XIVY-15521 Add SecurityScan and Codescan

src/main/java/io/ivyteam/devops/github/GitHubRepoConfigurator.java

@@ -7,8 +7,9 @@
 
 import io.ivyteam.devops.branch.Branch;
 import io.ivyteam.devops.branch.BranchRepository;
-import io.ivyteam.devops.dependabot.DependabotApiHelper;
 import io.ivyteam.devops.repo.Repo;
+import io.ivyteam.devops.securityscanner.ScanTypeEnum;
+import io.ivyteam.devops.securityscanner.SecurityScannerApiHelper;
 import io.ivyteam.devops.settings.SettingsManager;
 
 public class GitHubRepoConfigurator {
@@ -60,9 +61,9 @@ public boolean run() {
         ghRepo.enableWiki(false);
         changed = true;
       }
-      if (!repo.isVulnAlertOn()) {
+      if (!repo.isVulnAlertOn() && ghRepo.isPrivate()) {
         LOGGER.info("Enable Vulnerability-alerts");
-        DependabotApiHelper.enableAlerts(ghRepo.getUrl(), gitHub.token());
+        SecurityScannerApiHelper.enableAlerts(ghRepo.getUrl(), gitHub.token(), ScanTypeEnum.DEPENDABOT.getValue());
         changed = true;
       }
       if (repo.hooks()) {

src/main/java/io/ivyteam/devops/github/GitHubSynchronizer.java

@@ -17,12 +17,13 @@
 
 import io.ivyteam.devops.branch.Branch;
 import io.ivyteam.devops.branch.BranchRepository;
-import io.ivyteam.devops.dependabot.DependabotApiHelper;
-import io.ivyteam.devops.dependabot.DependabotRepository;
 import io.ivyteam.devops.pullrequest.PullRequest;
 import io.ivyteam.devops.pullrequest.PullRequestRepository;
 import io.ivyteam.devops.repo.Repo;
 import io.ivyteam.devops.repo.RepoRepository;
+import io.ivyteam.devops.securityscanner.ScanTypeEnum;
+import io.ivyteam.devops.securityscanner.SecurityScannerApiHelper;
+import io.ivyteam.devops.securityscanner.SecurityScannerRepository;
 import io.ivyteam.devops.user.UserRepository;
 import io.ivyteam.devops.user.UserUpdate;
 
@@ -45,7 +46,7 @@ public class GitHubSynchronizer {
   private UserRepository users;
 
   @Autowired
-  private DependabotRepository dependabots;
+  private SecurityScannerRepository securityScanners;
 
   private boolean isRunning = false;
 
@@ -98,9 +99,13 @@ public synchronized void run() {
 
         repo = gitHub.get().getRepository(repo.getFullName());
         synch(repo);
+        var helper = new SecurityScannerApiHelper(securityScanners, repo, gitHub.token());
         if (repo.isVulnerabilityAlertsEnabled()) {
-          var helper = new DependabotApiHelper(dependabots, repo, gitHub.token());
-          helper.synch();
+          helper.synch(ScanTypeEnum.DEPENDABOT.getValue());
+        }
+        if (!repo.isPrivate()) {
+          helper.synch(ScanTypeEnum.CODE_SCANNING.getValue());
+          helper.synch(ScanTypeEnum.SECRET_SCANNING.getValue());
         }
 
       }
@@ -223,7 +228,8 @@ private List<GHRepository> reposFor(String orgName) {
     try {
       var org = gitHub.get().getOrganization(orgName);
       return List.copyOf(org.getRepositories().values()).stream()
-          // .limit(10)
+          // .filter(repo -> repo.getName().equals("am-charts-sample"))
+          // .limit(50)
           .toList();
     } catch (IOException ex) {
       throw new RuntimeException(ex);

src/main/java/io/ivyteam/devops/repo/ReposView.java

@@ -19,16 +19,18 @@
 import com.vaadin.flow.router.Route;
 
 import io.ivyteam.devops.branch.BranchRepository;
-import io.ivyteam.devops.dependabot.DependabotRepository;
 import io.ivyteam.devops.pullrequest.PullRequestRepository;
+import io.ivyteam.devops.securityscanner.ScanTypeEnum;
+import io.ivyteam.devops.securityscanner.SecurityScanner;
+import io.ivyteam.devops.securityscanner.SecurityScannerRepository;
 import io.ivyteam.devops.view.View;
 
 @Route("")
 public class ReposView extends View {
   private final Grid<Repo> grid;
 
   public ReposView(RepoRepository repos, PullRequestRepository prs, BranchRepository branches,
-      DependabotRepository dependabots) {
+      SecurityScannerRepository securityscanners) {
     var repositories = repos.all();
     grid = new Grid<>(repositories);
     title.setText("Repositories (" + repositories.size() + ")");
@@ -83,20 +85,6 @@ public ReposView(RepoRepository repos, PullRequestRepository prs, BranchReposito
         .setWidth("10%")
         .setSortable(true);
 
