2023-05-03 18:02:11 +02:00
|
|
|
//go:build unit
|
|
|
|
// +build unit
|
|
|
|
|
2022-06-24 09:04:24 +02:00
|
|
|
package cmd
|
|
|
|
|
|
|
|
import (
|
2023-04-28 15:47:05 +02:00
|
|
|
"fmt"
|
2022-06-24 09:04:24 +02:00
|
|
|
"testing"
|
2023-06-20 14:50:28 +02:00
|
|
|
"time"
|
2022-06-24 09:04:24 +02:00
|
|
|
|
2023-06-20 14:50:28 +02:00
|
|
|
"github.com/SAP/jenkins-library/pkg/codeql"
|
2022-06-24 09:04:24 +02:00
|
|
|
"github.com/SAP/jenkins-library/pkg/mock"
|
2023-04-28 15:47:05 +02:00
|
|
|
"github.com/SAP/jenkins-library/pkg/orchestrator"
|
2023-06-20 14:50:28 +02:00
|
|
|
"github.com/pkg/errors"
|
2022-06-24 09:04:24 +02:00
|
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
)
|
|
|
|
|
|
|
|
type codeqlExecuteScanMockUtils struct {
|
|
|
|
*mock.ExecMockRunner
|
|
|
|
*mock.FilesMock
|
|
|
|
}
|
|
|
|
|
|
|
|
func newCodeqlExecuteScanTestsUtils() codeqlExecuteScanMockUtils {
|
|
|
|
utils := codeqlExecuteScanMockUtils{
|
|
|
|
ExecMockRunner: &mock.ExecMockRunner{},
|
|
|
|
FilesMock: &mock.FilesMock{},
|
|
|
|
}
|
|
|
|
return utils
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestRunCodeqlExecuteScan(t *testing.T) {
|
|
|
|
|
|
|
|
t.Run("Valid CodeqlExecuteScan", func(t *testing.T) {
|
|
|
|
config := codeqlExecuteScanOptions{BuildTool: "maven", ModulePath: "./"}
|
2023-04-28 15:47:05 +02:00
|
|
|
_, err := runCodeqlExecuteScan(&config, nil, newCodeqlExecuteScanTestsUtils())
|
|
|
|
assert.NoError(t, err)
|
2022-06-24 09:04:24 +02:00
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("No auth token passed on upload results", func(t *testing.T) {
|
|
|
|
config := codeqlExecuteScanOptions{BuildTool: "maven", UploadResults: true, ModulePath: "./"}
|
2023-04-28 15:47:05 +02:00
|
|
|
_, err := runCodeqlExecuteScan(&config, nil, newCodeqlExecuteScanTestsUtils())
|
|
|
|
assert.Error(t, err)
|
2022-06-24 09:04:24 +02:00
|
|
|
})
|
|
|
|
|
2022-07-12 10:25:17 +02:00
|
|
|
t.Run("GitCommitID is NA on upload results", func(t *testing.T) {
|
|
|
|
config := codeqlExecuteScanOptions{BuildTool: "maven", UploadResults: true, ModulePath: "./", CommitID: "NA"}
|
2023-04-28 15:47:05 +02:00
|
|
|
_, err := runCodeqlExecuteScan(&config, nil, newCodeqlExecuteScanTestsUtils())
|
|
|
|
assert.Error(t, err)
|
2022-07-12 10:25:17 +02:00
|
|
|
})
|
|
|
|
|
2022-06-24 09:04:24 +02:00
|
|
|
t.Run("Custom buildtool", func(t *testing.T) {
|
2023-04-28 15:47:05 +02:00
|
|
|
config := codeqlExecuteScanOptions{BuildTool: "custom", Language: "javascript", ModulePath: "./"}
|
|
|
|
_, err := runCodeqlExecuteScan(&config, nil, newCodeqlExecuteScanTestsUtils())
|
|
|
|
assert.NoError(t, err)
|
2022-06-24 09:04:24 +02:00
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("Custom buildtool but no language specified", func(t *testing.T) {
|
|
|
|
config := codeqlExecuteScanOptions{BuildTool: "custom", ModulePath: "./", GithubToken: "test"}
|
2023-04-28 15:47:05 +02:00
|
|
|
