New report scan of licenses and violations (#775)

README.md

@@ -157,6 +157,14 @@
       - [Get Vulnerabilities Report Details](#get-vulnerabilities-report-details)
       - [Get Vulnerabilities Report Content](#get-vulnerabilities-report-content)
       - [Delete Vulnerabilities Report](#delete-vulnerabilities-report)
+      - [Generate Licences Report](#generate-licences-report)
+      - [Get Licences Report Details](#get-licences-report-details)
+      - [Get Licences Report Content](#get-licences-report-content)
+      - [Delete Licences Report](#delete-licences-report)
+      - [Generate Violations Report](#generate-violations-report)
+      - [Get Violations Report Details](#get-violations-report-details)
+      - [Get Violations Report Content](#get-violations-report-content)
+      - [Delete Violations Report](#delete-violations-report)
       - [Get Artifact Summary](#get-artifact-summary)
       - [Get Entitlement info](#get-entitlement-info)
   - [Pipelines APIs](#pipelines-apis)
@@ -1916,11 +1924,30 @@ scanResults, err := xrayManager.GetScanGraphResults(scanId)
 #### Generate Vulnerabilities Report
 
 ```go
-reportRequest := services.ReportRequestParams{
+vulnerabilitiesReportRequest := services.VulnerabilitiesReportRequestParams{
   Name: "example-report",
-  Filters: services.Filter{
-    HasRemediation: &trueValue,
-    Severity:       []string{ "High" },
+  Filters: services.VulnerabilitiesFilter{
+    VulnerableComponent: "*vulnerable:component*",
+    ImpactedArtifact: "some://impacted*artifact",
+    HasRemediation: &falseValue,
+    Cve: "CVE-1234-1234",
+    IssueId: "XRAY-1234",
+    Severity: []string{
+        "High",
+        "Medium"
+      },	
+    CvssScore: services.CvssScore {
+        MinScore: float64(6.3),
+        MaxScore: float64(9)
+    },
+    Published: services.DateTimeRange {
+        Start: "2020-06-29T12:22:16Z",
+        End: "2020-06-29T12:22:16Z"
+    },
+    ScanDate: services.DateTimeRange {
+        Start: "2020-06-29T12:22:16Z",
+        End: "2020-06-29T12:22:16Z"
+    }
   },
   Resources: services.Resource{
     IncludePathPatterns: []string{ "/example-sub-dir/**" },
@@ -1933,7 +1960,7 @@ reportRequest := services.ReportRequestParams{
 }
 
 // The reportRequestResponse will contain the report ID to use in subsequent requests
-reportRequestResponse, err := xrayManager.GenerateVulnerabilitiesReport(reportRequest)
+reportRequestResponse, err := xrayManager.GenerateVulnerabilitiesReport(vulnerabilitiesReportRequest)
 ```
 
 #### Get Vulnerabilities Report Details
@@ -1963,6 +1990,175 @@ reportContent, err := xrayManager.ReportContent(reportContentRequest)
 // The reportId argument value is returned as part of the xrayManager.GenerateVulnerabilitiesReport API response.
 err := xrayManager.DeleteReport(reportId)
 ```
+#### Generate Licences Report
+
+```go
+licensesReportRequest := services.LicensesReportRequestParams{
+  Name: "example-report",
+  Filters: services.LicensesFilter{
+    Component: "*gav:component*",
+    Artifact: "some://impacted*artifact",
+    Unknown: &falseValue,
+    Unrecognized: &trueValue,
+    LicenseNames: []string{
+        "Apache",
+        "MIT",
+        "AFL"
+    },
+    LicensePatterns: []string{
+        "*Apache*",
+        "The Apache*",
+        "AFL*"
+    },
+    ScanDate: services.DateTimeRange {
+        Start: "2020-06-29T12:22:16Z",
+        End: "2020-06-29T12:22:16Z"
+    }
+  },
+  Resources: services.Resource{
+    IncludePathPatterns: []string{ "/example-sub-dir/**" },
+    Repositories: []services.Repository{
+      {
+        Name: "example-repository",
+      },
+    },
+  },
+}
+
+// The reportRequestResponse will contain the report ID to use in subsequent requests
+reportRequestResponse, err := xrayManager.GenerateLicencesReport(licensesReportRequest)
+```
+
+#### Get Licences Report Details
+
+```go
+// The reportId argument value is returned as part of the xrayManager.GenerateLicencesReport API response.
+reportDetails, err := xrayManager.ReportDetails(reportId)
+```
+
+#### Get Licences Report Content
+
+```go
+// The ReportId value is returned as part of the xrayManager.GenerateLicencesReport API response.
