Skip to content

Commit

Permalink
Added configuration and evaluation of thresholds
Browse files Browse the repository at this point in the history
  • Loading branch information
@stevespringett
stevespringett committed Jan 14, 2019
1 parent 6c8c57b commit 0873622
Show file tree
Hide file tree
Showing 8 changed files with 281 additions and 47 deletions.
11 changes: 4 additions & 7 deletions src/main/java/org/jenkinsci/plugins/DependencyTrack/DependencyTrackPublisher.java
View file
Expand Up @@ -35,7 +35,6 @@
import org.jenkinsci.plugins.DependencyTrack.model.Finding;
import org.jenkinsci.plugins.DependencyTrack.model.RiskGate;
import org.jenkinsci.plugins.DependencyTrack.model.SeverityDistribution;
import org.jenkinsci.plugins.DependencyTrack.model.Thresholds;
import org.kohsuke.stapler.DataBoundConstructor;
import org.kohsuke.stapler.DataBoundSetter;
import org.kohsuke.stapler.QueryParameter;
Expand Down Expand Up @@ -228,21 +227,19 @@ public void perform(@Nonnull final Run<?, ?> build,
if (previousBuild != null) {
final ResultAction previousResults = previousBuild.getAction(ResultAction.class);
final RiskGate riskGate = new RiskGate(getThresholds());
final Thresholds.BuildStatus buildStatus = riskGate.evaluate(
final Result result = riskGate.evaluate(
previousResults.getSeverityDistribution(),
previousResults.getFindings(),
severityDistribution,
findings);
if (Thresholds.BuildStatus.FAILURE == buildStatus) {
build.setResult(Result.FAILURE);
} else if (Thresholds.BuildStatus.UNSTABLE == buildStatus) {
build.setResult(Result.UNSTABLE);
if (Result.SUCCESS != result) {
build.setResult(result); // only set the result if the evaluation fails the threshold
}
}
}
} catch (ApiClientException e) {
logger.log(e.getMessage());
build.setResult(Result.FAILURE);
build.setResult(Result.FAILURE); //todo: make configurable
}
}

Expand Down
141 changes: 118 additions & 23 deletions src/main/java/org/jenkinsci/plugins/DependencyTrack/ThresholdCapablePublisher.java
View file
Expand Up @@ -20,73 +20,168 @@
import org.kohsuke.stapler.DataBoundSetter;
import java.io.Serializable;

@SuppressWarnings("unused")
public abstract class ThresholdCapablePublisher extends Recorder implements Serializable {

private static final long serialVersionUID = 8844465732219790336L;

private final Thresholds thresholds = new Thresholds();
private Integer totalThresholdAll;
private Integer totalThresholdCritical;
private Integer totalThresholdHigh;
private Integer totalThresholdMedium;
private Integer totalThresholdLow;
private boolean totalThresholdAnalysisExploitable;
private boolean totalThresholdFailBuild;

private Integer newThresholdAll;
private Integer newThresholdCritical;
private Integer newThresholdHigh;
private Integer newThresholdMedium;
private Integer newThresholdLow;
private boolean newThresholdAnalysisExploitable;
private boolean newThresholdFailBuild;

Thresholds getThresholds() {
final Thresholds thresholds = new Thresholds();
thresholds.totalFindings.critical = totalThresholdCritical;
thresholds.totalFindings.high = totalThresholdHigh;
thresholds.totalFindings.medium = totalThresholdMedium;
thresholds.totalFindings.low = totalThresholdLow;
thresholds.totalFindings.limitToAnalysisExploitable = totalThresholdAnalysisExploitable;
thresholds.totalFindings.failBuild = totalThresholdFailBuild;

thresholds.newFindings.critical = newThresholdCritical;
thresholds.newFindings.high = newThresholdHigh;
thresholds.newFindings.medium = newThresholdMedium;
thresholds.newFindings.low = newThresholdLow;
thresholds.newFindings.limitToAnalysisExploitable = newThresholdAnalysisExploitable;
thresholds.newFindings.failBuild = newThresholdFailBuild;
return thresholds;
}