_, err := runCodeqlExecuteScan(&config, nil, newCodeqlExecuteScanTestsUtils())
|
|
|
|
assert.Error(t, err)
|
2022-06-24 09:04:24 +02:00
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("Invalid buildtool and no language specified", func(t *testing.T) {
|
|
|
|
config := codeqlExecuteScanOptions{BuildTool: "test", ModulePath: "./", GithubToken: "test"}
|
2023-04-28 15:47:05 +02:00
|
|
|
_, err := runCodeqlExecuteScan(&config, nil, newCodeqlExecuteScanTestsUtils())
|
|
|
|
assert.Error(t, err)
|
2022-06-24 09:04:24 +02:00
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("Invalid buildtool but language specified", func(t *testing.T) {
|
|
|
|
config := codeqlExecuteScanOptions{BuildTool: "test", Language: "javascript", ModulePath: "./", GithubToken: "test"}
|
2023-04-28 15:47:05 +02:00
|
|
|
_, err := runCodeqlExecuteScan(&config, nil, newCodeqlExecuteScanTestsUtils())
|
|
|
|
assert.NoError(t, err)
|
2022-06-24 09:04:24 +02:00
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestGetGitRepoInfo(t *testing.T) {
|
2023-05-05 18:57:47 +02:00
|
|
|
t.Run("Valid https URL1", func(t *testing.T) {
|
2022-06-24 09:04:24 +02:00
|
|
|
var repoInfo RepoInfo
|
2022-07-21 09:04:21 +02:00
|
|
|
err := getGitRepoInfo("https://github.hello.test/Testing/fortify.git", &repoInfo)
|
|
|
|
assert.NoError(t, err)
|
2022-06-24 09:04:24 +02:00
|
|
|
assert.Equal(t, "https://github.hello.test", repoInfo.serverUrl)
|
2023-04-28 15:47:05 +02:00
|
|
|
assert.Equal(t, "fortify", repoInfo.repo)
|
|
|
|
assert.Equal(t, "Testing", repoInfo.owner)
|
2022-06-24 09:04:24 +02:00
|
|
|
})
|
|
|
|
|
2023-05-05 18:57:47 +02:00
|
|
|
t.Run("Valid https URL2", func(t *testing.T) {
|
2022-06-24 09:04:24 +02:00
|
|
|
var repoInfo RepoInfo
|
2022-07-21 09:04:21 +02:00
|
|
|
err := getGitRepoInfo("https://github.hello.test/Testing/fortify", &repoInfo)
|
2023-04-04 21:16:15 +02:00
|
|
|
assert.NoError(t, err)
|
|
|
|
assert.Equal(t, "https://github.hello.test", repoInfo.serverUrl)
|
2023-04-28 15:47:05 +02:00
|
|
|
assert.Equal(t, "fortify", repoInfo.repo)
|
|
|
|
assert.Equal(t, "Testing", repoInfo.owner)
|
2023-04-04 21:16:15 +02:00
|
|
|
})
|
2023-05-05 18:57:47 +02:00
|
|
|
t.Run("Valid https URL1 with dots", func(t *testing.T) {
|
2023-04-04 21:16:15 +02:00
|
|
|
var repoInfo RepoInfo
|
|
|
|
err := getGitRepoInfo("https://github.hello.test/Testing/com.sap.fortify.git", &repoInfo)
|
|
|
|
assert.NoError(t, err)
|
|
|
|
assert.Equal(t, "https://github.hello.test", repoInfo.serverUrl)
|
2023-04-28 15:47:05 +02:00
|
|
|
assert.Equal(t, "com.sap.fortify", repoInfo.repo)
|
|
|
|
assert.Equal(t, "Testing", repoInfo.owner)
|
2023-04-04 21:16:15 +02:00
|
|
|
})
|
|
|
|
|
2023-05-05 18:57:47 +02:00
|
|
|
t.Run("Valid https URL2 with dots", func(t *testing.T) {
|
2023-04-04 21:16:15 +02:00
|
|
|
var repoInfo RepoInfo
|
|
|
|
err := getGitRepoInfo("https://github.hello.test/Testing/com.sap.fortify", &repoInfo)
|
|
|
|
assert.NoError(t, err)
|
|
|
|
