diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 220dd688d..1d8469eb8 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -522,4 +522,5 @@ cel.policy.engine.enabled=false # Optional # Specifies whether the Integrity Initializer shall be enabled. -integrity.initializer.enabled=false \ No newline at end of file +integrity.initializer.enabled=false +integrity.check.enabled=false \ No newline at end of file diff --git a/src/test/java/org/dependencytrack/event/kafka/componentmeta/SupportedMetaHandlerTest.java b/src/test/java/org/dependencytrack/event/kafka/componentmeta/SupportedMetaHandlerTest.java index 4ca161c6c..5ae87e430 100644 --- a/src/test/java/org/dependencytrack/event/kafka/componentmeta/SupportedMetaHandlerTest.java +++ b/src/test/java/org/dependencytrack/event/kafka/componentmeta/SupportedMetaHandlerTest.java @@ -1,6 +1,5 @@ package org.dependencytrack.event.kafka.componentmeta; -import alpine.common.logging.Logger; import com.github.packageurl.MalformedPackageURLException; import com.github.packageurl.PackageURL; import org.dependencytrack.AbstractPostgresEnabledTest; @@ -22,65 +21,58 @@ import static org.dependencytrack.util.KafkaTestUtil.deserializeValue; public class SupportedMetaHandlerTest extends AbstractPostgresEnabledTest { - private static final Logger LOGGER = Logger.getLogger(SupportedMetaHandlerTest.class); @Test - public void testHandleIntegrityComponentNotInDB() { + public void testHandleIntegrityComponentNotInDB() throws MalformedPackageURLException { Handler handler; + UUID uuid = UUID.randomUUID(); KafkaEventDispatcher kafkaEventDispatcher = new KafkaEventDispatcher(); - try { - PackageURL packageUrl = new PackageURL("pkg:maven/org.http4s/blaze-core_2.12"); - ComponentProjection componentProjection = new ComponentProjection(UUID.randomUUID(), PurlUtil.silentPurlCoordinatesOnly(packageUrl).toString(), false, packageUrl); - IntegrityMetaComponent integrityMetaComponent = qm.getIntegrityMetaComponent(componentProjection.purl().toString()); - Assertions.assertNull(integrityMetaComponent); - handler = HandlerFactory.createHandler(componentProjection, qm, kafkaEventDispatcher, FetchMeta.FETCH_META_INTEGRITY_DATA); - IntegrityMetaComponent result = handler.handle(); - assertThat(kafkaMockProducer.history()).satisfiesExactly( - record -> { - assertThat(record.topic()).isEqualTo(KafkaTopics.REPO_META_ANALYSIS_COMMAND.name()); - final var command = deserializeValue(KafkaTopics.REPO_META_ANALYSIS_COMMAND, record); - assertThat(command.getComponent().getPurl()).isEqualTo("pkg:maven/org.http4s/blaze-core_2.12"); - assertThat(command.getComponent().getInternal()).isFalse(); - assertThat(command.getFetchMeta()).isEqualTo(FetchMeta.FETCH_META_INTEGRITY_DATA); - } + PackageURL packageUrl = new PackageURL("pkg:maven/org.http4s/blaze-core_2.12"); + ComponentProjection componentProjection = new ComponentProjection(uuid, PurlUtil.silentPurlCoordinatesOnly(packageUrl).toString(), false, packageUrl); + IntegrityMetaComponent integrityMetaComponent = qm.getIntegrityMetaComponent(componentProjection.purl().toString()); + Assertions.assertNull(integrityMetaComponent); + handler = HandlerFactory.createHandler(componentProjection, qm, kafkaEventDispatcher, FetchMeta.FETCH_META_INTEGRITY_DATA); + IntegrityMetaComponent result = handler.handle(); + assertThat(kafkaMockProducer.history()).satisfiesExactly( + record -> { + assertThat(record.topic()).isEqualTo(KafkaTopics.REPO_META_ANALYSIS_COMMAND.name()); + final var command = deserializeValue(KafkaTopics.REPO_META_ANALYSIS_COMMAND, record); + assertThat(command.getComponent().getPurl()).isEqualTo("pkg:maven/org.http4s/blaze-core_2.12"); + assertThat(command.getComponent().getUuid()).isEqualTo(uuid.toString()); + assertThat(command.getComponent().getInternal()).isFalse(); + assertThat(command.getFetchMeta()).isEqualTo(FetchMeta.FETCH_META_INTEGRITY_DATA); + } - ); - Assertions.assertEquals(FetchStatus.IN_PROGRESS, result.getStatus()); - - } catch (MalformedPackageURLException ex) { - LOGGER.warn("Package url not formed correctly"); - } + ); + Assertions.assertEquals(FetchStatus.IN_PROGRESS, result.getStatus()); } @Test - public void testHandleIntegrityComponentInDBForMoreThanAnHour() { + public void testHandleIntegrityComponentInDBForMoreThanAnHour() throws MalformedPackageURLException { Handler handler; + UUID uuid = UUID.randomUUID(); KafkaEventDispatcher kafkaEventDispatcher = new KafkaEventDispatcher(); - try { - PackageURL packageUrl = new PackageURL("pkg:maven/org.http4s/blaze-core_2.12"); - ComponentProjection componentProjection = new ComponentProjection(UUID.randomUUID(), PurlUtil.silentPurlCoordinatesOnly(packageUrl).toString(), false, packageUrl); - var integrityMeta = new IntegrityMetaComponent(); - integrityMeta.setPurl("pkg:maven/org.http4s/blaze-core_2.12"); - integrityMeta.setStatus(FetchStatus.IN_PROGRESS); - integrityMeta.setLastFetch(Date.from(Instant.now().minus(2, ChronoUnit.HOURS))); - qm.createIntegrityMetaComponent(integrityMeta); - handler = HandlerFactory.createHandler(componentProjection, qm, kafkaEventDispatcher, FetchMeta.FETCH_META_INTEGRITY_DATA); - IntegrityMetaComponent integrityMetaComponent = handler.handle(); - assertThat(kafkaMockProducer.history()).satisfiesExactly( - record -> { - assertThat(record.topic()).isEqualTo(KafkaTopics.REPO_META_ANALYSIS_COMMAND.name()); - final var command = deserializeValue(KafkaTopics.REPO_META_ANALYSIS_COMMAND, record); - assertThat(command.getComponent().getPurl()).isEqualTo("pkg:maven/org.http4s/blaze-core_2.12"); - assertThat(command.getComponent().getInternal()).isFalse(); - assertThat(command.getFetchMeta()).isEqualTo(FetchMeta.FETCH_META_INTEGRITY_DATA); - } - - ); - Assertions.assertEquals(FetchStatus.IN_PROGRESS, integrityMetaComponent.getStatus()); - assertThat(integrityMetaComponent.getLastFetch()).isAfter(Date.from(Instant.now().minus(2, ChronoUnit.MINUTES))); + PackageURL packageUrl = new PackageURL("pkg:maven/org.http4s/blaze-core_2.12"); + ComponentProjection componentProjection = new ComponentProjection(uuid, PurlUtil.silentPurlCoordinatesOnly(packageUrl).toString(), false, packageUrl); + var integrityMeta = new IntegrityMetaComponent(); + integrityMeta.setPurl("pkg:maven/org.http4s/blaze-core_2.12"); + integrityMeta.setStatus(FetchStatus.IN_PROGRESS); + integrityMeta.setLastFetch(Date.from(Instant.now().minus(2, ChronoUnit.HOURS))); + qm.createIntegrityMetaComponent(integrityMeta); + handler = HandlerFactory.createHandler(componentProjection, qm, kafkaEventDispatcher, FetchMeta.FETCH_META_INTEGRITY_DATA); + IntegrityMetaComponent integrityMetaComponent = handler.handle(); + assertThat(kafkaMockProducer.history()).satisfiesExactly( + record -> { + assertThat(record.topic()).isEqualTo(KafkaTopics.REPO_META_ANALYSIS_COMMAND.name()); + final var command = deserializeValue(KafkaTopics.REPO_META_ANALYSIS_COMMAND, record); + assertThat(command.getComponent().getPurl()).isEqualTo("pkg:maven/org.http4s/blaze-core_2.12"); + assertThat(command.getComponent().getUuid()).isEqualTo(uuid.toString()); + assertThat(command.getComponent().getInternal()).isFalse(); + assertThat(command.getFetchMeta()).isEqualTo(FetchMeta.FETCH_META_INTEGRITY_DATA); + } - } catch (MalformedPackageURLException ex) { - LOGGER.warn("Package url not formed correctly"); - } + ); + Assertions.assertEquals(FetchStatus.IN_PROGRESS, integrityMetaComponent.getStatus()); + assertThat(integrityMetaComponent.getLastFetch()).isAfter(Date.from(Instant.now().minus(2, ChronoUnit.MINUTES))); } } \ No newline at end of file diff --git a/src/test/java/org/dependencytrack/event/kafka/componentmeta/UnSupportedMetaHandlerTest.java b/src/test/java/org/dependencytrack/event/kafka/componentmeta/UnSupportedMetaHandlerTest.java index 5aa62475f..dc41dbf74 100644 --- a/src/test/java/org/dependencytrack/event/kafka/componentmeta/UnSupportedMetaHandlerTest.java +++ b/src/test/java/org/dependencytrack/event/kafka/componentmeta/UnSupportedMetaHandlerTest.java @@ -1,6 +1,5 @@ package org.dependencytrack.event.kafka.componentmeta; -import alpine.common.logging.Logger; import com.github.packageurl.MalformedPackageURLException; import com.github.packageurl.PackageURL; import org.dependencytrack.AbstractPostgresEnabledTest; @@ -19,33 +18,26 @@ public class UnSupportedMetaHandlerTest extends AbstractPostgresEnabledTest { - private static final Logger LOGGER = Logger.getLogger(SupportedMetaHandlerTest.class); - @Test - public void testHandleComponentInDb() { + public void testHandleComponentInDb() throws MalformedPackageURLException { Handler handler; KafkaEventDispatcher kafkaEventDispatcher = new KafkaEventDispatcher(); - try { - PackageURL packageUrl = new PackageURL("pkg:golang/foo/bar@baz?ping=pong#1/2/3"); - ComponentProjection componentProjection = new ComponentProjection(UUID.randomUUID(), PurlUtil.silentPurlCoordinatesOnly(packageUrl).toString(), false, packageUrl); - IntegrityMetaComponent integrityMetaComponent = qm.getIntegrityMetaComponent(componentProjection.purl().toString()); - Assertions.assertNull(integrityMetaComponent); - handler = HandlerFactory.createHandler(componentProjection, qm, kafkaEventDispatcher, FetchMeta.FETCH_META_LATEST_VERSION); - handler.handle(); - assertThat(kafkaMockProducer.history()).satisfiesExactly( - record -> { - assertThat(record.topic()).isEqualTo(KafkaTopics.REPO_META_ANALYSIS_COMMAND.name()); - final var command = deserializeValue(KafkaTopics.REPO_META_ANALYSIS_COMMAND, record); - assertThat(command.getComponent().getPurl()).isEqualTo("pkg:golang/foo/bar@baz"); - assertThat(command.getComponent().getInternal()).isFalse(); - assertThat(command.getFetchMeta()).isEqualTo(FetchMeta.FETCH_META_LATEST_VERSION); - } - - ); - Assertions.assertNull(integrityMetaComponent); - - } catch (MalformedPackageURLException ex) { - LOGGER.warn("Package url not formed correctly"); - } + PackageURL packageUrl = new PackageURL("pkg:golang/foo/bar@baz?ping=pong#1/2/3"); + ComponentProjection componentProjection = new ComponentProjection(null, PurlUtil.silentPurlCoordinatesOnly(packageUrl).toString(), false, packageUrl); + IntegrityMetaComponent