Merge develop to main for release 106 (#128)

This PR: * Fixes a NullPointerException error in get-metrics * Refactors get-metrics for readability
sonatype-nexus-community · Feb 14, 2025 · 075fd3a · 075fd3a
1 parent d636f2e
commit 075fd3a
Show file tree

Hide file tree

Showing 25 changed files with 420 additions and 177 deletions.
diff --git a/.github/workflows/create_release.yml b/.github/workflows/create_release.yml
@@ -41,7 +41,7 @@ jobs:
           run: ./gradlew -Pversion=$RELEASE_VERSION clean build release codeCoverageReport
 
         - name: Upload the artifact
-          uses: actions/upload-artifact@v2
+          uses: actions/upload-artifact@v4
           with:
             name: jar_files
             path: |

diff --git a/.github/workflows/develop_branch.yml b/.github/workflows/develop_branch.yml
@@ -74,7 +74,7 @@ jobs:
         if: github.ref == 'refs/heads/main'
 
       - name: Upload JaCoCo coverage report
-        uses: actions/upload-artifact@v2
+        uses: actions/upload-artifact@v4
         with:
           name: jacoco-report
           path: build/reports/jacoco/codeCoverageReport/codeCoverageReport.csv
diff --git a/get-metrics/src/main/java/org/sonatype/cs/getmetrics/GetMetricsApplication.java b/get-metrics/src/main/java/org/sonatype/cs/getmetrics/GetMetricsApplication.java
@@ -20,6 +20,7 @@
 import org.springframework.boot.CommandLineRunner;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+
 import javax.net.ssl.SSLHandshakeException;
 
 @SpringBootApplication
@@ -114,8 +115,7 @@ private void generateFirewallReports() throws Exception {
                 "/firewall/releaseQuarantine/configuration");
 
         nexusIQApiService.makeReport(
-                new AutoReleasedFromQuarantineSummary(),
-                "/firewall/releaseQuarantine/summary");
+                new AutoReleasedFromQuarantineSummary(), "/firewall/releaseQuarantine/summary");
         nexusIQApiService.makeReport(
                 new QuarantinedComponentsSummary(), "/firewall/quarantine/summary");
 

diff --git a/get-metrics/src/main/java/org/sonatype/cs/getmetrics/reports/ApplicationEvaluations.java b/get-metrics/src/main/java/org/sonatype/cs/getmetrics/reports/ApplicationEvaluations.java
@@ -6,8 +6,10 @@
 import org.sonatype.cs.getmetrics.service.CsvFileService;
 import org.sonatype.cs.getmetrics.service.FileIoService;
 import org.sonatype.cs.getmetrics.util.FilenameInfo;
+
 import java.util.ArrayList;
 import java.util.List;
+
 import javax.json.JsonArray;
 import javax.json.JsonObject;
 import javax.json.JsonReader;
@@ -26,15 +28,15 @@ public void makeCsvFile(FileIoService fileIoService, JsonReader jsonReader) {
 
     static List<String[]> getApplicationInfoFromData(JsonReader jsonReader) {
         List<String[]> data = new ArrayList<>();
-        data.add(new String[]{"applicationName", "evaluationDate", "stage"});
+        data.add(new String[] {"applicationName", "evaluationDate", "stage"});
         JsonArray results = jsonReader.readArray();
 
         for (JsonObject result : results.getValuesAs(JsonObject.class)) {
             String stage = result.getString("stage", "");
             String evaluationDate = result.getString("evaluationDate", "");
             String reportDataUrl = result.getString("reportDataUrl", "");
             String applicationName = extractApplicationName(reportDataUrl);
-            data.add(new String[]{applicationName, evaluationDate, stage});
+            data.add(new String[] {applicationName, evaluationDate, stage});
         }
         return data;
     }

