                                 SonarIssue issue,
                                                 Map rules,
                                                 String sonarUrl) {
        logger.debug("enter createOctaneIssue");
        OctaneIssue octaneIssue = dtoFactory.newDTO(OctaneIssue.class);
        setOctaneSeverity(issue, octaneIssue);
        setPrimaryLocationFull(issue, octaneIssue);
        setExternalLink(issue, octaneIssue, sonarUrl);
        octaneIssue.setLine(issue.getLine());
        octaneIssue.setRemoteId(issue.getKey());
        octaneIssue.setIntroducedDate(convertDates(issue.getCreationDate()));
        octaneIssue.setToolName(EXTERNAL_TOOL_NAME);
        octaneIssue.setCategory(rules.get(issue.getRule()).getName());
        logger.debug("exit createOctaneIssue");
        return octaneIssue;
    }

    private static String convertDates(String inputFoundDate) {
        if (inputFoundDate == null) {
            return null;
        }
        //"2017-02-12T12:31:44.000+0000"
        try {
            //convert date to string in utc
            SimpleDateFormat sourceDateFormat = new SimpleDateFormat("yyyy-MM-dd'T'hh:mm:ssz");
            DateFormat dfUtc = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'", Locale.ROOT);
            dfUtc.setTimeZone(TimeZone.getTimeZone("UTC"));
            return dfUtc.format(sourceDateFormat.parse(inputFoundDate));
        } catch (ParseException e) {
            logger.error(e.getMessage());
            logger.error(e.getStackTrace());
            return null;
        }
    }


    private static void setOctaneStatus(SonarIssue issue, OctaneIssue octaneIssue, boolean isNew) {
        if (issue.getStatus() != null) {
            String listNodeId = "";

            if (issue.getStatus().equalsIgnoreCase("OPEN")) {
                listNodeId = isNew ? ISSUE_STATE_NEW : ISSUE_STATE_EXISTING;
            } else if (issue.getStatus().equalsIgnoreCase("CONFIRMED") || issue.getStatus().equalsIgnoreCase("RESOLVED")) {
                listNodeId = ISSUE_STATE_EXISTING;
            } else if (issue.getStatus().equalsIgnoreCase("REOPENED")) {
                listNodeId = ISSUE_STATE_REOPEN;
            } else if (issue.getStatus().equalsIgnoreCase("CLOSED")) {
                listNodeId = ISSUE_STATE_CLOSED;
            }
            if (isLegalOctaneState(listNodeId)) {
                octaneIssue.setState(createListNodeEntity(listNodeId));
            }
        }
    }

    private static void setPrimaryLocationFull(SonarIssue issue, OctaneIssue octaneIssue) {
        Integer offset = issue.getProject().length();
        String path = issue.getComponent().substring(offset + 1);
        octaneIssue.setPrimaryLocationFull(path);
    }

    private static void setExternalLink(SonarIssue issue, OctaneIssue octaneIssue, String sonarUrl) {
        String encodedProject = CIPluginSDKUtils.urlEncodeQueryParam(issue.getProject());
        String encodedKey = CIPluginSDKUtils.urlEncodeQueryParam(issue.getKey());
        if (!sonarUrl.substring(sonarUrl.length() - 1).equals("/")){
            sonarUrl += "/";
        }
        octaneIssue.setExternalLink(String.format("%sproject/issues?issues=%s&id=%s&open=%s", sonarUrl, encodedKey, encodedProject, encodedKey));
    }


    private static Map prepareExtendedData(SonarIssue issue, Map rules) {
        String ruleKey = issue.getRule();
        SonarRule rule = rules.get(ruleKey);
        Map retVal = new HashMap<>();
        retVal.put("ruleName", rule.getName());
        if (rule.getHtmlDesc() != null) {
            retVal.put("htmlDesc", rule.getHtmlDesc());
        }
        return retVal;
    }

    private static void setOctaneSeverity(SonarIssue issue, OctaneIssue octaneIssue) {
        if (issue.getSeverity() != null) {
            String octaneSeverity = getOctaneSeverityFromSSCValue(issue.getSeverity());
            octaneIssue.setSeverity(createListNodeEntity(octaneSeverity));
        }
    }

    private static String getOctaneSeverityFromSSCValue(String severity) {


        if (severity == null) {
            return null;
        }

        String logicalNameForSeverity = null;
        if (severity.equals(SONAR_SEVERITY_BLOCKER) || severity.equals(SONAR_SEVERITY_CRITICAL)) {
            logicalNameForSeverity = SEVERITY_LG_NAME_CRITICAL;
        } else if (severity.equals(SONAR_SEVERITY_MAJOR)) {
            logicalNameForSeverity = SEVERITY_LG_NAME_HIGH;
        } else if (severity.equals(SONAR_SEVERITY_MINOR)) {
            logicalNameForSeverity = SEVERITY_LG_NAME_LOW;
        }

        return logicalNameForSeverity;
    }

    public static Entity createListNodeEntity(String id) {
        if (id == null) {
            return null;
        }
        return DTOFactory.getInstance().newDTO(Entity.class).setType("list_node").setId(id);
    }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy