sap-jenkins-library/pkg/codeql/codeql_test.go

//go:build unit
// +build unit

package codeql

import (
	"context"
	"errors"
	"testing"

	"github.com/google/go-github/v45/github"
	"github.com/stretchr/testify/assert"
)

type githubCodeqlScanningMock struct {
}

func (g *githubCodeqlScanningMock) ListAlertsForRepo(ctx context.Context, owner, repo string, opts *github.AlertListOptions) ([]*github.Alert, *github.Response, error) {
	openState := "open"
	closedState := "closed"
	alerts := []*github.Alert{}

	if repo == "testRepo1" {
		alerts = append(alerts, &github.Alert{State: &openState})
		alerts = append(alerts, &github.Alert{State: &openState})
		alerts = append(alerts, &github.Alert{State: &closedState})
	}

	if repo == "testRepo2" {
		if opts.Page == 1 {
			for i := 0; i < 50; i++ {
				alerts = append(alerts, &github.Alert{State: &openState})
			}
			for i := 0; i < 50; i++ {
				alerts = append(alerts, &github.Alert{State: &closedState})
			}
		}

		if opts.Page == 2 {
			for i := 0; i < 10; i++ {
				alerts = append(alerts, &github.Alert{State: &openState})
			}
			for i := 0; i < 30; i++ {
				alerts = append(alerts, &github.Alert{State: &closedState})
			}
		}
	}

	return alerts, nil, nil
}

func (g *githubCodeqlScanningMock) ListAnalysesForRepo(ctx context.Context, owner, repo string, opts *github.AnalysesListOptions) ([]*github.ScanningAnalysis, *github.Response, error) {
	resultsCount := 3
	analysis := []*github.ScanningAnalysis{{ResultsCount: &resultsCount}}
	return analysis, nil, nil
}

type githubCodeqlScanningErrorMock struct {
}

func (g *githubCodeqlScanningErrorMock) ListAlertsForRepo(ctx context.Context, owner, repo string, opts *github.AlertListOptions) ([]*github.Alert, *github.Response, error) {
	return []*github.Alert{}, nil, errors.New("Some error")
}

func (g *githubCodeqlScanningErrorMock) ListAnalysesForRepo(ctx context.Context, owner, repo string, opts *github.AnalysesListOptions) ([]*github.ScanningAnalysis, *github.Response, error) {
	return []*github.ScanningAnalysis{}, nil, errors.New("Some error")
}

func TestGetVulnerabilitiesFromClient(t *testing.T) {
	ctx := context.Background()
	t.Parallel()
	t.Run("Success", func(t *testing.T) {
		ghCodeqlScanningMock := githubCodeqlScanningMock{}
		totalAlerts := 3
		codeqlScanAuditInstance := NewCodeqlScanAuditInstance("", "", "testRepo1", "", []string{})
		codeScanning, err := getVulnerabilitiesFromClient(ctx, &ghCodeqlScanningMock, "ref", &codeqlScanAuditInstance, totalAlerts)
		assert.NoError(t, err)
		assert.Equal(t, 3, codeScanning.Total)
		assert.Equal(t, 1, codeScanning.Audited)
	})

	t.Run("Success with pagination results", func(t *testing.T) {
		ghCodeqlScanningMock := githubCodeqlScanningMock{}
		totalAlerts := 120
		codeqlScanAuditInstance := NewCodeqlScanAuditInstance("", "", "testRepo2", "", []string{})
		codeScanning, err := getVulnerabilitiesFromClient(ctx, &ghCodeqlScanningMock, "ref", &codeqlScanAuditInstance, totalAlerts)
		assert.NoError(t, err)
		assert.Equal(t, 120, codeScanning.Total)
		assert.Equal(t, 80, codeScanning.Audited)
	})

	t.Run("Error", func(t *testing.T) {
		ghCodeqlScanningErrorMock := githubCodeqlScanningErrorMock{}
		totalAlerts := 3
		codeqlScanAuditInstance := NewCodeqlScanAuditInstance("", "", "", "", []string{})
		_, err := getVulnerabilitiesFromClient(ctx, &ghCodeqlScanningErrorMock, "ref", &codeqlScanAuditInstance, totalAlerts)
		assert.Error(t, err)
	})
}

