From e5c6e0cf4ef9b08dcf1229983fd754697f3a7bca Mon Sep 17 00:00:00 2001 From: Julian Olderdissen Date: Mon, 7 Oct 2024 10:15:29 +0200 Subject: [PATCH] feat(fossid): Make FossID sensitivity configurable Add the option for the user to specify the sensitivity for a FossID scan to reduce the number of pending identifications. Signed-off-by: Julian Olderdissen --- model/src/main/resources/reference.yml | 2 ++ .../kotlin/config/OrtConfigurationTest.kt | 3 +- .../scanners/fossid/src/main/kotlin/FossId.kt | 3 +- .../fossid/src/main/kotlin/FossIdConfig.kt | 21 ++++++++++- .../src/test/kotlin/FossIdConfigTest.kt | 20 +++++++++-- .../fossid/src/test/kotlin/FossIdTest.kt | 36 ++++++++++++------- .../fossid/src/test/kotlin/TestUtils.kt | 3 +- 7 files changed, 70 insertions(+), 18 deletions(-) diff --git a/model/src/main/resources/reference.yml b/model/src/main/resources/reference.yml index dc1fefc12d656..515e440e2aa80 100644 --- a/model/src/main/resources/reference.yml +++ b/model/src/main/resources/reference.yml @@ -267,6 +267,8 @@ ort: urlMappingExample: "https://my-repo.example.org(?.*) -> ssh://my-mapped-repo.example.org${repoPath}" + sensitivity: 10 + secrets: user: user apiKey: XYZ diff --git a/model/src/test/kotlin/config/OrtConfigurationTest.kt b/model/src/test/kotlin/config/OrtConfigurationTest.kt index 05f0ac9af663b..c8759e80eefa3 100644 --- a/model/src/test/kotlin/config/OrtConfigurationTest.kt +++ b/model/src/test/kotlin/config/OrtConfigurationTest.kt @@ -268,7 +268,8 @@ class OrtConfigurationTest : WordSpec({ "detectLicenseDeclarations" to "true", "detectCopyrightStatements" to "true", "timeout" to "60", - "urlMappingExample" to urlMapping + "urlMappingExample" to urlMapping, + "sensitivity" to "10" ) secrets shouldContainExactly mapOf( diff --git a/plugins/scanners/fossid/src/main/kotlin/FossId.kt b/plugins/scanners/fossid/src/main/kotlin/FossId.kt index a521028c661d4..d419e2e540232 100644 --- a/plugins/scanners/fossid/src/main/kotlin/FossId.kt +++ b/plugins/scanners/fossid/src/main/kotlin/FossId.kt @@ -708,7 +708,8 @@ class FossId internal constructor( val optionsFromConfig = arrayOf( "auto_identification_detect_declaration" to "${config.detectLicenseDeclarations.compareTo(false)}", - "auto_identification_detect_copyright" to "${config.detectCopyrightStatements.compareTo(false)}" + "auto_identification_detect_copyright" to "${config.detectCopyrightStatements.compareTo(false)}", + "sensitivity" to "${config.sensitivity}" ) val scanResult = service.runScan( diff --git a/plugins/scanners/fossid/src/main/kotlin/FossIdConfig.kt b/plugins/scanners/fossid/src/main/kotlin/FossIdConfig.kt index c6b5467a01fad..befa1caf3391b 100644 --- a/plugins/scanners/fossid/src/main/kotlin/FossIdConfig.kt +++ b/plugins/scanners/fossid/src/main/kotlin/FossIdConfig.kt @@ -113,6 +113,9 @@ data class FossIdConfig( /** A limit on the amount of snippets to fetch. **/ val snippetsLimit: Int, + /** The sensitivity of the scan. */ + val sensitivity: Int, + /** Stores the map with FossID-specific configuration options. */ private val options: Map ) { @@ -157,6 +160,9 @@ data class FossIdConfig( /** Name of the configuration property defining the limit on the amount of snippets to fetch. */ private const val PROP_SNIPPETS_LIMIT = "snippetsLimit" + /** Name of the configuration property