assert.Equal(t, "https://github.hello.test", repoInfo.serverUrl)
|
2023-04-28 15:47:05 +02:00
|
|
|
assert.Equal(t, "com.sap.fortify", repoInfo.repo)
|
|
|
|
assert.Equal(t, "Testing", repoInfo.owner)
|
2023-04-04 21:16:15 +02:00
|
|
|
})
|
2023-05-05 18:57:47 +02:00
|
|
|
t.Run("Valid https URL1 with username and token", func(t *testing.T) {
|
2023-04-04 21:16:15 +02:00
|
|
|
var repoInfo RepoInfo
|
|
|
|
err := getGitRepoInfo("https://username:token@github.hello.test/Testing/fortify.git", &repoInfo)
|
|
|
|
assert.NoError(t, err)
|
|
|
|
assert.Equal(t, "https://github.hello.test", repoInfo.serverUrl)
|
2023-04-28 15:47:05 +02:00
|
|
|
assert.Equal(t, "fortify", repoInfo.repo)
|
|
|
|
assert.Equal(t, "Testing", repoInfo.owner)
|
2023-04-04 21:16:15 +02:00
|
|
|
})
|
|
|
|
|
2023-05-05 18:57:47 +02:00
|
|
|
t.Run("Valid https URL2 with username and token", func(t *testing.T) {
|
2023-04-04 21:16:15 +02:00
|
|
|
var repoInfo RepoInfo
|
|
|
|
err := getGitRepoInfo("https://username:token@github.hello.test/Testing/fortify", &repoInfo)
|
2022-07-21 09:04:21 +02:00
|
|
|
assert.NoError(t, err)
|
2022-06-24 09:04:24 +02:00
|
|
|
assert.Equal(t, "https://github.hello.test", repoInfo.serverUrl)
|
2023-04-28 15:47:05 +02:00
|
|
|
assert.Equal(t, "fortify", repoInfo.repo)
|
|
|
|
assert.Equal(t, "Testing", repoInfo.owner)
|
2022-06-24 09:04:24 +02:00
|
|
|
})
|
|
|
|
|
2023-05-05 18:57:47 +02:00
|
|
|
t.Run("Invalid https URL as no org/owner passed", func(t *testing.T) {
|
2022-06-24 09:04:24 +02:00
|
|
|
var repoInfo RepoInfo
|
|
|
|
assert.Error(t, getGitRepoInfo("https://github.com/fortify", &repoInfo))
|
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("Invalid URL as no protocol passed", func(t *testing.T) {
|
|
|
|
var repoInfo RepoInfo
|
|
|
|
assert.Error(t, getGitRepoInfo("github.hello.test/Testing/fortify", &repoInfo))
|
|
|
|
})
|
2023-05-05 18:57:47 +02:00
|
|
|
|
|
|
|
t.Run("Valid ssh URL1", func(t *testing.T) {
|
|
|
|
var repoInfo RepoInfo
|
|
|
|
err := getGitRepoInfo("git@github.hello.test/Testing/fortify.git", &repoInfo)
|
|
|
|
assert.NoError(t, err)
|
|
|
|
assert.Equal(t, "https://github.hello.test", repoInfo.serverUrl)
|
|
|
|
assert.Equal(t, "fortify", repoInfo.repo)
|
|
|
|
assert.Equal(t, "Testing", repoInfo.owner)
|
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("Valid ssh URL2", func(t *testing.T) {
|
|
|
|
var repoInfo RepoInfo
|
|
|
|
err := getGitRepoInfo("git@github.hello.test/Testing/fortify", &repoInfo)
|
|
|
|
assert.NoError(t, err)
|
|
|
|
assert.Equal(t, "https://github.hello.test", repoInfo.serverUrl)
|
|
|
|
assert.Equal(t, "fortify", repoInfo.repo)
|
|
|
|
assert.Equal(t, "Testing", repoInfo.owner)
|
|
|
|
})
|
|
|
|
t.Run("Valid ssh URL1 with dots", func(t *testing.T) {
|
|
|
|
var repoInfo RepoInfo
|
|
|
|
err := getGitRepoInfo("git@github.hello.test/Testing/com.sap.fortify.git", &repoInfo)
|
|
|
|
assert.NoError(t, err)
|
|
|
|