func TestGetApiUrl(t *testing.T) {
	t.Run("public url", func(t *testing.T) {
		assert.Equal(t, "https://api.github.com", getApiUrl("https://github.com"))
	})

	t.Run("enterprise github url", func(t *testing.T) {
		assert.Equal(t, "https://github.test.org/api/v3", getApiUrl("https://github.test.org"))
	})
}

func TestGetTotalAnalysesFromClient(t *testing.T) {
	ctx := context.Background()
	t.Parallel()
	t.Run("Success", func(t *testing.T) {
		ghCodeqlScanningMock := githubCodeqlScanningMock{}
		codeqlScanAuditInstance := NewCodeqlScanAuditInstance("", "", "", "", []string{})
		total, err := getTotalAlertsFromClient(ctx, &ghCodeqlScanningMock, "ref", &codeqlScanAuditInstance)
		assert.NoError(t, err)
		assert.Equal(t, 3, total)
	})

	t.Run("Error", func(t *testing.T) {
		ghCodeqlScanningErrorMock := githubCodeqlScanningErrorMock{}
		codeqlScanAuditInstance := NewCodeqlScanAuditInstance("", "", "", "", []string{})
		_, err := getTotalAlertsFromClient(ctx, &ghCodeqlScanningErrorMock, "ref", &codeqlScanAuditInstance)
		assert.Error(t, err)
	})
}
feat(golangBuild): use 'unit' build tag to include tests during test execution (#4345) * Added unit tag as argument. Added description to runTests command. Changed code generator to have unit build tag in generated unit test files. * Added unit build tag to all unit test files. * added to new unit test unit build tag * Update verify-go.yml * small fix --------- Co-authored-by: Muhammadali Nazarov <Muhammadali.Nazarov@acronis.com> Co-authored-by: Christopher Fenner <26137398+CCFenner@users.noreply.github.com> 2023-05-03 21:02:11 +05:00			`//go:build unit`
			`// +build unit`

feat(codeqlExecuteScan): CodeQL compliance report and check (#4335) * CodeQL compliance report and check * fix test cases --------- Co-authored-by: Daria Kuznetsova <d.kuznetsova@sap.com> 2023-04-28 15:47:05 +02:00			`package codeql`

			`import (`
			`"context"`
			`"errors"`
			`"testing"`

			`"github.com/google/go-github/v45/github"`
			`"github.com/stretchr/testify/assert"`
			`)`

			`type githubCodeqlScanningMock struct {`
			`}`

			`func (g githubCodeqlScanningMock) ListAlertsForRepo(ctx context.Context, owner, repo string, opts github.AlertListOptions) ([]github.Alert, github.Response, error) {`
			`openState := "open"`
			`closedState := "closed"`
fix(codeqlExecuteScan): pagination call for getting codescanning results (#4370) pagination call for getting code scanning results --------- Co-authored-by: sumeet patil <sumeet.patil@sap.com> 2023-05-31 11:37:09 +03:00			`alerts := []*github.Alert{}`

			`if repo == "testRepo1" {`
			`alerts = append(alerts, &github.Alert{State: &openState})`
			`alerts = append(alerts, &github.Alert{State: &openState})`
			`alerts = append(alerts, &github.Alert{State: &closedState})`
			`}`

			`if repo == "testRepo2" {`
			`if opts.Page == 1 {`
			`for i := 0; i < 50; i++ {`
			`alerts = append(alerts, &github.Alert{State: &openState})`
			`}`
			`for i := 0; i < 50; i++ {`
			`alerts = append(alerts, &github.Alert{State: &closedState})`
			`}`
			`}`