diff --git a/...rc/main/java/org/sonatype/cs/getmetrics/reports/AutoReleasedFromQuarantineComponents.java b/...rc/main/java/org/sonatype/cs/getmetrics/reports/AutoReleasedFromQuarantineComponents.java
@@ -7,18 +7,28 @@
 import org.sonatype.cs.getmetrics.service.FileIoService;
 import org.sonatype.cs.getmetrics.util.FilenameInfo;
 import org.sonatype.cs.getmetrics.util.ParseReasons;
+
 import java.util.ArrayList;
 import java.util.List;
+
 import javax.json.JsonArray;
 import javax.json.JsonObject;
 import javax.json.JsonReader;
 
 public class AutoReleasedFromQuarantineComponents implements CsvFileService {
-    private static final Logger log = LoggerFactory.getLogger(AutoReleasedFromQuarantineComponents.class);
+    private static final Logger log =
+            LoggerFactory.getLogger(AutoReleasedFromQuarantineComponents.class);
 
     private static final String[] CSV_HEADERS = {
-            "repository", "quarantineDate", "dateCleared", "displayName", "format",
-            "quarantined", "policyName", "threatLevel", "reason"
+        "repository",
+        "quarantineDate",
+        "dateCleared",
+        "displayName",
+        "format",
+        "quarantined",
+        "policyName",
+        "threatLevel",
+        "reason"
     };
 
     @Override
@@ -32,7 +42,8 @@ public void makeCsvFile(FileIoService fileIoService, JsonObject dataObject) {
 
         List<String[]> data = getQuarantinedComponentsFromData(dataObject);
 
-        fileIoService.writeCsvFile(FilenameInfo.AUTO_RELEASED_FROM_QUARANTINE_COMPONENTS_CSV_FILE, data);
+        fileIoService.writeCsvFile(
+                FilenameInfo.AUTO_RELEASED_FROM_QUARANTINE_COMPONENTS_CSV_FILE, data);
     }
 
     static List<String[]> getQuarantinedComponentsFromData(JsonObject dataObject) {
@@ -49,35 +60,91 @@ static List<String[]> getQuarantinedComponentsFromData(JsonObject dataObject) {
             boolean quarantined = result.getBoolean("quarantined");
             String format = result.getJsonObject("componentIdentifier").getString("format");
 
-            JsonArray quarantinePolicyViolations = result.getJsonArray("quarantinePolicyViolations");
+            JsonArray quarantinePolicyViolations =
+                    result.getJsonArray("quarantinePolicyViolations");
             if (quarantinePolicyViolations.isEmpty()) {
-                data.add(createCsvLine(repository, quarantineDate, dateCleared, displayName, format, quarantined, "None", 0, ""));
+                data.add(
+                        createCsvLine(
+                                repository,
+                                quarantineDate,
+                                dateCleared,
+                                displayName,
+                                format,
+                                quarantined,
+                                "None",
+                                0,
+                                ""));
             } else {
-                addPolicyViolations(data, repository, quarantineDate, dateCleared, displayName, format, quarantined, quarantinePolicyViolations);
+                addPolicyViolations(
+                        data,
+                        repository,
+                        quarantineDate,
+                        dateCleared,
+                        displayName,
+                        format,
+                        quarantined,
+                        quarantinePolicyViolations);
             }
         }
         return data;
     }
 
-    private static void addPolicyViolations(List<String[]> data, String repository, String quarantineDate, String dateCleared, String displayName, String format, boolean quarantined, JsonArray quarantinePolicyViolations) {
-        for (JsonObject quarantinePolicyViolation : quarantinePolicyViolations.getValuesAs(JsonObject.class)) {
+    private static void addPolicyViolations(
+            List<String[]> data,
+            String repository,
+            String quarantineDate,
+            String dateCleared,
+            String displayName,
+            String format,
+            boolean quarantined,
+            JsonArray quarantinePolicyViolations) {
+        for (JsonObject quarantinePolicyViolation :
+                quarantinePolicyViolations.getValuesAs(JsonObject.class)) {
             String policyName = quarantinePolicyViolation.getString("policyName");
             int threatLevel = quarantinePolicyViolation.getInt("threatLevel");
 
