diff --git a/src/main/java/org/dependencytrack/model/DependencyMetrics.java b/src/main/java/org/dependencytrack/model/DependencyMetrics.java index f92d224808..b41cebef54 100644 --- a/src/main/java/org/dependencytrack/model/DependencyMetrics.java +++ b/src/main/java/org/dependencytrack/model/DependencyMetrics.java @@ -104,19 +104,59 @@ public class DependencyMetrics implements Serializable { private double inheritedRiskScore; @Persistent - @Column(name = "POLICYVIOLATIONS_FAIL", allowsNull = "true") // New column, must allow nulls on existing data bases) + @Column(name = "POLICYVIOLATIONS_FAIL", allowsNull = "true") // New column, must allow nulls on existing databases) + @Deprecated private Integer policyViolationsFail; @Persistent - @Column(name = "POLICYVIOLATIONS_WARN", allowsNull = "true") // New column, must allow nulls on existing data bases) + @Column(name = "POLICYVIOLATIONS_FAIL_TOTAL", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsFailTotal; + + @Persistent + @Column(name = "POLICYVIOLATIONS_FAIL_AUDITED", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsFailAudited; + + @Persistent + @Column(name = "POLICYVIOLATIONS_FAIL_UNAUDITED", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsFailUnaudited; + + @Persistent + @Column(name = "POLICYVIOLATIONS_WARN", allowsNull = "true") // New column, must allow nulls on existing databases) + @Deprecated private Integer policyViolationsWarn; @Persistent - @Column(name = "POLICYVIOLATIONS_INFO", allowsNull = "true") // New column, must allow nulls on existing data bases) + @Column(name = "POLICYVIOLATIONS_WARN_TOTAL", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsWarnTotal; + + @Persistent + @Column(name = "POLICYVIOLATIONS_WARN_AUDITED", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsWarnAudited; + + @Persistent + @Column(name = "POLICYVIOLATIONS_WARN_UNAUDITED", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsWarnUnaudited; + + @Persistent + @Column(name = "POLICYVIOLATIONS_INFO", allowsNull = "true") // New column, must allow nulls on existing databases) + @Deprecated private Integer policyViolationsInfo; @Persistent - @Column(name = "POLICYVIOLATIONS_TOTAL", allowsNull = "true") // New column, must allow nulls on existing data bases) + @Column(name = "POLICYVIOLATIONS_INFO_TOTAL", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsInfoTotal; + + @Persistent + @Column(name = "POLICYVIOLATIONS_INFO_AUDITED", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsInfoAudited; + + @Persistent + @Column(name = "POLICYVIOLATIONS_INFO_UNAUDITED", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsInfoUnaudited; + + + @Persistent + @Column(name = "POLICYVIOLATIONS_TOTAL", allowsNull = "true") // New column, must allow nulls on existing databases) private Integer policyViolationsTotal; @Persistent @@ -287,28 +327,91 @@ public void setInheritedRiskScore(double inheritedRiskScore) { this.inheritedRiskScore = inheritedRiskScore; } + @Deprecated public int getPolicyViolationsFail() { - return policyViolationsFail; + return policyViolationsFailUnaudited; + } + + public int getPolicyViolationsFailTotal() { + return policyViolationsFailTotal; + } + + public void setPolicyViolationsFailTotal(int policyViolationsFailTotal) { + this.policyViolationsFailTotal = policyViolationsFailTotal; + } + + public int getPolicyViolationsFailAudited() { + return policyViolationsFailAudited; } - public void setPolicyViolationsFail(int policyViolationsFail) { - this.policyViolationsFail = policyViolationsFail; + public void setPolicyViolationsFailAudited(int policyViolationsFailAudited) { + this.policyViolationsFailAudited = policyViolationsFailAudited; } + public int getPolicyViolationsFailUnaudited() { + return policyViolationsFailUnaudited; + } + + public void setPolicyViolationsFailUnaudited(int policyViolationsFailUnaudited) { + this.policyViolationsFailUnaudited = policyViolationsFailUnaudited; + } + + @Deprecated public int getPolicyViolationsWarn() { - return policyViolationsWarn; + return policyViolationsWarnUnaudited; + } + + public int getPolicyViolationsWarnTotal() { + return policyViolationsWarnTotal; + } + + public void setPolicyViolationsWarnTotal(int policyViolationsWarnTotal) { + this.policyViolationsWarnTotal = policyViolationsWarnTotal; + } + + public int getPolicyViolationsWarnAudited() { + return policyViolationsWarnAudited; + } + + public void setPolicyViolationsWarnAudited(int policyViolationsWarnAudited) { + this.policyViolationsWarnAudited = policyViolationsWarnAudited; } - public void setPolicyViolationsWarn(int policyViolationsWarn) { - this.policyViolationsWarn = policyViolationsWarn; + public int getPolicyViolationsWarnUnaudited() { + return policyViolationsWarnUnaudited; } + public void setPolicyViolationsWarnUnaudited(int policyViolationsWarnUnaudited) { + this.policyViolationsWarnUnaudited = policyViolationsWarnUnaudited; + } + + @Deprecated public int getPolicyViolationsInfo() { - return policyViolationsInfo; + return policyViolationsInfoUnaudited; + } + + public int getPolicyViolationsInfoTotal() { + return policyViolationsInfoTotal; + } + + public void setPolicyViolationsInfoTotal(int policyViolationsInfoTotal) { + this.policyViolationsInfoTotal = policyViolationsInfoTotal; + } + + public int getPolicyViolationsInfoAudited() { + return policyViolationsInfoAudited; + } + + public void setPolicyViolationsInfoAudited(int policyViolationsInfoAudited) { + this.policyViolationsInfoAudited = policyViolationsInfoAudited; + } + + public int getPolicyViolationsInfoUnaudited() { + return policyViolationsInfoUnaudited; } - public void setPolicyViolationsInfo(int policyViolationsInfo) { - this.policyViolationsInfo = policyViolationsInfo; + public void setPolicyViolationsInfoUnaudited(int policyViolationsInfoUnaudited) { + this.policyViolationsInfoUnaudited = policyViolationsInfoUnaudited; } public int getPolicyViolationsTotal() { diff --git a/src/main/java/org/dependencytrack/model/PortfolioMetrics.java b/src/main/java/org/dependencytrack/model/PortfolioMetrics.java index aeec76cfe8..6a8c41bada 100644 --- a/src/main/java/org/dependencytrack/model/PortfolioMetrics.java +++ b/src/main/java/org/dependencytrack/model/PortfolioMetrics.java @@ -116,17 +116,56 @@ public class PortfolioMetrics implements Serializable { private double inheritedRiskScore; @Persistent - @Column(name = "POLICYVIOLATIONS_FAIL", allowsNull = "true") // New column, must allow nulls on existing data bases) + @Column(name = "POLICYVIOLATIONS_FAIL", allowsNull = "true") // New column, must allow nulls on existing databases) + @Deprecated private Integer policyViolationsFail; @Persistent - @Column(name = "POLICYVIOLATIONS_WARN", allowsNull = "true") // New column, must allow nulls on existing data bases) + @Column(name = "POLICYVIOLATIONS_FAIL_TOTAL", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsFailTotal; + + @Persistent + @Column(name = "POLICYVIOLATIONS_FAIL_AUDITED", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsFailAudited; + + @Persistent + @Column(name = "POLICYVIOLATIONS_FAIL_UNAUDITED", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsFailUnaudited; + + @Persistent + @Column(name = "POLICYVIOLATIONS_WARN", allowsNull = "true") // New column, must allow nulls on existing databases) + @Deprecated private Integer policyViolationsWarn; @Persistent - @Column(name = "POLICYVIOLATIONS_INFO", allowsNull = "true") // New column, must allow nulls on existing data bases) + @Column(name = "POLICYVIOLATIONS_WARN_TOTAL", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsWarnTotal; + + @Persistent + @Column(name = "POLICYVIOLATIONS_WARN_AUDITED", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsWarnAudited; + + @Persistent + @Column(name = "POLICYVIOLATIONS_WARN_UNAUDITED", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsWarnUnaudited; + + @Persistent + @Column(name = "POLICYVIOLATIONS_INFO", allowsNull = "true") // New column, must allow nulls on existing databases) + @Deprecated private Integer policyViolationsInfo; + @Persistent + @Column(name = "POLICYVIOLATIONS_INFO_TOTAL", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsInfoTotal; + + @Persistent + @Column(name = "POLICYVIOLATIONS_INFO_AUDITED", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsInfoAudited; + + @Persistent + @Column(name = "POLICYVIOLATIONS_INFO_UNAUDITED", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsInfoUnaudited; + @Persistent @Column(name = "POLICYVIOLATIONS_TOTAL", allowsNull = "true") // New column, must allow nulls on existing data bases) private Integer policyViolationsTotal; @@ -317,28 +356,91 @@ public void setInheritedRiskScore(double inheritedRiskScore) { this.inheritedRiskScore = inheritedRiskScore; } + @Deprecated public int getPolicyViolationsFail() { - return policyViolationsFail; + return policyViolationsFailUnaudited; + } + + public int getPolicyViolationsFailTotal() { + return policyViolationsFailTotal; + } + + public void setPolicyViolationsFailTotal(int policyViolationsFailTotal) { + this.policyViolationsFailTotal = policyViolationsFailTotal; + } + + public int getPolicyViolationsFailAudited() { + return policyViolationsFailAudited; } - public void setPolicyViolationsFail(int policyViolationsFail) { - this.policyViolationsFail = policyViolationsFail; + public void setPolicyViolationsFailAudited(int policyViolationsFailAudited) { + this.policyViolationsFailAudited = policyViolationsFailAudited; } + public int getPolicyViolationsFailUnaudited() { + return policyViolationsFailUnaudited; + } + + public void setPolicyViolationsFailUnaudited(int policyViolationsFailUnaudited) { + this.policyViolationsFailUnaudited = policyViolationsFailUnaudited; + } + + @Deprecated public int getPolicyViolationsWarn() { - return policyViolationsWarn; + return policyViolationsWarnUnaudited; + } + + public int getPolicyViolationsWarnTotal() { + return policyViolationsWarnTotal; + } + + public void setPolicyViolationsWarnTotal(int policyViolationsWarnTotal) { + this.policyViolationsWarnTotal = policyViolationsWarnTotal; + } + + public int getPolicyViolationsWarnAudited() { + return policyViolationsWarnAudited; + } + + public void setPolicyViolationsWarnAudited(int policyViolationsWarnAudited) { + this.policyViolationsWarnAudited = policyViolationsWarnAudited; } - public void setPolicyViolationsWarn(int policyViolationsWarn) { - this.policyViolationsWarn = policyViolationsWarn; + public int getPolicyViolationsWarnUnaudited() { + return policyViolationsWarnUnaudited; } + public void setPolicyViolationsWarnUnaudited(int policyViolationsWarnUnaudited) { + this.policyViolationsWarnUnaudited = policyViolationsWarnUnaudited; + } + + @Deprecated public int getPolicyViolationsInfo() { - return policyViolationsInfo; + return policyViolationsInfoUnaudited; + } + + public int getPolicyViolationsInfoTotal() { + return policyViolationsInfoTotal; + } + + public void setPolicyViolationsInfoTotal(int policyViolationsInfoTotal) { + this.policyViolationsInfoTotal = policyViolationsInfoTotal; + } + + public int getPolicyViolationsInfoAudited() { + return policyViolationsInfoAudited; + } + + public void setPolicyViolationsInfoAudited(int policyViolationsInfoAudited) { + this.policyViolationsInfoAudited = policyViolationsInfoAudited; + } + + public int getPolicyViolationsInfoUnaudited() { + return policyViolationsInfoUnaudited; } - public void setPolicyViolationsInfo(int policyViolationsInfo) { - this.policyViolationsInfo = policyViolationsInfo; + public void setPolicyViolationsInfoUnaudited(int policyViolationsInfoUnaudited) { + this.policyViolationsInfoUnaudited = policyViolationsInfoUnaudited; } public int getPolicyViolationsTotal() { diff --git a/src/main/java/org/dependencytrack/model/ProjectMetrics.java b/src/main/java/org/dependencytrack/model/ProjectMetrics.java index bfa68856cb..36566e4474 100644 --- a/src/main/java/org/dependencytrack/model/ProjectMetrics.java +++ b/src/main/java/org/dependencytrack/model/ProjectMetrics.java @@ -112,17 +112,56 @@ public class ProjectMetrics implements Serializable { private double inheritedRiskScore; @Persistent - @Column(name = "POLICYVIOLATIONS_FAIL", allowsNull = "true") // New column, must allow nulls on existing data bases) + @Column(name = "POLICYVIOLATIONS_FAIL", allowsNull = "true") // New column, must allow nulls on existing databases) + @Deprecated private Integer policyViolationsFail; @Persistent - @Column(name = "POLICYVIOLATIONS_WARN", allowsNull = "true") // New column, must allow nulls on existing data bases) + @Column(name = "POLICYVIOLATIONS_FAIL_TOTAL", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsFailTotal; + + @Persistent + @Column(name = "POLICYVIOLATIONS_FAIL_AUDITED", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsFailAudited; + + @Persistent + @Column(name = "POLICYVIOLATIONS_FAIL_UNAUDITED", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsFailUnaudited; + + @Persistent + @Column(name = "POLICYVIOLATIONS_WARN", allowsNull = "true") // New column, must allow nulls on existing databases) + @Deprecated private Integer policyViolationsWarn; @Persistent - @Column(name = "POLICYVIOLATIONS_INFO", allowsNull = "true") // New column, must allow nulls on existing data bases) + @Column(name = "POLICYVIOLATIONS_WARN_TOTAL", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsWarnTotal; + + @Persistent + @Column(name = "POLICYVIOLATIONS_WARN_AUDITED", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsWarnAudited; + + @Persistent + @Column(name = "POLICYVIOLATIONS_WARN_UNAUDITED", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsWarnUnaudited; + + @Persistent + @Column(name = "POLICYVIOLATIONS_INFO", allowsNull = "true") // New column, must allow nulls on existing databases) + @Deprecated private Integer policyViolationsInfo; + @Persistent + @Column(name = "POLICYVIOLATIONS_INFO_TOTAL", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsInfoTotal; + + @Persistent + @Column(name = "POLICYVIOLATIONS_INFO_AUDITED", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsInfoAudited; + + @Persistent + @Column(name = "POLICYVIOLATIONS_INFO_UNAUDITED", allowsNull = "true") // New column, must allow nulls on existing databases) + private Integer policyViolationsInfoUnaudited; + @Persistent @Column(name = "POLICYVIOLATIONS_TOTAL", allowsNull = "true") // New column, must allow nulls on existing data bases) private Integer policyViolationsTotal; @@ -305,28 +344,91 @@ public void setInheritedRiskScore(double inheritedRiskScore) { this.inheritedRiskScore = inheritedRiskScore; } + @Deprecated public int getPolicyViolationsFail() { - return policyViolationsFail; + return policyViolationsFailUnaudited; + } + + public int getPolicyViolationsFailTotal() { + return policyViolationsFailTotal; + } + + public void setPolicyViolationsFailTotal(int policyViolationsFailTotal) { + this.policyViolationsFailTotal = policyViolationsFailTotal; + } + + public int getPolicyViolationsFailAudited() { + return policyViolationsFailAudited; } - public void setPolicyViolationsFail(int policyViolationsFail) { - this.policyViolationsFail = policyViolationsFail; + public void setPolicyViolationsFailAudited(int policyViolationsFailAudited) { + this.policyViolationsFailAudited = policyViolationsFailAudited; } + public int getPolicyViolationsFailUnaudited() { + return policyViolationsFailUnaudited; + } + + public void setPolicyViolationsFailUnaudited(int policyViolationsFailUnaudited) { + this.policyViolationsFailUnaudited = policyViolationsFailUnaudited; + } + + @Deprecated public int getPolicyViolationsWarn() { - return policyViolationsWarn; + return policyViolationsWarnUnaudited; + } + + public int getPolicyViolationsWarnTotal() { + return policyViolationsWarnTotal; + } + + public void setPolicyViolationsWarnTotal(int policyViolationsWarnTotal) { + this.policyViolationsWarnTotal = policyViolationsWarnTotal; + } + + public int getPolicyViolationsWarnAudited() { + return policyViolationsWarnAudited; + } + + public void setPolicyViolationsWarnAudited(int policyViolationsWarnAudited) { + this.policyViolationsWarnAudited = policyViolationsWarnAudited; } - public void setPolicyViolationsWarn(int policyViolationsWarn) { - this.policyViolationsWarn = policyViolationsWarn; + public int getPolicyViolationsWarnUnaudited() { + return policyViolationsWarnUnaudited; } + public void setPolicyViolationsWarnUnaudited(int policyViolationsWarnUnaudited) { + this.policyViolationsWarnUnaudited = policyViolationsWarnUnaudited; + } + + @Deprecated public int getPolicyViolationsInfo() { - return policyViolationsInfo; + return policyViolationsInfoUnaudited; + } + + public int getPolicyViolationsInfoTotal() { + return policyViolationsInfoTotal; + } + + public void setPolicyViolationsInfoTotal(int policyViolationsInfoTotal) { + this.policyViolationsInfoTotal = policyViolationsInfoTotal; + } + + public int getPolicyViolationsInfoAudited() { + return policyViolationsInfoAudited; + } + + public void setPolicyViolationsInfoAudited(int policyViolationsInfoAudited) { + this.policyViolationsInfoAudited = policyViolationsInfoAudited; + } + + public int getPolicyViolationsInfoUnaudited() { + return policyViolationsInfoUnaudited; } - public void setPolicyViolationsInfo(int policyViolationsInfo) { - this.policyViolationsInfo = policyViolationsInfo; + public void setPolicyViolationsInfoUnaudited(int policyViolationsInfoUnaudited) { + this.policyViolationsInfoUnaudited = policyViolationsInfoUnaudited; } public int getPolicyViolationsTotal() { diff --git a/src/main/java/org/dependencytrack/resources/v1/misc/Badger.java b/src/main/java/org/dependencytrack/resources/v1/misc/Badger.java index 94dfb50452..1b715049a1 100644 --- a/src/main/java/org/dependencytrack/resources/v1/misc/Badger.java +++ b/src/main/java/org/dependencytrack/resources/v1/misc/Badger.java @@ -68,9 +68,9 @@ public String generateViolations(ProjectMetrics metrics) { if (metrics == null) { return writeSvg(PROJECT_VIOLATIONS_NO_METRICS_TEMPLATE, context); } else if (metrics.getPolicyViolationsTotal() > 0) { - context.put("fail", String.valueOf(metrics.getPolicyViolationsFail())); - context.put("warn", String.valueOf(metrics.getPolicyViolationsWarn())); - context.put("info", String.valueOf(metrics.getPolicyViolationsInfo())); + context.put("fail", String.valueOf(metrics.getPolicyViolationsFailTotal())); + context.put("warn", String.valueOf(metrics.getPolicyViolationsWarnTotal())); + context.put("info", String.valueOf(metrics.getPolicyViolationsInfoTotal())); return writeSvg(PROJECT_VIOLATIONS_TEMPLATE, context); } else { return writeSvg(PROJECT_VIOLATIONS_NONE_TEMPLATE, context); diff --git a/src/main/java/org/dependencytrack/tasks/metrics/ComponentMetricsUpdateTask.java b/src/main/java/org/dependencytrack/tasks/metrics/ComponentMetricsUpdateTask.java index 570cb001e0..58f19cec81 100644 --- a/src/main/java/org/dependencytrack/tasks/metrics/ComponentMetricsUpdateTask.java +++ b/src/main/java/org/dependencytrack/tasks/metrics/ComponentMetricsUpdateTask.java @@ -21,6 +21,7 @@ import alpine.common.logging.Logger; import alpine.event.framework.Event; import alpine.event.framework.Subscriber; +import org.apache.commons.lang3.BooleanUtils; import org.apache.commons.lang3.time.DurationFormatUtils; import org.dependencytrack.event.ComponentMetricsUpdateEvent; import org.dependencytrack.metrics.Metrics; @@ -30,8 +31,6 @@ import org.dependencytrack.model.DependencyMetrics; import org.dependencytrack.model.Policy; import org.dependencytrack.model.PolicyViolation; -import org.dependencytrack.model.ViolationAnalysis; -import org.dependencytrack.model.ViolationAnalysisState; import org.dependencytrack.model.Vulnerability; import org.dependencytrack.model.VulnerabilityAlias; import org.dependencytrack.persistence.QueryManager; @@ -122,29 +121,36 @@ static Counters updateMetrics(final UUID uuid) throws Exception { } switch (Policy.ViolationState.valueOf(violation.violationState().name())) { - case FAIL -> counters.policyViolationsFail++; - case WARN -> counters.policyViolationsWarn++; - case INFO -> counters.policyViolationsInfo++; + case FAIL -> counters.policyViolationsFailTotal++; + case WARN -> counters.policyViolationsWarnTotal++; + case INFO -> counters.policyViolationsInfoTotal++; } - } - if (counters.policyViolationsLicenseTotal > 0) { - counters.policyViolationsLicenseAudited = toIntExact(getTotalAuditedPolicyViolations(pm, component, PolicyViolation.Type.LICENSE)); - counters.policyViolationsLicenseUnaudited = counters.policyViolationsLicenseTotal - counters.policyViolationsLicenseAudited; - } - if (counters.policyViolationsOperationalTotal > 0) { - counters.policyViolationsOperationalAudited = toIntExact(getTotalAuditedPolicyViolations(pm, component, PolicyViolation.Type.OPERATIONAL)); - counters.policyViolationsOperationalUnaudited = counters.policyViolationsOperationalTotal - counters.policyViolationsOperationalAudited; - } - if (counters.policyViolationsSecurityTotal > 0) { - counters.policyViolationsSecurityAudited = toIntExact(getTotalAuditedPolicyViolations(pm, component, PolicyViolation.Type.SECURITY)); - counters.policyViolationsSecurityUnaudited = counters.policyViolationsSecurityTotal - counters.policyViolationsSecurityAudited; + if (BooleanUtils.isTrue(violation.suppressed)) { + counters.policyViolationsAudited++; + + switch (PolicyViolation.Type.valueOf(violation.type().name())) { + case LICENSE -> counters.policyViolationsLicenseAudited++; + case OPERATIONAL -> counters.policyViolationsOperationalAudited++; + case SECURITY -> counters.policyViolationsSecurityAudited++; + } + + switch (Policy.ViolationState.valueOf(violation.violationState().name())) { + case FAIL -> counters.policyViolationsFailAudited++; + case WARN -> counters.policyViolationsWarnAudited++; + case INFO -> counters.policyViolationsInfoAudited++; + } + } } - counters.policyViolationsAudited = counters.policyViolationsLicenseAudited + - counters.policyViolationsOperationalAudited + - counters.policyViolationsSecurityAudited; counters.policyViolationsUnaudited = counters.policyViolationsTotal - counters.policyViolationsAudited; + counters.policyViolationsLicenseUnaudited = counters.policyViolationsLicenseTotal - counters.policyViolationsLicenseAudited; + counters.policyViolationsOperationalUnaudited = counters.policyViolationsOperationalTotal - counters.policyViolationsOperationalAudited; + counters.policyViolationsSecurityUnaudited = counters.policyViolationsSecurityTotal - counters.policyViolationsSecurityAudited; + counters.policyViolationsFailUnaudited = counters.policyViolationsFailTotal - counters.policyViolationsFailAudited; + counters.policyViolationsWarnUnaudited = counters.policyViolationsWarnTotal - counters.policyViolationsWarnAudited; + counters.policyViolationsInfoUnaudited = counters.policyViolationsInfoTotal - counters.policyViolationsInfoAudited; + qm.runInTransaction(() -> { final DependencyMetrics latestMetrics = qm.getMostRecentDependencyMetrics(component); @@ -214,28 +220,14 @@ private static long getTotalSuppressedFindings(final PersistenceManager pm, fina private static List getPolicyViolations(final PersistenceManager pm, final Component component) throws Exception { try (final Query query = pm.newQuery(PolicyViolation.class)) { - query.setFilter("component == :component && (analysis == null || analysis.suppressed == false)"); + query.setFilter("component == :component"); query.setParameters(component); - query.setResult("type, policyCondition.policy.violationState"); + query.setResult("type, policyCondition.policy.violationState, analysis.suppressed"); return List.copyOf(query.executeResultList(PolicyViolationProjection.class)); } } - private static long getTotalAuditedPolicyViolations(final PersistenceManager pm, final Component component, final PolicyViolation.Type violationType) throws Exception { - try (final Query query = pm.newQuery(ViolationAnalysis.class)) { - query.setFilter(""" - component == :component && - suppressed == false && - analysisState != :notSet && - policyViolation.type == :violationType - """); - query.setParameters(component, ViolationAnalysisState.NOT_SET, violationType); - query.setResult("count(this)"); - return query.executeResultUnique(Long.class); - } - } - - public record PolicyViolationProjection(Enum type, Enum violationState) { + public record PolicyViolationProjection(Enum type, Enum violationState, Boolean suppressed) { } } diff --git a/src/main/java/org/dependencytrack/tasks/metrics/Counters.java b/src/main/java/org/dependencytrack/tasks/metrics/Counters.java index 77b9e0584e..f9c7cd41c1 100644 --- a/src/main/java/org/dependencytrack/tasks/metrics/Counters.java +++ b/src/main/java/org/dependencytrack/tasks/metrics/Counters.java @@ -39,7 +39,9 @@ final class Counters { double inheritedRiskScore; int components, vulnerableComponents, projects, vulnerableProjects; int vulnerabilities, suppressions, findingsTotal, findingsAudited, findingsUnaudited; - int policyViolationsFail, policyViolationsWarn, policyViolationsInfo, + int policyViolationsFailTotal, policyViolationsFailAudited, policyViolationsFailUnaudited, + policyViolationsWarnTotal, policyViolationsWarnAudited, policyViolationsWarnUnaudited, + policyViolationsInfoTotal,policyViolationsInfoAudited, policyViolationsInfoUnaudited, policyViolationsTotal, policyViolationsAudited, policyViolationsUnaudited, policyViolationsSecurityTotal, policyViolationsSecurityAudited, policyViolationsSecurityUnaudited, policyViolationsLicenseTotal, policyViolationsLicenseAudited, policyViolationsLicenseUnaudited, @@ -66,9 +68,15 @@ DependencyMetrics createComponentMetrics(final Component component) { metrics.setFindingsAudited(this.findingsAudited); metrics.setFindingsUnaudited(this.findingsUnaudited); metrics.setInheritedRiskScore(this.inheritedRiskScore); - metrics.setPolicyViolationsFail(this.policyViolationsFail); - metrics.setPolicyViolationsWarn(this.policyViolationsWarn); - metrics.setPolicyViolationsInfo(this.policyViolationsInfo); + metrics.setPolicyViolationsFailTotal(this.policyViolationsFailTotal); + metrics.setPolicyViolationsFailAudited(this.policyViolationsFailAudited); + metrics.setPolicyViolationsFailUnaudited(this.policyViolationsFailUnaudited); + metrics.setPolicyViolationsWarnTotal(this.policyViolationsWarnTotal); + metrics.setPolicyViolationsWarnAudited(this.policyViolationsWarnAudited); + metrics.setPolicyViolationsWarnUnaudited(this.policyViolationsWarnUnaudited); + metrics.setPolicyViolationsInfoTotal(this.policyViolationsInfoTotal); + metrics.setPolicyViolationsInfoAudited(this.policyViolationsInfoAudited); + metrics.setPolicyViolationsInfoUnaudited(this.policyViolationsInfoUnaudited); metrics.setPolicyViolationsTotal(this.policyViolationsTotal); metrics.setPolicyViolationsAudited(this.policyViolationsAudited); metrics.setPolicyViolationsUnaudited(this.policyViolationsUnaudited); @@ -102,9 +110,15 @@ ProjectMetrics createProjectMetrics(final Project project) { metrics.setFindingsAudited(this.findingsAudited); metrics.setFindingsUnaudited(this.findingsUnaudited); metrics.setInheritedRiskScore(this.inheritedRiskScore); - metrics.setPolicyViolationsFail(this.policyViolationsFail); - metrics.setPolicyViolationsWarn(this.policyViolationsWarn); - metrics.setPolicyViolationsInfo(this.policyViolationsInfo); + metrics.setPolicyViolationsFailTotal(this.policyViolationsFailTotal); + metrics.setPolicyViolationsFailAudited(this.policyViolationsFailAudited); + metrics.setPolicyViolationsFailUnaudited(this.policyViolationsFailUnaudited); + metrics.setPolicyViolationsWarnTotal(this.policyViolationsWarnTotal); + metrics.setPolicyViolationsWarnAudited(this.policyViolationsWarnAudited); + metrics.setPolicyViolationsWarnUnaudited(this.policyViolationsWarnUnaudited); + metrics.setPolicyViolationsInfoTotal(this.policyViolationsInfoTotal); + metrics.setPolicyViolationsInfoAudited(this.policyViolationsInfoAudited); + metrics.setPolicyViolationsInfoUnaudited(this.policyViolationsInfoUnaudited); metrics.setPolicyViolationsTotal(this.policyViolationsTotal); metrics.setPolicyViolationsAudited(this.policyViolationsAudited); metrics.setPolicyViolationsUnaudited(this.policyViolationsUnaudited); @@ -139,9 +153,15 @@ PortfolioMetrics createPortfolioMetrics() { metrics.setProjects(this.projects); metrics.setVulnerableProjects(this.vulnerableProjects); metrics.setInheritedRiskScore(this.inheritedRiskScore); - metrics.setPolicyViolationsFail(this.policyViolationsFail); - metrics.setPolicyViolationsWarn(this.policyViolationsWarn); - metrics.setPolicyViolationsInfo(this.policyViolationsInfo); + metrics.setPolicyViolationsFailTotal(this.policyViolationsFailTotal); + metrics.setPolicyViolationsFailAudited(this.policyViolationsFailAudited); + metrics.setPolicyViolationsFailUnaudited(this.policyViolationsFailUnaudited); + metrics.setPolicyViolationsWarnTotal(this.policyViolationsWarnTotal); + metrics.setPolicyViolationsWarnAudited(this.policyViolationsWarnAudited); + metrics.setPolicyViolationsWarnUnaudited(this.policyViolationsWarnUnaudited); + metrics.setPolicyViolationsInfoTotal(this.policyViolationsInfoTotal); + metrics.setPolicyViolationsInfoAudited(this.policyViolationsInfoAudited); + metrics.setPolicyViolationsInfoUnaudited(this.policyViolationsInfoUnaudited); metrics.setPolicyViolationsTotal(this.policyViolationsTotal); metrics.setPolicyViolationsAudited(this.policyViolationsAudited); metrics.setPolicyViolationsUnaudited(this.policyViolationsUnaudited); @@ -172,9 +192,18 @@ boolean hasChanged(final DependencyMetrics comparedTo) { || comparedTo.getFindingsAudited() != this.findingsAudited || comparedTo.getFindingsUnaudited() != this.findingsUnaudited || comparedTo.getInheritedRiskScore() != this.inheritedRiskScore - || comparedTo.getPolicyViolationsFail() != this.policyViolationsFail - || comparedTo.getPolicyViolationsWarn() != this.policyViolationsWarn - || comparedTo.getPolicyViolationsInfo() != this.policyViolationsInfo + || comparedTo.getPolicyViolationsFail() != this.policyViolationsFailTotal + || comparedTo.getPolicyViolationsFailTotal() != this.policyViolationsFailTotal + || comparedTo.getPolicyViolationsFailAudited() != this.policyViolationsFailAudited + || comparedTo.getPolicyViolationsFailUnaudited() != this.policyViolationsFailUnaudited + || comparedTo.getPolicyViolationsWarn() != this.policyViolationsWarnTotal + || comparedTo.getPolicyViolationsWarnTotal() != this.policyViolationsWarnTotal + || comparedTo.getPolicyViolationsWarnAudited() != this.policyViolationsWarnAudited + || comparedTo.getPolicyViolationsWarnUnaudited() != this.policyViolationsWarnUnaudited + || comparedTo.getPolicyViolationsInfo() != this.policyViolationsInfoTotal + || comparedTo.getPolicyViolationsInfoTotal() != this.policyViolationsInfoTotal + || comparedTo.getPolicyViolationsInfoAudited() != this.policyViolationsInfoAudited + || comparedTo.getPolicyViolationsInfoUnaudited() != this.policyViolationsInfoUnaudited || comparedTo.getPolicyViolationsTotal() != this.policyViolationsTotal || comparedTo.getPolicyViolationsAudited() != this.policyViolationsAudited || comparedTo.getPolicyViolationsUnaudited() != this.policyViolationsUnaudited @@ -202,9 +231,18 @@ boolean hasChanged(final ProjectMetrics comparedTo) { || comparedTo.getFindingsAudited() != this.findingsAudited || comparedTo.getFindingsUnaudited() != this.findingsUnaudited || comparedTo.getInheritedRiskScore() != this.inheritedRiskScore - || comparedTo.getPolicyViolationsFail() != this.policyViolationsFail - || comparedTo.getPolicyViolationsWarn() != this.policyViolationsWarn - || comparedTo.getPolicyViolationsInfo() != this.policyViolationsInfo + || comparedTo.getPolicyViolationsFail() != this.policyViolationsFailTotal + || comparedTo.getPolicyViolationsFailTotal() != this.policyViolationsFailTotal + || comparedTo.getPolicyViolationsFailAudited() != this.policyViolationsFailAudited + || comparedTo.getPolicyViolationsFailUnaudited() != this.policyViolationsFailUnaudited + || comparedTo.getPolicyViolationsWarn() != this.policyViolationsWarnTotal + || comparedTo.getPolicyViolationsWarnTotal() != this.policyViolationsWarnTotal + || comparedTo.getPolicyViolationsWarnAudited() != this.policyViolationsWarnAudited + || comparedTo.getPolicyViolationsWarnUnaudited() != this.policyViolationsWarnUnaudited + || comparedTo.getPolicyViolationsInfo() != this.policyViolationsInfoTotal + || comparedTo.getPolicyViolationsInfoTotal() != this.policyViolationsInfoTotal + || comparedTo.getPolicyViolationsInfoAudited() != this.policyViolationsInfoAudited + || comparedTo.getPolicyViolationsInfoUnaudited() != this.policyViolationsInfoUnaudited || comparedTo.getPolicyViolationsTotal() != this.policyViolationsTotal || comparedTo.getPolicyViolationsAudited() != this.policyViolationsAudited || comparedTo.getPolicyViolationsUnaudited() != this.policyViolationsUnaudited @@ -230,9 +268,18 @@ boolean hasChanged(final PortfolioMetrics comparedTo) { || comparedTo.getUnassigned() != this.unassigned || comparedTo.getVulnerabilities() != this.vulnerabilities || comparedTo.getInheritedRiskScore() != this.inheritedRiskScore - || comparedTo.getPolicyViolationsFail() != this.policyViolationsFail - || comparedTo.getPolicyViolationsWarn() != this.policyViolationsWarn - || comparedTo.getPolicyViolationsInfo() != this.policyViolationsInfo + || comparedTo.getPolicyViolationsFail() != this.policyViolationsFailTotal + || comparedTo.getPolicyViolationsFailTotal() != this.policyViolationsFailTotal + || comparedTo.getPolicyViolationsFailAudited() != this.policyViolationsFailAudited + || comparedTo.getPolicyViolationsFailUnaudited() != this.policyViolationsFailUnaudited + || comparedTo.getPolicyViolationsWarn() != this.policyViolationsWarnTotal + || comparedTo.getPolicyViolationsWarnTotal() != this.policyViolationsWarnTotal + || comparedTo.getPolicyViolationsWarnAudited() != this.policyViolationsWarnAudited + || comparedTo.getPolicyViolationsWarnUnaudited() != this.policyViolationsWarnUnaudited + || comparedTo.getPolicyViolationsInfo() != this.policyViolationsInfoTotal + || comparedTo.getPolicyViolationsInfoTotal() != this.policyViolationsInfoTotal + || comparedTo.getPolicyViolationsInfoAudited() != this.policyViolationsInfoAudited + || comparedTo.getPolicyViolationsInfoUnaudited() != this.policyViolationsInfoUnaudited || comparedTo.getPolicyViolationsTotal() != this.policyViolationsTotal || comparedTo.getPolicyViolationsAudited() != this.policyViolationsAudited || comparedTo.getPolicyViolationsUnaudited() != this.policyViolationsUnaudited diff --git a/src/main/java/org/dependencytrack/tasks/metrics/PortfolioMetricsUpdateTask.java