Skip to content

Feature/risk tolerance risk level #13

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Feature/risk tolerance risk level #13

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
eb013a5
adding a risk tolerance and risk level to assess
jason-at-contrast Aug 18, 2025
bddd273
added an accepted risk tolerance to each of the services and defaulte…
jason-at-contrast Aug 25, 2025
5af0f98
updated readme to be more precise around ACCEPT ALL RISK
jason-at-contrast Aug 25, 2025
c248b5c
change no_risk to accept_no_risk
jason-at-contrast Aug 25, 2025
b94ced2
added the two missed services to risk tolerance
jason-at-contrast Aug 25, 2025
a505a00
Merge branch 'main' into feature/risk-tolerance-risk-level
jason-at-contrast Oct 10, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
7 changes: 3 additions & 4 deletions .gitignore
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -32,7 +32,6 @@ build/
### VS Code ###
.vscode/

### macOS ###
.DS_Store
.AppleDouble
.LSOverride
### contrast specific items ###
config.json
*.ipynb
210 changes: 187 additions & 23 deletions README.md
View file
Open in desktop

Large diffs are not rendered by default.

134 changes: 76 additions & 58 deletions src/main/java/com/contrast/labs/ai/mcp/contrast/ADRService.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -34,6 +34,8 @@ public class ADRService {

private static final Logger logger = LoggerFactory.getLogger(ADRService.class);

//This is the accepted risk tolerance level for running ADR operations. Default is ACCEPT_NO_RISK (0)
private int acceptedRiskTolerance = 0;

@Value("${contrast.host-name:${CONTRAST_HOST_NAME:}}")
private String hostName;
Expand All @@ -56,76 +58,92 @@ public class ADRService {
@Value("${http.proxy.port:${http_proxy_port:}}")
private String httpProxyPort;

@Value("${accepted.risk.tolerance:${ACCEPTED_RISK_TOLERANCE:}}")
private String acceptedRiskToleranceStr;

@Tool(name = "get_ADR_Protect_Rules", description = "takes a application name and returns the protect / adr rules for the application")
public ProtectData getProtectData(String applicationName) throws IOException {
logger.info("Starting retrieval of protection rules for application: {}", applicationName);
long startTime = System.currentTimeMillis();

try {
ContrastSDK contrastSDK = SDKHelper.getSDK(hostName, apiKey, serviceKey, userName,httpProxyHost, httpProxyPort);
logger.debug("ContrastSDK initialized successfully for application: {}", applicationName);

// Get application ID from name
logger.debug("Looking up application ID for name: {}", applicationName);
Optional<Application> app = SDKHelper.getApplicationByName(applicationName, orgID, contrastSDK);
if (app.isEmpty()) {
logger.warn("No application ID found for application: {}", applicationName);
return null;
acceptedRiskTolerance = RiskLevel.fromString(acceptedRiskToleranceStr).getValue();
logger.info("Risk level: medium, and your accepted risk tolerance is set to: {}", acceptedRiskTolerance);
if (acceptedRiskTolerance >= RiskLevel.MEDIUM.getValue()) {
logger.info("Starting retrieval of protection rules for application: {}", applicationName);
long startTime = System.currentTimeMillis();

try {
ContrastSDK contrastSDK = SDKHelper.getSDK(hostName, apiKey, serviceKey, userName,httpProxyHost, httpProxyPort);
logger.debug("ContrastSDK initialized successfully for application: {}", applicationName);

// Get application ID from name
logger.debug("Looking up application ID for name: {}", applicationName);
Optional<Application> app = SDKHelper.getApplicationByName(applicationName, orgID, contrastSDK);
if (app.isEmpty()) {
logger.warn("No application ID found for application: {}", applicationName);
return null;
}
logger.debug("Found application ID: {} for application: {}", app.get().getAppId(), applicationName);

ProtectData result = getProtectDataByAppID(app.get().getAppId());
long duration = System.currentTimeMillis() - startTime;
logger.info("Completed retrieval of protection rules for application: {} (took {} ms)", applicationName, duration);
return result;
} catch (Exception e) {
long duration = System.currentTimeMillis() - startTime;
logger.error("Error retrieving protection rules for application: {} (after {} ms): {}",
applicationName, duration, e.getMessage(), e);
throw e;
}
logger.debug("Found application ID: {} for application: {}", app.get().getAppId(), applicationName);