public Integer getTotalThresholdAll() {
return totalThresholdAll;
}

@DataBoundSetter
public void setTotalThresholdAll(final int totalThresholdAll) {
getThresholds().totalFindings.all = totalThresholdAll;
public void setTotalThresholdAll(final Integer totalThresholdAll) {
this.totalThresholdAll = totalThresholdAll;
}

public Integer getTotalThresholdCritical() {
return totalThresholdCritical;
}

@DataBoundSetter
public void settotalThresholdCritical(final int totalThresholdCritical) {
getThresholds().totalFindings.critical = totalThresholdCritical;
public void setTotalThresholdCritical(final Integer totalThresholdCritical) {
this.totalThresholdCritical = totalThresholdCritical;
}

public Integer getTotalThresholdHigh() {
return totalThresholdHigh;
}

@DataBoundSetter
public void setTotalThresholdHigh(final int totalThresholdHigh) {
getThresholds().totalFindings.high = totalThresholdHigh;
public void setTotalThresholdHigh(final Integer totalThresholdHigh) {
this.totalThresholdHigh = totalThresholdHigh;
}

public Integer getTotalThresholdMedium() {
return totalThresholdMedium;
}

@DataBoundSetter
public void setTotalThresholdMedium(final int totalThresholdMedium) {
getThresholds().totalFindings.medium = totalThresholdMedium;
public void setTotalThresholdMedium(final Integer totalThresholdMedium) {
this.totalThresholdMedium = totalThresholdMedium;
}

public Integer getTotalThresholdLow() {
return totalThresholdLow;
}

@DataBoundSetter
public void setTotalThresholdLow(final int totalThresholdLow) {
getThresholds().totalFindings.low = totalThresholdLow;
public void setTotalThresholdLow(final Integer totalThresholdLow) {
this.totalThresholdLow = totalThresholdLow;
}

public boolean getTotalThresholdAnalysisExploitable() {
return totalThresholdAnalysisExploitable;
}

@DataBoundSetter
public void setTotalThresholdAnalysisExploitable(final boolean totalThresholdAnalysisExploitable) {
getThresholds().totalFindings.limitToAnalysisExploitable = totalThresholdAnalysisExploitable;
this.totalThresholdAnalysisExploitable = totalThresholdAnalysisExploitable;
}

public boolean getTotalThresholdFailBuild() {
return totalThresholdFailBuild;
}

@DataBoundSetter
public void setTotalThresholdFailBuild(boolean totalThresholdFailBuild) {
this.totalThresholdFailBuild = totalThresholdFailBuild;
}

public Integer getNewThresholdAll() {
return newThresholdAll;
}

@DataBoundSetter
public void setNewThresholdAll(final int newThresholdAll) {
getThresholds().newFindings.all = newThresholdAll;
public void setNewThresholdAll(final Integer newThresholdAll) {
this.newThresholdAll = newThresholdAll;
}

public Integer getNewThresholdCritical() {
return newThresholdCritical;
}

@DataBoundSetter
public void setNewThresholdCritical(final int newThresholdCritical) {
getThresholds().newFindings.critical = newThresholdCritical;
public void setNewThresholdCritical(final Integer newThresholdCritical) {
this.newThresholdCritical = newThresholdCritical;
}

public Integer getNewThresholdHigh() {
return newThresholdHigh;
}

@DataBoundSetter
public void setNewThresholdHigh(final int newThresholdHigh) {
getThresholds().newFindings.high = newThresholdHigh;
public void setNewThresholdHigh(final Integer newThresholdHigh) {
this.newThresholdHigh = newThresholdHigh;
}

public Integer getNewThresholdMedium() {
return newThresholdMedium;
}

@DataBoundSetter
public void setNewThresholdMedium(final int newThresholdMedium) {
getThresholds().newFindings.medium = newThresholdMedium;
public void setNewThresholdMedium(final Integer newThresholdMedium) {
this.newThresholdMedium = newThresholdMedium;
}

public Integer getNewThresholdLow() {
return newThresholdLow;
}

@DataBoundSetter
public void setNewThresholdLow(final int newThresholdLow) {
getThresholds().newFindings.low = newThresholdLow;
public void setNewThresholdLow(final Integer newThresholdLow) {
this.newThresholdLow = newThresholdLow;
}

public boolean getNewThresholdAnalysisExploitable() {
return newThresholdAnalysisExploitable;
}

