feat(fossid): Make FossID sensitivity configurable

Add the option for the user to specify the sensitivity for a FossID scan to reduce the number of pending identifications. Signed-off-by: Julian Olderdissen <julian.olderdissen@bosch.com>
oss-review-toolkit · Oct 7, 2024 · 42438cc · 42438cc
1 parent 58e3c6f
commit 42438cc
Show file tree

Hide file tree

Showing 4 changed files with 34 additions and 3 deletions.
diff --git a/model/src/main/resources/reference.yml b/model/src/main/resources/reference.yml
@@ -267,6 +267,8 @@ ort:
 
  urlMappingExample: "https://my-repo.example.org(?<repoPath>.*) -> ssh://my-mapped-repo.example.org${repoPath}"
 
+ sensitivity: 10
+
  secrets:
  user: user
  apiKey: XYZ

diff --git a/plugins/scanners/fossid/src/main/kotlin/FossId.kt b/plugins/scanners/fossid/src/main/kotlin/FossId.kt
@@ -706,10 +706,12 @@ class FossId internal constructor(
  if (response.data?.status in SCAN_STATE_FOR_TRIGGER) {
  logger.info { "Triggering scan as it has not yet been started." }
 
- val optionsFromConfig = arrayOf(
+ val optionsFromConfig = mutableListOf(
  "auto_identification_detect_declaration" to "${config.detectLicenseDeclarations.compareTo(false)}",
  "auto_identification_detect_copyright" to "${config.detectCopyrightStatements.compareTo(false)}"
- )
+ ).apply {
+ config.sensitivity?.let { add("sensitivity" to "$it") }
+ }.toTypedArray()
 
  val scanResult = service.runScan(
  config.user, config.apiKey, scanCode, mapOf(*runOptions, *optionsFromConfig)

diff --git a/plugins/scanners/fossid/src/main/kotlin/FossIdConfig.kt b/plugins/scanners/fossid/src/main/kotlin/FossIdConfig.kt
@@ -113,6 +113,9 @@ data class FossIdConfig(
  /** A limit on the amount of snippets to fetch. **/
  val snippetsLimit: Int,
 
+ /** The sensitivity of the scan. */
+ val sensitivity: Int? = null,
+
  /** Stores the map with FossID-specific configuration options. */
  private val options: Map<String, String>
 ) {
@@ -157,6 +160,9 @@ data class FossIdConfig(
  /** Name of the configuration property defining the limit on the amount of snippets to fetch. */
  private const val PROP_SNIPPETS_LIMIT = "snippetsLimit"
 
+ /** Name of the configuration property defining the sensitivity of the scan. */
+ private const val PROP_SENSITIVITY = "sensitivity"
+
  /**
  * The scanner options beginning with this prefix will be used to parameterize project and scan names.
  */
@@ -198,10 +204,16 @@ data class FossIdConfig(
  val fetchSnippetMatchedLines = options[PROP_FETCH_SNIPPET_MATCHED_LINES]?.toBoolean() == true
  val snippetsLimit = options[PROP_SNIPPETS_LIMIT]?.toInt() ?: DEFAULT_SNIPPETS_LIMIT
 
+ val sensitivity = options[PROP_SENSITIVITY]?.toIntOrNull()
+
  require(deltaScanLimit > 0) {
  "deltaScanLimit must be > 0, current value is $deltaScanLimit."
  }
 
+ require(sensitivity == null || sensitivity in 0..20) {
+ "Sensitivity must be between 0 and 20, current value is $sensitivity."
+ }
+
  logger.info { "waitForResult parameter is set to '$waitForResult'" }
 
  return FossIdConfig(
@@ -217,7 +229,8 @@ data class FossIdConfig(
  timeout = timeout,
  fetchSnippetMatchedLines = fetchSnippetMatchedLines,
  options = options,
- snippetsLimit = snippetsLimit
+ snippetsLimit = snippetsLimit,
+ sensitivity = sensitivity
  )
  }
  }

diff --git a/plugins/scanners/fossid/src/test/kotlin/FossIdConfigTest.kt b/plugins/scanners/fossid/src/test/kotlin/FossIdConfigTest.kt
@@ -141,6 +141,20 @@ class FossIdConfigTest : WordSpec({
 
  shouldThrow<IllegalArgumentException> { FossIdConfig.create(options, secrets) }
  }
+
+ "throw if the sensitivity is invalid" {
+ val options = mapOf(
+ "serverUrl" to SERVER_URL,
+ "sensitivity" to "21"
+ )
+
+ val secrets = mapOf(
+ "user" to USER,
+ "apiKey" to API_KEY
+ )
+
+ shouldThrow<IllegalArgumentException> { FossIdConfig.create(options, secrets) }
+ }
  }
 
  "createNamingProvider" should {