-            JsonArray constraintViolations = quarantinePolicyViolation.getJsonArray("constraintViolations");
-            for (JsonObject constraintViolation : constraintViolations.getValuesAs(JsonObject.class)) {
+            JsonArray constraintViolations =
+                    quarantinePolicyViolation.getJsonArray("constraintViolations");
+            for (JsonObject constraintViolation :
+                    constraintViolations.getValuesAs(JsonObject.class)) {
                 JsonArray reasons = constraintViolation.getJsonArray("reasons");
                 String reason = ParseReasons.getReason(policyName, reasons);
 
-                data.add(createCsvLine(repository, quarantineDate, dateCleared, displayName, format, quarantined, policyName, threatLevel, reason));
+                data.add(
+                        createCsvLine(
+                                repository,
+                                quarantineDate,
+                                dateCleared,
+                                displayName,
+                                format,
+                                quarantined,
+                                policyName,
+                                threatLevel,
+                                reason));
             }
         }
     }
 
-    private static String[] createCsvLine(String repository, String quarantineDate, String dateCleared, String displayName, String format, boolean quarantined, String policyName, int threatLevel, String reason) {
-        return new String[]{
-                repository, quarantineDate, dateCleared, displayName, format,
-                String.valueOf(quarantined), policyName, String.valueOf(threatLevel), reason
+    private static String[] createCsvLine(
+            String repository,
+            String quarantineDate,
+            String dateCleared,
+            String displayName,
+            String format,
+            boolean quarantined,
+            String policyName,
+            int threatLevel,
+            String reason) {
+        return new String[] {
+            repository,
+            quarantineDate,
+            dateCleared,
+            displayName,
+            format,
+            String.valueOf(quarantined),
+            policyName,
+            String.valueOf(threatLevel),
+            reason
         };
     }
 }
diff --git a/...cs/src/main/java/org/sonatype/cs/getmetrics/reports/AutoReleasedFromQuarantineConfig.java b/...cs/src/main/java/org/sonatype/cs/getmetrics/reports/AutoReleasedFromQuarantineConfig.java
@@ -6,36 +6,41 @@
 import org.sonatype.cs.getmetrics.service.CsvFileService;
 import org.sonatype.cs.getmetrics.service.FileIoService;
 import org.sonatype.cs.getmetrics.util.FilenameInfo;
+
 import java.util.ArrayList;
 import java.util.List;
+
 import javax.json.JsonArray;
 import javax.json.JsonObject;
 import javax.json.JsonReader;
 
 public class AutoReleasedFromQuarantineConfig implements CsvFileService {
-    private static final Logger log = LoggerFactory.getLogger(AutoReleasedFromQuarantineConfig.class);
+    private static final Logger log =
+            LoggerFactory.getLogger(AutoReleasedFromQuarantineConfig.class);
 
     @Override
     public void makeCsvFile(FileIoService fileIoService, JsonReader jsonReader) {
         log.info("Making AutoReleasedFromQuarantineConfig report");
 
         List<String[]> data = getQuarantinedConfigFromData(jsonReader);
 
-        fileIoService.writeCsvFile(FilenameInfo.AUTO_RELEASED_FROM_QUARANTINE_CONFIG_CSV_FILE, data);
+        fileIoService.writeCsvFile(
+                FilenameInfo.AUTO_RELEASED_FROM_QUARANTINE_CONFIG_CSV_FILE, data);
     }
 
     static List<String[]> getQuarantinedConfigFromData(JsonReader jsonReader) {
         List<String[]> data = new ArrayList<>();
-        data.add(new String[]{"id", "name", "autoReleaseQuarantineEnabled"});
+        data.add(new String[] {"id", "name", "autoReleaseQuarantineEnabled"});
 