defining the sensitivity of the scan. */ + private const val PROP_SENSITIVITY = "sensitivity" + /** * The scanner options beginning with this prefix will be used to parameterize project and scan names. */ @@ -174,6 +180,12 @@ data class FossIdConfig( @JvmStatic private val DEFAULT_SNIPPETS_LIMIT = 500 + /** + * Default scan sensitivity. + */ + @JvmStatic + private val DEFAULT_SENSITIVITY = 10 + fun create(options: Options, secrets: Options): FossIdConfig { require(options.isNotEmpty()) { "No FossID Scanner configuration found." } @@ -198,10 +210,16 @@ data class FossIdConfig( val fetchSnippetMatchedLines = options[PROP_FETCH_SNIPPET_MATCHED_LINES]?.toBoolean() == true val snippetsLimit = options[PROP_SNIPPETS_LIMIT]?.toInt() ?: DEFAULT_SNIPPETS_LIMIT + val sensitivity = options[PROP_SENSITIVITY]?.toInt() ?: DEFAULT_SENSITIVITY + require(deltaScanLimit > 0) { "deltaScanLimit must be > 0, current value is $deltaScanLimit." } + require(sensitivity in 0..20) { + "Sensitivity must be between 0 and 20, current value is $sensitivity." + } + logger.info { "waitForResult parameter is set to '$waitForResult'" } return FossIdConfig( @@ -217,7 +235,8 @@ data class FossIdConfig( timeout = timeout, fetchSnippetMatchedLines = fetchSnippetMatchedLines, options = options, - snippetsLimit = snippetsLimit + snippetsLimit = snippetsLimit, + sensitivity = sensitivity ) } } diff --git a/plugins/scanners/fossid/src/test/kotlin/FossIdConfigTest.kt b/plugins/scanners/fossid/src/test/kotlin/FossIdConfigTest.kt index bbb891ccb62c3..9d78561b4211b 100644 --- a/plugins/scanners/fossid/src/test/kotlin/FossIdConfigTest.kt +++ b/plugins/scanners/fossid/src/test/kotlin/FossIdConfigTest.kt @@ -74,7 +74,8 @@ class FossIdConfigTest : WordSpec({ timeout = 300, fetchSnippetMatchedLines = true, options = options, - snippetsLimit = 1000 + snippetsLimit = 1000, + sensitivity = 10 ) } @@ -101,7 +102,8 @@ class FossIdConfigTest : WordSpec({ timeout = 60, fetchSnippetMatchedLines = false, options = options, - snippetsLimit = 500 + snippetsLimit = 500, + sensitivity = 10 ) } @@ -141,6 +143,20 @@ class FossIdConfigTest : WordSpec({ shouldThrow { FossIdConfig.create(options, secrets) } } + + "throw if the sensitivity is invalid" { + val options = mapOf( + "serverUrl" to SERVER_URL, + "sensitivity" to "21" + ) + + val secrets = mapOf( + "user" to USER, + "apiKey" to API_KEY + ) + + shouldThrow { FossIdConfig.create(options, secrets) } + } } "createNamingProvider" should { diff --git a/plugins/scanners/fossid/src/test/kotlin/FossIdTest.kt b/plugins/scanners/fossid/src/test/kotlin/FossIdTest.kt index 5c859109d5912..11a00812b4409 100644 --- a/plugins/scanners/fossid/src/test/kotlin/FossIdTest.kt +++ b/plugins/scanners/fossid/src/test/kotlin/FossIdTest.kt @@ -459,7 +459,8 @@ class FossIdTest : WordSpec({ scanCode, mapOf( "auto_identification_detect_declaration" to "0", - "auto_identification_detect_copyright" to "0" + "auto_identification_detect_copyright" to "0", + "sensitivity" to "10" ) ) } returns EntityResponseBody(status = 1) @@ -475,7 +476,8 @@ class FossIdTest : WordSpec({ scanCode, mapOf( "auto_identification_detect_declaration" to "0", - "auto_identification_detect_copyright" to "0" + "auto_identification_detect_copyright" to "0", + "sensitivity" to "10" ) ) } @@ -504,7 +506,8 @@ class FossIdTest : WordSpec({ scanCode, mapOf( "auto_identification_detect_declaration" to "0", - "auto_identification_detect_copyright" to "0" + "auto_identification_detect_copyright" to "0", + "sensitivity" to "10" ) ) } returns EntityResponseBody( @@ -523,7 +526,8 @@ class FossIdTest : WordSpec({ scanCode, mapOf( "auto_identification_detect_declaration" to "0", - "auto_identification_detect_copyright" to "0" + "auto_identification_detect_copyright" to "0", + "sensitivity" to "10" ) ) } @@ -551,7 +555,8 @@ class FossIdTest : WordSpec({ scanCode, mapOf( "auto_identification_detect_declaration" to "0", - "auto_identification_detect_copyright" to "0" + "auto_identification_detect_copyright" to "0", + "sensitivity" to "10" ) ) } returns EntityResponseBody(status = 1) @@ -642,7 +647,8 @@ class FossIdTest : WordSpec({ mapOf( *FossId.deltaScanRunParameters(originCode), "auto_identification_detect_declaration" to "0", - "auto_identification_detect_copyright" to "0" + "auto_identification_detect_copyright" to "0", + "sensitivity" to "10" ) ) } @@ -690,7 +696,8 @@ class FossIdTest : WordSpec({ mapOf( *FossId.deltaScanRunParameters(originCode), "auto_identification_detect_declaration" to "0", - "auto_identification_detect_copyright" to "0" + "auto_identification_detect_copyright" to "0", + "sensitivity" to "10" ) ) } @@ -738,7 +745,8 @@ class FossIdTest : WordSpec({ mapOf( *FossId.deltaScanRunParameters(originCode2), "auto_identification_detect_declaration" to "0", - "auto_identification_detect_copyright" to "0" + "auto_identification_detect_copyright" to "0", + "sensitivity" to "10" ) ) } @@ -786,7 +794,8 @@ class FossIdTest : WordSpec({ mapOf( *FossId.deltaScanRunParameters(originCode2), "auto_identification_detect_declaration" to "0", - "auto_identification_detect_copyright" to "0" + "auto_identification_detect_copyright" to "0", + "sensitivity" to "10" ) ) } @@ -830,7 +839,8 @@ class FossIdTest : WordSpec({ mapOf( *FossId.deltaScanRunParameters(originCode), "auto_identification_detect_declaration" to "0", - "auto_identification_detect_copyright" to "0" + "auto_identification_detect_copyright" to "0", + "sensitivity" to "10" ) ) service.listIgnoreRules(USER, API_KEY, originCode) @@ -884,7 +894,8 @@ class FossIdTest : WordSpec({ mapOf( *FossId.deltaScanRunParameters(originCode), "auto_identification_detect_declaration" to "0", - "auto_identification_detect_copyright" to "0" + "auto_identification_detect_copyright" to "0", + "sensitivity" to "10" ) ) service.listIgnoreRules(USER, API_KEY, originCode) @@ -931,7 +942,8 @@ class FossIdTest : WordSpec({ scanCode, mapOf( "auto_identification_detect_declaration" to "0", - "auto_identification_detect_copyright" to "0" + "auto_identification_detect_copyright" to "0", + "sensitivity" to "10" ) ) } diff --git a/plugins/scanners/fossid/src/test/kotlin/TestUtils.kt b/plugins/scanners/fossid/src/test/kotlin/TestUtils.kt index 53cb34b4fe422..dfd2cb261d678 100644 --- a/plugins/scanners/fossid/src/test/kotlin/TestUtils.kt +++ b/plugins/scanners/fossid/src/test/kotlin/TestUtils.kt @@ -137,7 +137,8 @@ internal fun createConfig( timeout = 60, fetchSnippetMatchedLines = fetchSnippetMatchedLines, options = emptyMap(), - snippetsLimit = snippetsLimit + snippetsLimit = snippetsLimit, + sensitivity = 10 ) val namingProvider = createNamingProviderMock()