assert.Equal(t, "https://github.hello.test", repoInfo.serverUrl)
|
|
|
|
assert.Equal(t, "com.sap.fortify", repoInfo.repo)
|
|
|
|
assert.Equal(t, "Testing", repoInfo.owner)
|
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("Valid ssh URL2 with dots", func(t *testing.T) {
|
|
|
|
var repoInfo RepoInfo
|
|
|
|
err := getGitRepoInfo("git@github.hello.test/Testing/com.sap.fortify", &repoInfo)
|
|
|
|
assert.NoError(t, err)
|
|
|
|
assert.Equal(t, "https://github.hello.test", repoInfo.serverUrl)
|
|
|
|
assert.Equal(t, "com.sap.fortify", repoInfo.repo)
|
|
|
|
assert.Equal(t, "Testing", repoInfo.owner)
|
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("Invalid ssh URL as no org/owner passed", func(t *testing.T) {
|
|
|
|
var repoInfo RepoInfo
|
|
|
|
assert.Error(t, getGitRepoInfo("git@github.com/fortify", &repoInfo))
|
|
|
|
})
|
2022-06-24 09:04:24 +02:00
|
|
|
}
|
2023-02-22 19:00:53 +02:00
|
|
|
|
2023-04-28 15:47:05 +02:00
|
|
|
func TestInitGitInfo(t *testing.T) {
|
|
|
|
t.Run("Valid URL1", func(t *testing.T) {
|
|
|
|
config := codeqlExecuteScanOptions{Repository: "https://github.hello.test/Testing/codeql.git", AnalyzedRef: "refs/head/branch", CommitID: "abcd1234"}
|
|
|
|
repoInfo := initGitInfo(&config)
|
|
|
|
assert.Equal(t, "abcd1234", repoInfo.commitId)
|
|
|
|
assert.Equal(t, "Testing", repoInfo.owner)
|
|
|
|
assert.Equal(t, "codeql", repoInfo.repo)
|
|
|
|
assert.Equal(t, "refs/head/branch", repoInfo.ref)
|
|
|
|
assert.Equal(t, "https://github.hello.test", repoInfo.serverUrl)
|
2023-02-22 19:00:53 +02:00
|
|
|
})
|
2023-04-28 15:47:05 +02:00
|
|
|
|
|
|
|
t.Run("Valid URL2", func(t *testing.T) {
|
|
|
|
config := codeqlExecuteScanOptions{Repository: "https://github.hello.test/Testing/codeql", AnalyzedRef: "refs/head/branch", CommitID: "abcd1234"}
|
|
|
|
repoInfo := initGitInfo(&config)
|
|
|
|
assert.Equal(t, "abcd1234", repoInfo.commitId)
|
|
|
|
assert.Equal(t, "Testing", repoInfo.owner)
|
|
|
|
assert.Equal(t, "codeql", repoInfo.repo)
|
|
|
|
assert.Equal(t, "refs/head/branch", repoInfo.ref)
|
|
|
|
assert.Equal(t, "https://github.hello.test", repoInfo.serverUrl)
|
2023-02-22 19:00:53 +02:00
|
|
|
})
|
2023-04-28 15:47:05 +02:00
|
|
|
|
|
|
|
t.Run("Valid url with dots URL1", func(t *testing.T) {
|
|
|
|
config := codeqlExecuteScanOptions{Repository: "https://github.hello.test/Testing/com.sap.codeql.git", AnalyzedRef: "refs/head/branch", CommitID: "abcd1234"}
|
|
|
|
repoInfo := initGitInfo(&config)
|
|
|
|
assert.Equal(t, "abcd1234", repoInfo.commitId)
|
|
|
|
assert.Equal(t, "Testing", repoInfo.owner)
|
|
|
|
assert.Equal(t, "com.sap.codeql", repoInfo.repo)
|
|
|
|
assert.Equal(t, "refs/head/branch", repoInfo.ref)
|
|
|
|
assert.Equal(t, "https://github.hello.test", repoInfo.serverUrl)
|
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("Valid url with dots URL2", func(t *testing.T) {
|
|
|
|