integrityMetaComponent = qm.getIntegrityMetaComponent(componentProjection.purl().toString()); + Assertions.assertNull(integrityMetaComponent); + handler = HandlerFactory.createHandler(componentProjection, qm, kafkaEventDispatcher, FetchMeta.FETCH_META_LATEST_VERSION); + handler.handle(); + assertThat(kafkaMockProducer.history()).satisfiesExactly( + record -> { + assertThat(record.topic()).isEqualTo(KafkaTopics.REPO_META_ANALYSIS_COMMAND.name()); + final var command = deserializeValue(KafkaTopics.REPO_META_ANALYSIS_COMMAND, record); + assertThat(command.getComponent().getPurl()).isEqualTo("pkg:golang/foo/bar@baz"); + assertThat(command.getComponent().getInternal()).isFalse(); + assertThat(command.getFetchMeta()).isEqualTo(FetchMeta.FETCH_META_LATEST_VERSION); + } + + ); + Assertions.assertNull(integrityMetaComponent); } } \ No newline at end of file diff --git a/src/test/java/org/dependencytrack/event/kafka/processor/RepositoryMetaResultProcessorTest.java b/src/test/java/org/dependencytrack/event/kafka/processor/RepositoryMetaResultProcessorTest.java index 4976c7c45..cbc0b1eba 100644 --- a/src/test/java/org/dependencytrack/event/kafka/processor/RepositoryMetaResultProcessorTest.java +++ b/src/test/java/org/dependencytrack/event/kafka/processor/RepositoryMetaResultProcessorTest.java @@ -180,7 +180,7 @@ public void processUpdateIntegrityResultTest() { componentProjectA.setProject(projectA); componentProjectA.setName("acme-lib-a"); componentProjectA.setVersion("1.0.1"); - componentProjectA.setPurl("pkg:maven/foo/bar@1.2.3?foo=bar"); + componentProjectA.setPurl("pkg:maven/foo/bar@1.2.3"); componentProjectA.setPurlCoordinates("pkg:maven/foo/bar@1.2.3"); componentProjectA.setUuid(uuid); componentProjectA.setMd5("098f6bcd4621d373cade4e832627b4f6"); @@ -220,6 +220,8 @@ public void processUpdateIntegrityResultTest() { assertThat(analysis.getSha1HashMatchStatus()).isEqualTo(IntegrityMatchStatus.HASH_MATCH_PASSED); assertThat(analysis.getSha256HashMatchStatus()).isEqualTo(IntegrityMatchStatus.COMPONENT_MISSING_HASH_AND_MATCH_UNKNOWN); assertThat(analysis.getSha512HashMatchStatus()).isEqualTo(IntegrityMatchStatus.COMPONENT_MISSING_HASH_AND_MATCH_UNKNOWN); + assertThat(analysis.getUpdatedAt()).isNotNull(); + assertThat(analysis.getComponent().getPurl().toString()).isEqualTo("pkg:maven/foo/bar@1.2.3"); } @Test @@ -231,7 +233,7 @@ public void testIntegrityCheckWithDataInDb() { componentProjectA.setProject(projectA); componentProjectA.setName("acme-lib-a"); componentProjectA.setVersion("1.0.1"); - componentProjectA.setPurl("pkg:maven/foo/bar@1.2.3?foo=bar"); + componentProjectA.setPurl("pkg:maven/foo/bar@1.2.3"); componentProjectA.setPurlCoordinates("pkg:maven/foo/bar@1.2.3"); componentProjectA.setUuid(uuid); componentProjectA.setMd5("098f6bcd4621d373cade4e832627b4f6"); @@ -262,6 +264,8 @@ public void testIntegrityCheckWithDataInDb() { assertThat(analysis.getSha1HashMatchStatus()).isEqualTo(IntegrityMatchStatus.HASH_MATCH_PASSED); assertThat(analysis.getSha256HashMatchStatus()).isEqualTo(IntegrityMatchStatus.COMPONENT_MISSING_HASH_AND_MATCH_UNKNOWN); assertThat(analysis.getSha512HashMatchStatus()).isEqualTo(IntegrityMatchStatus.COMPONENT_MISSING_HASH_AND_MATCH_UNKNOWN); + assertThat(analysis.getUpdatedAt()).isNotNull(); + assertThat(analysis.getComponent().getPurl().toString()).isEqualTo("pkg:maven/foo/bar@1.2.3"); } @Test