b/src/main/java/org/dependencytrack/tasks/metrics/PortfolioMetricsUpdateTask.java index 8673ba4c8c..b564510219 100644 --- a/src/main/java/org/dependencytrack/tasks/metrics/PortfolioMetricsUpdateTask.java +++ b/src/main/java/org/dependencytrack/tasks/metrics/PortfolioMetricsUpdateTask.java @@ -128,9 +128,15 @@ private void updateMetrics() throws Exception { counters.components += metrics.getComponents(); counters.vulnerableComponents += metrics.getVulnerableComponents(); - counters.policyViolationsFail += metrics.getPolicyViolationsFail(); - counters.policyViolationsWarn += metrics.getPolicyViolationsWarn(); - counters.policyViolationsInfo += metrics.getPolicyViolationsInfo(); + counters.policyViolationsFailTotal += metrics.getPolicyViolationsFailTotal(); + counters.policyViolationsFailAudited += metrics.getPolicyViolationsFailAudited(); + counters.policyViolationsFailUnaudited += metrics.getPolicyViolationsFailUnaudited(); + counters.policyViolationsWarnTotal += metrics.getPolicyViolationsWarnTotal(); + counters.policyViolationsWarnAudited += metrics.getPolicyViolationsWarnAudited(); + counters.policyViolationsWarnUnaudited += metrics.getPolicyViolationsWarnUnaudited(); + counters.policyViolationsInfoTotal += metrics.getPolicyViolationsInfoTotal(); + counters.policyViolationsInfoAudited += metrics.getPolicyViolationsInfoAudited(); + counters.policyViolationsInfoUnaudited += metrics.getPolicyViolationsInfoUnaudited(); counters.policyViolationsTotal += metrics.getPolicyViolationsTotal(); counters.policyViolationsAudited += metrics.getPolicyViolationsAudited(); counters.policyViolationsUnaudited += metrics.getPolicyViolationsUnaudited(); diff --git a/src/main/java/org/dependencytrack/tasks/metrics/ProjectMetricsUpdateTask.java b/src/main/java/org/dependencytrack/tasks/metrics/ProjectMetricsUpdateTask.java index a42cd9bf1c..26a5d76d77 100644 --- a/src/main/java/org/dependencytrack/tasks/metrics/ProjectMetricsUpdateTask.java +++ b/src/main/java/org/dependencytrack/tasks/metrics/ProjectMetricsUpdateTask.java @@ -106,9 +106,15 @@ private void updateMetrics(final UUID uuid) throws Exception { counters.vulnerableComponents += 1; } - counters.policyViolationsFail += componentCounters.policyViolationsFail; - counters.policyViolationsWarn += componentCounters.policyViolationsWarn; - counters.policyViolationsInfo += componentCounters.policyViolationsInfo; + counters.policyViolationsFailTotal += componentCounters.policyViolationsFailTotal; + counters.policyViolationsFailAudited += componentCounters.policyViolationsFailAudited; + counters.policyViolationsFailUnaudited += componentCounters.policyViolationsFailUnaudited; + counters.policyViolationsWarnTotal += componentCounters.policyViolationsWarnTotal; + counters.policyViolationsWarnAudited += componentCounters.policyViolationsWarnAudited; + counters.policyViolationsWarnUnaudited += componentCounters.policyViolationsWarnUnaudited; + counters.policyViolationsInfoTotal += componentCounters.policyViolationsInfoTotal; + counters.policyViolationsInfoAudited += componentCounters.policyViolationsInfoAudited; + counters.policyViolationsInfoUnaudited += componentCounters.policyViolationsInfoUnaudited; counters.policyViolationsTotal += componentCounters.policyViolationsTotal; counters.policyViolationsAudited += componentCounters.policyViolationsAudited; counters.policyViolationsUnaudited += componentCounters.policyViolationsUnaudited; diff --git a/src/test/java/org/dependencytrack/resources/v1/misc/BadgerTest.java b/src/test/java/org/dependencytrack/resources/v1/misc/BadgerTest.java index b0720fc101..1bbf41cd4a 100644 --- a/src/test/java/org/dependencytrack/resources/v1/misc/BadgerTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/misc/BadgerTest.java @@ -80,9 +80,9 @@ public void generateViolationsWithoutViolationsGenerateExpectedSvg() throws Exce public void generateViolationsWithViolationsGenerateExpectedSvg() throws Exception { ProjectMetrics metrics = new ProjectMetrics(); metrics.setPolicyViolationsTotal(1 + 2 + 3); - metrics.setPolicyViolationsFail(1); - metrics.setPolicyViolationsWarn(2); - metrics.setPolicyViolationsInfo(3); + metrics.setPolicyViolationsFailTotal(1); + metrics.setPolicyViolationsWarnTotal(2); + metrics.setPolicyViolationsInfoTotal(3); Badger badger = new Badger(); String svg = badger.generateViolations(metrics); Assert.assertEquals(strip(svg), strip(expectedSvg("project-violations.svg"))); diff --git a/src/test/java/org/dependencytrack/tasks/metrics/ComponentMetricsUpdateTaskTest.java b/src/test/java/org/dependencytrack/tasks/metrics/ComponentMetricsUpdateTaskTest.java index 1fb0423de2..3f570b8412 100644 --- a/src/test/java/org/dependencytrack/tasks/metrics/ComponentMetricsUpdateTaskTest.java +++ b/src/test/java/org/dependencytrack/tasks/metrics/ComponentMetricsUpdateTaskTest.java @@ -65,8 +65,17 @@ public void testUpdateCMetricsEmpty() { assertThat(metrics.getFindingsUnaudited()).isZero(); assertThat(metrics.getInheritedRiskScore()).isZero(); assertThat(metrics.getPolicyViolationsFail()).isZero(); + assertThat(metrics.getPolicyViolationsFailTotal()).isZero(); + assertThat(metrics.getPolicyViolationsFailAudited()).isZero(); + assertThat(metrics.getPolicyViolationsFailUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsWarn()).isZero(); + assertThat(metrics.getPolicyViolationsWarnTotal()).isZero(); + assertThat(metrics.getPolicyViolationsWarnAudited()).isZero(); + assertThat(metrics.getPolicyViolationsWarnUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsInfo()).isZero(); + assertThat(metrics.getPolicyViolationsInfoTotal()).isZero(); + assertThat(metrics.getPolicyViolationsInfoAudited()).isZero(); + assertThat(metrics.getPolicyViolationsInfoUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsTotal()).isZero(); assertThat(metrics.getPolicyViolationsAudited()).isZero(); assertThat(metrics.getPolicyViolationsUnaudited()).isZero(); @@ -162,8 +171,17 @@ public void testUpdateMetricsVulnerabilities() { assertThat(metrics.getFindingsUnaudited()).isEqualTo(1); assertThat(metrics.getInheritedRiskScore()).isEqualTo(8.0); assertThat(metrics.getPolicyViolationsFail()).isZero(); + assertThat(metrics.getPolicyViolationsFailTotal()).isZero(); + assertThat(metrics.getPolicyViolationsFailAudited()).isZero(); + assertThat(metrics.getPolicyViolationsFailUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsWarn()).isZero(); + assertThat(metrics.getPolicyViolationsWarnTotal()).isZero(); + assertThat(metrics.getPolicyViolationsWarnAudited()).isZero(); + assertThat(metrics.getPolicyViolationsWarnUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsInfo()).isZero(); + assertThat(metrics.getPolicyViolationsInfoTotal()).isZero(); + assertThat(metrics.getPolicyViolationsInfoAudited()).isZero(); + assertThat(metrics.getPolicyViolationsInfoUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsTotal()).isZero(); assertThat(metrics.getPolicyViolationsAudited()).isZero(); assertThat(metrics.getPolicyViolationsUnaudited()).isZero(); @@ -218,20 +236,29 @@ public void testUpdateMetricsPolicyViolations() { assertThat(metrics.getFindingsUnaudited()).isZero(); assertThat(metrics.getInheritedRiskScore()).isZero(); assertThat(metrics.getPolicyViolationsFail()).isEqualTo(1); + assertThat(metrics.getPolicyViolationsFailTotal()).isEqualTo(1); + assertThat(metrics.getPolicyViolationsFailAudited()).isZero(); + assertThat(metrics.getPolicyViolationsFailUnaudited()).isEqualTo(1); assertThat(metrics.getPolicyViolationsWarn()).isEqualTo(1); - assertThat(metrics.getPolicyViolationsInfo()).isZero(); // Suppressed - assertThat(metrics.getPolicyViolationsTotal()).isEqualTo(2); + assertThat(metrics.getPolicyViolationsWarnTotal()).isEqualTo(1); + assertThat(metrics.getPolicyViolationsWarnAudited()).isZero(); + assertThat(metrics.getPolicyViolationsWarnUnaudited()).isEqualTo(1); + assertThat(metrics.getPolicyViolationsInfo()).isZero(); + assertThat(metrics.getPolicyViolationsInfoTotal()).isEqualTo(1); + assertThat(metrics.getPolicyViolationsInfoAudited()).isEqualTo(1); // Suppressed + assertThat(metrics.getPolicyViolationsInfoUnaudited()).isZero(); + assertThat(metrics.getPolicyViolationsTotal()).isEqualTo(3); assertThat(metrics.getPolicyViolationsAudited()).isEqualTo(1); - assertThat(metrics.getPolicyViolationsUnaudited()).isEqualTo(1); - assertThat(metrics.getPolicyViolationsSecurityTotal()).isZero(); // Suppressed - assertThat(metrics.getPolicyViolationsSecurityAudited()).isZero(); + assertThat(metrics.getPolicyViolationsUnaudited()).isEqualTo(2); + assertThat(metrics.getPolicyViolationsSecurityTotal()).isEqualTo(1); + assertThat(metrics.getPolicyViolationsSecurityAudited()).isEqualTo(1); // Suppressed assertThat(metrics.getPolicyViolationsSecurityUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsLicenseTotal()).isEqualTo(1); assertThat(metrics.getPolicyViolationsLicenseAudited()).isZero(); assertThat(metrics.getPolicyViolationsLicenseUnaudited()).isEqualTo(1); assertThat(metrics.getPolicyViolationsOperationalTotal()).isEqualTo(1); - assertThat(metrics.getPolicyViolationsOperationalAudited()).isEqualTo(1); - assertThat(metrics.getPolicyViolationsOperationalUnaudited()).isZero(); + assertThat(metrics.getPolicyViolationsOperationalAudited()).isEqualTo(0); + assertThat(metrics.getPolicyViolationsOperationalUnaudited()).isEqualTo(1); qm.getPersistenceManager().refresh(component); assertThat(component.getLastInheritedRiskScore()).isZero(); @@ -310,8 +337,17 @@ public void testUpdateMetricsWithDuplicateAliases() { assertThat(metrics.getFindingsUnaudited()).isEqualTo(2); assertThat(metrics.getInheritedRiskScore()).isEqualTo(8.0); assertThat(metrics.getPolicyViolationsFail()).isZero(); + assertThat(metrics.getPolicyViolationsFailTotal()).isZero(); + assertThat(metrics.getPolicyViolationsFailAudited()).isZero(); + assertThat(metrics.getPolicyViolationsFailUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsWarn()).isZero(); + assertThat(metrics.getPolicyViolationsWarnTotal()).isZero(); + assertThat(metrics.getPolicyViolationsWarnAudited()).isZero(); + assertThat(metrics.getPolicyViolationsWarnUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsInfo()).isZero(); + assertThat(metrics.getPolicyViolationsInfoTotal()).isZero(); + assertThat(metrics.getPolicyViolationsInfoAudited()).isZero(); + assertThat(metrics.getPolicyViolationsInfoUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsTotal()).isZero(); assertThat(metrics.getPolicyViolationsAudited()).isZero(); assertThat(metrics.getPolicyViolationsUnaudited()).isZero(); diff --git a/src/test/java/org/dependencytrack/tasks/metrics/PortfolioMetricsUpdateTaskTest.java b/src/test/java/org/dependencytrack/tasks/metrics/PortfolioMetricsUpdateTaskTest.java index 11ede2cb1d..dfb2e209eb 100644 --- a/src/test/java/org/dependencytrack/tasks/metrics/PortfolioMetricsUpdateTaskTest.java +++ b/src/test/java/org/dependencytrack/tasks/metrics/PortfolioMetricsUpdateTaskTest.java @@ -79,8 +79,17 @@ public void testUpdateMetricsEmpty() { assertThat(metrics.getFindingsUnaudited()).isZero(); assertThat(metrics.getInheritedRiskScore()).isZero(); assertThat(metrics.getPolicyViolationsFail()).isZero(); + assertThat(metrics.getPolicyViolationsFailTotal()).isZero(); + assertThat(metrics.getPolicyViolationsFailAudited()).isZero(); + assertThat(metrics.getPolicyViolationsFailUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsWarn()).isZero(); + assertThat(metrics.getPolicyViolationsWarnTotal()).isZero(); + assertThat(metrics.getPolicyViolationsWarnAudited()).isZero(); + assertThat(metrics.getPolicyViolationsWarnUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsInfo()).isZero(); + assertThat(metrics.getPolicyViolationsInfoTotal()).isZero(); + assertThat(metrics.getPolicyViolationsInfoAudited()).isZero(); + assertThat(metrics.getPolicyViolationsInfoUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsTotal()).isZero(); assertThat(metrics.getPolicyViolationsAudited()).isZero(); assertThat(metrics.getPolicyViolationsUnaudited()).isZero(); @@ -171,8 +180,17 @@ public void testUpdateMetricsVulnerabilities() { assertThat(metrics.getFindingsUnaudited()).isEqualTo(1); assertThat(metrics.getInheritedRiskScore()).isEqualTo(10.0); assertThat(metrics.getPolicyViolationsFail()).isZero(); + assertThat(metrics.getPolicyViolationsFailTotal()).isZero(); + assertThat(metrics.getPolicyViolationsFailAudited()).isZero(); + assertThat(metrics.getPolicyViolationsFailUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsWarn()).isZero(); + assertThat(metrics.getPolicyViolationsWarnTotal()).isZero(); + assertThat(metrics.getPolicyViolationsWarnAudited()).isZero(); + assertThat(metrics.getPolicyViolationsWarnUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsInfo()).isZero(); + assertThat(metrics.getPolicyViolationsInfoTotal()).isZero(); + assertThat(metrics.getPolicyViolationsInfoAudited()).isZero(); + assertThat(metrics.getPolicyViolationsInfoUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsTotal()).isZero(); assertThat(metrics.getPolicyViolationsAudited()).isZero(); assertThat(metrics.getPolicyViolationsUnaudited()).isZero(); @@ -249,20 +267,29 @@ public void testUpdateMetricsPolicyViolations() { assertThat(metrics.getFindingsUnaudited()).isZero(); assertThat(metrics.getInheritedRiskScore()).isZero(); assertThat(metrics.getPolicyViolationsFail()).isEqualTo(1); + assertThat(metrics.getPolicyViolationsFailTotal()).isEqualTo(1); + assertThat(metrics.getPolicyViolationsFailAudited()).isZero(); + assertThat(metrics.getPolicyViolationsFailUnaudited()).isEqualTo(1); assertThat(metrics.getPolicyViolationsWarn()).isEqualTo(1); - assertThat(metrics.getPolicyViolationsInfo()).isZero(); // Suppressed - assertThat(metrics.getPolicyViolationsTotal()).isEqualTo(2); - assertThat(metrics.getPolicyViolationsAudited()).isEqualTo(1); - assertThat(metrics.getPolicyViolationsUnaudited()).isEqualTo(1); - assertThat(metrics.getPolicyViolationsSecurityTotal()).isZero(); // Suppressed - assertThat(metrics.getPolicyViolationsSecurityAudited()).isZero(); + assertThat(metrics.getPolicyViolationsWarnTotal()).isEqualTo(1); + assertThat(metrics.getPolicyViolationsWarnAudited()).isZero(); + assertThat(metrics.getPolicyViolationsWarnUnaudited()).isEqualTo(1);; + assertThat(metrics.getPolicyViolationsInfo()).isZero(); + assertThat(metrics.getPolicyViolationsInfoTotal()).isEqualTo(1); // Suppressed + assertThat(metrics.getPolicyViolationsInfoAudited()).isEqualTo(1); // Suppressed + assertThat(metrics.getPolicyViolationsInfoUnaudited()).isZero(); + assertThat(metrics.getPolicyViolationsTotal()).isEqualTo(3); + assertThat(metrics.getPolicyViolationsAudited()).isEqualTo(1); // Suppressed + assertThat(metrics.getPolicyViolationsUnaudited()).isEqualTo(2); + assertThat(metrics.getPolicyViolationsSecurityTotal()).isEqualTo(1); + assertThat(metrics.getPolicyViolationsSecurityAudited()).isEqualTo(1); // Suppressed assertThat(metrics.getPolicyViolationsSecurityUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsLicenseTotal()).isEqualTo(1); assertThat(metrics.getPolicyViolationsLicenseAudited()).isZero(); assertThat(metrics.getPolicyViolationsLicenseUnaudited()).isEqualTo(1); assertThat(metrics.getPolicyViolationsOperationalTotal()).isEqualTo(1); - assertThat(metrics.getPolicyViolationsOperationalAudited()).isEqualTo(1); - assertThat(metrics.getPolicyViolationsOperationalUnaudited()).isZero(); + assertThat(metrics.getPolicyViolationsOperationalAudited()).isZero(); + assertThat(metrics.getPolicyViolationsOperationalUnaudited()).isEqualTo(1); qm.getPersistenceManager().refreshAll(projectUnaudited, projectAudited, projectSuppressed, componentUnaudited, componentAudited, componentSuppressed); diff --git a/src/test/java/org/dependencytrack/tasks/metrics/ProjectMetricsUpdateTaskTest.java b/src/test/java/org/dependencytrack/tasks/metrics/ProjectMetricsUpdateTaskTest.java index 40f71d8518..f382b4a300 100644 --- a/src/test/java/org/dependencytrack/tasks/metrics/ProjectMetricsUpdateTaskTest.java +++ b/src/test/java/org/dependencytrack/tasks/metrics/ProjectMetricsUpdateTaskTest.java @@ -61,8 +61,17 @@ public void testUpdateMetricsEmpty() { assertThat(metrics.getFindingsUnaudited()).isZero(); assertThat(metrics.getInheritedRiskScore()).isZero(); assertThat(metrics.getPolicyViolationsFail()).isZero(); + assertThat(metrics.getPolicyViolationsFailTotal()).isZero(); + assertThat(metrics.getPolicyViolationsFailAudited()).isZero(); + assertThat(metrics.getPolicyViolationsFailUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsWarn()).isZero(); + assertThat(metrics.getPolicyViolationsWarnTotal()).isZero(); + assertThat(metrics.getPolicyViolationsWarnAudited()).isZero(); + assertThat(metrics.getPolicyViolationsWarnUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsInfo()).isZero(); + assertThat(metrics.getPolicyViolationsInfoTotal()).isZero(); + assertThat(metrics.getPolicyViolationsInfoAudited()).isZero(); + assertThat(metrics.getPolicyViolationsInfoUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsTotal()).isZero(); assertThat(metrics.getPolicyViolationsAudited()).isZero(); assertThat(metrics.getPolicyViolationsUnaudited()).isZero(); @@ -153,8 +162,17 @@ public void testUpdateMetricsVulnerabilities() { assertThat(metrics.getFindingsUnaudited()).isEqualTo(1); assertThat(metrics.getInheritedRiskScore()).isEqualTo(10.0); assertThat(metrics.getPolicyViolationsFail()).isZero(); + assertThat(metrics.getPolicyViolationsFailTotal()).isZero(); + assertThat(metrics.getPolicyViolationsFailAudited()).isZero(); + assertThat(metrics.getPolicyViolationsFailUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsWarn()).isZero(); + assertThat(metrics.getPolicyViolationsWarnTotal()).isZero(); + assertThat(metrics.getPolicyViolationsWarnAudited()).isZero(); + assertThat(metrics.getPolicyViolationsWarnUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsInfo()).isZero(); + assertThat(metrics.getPolicyViolationsInfoTotal()).isZero(); + assertThat(metrics.getPolicyViolationsInfoAudited()).isZero(); + assertThat(metrics.getPolicyViolationsInfoUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsTotal()).isZero(); assertThat(metrics.getPolicyViolationsAudited()).isZero(); assertThat(metrics.getPolicyViolationsUnaudited()).isZero(); @@ -221,20 +239,29 @@ public void testUpdateMetricsPolicyViolations() { assertThat(metrics.getFindingsUnaudited()).isZero(); assertThat(metrics.getInheritedRiskScore()).isZero(); assertThat(metrics.getPolicyViolationsFail()).isEqualTo(1); + assertThat(metrics.getPolicyViolationsFailTotal()).isEqualTo(1); + assertThat(metrics.getPolicyViolationsFailAudited()).isZero(); + assertThat(metrics.getPolicyViolationsFailUnaudited()).isEqualTo(1); assertThat(metrics.getPolicyViolationsWarn()).isEqualTo(1); - assertThat(metrics.getPolicyViolationsInfo()).isZero(); // Suppressed - assertThat(metrics.getPolicyViolationsTotal()).isEqualTo(2); + assertThat(metrics.getPolicyViolationsWarnTotal()).isEqualTo(1); + assertThat(metrics.getPolicyViolationsWarnAudited()).isZero(); + assertThat(metrics.getPolicyViolationsWarnUnaudited()).isEqualTo(1); + assertThat(metrics.getPolicyViolationsInfo()).isZero(); + assertThat(metrics.getPolicyViolationsInfoTotal()).isEqualTo(1); + assertThat(metrics.getPolicyViolationsInfoAudited()).isEqualTo(1); + assertThat(metrics.getPolicyViolationsInfoUnaudited()).isZero(); + assertThat(metrics.getPolicyViolationsTotal()).isEqualTo(3); assertThat(metrics.getPolicyViolationsAudited()).isEqualTo(1); - assertThat(metrics.getPolicyViolationsUnaudited()).isEqualTo(1); - assertThat(metrics.getPolicyViolationsSecurityTotal()).isZero(); // Suppressed - assertThat(metrics.getPolicyViolationsSecurityAudited()).isZero(); + assertThat(metrics.getPolicyViolationsUnaudited()).isEqualTo(2); + assertThat(metrics.getPolicyViolationsSecurityTotal()).isEqualTo(1); + assertThat(metrics.getPolicyViolationsSecurityAudited()).isEqualTo(1); // Suppressed assertThat(metrics.getPolicyViolationsSecurityUnaudited()).isZero(); assertThat(metrics.getPolicyViolationsLicenseTotal()).isEqualTo(1); assertThat(metrics.getPolicyViolationsLicenseAudited()).isZero(); assertThat(metrics.getPolicyViolationsLicenseUnaudited()).isEqualTo(1); assertThat(metrics.getPolicyViolationsOperationalTotal()).isEqualTo(1); - assertThat(metrics.getPolicyViolationsOperationalAudited()).isEqualTo(1); - assertThat(metrics.getPolicyViolationsOperationalUnaudited()).isZero(); + assertThat(metrics.getPolicyViolationsOperationalAudited()).isZero(); + assertThat(metrics.getPolicyViolationsOperationalUnaudited()).isEqualTo(1); qm.getPersistenceManager().refreshAll(project, componentUnaudited, componentAudited, componentSuppressed); assertThat(project.getLastInheritedRiskScore()).isZero();