+reportContentRequest := services.ReportContentRequestParams{
+  ReportId:  "example-report-id",
+  Direction: "asc",
+  PageNum:   0,
+  NumRows:   0,
+  OrderBy:   "severity",
+}
+reportContent, err := xrayManager.ReportContent(reportContentRequest)
+```
+
+#### Delete Licences Report
+
+```go
+// The reportId argument value is returned as part of the xrayManager.GenerateLicencesReport API response.
+err := xrayManager.DeleteReport(reportId)
+```
+
+#### Generate Violations Report
+
+```go
+violationsReportRequest := services.ViolationsReportRequestParams{
+  Name: "example-report",
+  Filters: 		Type: "security|license|operational_risk",
+    WatchNames: []string{
+      "NameOfWatch1",
+      "NameOfWatch2"
+    },
+    WatchPatterns: []string{
+      "WildcardWatch*"
+    },
+    Component: "*vulnerable:component*",
+    Artifact: "some://impacted*artifact",
+    PolicyNames: []string{
+      "NameOfPolicy"
+    },
+    Severities: []string{
+      "High",
+      "Medium"
+    },
+    Updated: services.DateTimeRange {
+      Start: "2020-01-02T15:00:00Z",
+      End: "2020-12-15T00:00:00Z"
+    },
+    SecurityFilters: services.VulnerabilitiesFilter{
+      Cve: "CVE-2020-10693",
+      IssueId: "XRAY-87343",
+      Severity: []string{
+          "High",
+          "Medium"
+        },	
+      CvssScore: services.CvssScore {
+          MinScore: float64(6.3),
+          MaxScore: float64(9)
+      },
+      Published: services.DateTimeRange {
+          Start: "2020-06-29T12:22:16Z",
+          End: "2020-06-29T12:22:16Z"
+      },
+      ScanDate: services.DateTimeRange {
+          Start: "2020-06-29T12:22:16Z",
+          End: "2020-06-29T12:22:16Z"
+      },
+      SummaryContains: "kernel", 
+      HasRemediation: &falseValue,
+    },
+    LicenseFilters: services.LicensesFilter {
+      Unknown: &falseValue,
+      Unrecognized: &trueValue,
+		LicenseNames: []string{
+	    "Apache",
+	    "MIT",
+	    "AFL"
+		},
+    LicensePatterns: []string{
+      "*Apache*",
+      "AFL*"
+    },
+  }
+  Resources: services.Resource{
+    IncludePathPatterns: []string{ "/example-sub-dir/**" },
+    Repositories: []services.Repository{
+      {
+        Name: "example-repository",
+      },
+    },
+  },
+}
+
+// The reportRequestResponse will contain the report ID to use in subsequent requests
+reportRequestResponse, err := xrayManager.GenerateViolationsReport(violationsReportRequest)
+```
+
+#### Get Violations Report Details
+
+```go
+// The reportId argument value is returned as part of the xrayManager.GenerateViolationsReport API response.
+reportDetails, err := xrayManager.ReportDetails(reportId)
+```
+
+#### Get Violations Report Content
+
+```go
+// The ReportId value is returned as part of the xrayManager.GenerateViolationsReport API response.
+reportContentRequest := services.ReportContentRequestParams{
+  ReportId:  "example-report-id",
+  Direction: "asc",
+  PageNum:   0,
+  NumRows:   0,
+  OrderBy:   "severity",
+}
+reportContent, err := xrayManager.ReportContent(reportContentRequest)
+```
+
+#### Delete Violations Report
+
+```go
+// The reportId argument value is returned as part of the xrayManager.GenerateViolationsReport API response.