-    grid
-        .addComponentColumn(repo -> {
-          var icon = createIcon(VaadinIcon.SHIELD);
-          icon.setTooltipText(
-              "Dependabot Alerts Enabled: Get notified when one of your dependencies has a vulnerability");
-          if (repo.isVulnAlertOn()) {
-            return icon;
-          }
-          return null;
-        })
-        .setHeader("Alerts  ")
-        .setWidth("75px")
-        .setSortable(true);
-
     grid.addComponentColumn(repo -> {
       var layout = new HorizontalLayout();
       if (repo.archived()) {
@@ -111,33 +99,64 @@ public ReposView(RepoRepository repos, PullRequestRepository prs, BranchReposito
       }
       return layout;
     }).setWidth("75px");
+    /*
+     * grid
+     * .addComponentColumn(repo -> {
+     * var icon = createIcon(VaadinIcon.SHIELD);
+     * icon.setTooltipText(
+     * "Dependabot Alerts Enabled: Get notified when one of your dependencies has a vulnerability"
+     * );
+     * if (repo.isVulnAlertOn()) {
+     * return icon;
+     * }
+     * return null;
+     * })
+     * .setHeader("Alerts enabled")
+     * .setWidth("150px")
+     * .setSortable(true);
+     */
+    grid.addComponentColumn(repo -> {
+      var layout = new HorizontalLayout();
+      try {
+        var dependabot = securityscanners.getByRepoAndScantype(repo.name(), ScanTypeEnum.DEPENDABOT.getValue());
+        if (dependabot != null) {
+          layout.add(createSecurityScannerAnchor(dependabot, dependabot.link_dependabot(),
+              ScanTypeEnum.DEPENDABOT.getValue()));
+        }
+      } catch (Exception e) {
+        return null;
+      }
+      return layout;
+    }).setHeader("Dependabot").setWidth("100px").setSortable(true);
 
-    grid
-        .addComponentColumn(repo -> {
-          var debendabot = dependabots.getByRepo(repo.name());
-          if (debendabot == null) {
-            return null;
-          } else {
-            var layout = new HorizontalLayout();
-            var a = new Anchor(debendabot.link(),
-                String.valueOf("C: " + debendabot.critical()
-                    + " | H: " + debendabot.high())
-                    + " | M: " + debendabot.medium()
-                    + " | L: " + debendabot.low(),
-                AnchorTarget.BLANK);
-            if (debendabot.critical() + debendabot.high() > 0) {
-              a.getElement().getThemeList().add("badge pill small error");
-            } else if (debendabot.low() + debendabot.medium() > 0) {
-              a.getElement().getThemeList().add("badge pill small contrast");
-            } else {
-              a.getElement().getThemeList().add("badge pill small success");
-            }
-
-            layout.add(a);
-            layout.getStyle().set("margin-inline-start", "var(--lumo-space-s)");
-            return layout;
-          }
-        }).setHeader("Dependabot Alerts").setWidth("200px").setSortable(true);
+    grid.addComponentColumn(repo -> {
+      var layout = new HorizontalLayout();
+      try {
+        var codeScan = securityscanners.getByRepoAndScantype(repo.name(), ScanTypeEnum.CODE_SCANNING.getValue());
+        if (codeScan != null) {
+          layout.add(
+              createSecurityScannerAnchor(codeScan, codeScan.link_codeScan(), ScanTypeEnum.CODE_SCANNING.getValue()));
+        }
+      } catch (Exception e) {
+        return null;
+      }
+      return layout;
+    }).setHeader("Code").setWidth("100px").setSortable(true);
+
+    grid.addComponentColumn(repo -> {
+      var layout = new HorizontalLayout();
+      try {
+        var secretScan = securityscanners.getByRepoAndScantype(repo.name(), ScanTypeEnum.SECRET_SCANNING.getValue());
+        if (secretScan != null) {
+          layout.add(
+              createSecurityScannerAnchor(secretScan, secretScan.link_secretScan(),
+                  ScanTypeEnum.SECRET_SCANNING.getValue()));
+        }
+      } catch (Exception e) {
+        return null;
+      }
+      return layout;
+    }).setHeader("Secret-Scanning").setWidth("100px").setSortable(true);
 
     grid.setHeightFull();
 
@@ -214,4 +233,30 @@ public boolean test(Repo repo) {
       return matchesName;
     }
   }
+
+  private Anchor createSecurityScannerAnchor(SecurityScanner ss, String link, String name) {
+    int summary = ss.critical() + ss.high() + ss.medium() + ss.low();
+    var text = name + "->  C: " + ss.critical() + " | H: " + ss.high() + " | M: " + ss.medium() + " | L: " + ss.low();
+
+    Icon icon = VaadinIcon.QUESTION_CIRCLE.create();
+    icon.setSize("14px");
+    icon.setTooltipText(text);
+    icon.getStyle().set("margin-left", "4px");
+
+    var a = new Anchor(link, String.valueOf(summary), AnchorTarget.BLANK);
+    a.add(icon);
+
+    if (ss.critical() + ss.high() > 0) {
+      a.getElement().getThemeList().add("badge pill small error");
+    } else if (ss.low() + ss.medium() > 0) {
+      a.getElement().getThemeList().add("badge pill small contrast");
+    } else {
+      a.getElement().getThemeList().add("badge pill small success");
+      icon.setIcon(VaadinIcon.CHECK);
+      // a.getStyle().set("display", "none");
+    }
+
+    return a;
+  }
+
 }