			`if opts.Page == 2 {`
			`for i := 0; i < 10; i++ {`
			`alerts = append(alerts, &github.Alert{State: &openState})`
			`}`
			`for i := 0; i < 30; i++ {`
			`alerts = append(alerts, &github.Alert{State: &closedState})`
			`}`
			`}`
			`}`

feat(codeqlExecuteScan): CodeQL compliance report and check (#4335) * CodeQL compliance report and check * fix test cases --------- Co-authored-by: Daria Kuznetsova <d.kuznetsova@sap.com> 2023-04-28 15:47:05 +02:00			`return alerts, nil, nil`
			`}`

fix(codeqlExecuteScan): pagination call for getting codescanning results (#4370) pagination call for getting code scanning results --------- Co-authored-by: sumeet patil <sumeet.patil@sap.com> 2023-05-31 11:37:09 +03:00			`func (g githubCodeqlScanningMock) ListAnalysesForRepo(ctx context.Context, owner, repo string, opts github.AnalysesListOptions) ([]github.ScanningAnalysis, github.Response, error) {`
			`resultsCount := 3`
			`analysis := []*github.ScanningAnalysis{{ResultsCount: &resultsCount}}`
			`return analysis, nil, nil`
			`}`

feat(codeqlExecuteScan): CodeQL compliance report and check (#4335) * CodeQL compliance report and check * fix test cases --------- Co-authored-by: Daria Kuznetsova <d.kuznetsova@sap.com> 2023-04-28 15:47:05 +02:00			`type githubCodeqlScanningErrorMock struct {`
			`}`

			`func (g githubCodeqlScanningErrorMock) ListAlertsForRepo(ctx context.Context, owner, repo string, opts github.AlertListOptions) ([]github.Alert, github.Response, error) {`
			`return []*github.Alert{}, nil, errors.New("Some error")`
			`}`

fix(codeqlExecuteScan): pagination call for getting codescanning results (#4370) pagination call for getting code scanning results --------- Co-authored-by: sumeet patil <sumeet.patil@sap.com> 2023-05-31 11:37:09 +03:00			`func (g githubCodeqlScanningErrorMock) ListAnalysesForRepo(ctx context.Context, owner, repo string, opts github.AnalysesListOptions) ([]github.ScanningAnalysis, github.Response, error) {`
			`return []*github.ScanningAnalysis{}, nil, errors.New("Some error")`
			`}`

feat(codeqlExecuteScan): CodeQL compliance report and check (#4335) * CodeQL compliance report and check * fix test cases --------- Co-authored-by: Daria Kuznetsova <d.kuznetsova@sap.com> 2023-04-28 15:47:05 +02:00			`func TestGetVulnerabilitiesFromClient(t *testing.T) {`
			`ctx := context.Background()`
			`t.Parallel()`
			`t.Run("Success", func(t *testing.T) {`
			`ghCodeqlScanningMock := githubCodeqlScanningMock{}`
fix(codeqlExecuteScan): pagination call for getting codescanning results (#4370) pagination call for getting code scanning results --------- Co-authored-by: sumeet patil <sumeet.patil@sap.com> 2023-05-31 11:37:09 +03:00			`totalAlerts := 3`
			`codeqlScanAuditInstance := NewCodeqlScanAuditInstance("", "", "testRepo1", "", []string{})`
			`codeScanning, err := getVulnerabilitiesFromClient(ctx, &ghCodeqlScanningMock, "ref", &codeqlScanAuditInstance, totalAlerts)`
feat(codeqlExecuteScan): CodeQL compliance report and check (#4335) * CodeQL compliance report and check * fix test cases --------- Co-authored-by: Daria Kuznetsova <d.kuznetsova@sap.com> 2023-04-28 15:47:05 +02:00			`assert.NoError(t, err)`
			`assert.Equal(t, 3, codeScanning.Total)`
			`assert.Equal(t, 1, codeScanning.Audited)`
			`})`