config := codeqlExecuteScanOptions{Repository: "https://github.hello.test/Testing/com.sap.codeql", AnalyzedRef: "refs/head/branch", CommitID: "abcd1234"}
|
|
|
|
repoInfo := initGitInfo(&config)
|
|
|
|
assert.Equal(t, "abcd1234", repoInfo.commitId)
|
|
|
|
assert.Equal(t, "Testing", repoInfo.owner)
|
|
|
|
assert.Equal(t, "com.sap.codeql", repoInfo.repo)
|
|
|
|
assert.Equal(t, "refs/head/branch", repoInfo.ref)
|
|
|
|
assert.Equal(t, "https://github.hello.test", repoInfo.serverUrl)
|
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("Valid url with username and token URL1", func(t *testing.T) {
|
|
|
|
config := codeqlExecuteScanOptions{Repository: "https://username:token@github.hello.test/Testing/codeql.git", AnalyzedRef: "refs/head/branch", CommitID: "abcd1234"}
|
|
|
|
repoInfo := initGitInfo(&config)
|
|
|
|
assert.Equal(t, "abcd1234", repoInfo.commitId)
|
|
|
|
assert.Equal(t, "Testing", repoInfo.owner)
|
|
|
|
assert.Equal(t, "codeql", repoInfo.repo)
|
|
|
|
assert.Equal(t, "refs/head/branch", repoInfo.ref)
|
|
|
|
assert.Equal(t, "https://github.hello.test", repoInfo.serverUrl)
|
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("Valid url with username and token URL2", func(t *testing.T) {
|
|
|
|
config := codeqlExecuteScanOptions{Repository: "https://username:token@github.hello.test/Testing/codeql", AnalyzedRef: "refs/head/branch", CommitID: "abcd1234"}
|
|
|
|
repoInfo := initGitInfo(&config)
|
|
|
|
assert.Equal(t, "abcd1234", repoInfo.commitId)
|
|
|
|
assert.Equal(t, "Testing", repoInfo.owner)
|
|
|
|
assert.Equal(t, "codeql", repoInfo.repo)
|
|
|
|
assert.Equal(t, "refs/head/branch", repoInfo.ref)
|
|
|
|
assert.Equal(t, "https://github.hello.test", repoInfo.serverUrl)
|
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("Invalid URL with no org/reponame", func(t *testing.T) {
|
|
|
|
config := codeqlExecuteScanOptions{Repository: "https://github.hello.test", AnalyzedRef: "refs/head/branch", CommitID: "abcd1234"}
|
|
|
|
repoInfo := initGitInfo(&config)
|
|
|
|
_, err := orchestrator.NewOrchestratorSpecificConfigProvider()
|
|
|
|
assert.Equal(t, "abcd1234", repoInfo.commitId)
|
|
|
|
assert.Equal(t, "refs/head/branch", repoInfo.ref)
|
|
|
|
if err != nil {
|
|
|
|
assert.Equal(t, "", repoInfo.owner)
|
|
|
|
assert.Equal(t, "", repoInfo.repo)
|
|
|
|
assert.Equal(t, "", repoInfo.serverUrl)
|
|
|
|
}
|
2023-02-22 19:00:53 +02:00
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestBuildRepoReference(t *testing.T) {
|
|
|
|
t.Run("Valid ref with branch", func(t *testing.T) {
|
|
|
|
repository := "https://github.hello.test/Testing/fortify"
|
|
|
|
analyzedRef := "refs/head/branch"
|
|
|
|
ref, err := buildRepoReference(repository, analyzedRef)
|
|
|
|
assert.NoError(t, err)
|
|
|
|
assert.Equal(t, "https://github.hello.test/Testing/fortify/tree/branch", ref)
|
|
|
|
})
|
|
|
|
t.Run("Valid ref with PR", func(t *testing.T) {
|
|
|
|
repository := "https://github.hello.test/Testing/fortify"
|
|
|
|
analyzedRef := "refs/pull/1/merge"
|
|