@DataBoundSetter
public void setNewThresholdAnalysisExploitable(final boolean newThresholdAnalysisExploitable) {
getThresholds().newFindings.limitToAnalysisExploitable = newThresholdAnalysisExploitable;
this.newThresholdAnalysisExploitable = newThresholdAnalysisExploitable;
}

public boolean getNewThresholdFailBuild() {
return newThresholdFailBuild;
}

@DataBoundSetter
public void setNewThresholdFailBuild(boolean newThresholdFailBuild) {
this.newThresholdFailBuild = newThresholdFailBuild;
}
}
51 changes: 43 additions & 8 deletions src/main/java/org/jenkinsci/plugins/DependencyTrack/model/RiskGate.java
View file
Expand Up @@ -15,6 +15,7 @@
*/
package org.jenkinsci.plugins.DependencyTrack.model;

import hudson.model.Result;
import java.io.Serializable;
import java.util.List;

Expand All @@ -28,14 +29,48 @@ public RiskGate(Thresholds thresholds) {
this.thresholds = thresholds;
}

public Thresholds getThresholds() {
return thresholds;
}
/**
* Evaluates if the current results meet or exceed the defined threshold.
* @param previousDistribution
* @param previousFindings
* @param currentDistribution
* @param currentFindings
* @return a Result
*/
public Result evaluate(final SeverityDistribution previousDistribution,
final List<Finding> previousFindings,
final SeverityDistribution currentDistribution,
final List<Finding> currentFindings) {

Result result = Result.SUCCESS;
if (currentDistribution != null) {
if ((currentDistribution.getCritical() > 0 && currentDistribution.getCritical() >= thresholds.totalFindings.critical)
|| (currentDistribution.getHigh() > 0 && currentDistribution.getHigh() >= thresholds.totalFindings.high)
|| (currentDistribution.getMedium() > 0 && currentDistribution.getMedium() >= thresholds.totalFindings.medium)
|| (currentDistribution.getLow() > 0 && currentDistribution.getLow() >= thresholds.totalFindings.low)) {

if (thresholds.totalFindings.failBuild) {
return Result.FAILURE;
} else {
result = Result.UNSTABLE;
}
}
}

if (currentDistribution != null && previousDistribution != null) {
if ((currentDistribution.getCritical() > 0 && currentDistribution.getCritical() >= previousDistribution.getCritical() + thresholds.newFindings.critical)
|| (currentDistribution.getHigh() > 0 && currentDistribution.getHigh() >= previousDistribution.getHigh() + thresholds.newFindings.high)
|| (currentDistribution.getMedium() > 0 && currentDistribution.getMedium() >= previousDistribution.getMedium() + thresholds.newFindings.medium)
|| (currentDistribution.getLow() > 0 && currentDistribution.getLow() >= previousDistribution.getLow() + thresholds.newFindings.low)) {

if (thresholds.newFindings.failBuild) {
return Result.FAILURE;
} else {
result = Result.UNSTABLE;
}
}
}

public Thresholds.BuildStatus evaluate(final SeverityDistribution previousDistribution,
final List<Finding> previousFindings,
final SeverityDistribution currentDistribution,
final List<Finding> currentFindings) {
return Thresholds.BuildStatus.FAILURE;
return result;
}
}
10 changes: 2 additions & 8 deletions src/main/java/org/jenkinsci/plugins/DependencyTrack/model/Thresholds.java
View file
Expand Up @@ -17,12 +17,6 @@

public class Thresholds {

public enum BuildStatus {
SUCCESS,
UNSTABLE,
FAILURE
}

public TotalFindings totalFindings;
public NewFindings newFindings;

Expand All @@ -32,8 +26,8 @@ public class TotalFindings {
public int medium;
public int low;
public int all;
public BuildStatus exceedBuildStatus;
public boolean limitToAnalysisExploitable;
public boolean failBuild;
}

public class NewFindings {
Expand All @@ -42,7 +36,7 @@ public class NewFindings {
public int medium;
public int low;
public int all;
public BuildStatus exceedBuildStatus;
public boolean limitToAnalysisExploitable;
public boolean failBuild;
}
}

0 comments on commit 0873622

Please sign in to comment.