ProtectData result = getProtectDataByAppID(app.get().getAppId());
long duration = System.currentTimeMillis() - startTime;
logger.info("Completed retrieval of protection rules for application: {} (took {} ms)", applicationName, duration);
return result;
} catch (Exception e) {
long duration = System.currentTimeMillis() - startTime;
logger.error("Error retrieving protection rules for application: {} (after {} ms): {}",
applicationName, duration, e.getMessage(), e);
throw e;
} else {
logger.error("Your accepted Risk tolerance is too low to perform this operation. This risk level is: MEDIUM, with your accepted risk tolerance set at: {}", acceptedRiskTolerance);
throw new IOException("Accepted Risk Tolerance is too low to perform this operation. Required: MEDIUM or higher.");
}
}


@Tool(name = "get_ADR_Protect_Rules_by_app_id", description = "takes a application ID and returns the protect / adr rules for the application")
public ProtectData getProtectDataByAppID(String appID) throws IOException {
if (appID == null || appID.isEmpty()) {
logger.error("Cannot retrieve protection rules - application ID is null or empty");
throw new IllegalArgumentException("Application ID cannot be null or empty");
}

logger.info("Starting retrieval of protection rules for application ID: {}", appID);
long startTime = System.currentTimeMillis();

try {
// Initialize ContrastSDK
ContrastSDK contrastSDK = SDKHelper.getSDK(hostName, apiKey, serviceKey, userName,httpProxyHost, httpProxyPort);
logger.debug("ContrastSDK initialized successfully for application ID: {}", appID);

// Initialize SDK extension
SDKExtension extendedSDK = new SDKExtension(contrastSDK);
logger.debug("SDKExtension initialized successfully for application ID: {}", appID);

// Get protect configuration
logger.debug("Retrieving protection configuration for application ID: {}", appID);
ProtectData protectData = extendedSDK.getProtectConfig(orgID, appID);
long duration = System.currentTimeMillis() - startTime;

if (protectData == null) {
logger.warn("No protection data returned for application ID: {} (took {} ms)", appID, duration);
return null;
acceptedRiskTolerance = RiskLevel.fromString(acceptedRiskToleranceStr).getValue();
logger.info("Risk level: medium, and your accepted risk tolerance is set to: {}", acceptedRiskTolerance);
if (acceptedRiskTolerance >= RiskLevel.MEDIUM.getValue()) {
if (appID == null || appID.isEmpty()) {
logger.error("Cannot retrieve protection rules - application ID is null or empty");
throw new IllegalArgumentException("Application ID cannot be null or empty");
}

int ruleCount = protectData.getRules() != null ? protectData.getRules().size() : 0;
logger.info("Successfully retrieved {} protection rules for application ID: {} (took {} ms)",
ruleCount, appID, duration);
return protectData;
} catch (Exception e) {
long duration = System.currentTimeMillis() - startTime;
logger.error("Error retrieving protection rules for application ID: {} (after {} ms): {}",
appID, duration, e.getMessage(), e);
throw e;
logger.info("Starting retrieval of protection rules for application ID: {}", appID);
long startTime = System.currentTimeMillis();

try {
// Initialize ContrastSDK
ContrastSDK contrastSDK = SDKHelper.getSDK(hostName, apiKey, serviceKey, userName,httpProxyHost, httpProxyPort);
logger.debug("ContrastSDK initialized successfully for application ID: {}", appID);

// Initialize SDK extension
SDKExtension extendedSDK = new SDKExtension(contrastSDK);
logger.debug("SDKExtension initialized successfully for application ID: {}", appID);

// Get protect configuration
logger.debug("Retrieving protection configuration for application ID: {}", appID);
ProtectData protectData = extendedSDK.getProtectConfig(orgID, appID);
long duration = System.currentTimeMillis() - startTime;

if (protectData == null) {
logger.warn("No protection data returned for application ID: {} (took {} ms)", appID, duration);
return null;
}

int ruleCount = protectData.getRules() != null ? protectData.getRules().size() : 0;
logger.info("Successfully retrieved {} protection rules for application ID: {} (took {} ms)",
ruleCount, appID, duration);
return protectData;
} catch (Exception e) {
long duration = System.currentTimeMillis() - startTime;
logger.error("Error retrieving protection rules for application ID: {} (after {} ms): {}",
appID, duration, e.getMessage(), e);
throw e;
}
} else {
logger.error("Your accepted Risk tolerance is too low to perform this operation. This risk level is: MEDIUM, with your accepted risk tolerance set at: {}", acceptedRiskTolerance);
throw new IOException("Accepted Risk Tolerance is too low to perform this operation. Required: MEDIUM or higher.");
}
}

Expand Down
Loading