+err := xrayManager.DeleteReport(reportId)
+```
 
 #### Get Artifact Summary
 

artifactory/services/utils/tests/xray/consts.go

@@ -1105,13 +1105,20 @@ const VulnerableXrayScanResponse = `{
 }
 `
 
-const VulnerabilityRequestResponse = `
+const VulnerabilityXrayReportRequestResponse = `
 {
   "report_id": 777,
   "status": "pending"
 }
 `
 
+const LicensesXrayReportRequestResponse = `
+{
+  "report_id": 888,
+  "status": "pending"
+}
+`
+
 const VulnerabilityReportStatusResponse = `
 {
   "id": 301,
@@ -1128,7 +1135,23 @@ const VulnerabilityReportStatusResponse = `
 }
 `
 
-const VulnerabilityReportDeleteResponse = `
+const LicensesReportStatusResponse = `
+{
+  "id": 301,
+  "name": "test-generic",
+  "report_type": "license",
+  "status": "completed",
+  "total_artifacts": 4,
+  "num_of_processed_artifacts": 4,
+  "progress": 100,
+  "number_of_rows": 64,
+  "start_time": "2021-09-03T21:17:41Z",
+  "end_time": "2021-09-03T21:17:42Z",
+  "author": "test"
+}
+`
+
+const XrayReportDeleteResponse = `
 {
   "info": "report deleted successfully"
 }
@@ -1221,6 +1244,29 @@ const VulnerabilityReportDetailsResponse = `
 }
 `
 
+const LicensesReportDetailsResponse = `
+{
+  "total_rows": 1,
+  "rows" :[
+      {
+          "license": "MIT",
+          "license_name" : "The MIT License",
+          "component": "deb://debian:buster:glibc:2.28-10",
+          "artifact": "docker://redis:latest-07142020122937",
+          "path": "repo1/folder1/artifact",
+          "artifact_scan_time": "2020-07-14T09:32:00Z",
+          "unknown" : false,
+          "unrecognized" : false,
+          "custom" : false,
+          "references": [
+              "https://spdx.org/licenses/AFL-1.1.html",
+              "https://spdx.org/licenses/AFL-1.1"
+          ]
+      }
+  ]
+}
+`
+
 const VulnerableXraySummaryArtifactResponse = `
 {
   "artifacts": [
@@ -1368,3 +1414,22 @@ const BuildScanResultsResponse = `
   ]
 }
 `
+
+
+var MapReportIdEndpoint = map[int]string {
+  777: VulnerabilitiesEndpoint,
+  888: LicensesEndpoint,
+}
+
+var MapResponse = map[string]map[string]string {
+  VulnerabilitiesEndpoint: {
+    "XrayReportRequest": VulnerabilityXrayReportRequestResponse,
+    "ReportStatus": VulnerabilityReportStatusResponse,
+    "ReportDetails": VulnerabilityReportDetailsResponse,
+  },
+  LicensesEndpoint: {
+    "XrayReportRequest": LicensesXrayReportRequestResponse,
+    "ReportStatus": LicensesReportStatusResponse,
+    "ReportDetails": LicensesReportDetailsResponse,
+  },
+}

artifactory/services/utils/tests/xray/server.go

@@ -19,6 +19,7 @@ const (
 	FatalScanBuildName          = "fatalBuildName"
 	VulnerableBuildName         = "vulnerableBuildName"
 	VulnerabilitiesEndpoint     = "vulnerabilities"
+	LicensesEndpoint            = "licenses"
 	ContextualAnalysisFeatureId = "contextual_analysis"
 	BadFeatureId                = "unknown"
 )
@@ -73,22 +74,23 @@ func reportHandler(w http.ResponseWriter, r *http.Request) {
 	switch r.Method {
 	case http.MethodGet:
 		if numSegments == 1 {
-			_, err := strconv.Atoi(addlSegments[0])
+			id, err := strconv.Atoi(addlSegments[0])
 			if err != nil {
 				http.Error(w, err.Error(), http.StatusInternalServerError)
 				return
 			}
-			_, err = fmt.Fprint(w, VulnerabilityReportStatusResponse)
+			_, err = fmt.Fprint(w, MapResponse[MapReportIdEndpoint[id]]["ReportStatus"])
 			if err != nil {
 				log.Error(err)
 				http.Error(w, err.Error(), http.StatusInternalServerError)
 			}
+
 			return
 		}
 	case http.MethodPost:
 		if numSegments == 1 {
-			if addlSegments[0] == VulnerabilitiesEndpoint {
-				_, err := fmt.Fprint(w, VulnerabilityRequestResponse)
+			if addlSegments[0] == VulnerabilitiesEndpoint || addlSegments[0] == LicensesEndpoint {
+				_, err := fmt.Fprint(w, MapResponse[addlSegments[0]]["XrayReportRequest"])
 				if err != nil {
 					log.Error(err)
 					http.Error(w, err.Error(), http.StatusInternalServerError)
@@ -101,8 +103,8 @@ func reportHandler(w http.ResponseWriter, r *http.Request) {
 				http.Error(w, err.Error(), http.StatusInternalServerError)
 				return
 			}
-			if addlSegments[0] == VulnerabilitiesEndpoint {
-				_, err := fmt.Fprint(w, VulnerabilityReportDetailsResponse)
+			if addlSegments[0] == VulnerabilitiesEndpoint || addlSegments[0] == LicensesEndpoint {
+				_, err := fmt.Fprint(w, MapResponse[addlSegments[0]]["ReportDetails"])
 				if err != nil {
 					log.Error(err)
 					http.Error(w, err.Error(), http.StatusInternalServerError)
@@ -112,7 +114,7 @@ func reportHandler(w http.ResponseWriter, r *http.Request) {
 		}
 	case http.MethodDelete:
 		if numSegments == 0 {
-			_, err := fmt.Fprint(w, VulnerabilityReportDeleteResponse)
+			_, err := fmt.Fprint(w, XrayReportDeleteResponse) 
 			if err != nil {
 				log.Error(err)
 				http.Error(w, err.Error(), http.StatusInternalServerError)