fix(codeqlExecuteScan): pagination call for getting codescanning results (#4370) pagination call for getting code scanning results --------- Co-authored-by: sumeet patil <sumeet.patil@sap.com> 2023-05-31 11:37:09 +03:00			`t.Run("Success with pagination results", func(t *testing.T) {`
			`ghCodeqlScanningMock := githubCodeqlScanningMock{}`
			`totalAlerts := 120`
			`codeqlScanAuditInstance := NewCodeqlScanAuditInstance("", "", "testRepo2", "", []string{})`
			`codeScanning, err := getVulnerabilitiesFromClient(ctx, &ghCodeqlScanningMock, "ref", &codeqlScanAuditInstance, totalAlerts)`
			`assert.NoError(t, err)`
			`assert.Equal(t, 120, codeScanning.Total)`
			`assert.Equal(t, 80, codeScanning.Audited)`
			`})`

feat(codeqlExecuteScan): CodeQL compliance report and check (#4335) * CodeQL compliance report and check * fix test cases --------- Co-authored-by: Daria Kuznetsova <d.kuznetsova@sap.com> 2023-04-28 15:47:05 +02:00			`t.Run("Error", func(t *testing.T) {`
			`ghCodeqlScanningErrorMock := githubCodeqlScanningErrorMock{}`
fix(codeqlExecuteScan): pagination call for getting codescanning results (#4370) pagination call for getting code scanning results --------- Co-authored-by: sumeet patil <sumeet.patil@sap.com> 2023-05-31 11:37:09 +03:00			`totalAlerts := 3`
feat(codeqlExecuteScan): CodeQL compliance report and check (#4335) * CodeQL compliance report and check * fix test cases --------- Co-authored-by: Daria Kuznetsova <d.kuznetsova@sap.com> 2023-04-28 15:47:05 +02:00			`codeqlScanAuditInstance := NewCodeqlScanAuditInstance("", "", "", "", []string{})`
fix(codeqlExecuteScan): pagination call for getting codescanning results (#4370) pagination call for getting code scanning results --------- Co-authored-by: sumeet patil <sumeet.patil@sap.com> 2023-05-31 11:37:09 +03:00			`_, err := getVulnerabilitiesFromClient(ctx, &ghCodeqlScanningErrorMock, "ref", &codeqlScanAuditInstance, totalAlerts)`
feat(codeqlExecuteScan): CodeQL compliance report and check (#4335) * CodeQL compliance report and check * fix test cases --------- Co-authored-by: Daria Kuznetsova <d.kuznetsova@sap.com> 2023-04-28 15:47:05 +02:00			`assert.Error(t, err)`
			`})`
			`}`
feat(codeqlExecuteScan) : auto fill api url (#4369) 2023-05-22 19:59:43 +05:30
			`func TestGetApiUrl(t *testing.T) {`
			`t.Run("public url", func(t *testing.T) {`
			`assert.Equal(t, "https://api.github.com", getApiUrl("https://github.com"))`
			`})`

			`t.Run("enterprise github url", func(t *testing.T) {`
			`assert.Equal(t, "https://github.test.org/api/v3", getApiUrl("https://github.test.org"))`
			`})`
			`}`
fix(codeqlExecuteScan): pagination call for getting codescanning results (#4370) pagination call for getting code scanning results --------- Co-authored-by: sumeet patil <sumeet.patil@sap.com> 2023-05-31 11:37:09 +03:00
			`func TestGetTotalAnalysesFromClient(t *testing.T) {`
			`ctx := context.Background()`
			`t.Parallel()`
			`t.Run("Success", func(t *testing.T) {`
			`ghCodeqlScanningMock := githubCodeqlScanningMock{}`
			`codeqlScanAuditInstance := NewCodeqlScanAuditInstance("", "", "", "", []string{})`
			`total, err := getTotalAlertsFromClient(ctx, &ghCodeqlScanningMock, "ref", &codeqlScanAuditInstance)`
			`assert.NoError(t, err)`
			`assert.Equal(t, 3, total)`
			`})`

			`t.Run("Error", func(t *testing.T) {`
			`ghCodeqlScanningErrorMock := githubCodeqlScanningErrorMock{}`
			`codeqlScanAuditInstance := NewCodeqlScanAuditInstance("", "", "", "", []string{})`
			`_, err := getTotalAlertsFromClient(ctx, &ghCodeqlScanningErrorMock, "ref", &codeqlScanAuditInstance)`
			`assert.Error(t, err)`
			`})`
			`}`