         JsonArray results = jsonReader.readArray();
 
         for (JsonObject result : results.getValuesAs(JsonObject.class)) {
             String id = result.getString("id", "");
             String name = result.getString("name", "");
-            boolean autoReleaseQuarantineEnabled = result.getBoolean("autoReleaseQuarantineEnabled");
+            boolean autoReleaseQuarantineEnabled =
+                    result.getBoolean("autoReleaseQuarantineEnabled");
 
-            data.add(new String[]{id, name, String.valueOf(autoReleaseQuarantineEnabled)});
+            data.add(new String[] {id, name, String.valueOf(autoReleaseQuarantineEnabled)});
         }
         return data;
     }

diff --git a/...s/src/main/java/org/sonatype/cs/getmetrics/reports/AutoReleasedFromQuarantineSummary.java b/...s/src/main/java/org/sonatype/cs/getmetrics/reports/AutoReleasedFromQuarantineSummary.java
@@ -6,8 +6,10 @@
 import org.sonatype.cs.getmetrics.service.CsvFileService;
 import org.sonatype.cs.getmetrics.service.FileIoService;
 import org.sonatype.cs.getmetrics.util.FilenameInfo;
+
 import java.util.ArrayList;
 import java.util.List;
+
 import javax.json.JsonObject;
 import javax.json.JsonReader;
 

diff --git a/get-metrics/src/main/java/org/sonatype/cs/getmetrics/reports/PolicyViolations.java b/get-metrics/src/main/java/org/sonatype/cs/getmetrics/reports/PolicyViolations.java
@@ -7,10 +7,12 @@
 import org.sonatype.cs.getmetrics.service.FileIoService;
 import org.sonatype.cs.getmetrics.service.PolicyIdsService;
 import org.sonatype.cs.getmetrics.util.FilenameInfo;
+
 import java.util.ArrayList;
 import java.util.List;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
+
 import javax.json.JsonArray;
 import javax.json.JsonObject;
 import javax.json.JsonReader;
@@ -35,7 +37,16 @@ public void makeCsvFile(FileIoService fileIoService, JsonReader reader) {
 
     static List<String[]> getPolicyViolationsFromData(JsonReader reader) {
         List<String[]> data = new ArrayList<>();
-        data.add(new String[]{"policyName", "reason", "applicationName", "openTime", "component", "stage", "threatLevel"});
+        data.add(
+                new String[] {
+                    "policyName",
+                    "reason",
+                    "applicationName",
+                    "openTime",
+                    "component",
+                    "stage",
+                    "threatLevel"
+                });
 
         JsonObject obj = reader.readObject();
         JsonArray results = obj.getJsonArray("applicationViolations");
@@ -55,13 +66,23 @@ static List<String[]> getPolicyViolationsFromData(JsonReader reader) {
                 JsonObject component = policyViolation.getJsonObject("component");
                 String packageUrl = component.getString("packageUrl", "");
 
-                JsonArray constraintViolations = policyViolation.getJsonArray("constraintViolations");
-                for (JsonObject constraintViolation : constraintViolations.getValuesAs(JsonObject.class)) {
+                JsonArray constraintViolations =
+                        policyViolation.getJsonArray("constraintViolations");
+                for (JsonObject constraintViolation :
+                        constraintViolations.getValuesAs(JsonObject.class)) {
                     JsonArray reasons = constraintViolation.getJsonArray("reasons");
 
                     String reason = getReason(policyName, reasons);
 
-                    String[] line = {policyName, reason, applicationPublicId, openTime, packageUrl, stage, String.valueOf(threatLevel)};
+                    String[] line = {
+                        policyName,
+                        reason,
+                        applicationPublicId,
+                        openTime,
+                        packageUrl,
+                        stage,
+                        String.valueOf(threatLevel)
+                    };
                     data.add(line);
                 }
             }