|
|
ref, err := buildRepoReference(repository, analyzedRef)
|
|
|
|
assert.NoError(t, err)
|
|
|
|
assert.Equal(t, "https://github.hello.test/Testing/fortify/pull/1", ref)
|
|
|
|
})
|
|
|
|
t.Run("Invalid ref without branch name", func(t *testing.T) {
|
|
|
|
repository := "https://github.hello.test/Testing/fortify"
|
|
|
|
analyzedRef := "refs/head"
|
|
|
|
ref, err := buildRepoReference(repository, analyzedRef)
|
|
|
|
assert.Error(t, err)
|
|
|
|
assert.ErrorContains(t, err, "Wrong analyzedRef format")
|
|
|
|
assert.Equal(t, "", ref)
|
|
|
|
})
|
|
|
|
t.Run("Invalid ref without PR id", func(t *testing.T) {
|
|
|
|
repository := "https://github.hello.test/Testing/fortify"
|
|
|
|
analyzedRef := "refs/pull/merge"
|
|
|
|
ref, err := buildRepoReference(repository, analyzedRef)
|
|
|
|
assert.Error(t, err)
|
|
|
|
assert.ErrorContains(t, err, "Wrong analyzedRef format")
|
|
|
|
assert.Equal(t, "", ref)
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
2023-04-28 15:47:05 +02:00
|
|
|
func getRepoReferences(repoInfo RepoInfo) (string, string, string) {
|
|
|
|
repoUrl := fmt.Sprintf("%s/%s/%s", repoInfo.serverUrl, repoInfo.owner, repoInfo.repo)
|
|
|
|
repoReference, _ := buildRepoReference(repoUrl, repoInfo.ref)
|
|
|
|
repoCodeqlScanUrl := fmt.Sprintf("%s/security/code-scanning?query=is:open+ref:%s", repoUrl, repoInfo.ref)
|
|
|
|
return repoUrl, repoReference, repoCodeqlScanUrl
|
|
|
|
}
|
2023-02-22 19:00:53 +02:00
|
|
|
func TestCreateToolRecordCodeql(t *testing.T) {
|
|
|
|
t.Run("Valid toolrun file", func(t *testing.T) {
|
2023-04-28 15:47:05 +02:00
|
|
|
repoInfo := RepoInfo{serverUrl: "https://github.hello.test", commitId: "test", ref: "refs/head/branch", owner: "Testing", repo: "fortify"}
|
|
|
|
repoUrl, repoReference, repoCodeqlScanUrl := getRepoReferences(repoInfo)
|
|
|
|
toolRecord, err := createToolRecordCodeql(newCodeqlExecuteScanTestsUtils(), repoInfo, repoUrl, repoReference, repoCodeqlScanUrl)
|
2023-02-22 19:00:53 +02:00
|
|
|
assert.NoError(t, err)
|
2023-04-28 15:47:05 +02:00
|
|
|
assert.Equal(t, toolRecord.ToolName, "codeql")
|
|
|
|
assert.Equal(t, toolRecord.ToolInstance, "https://github.hello.test")
|
|
|
|
assert.Equal(t, toolRecord.DisplayName, "Testing fortify - refs/head/branch test")
|
|
|
|
assert.Equal(t, toolRecord.DisplayURL, "https://github.hello.test/Testing/fortify/security/code-scanning?query=is:open+ref:refs/head/branch")
|
2023-02-22 19:00:53 +02:00
|
|
|
})
|
|
|
|
t.Run("Empty repository URL", func(t *testing.T) {
|
2023-04-28 15:47:05 +02:00
|
|
|
repoInfo := RepoInfo{serverUrl: "", commitId: "test", ref: "refs/head/branch", owner: "Testing", repo: "fortify"}
|
|
|
|
repoUrl, repoReference, repoCodeqlScanUrl := getRepoReferences(repoInfo)
|
|
|
|
_, err := createToolRecordCodeql(newCodeqlExecuteScanTestsUtils(), repoInfo, repoUrl, repoReference, repoCodeqlScanUrl)
|
|
|
|
|
2023-02-22 19:00:53 +02:00
|
|
|
assert.Error(t, err)
|
2023-04-28 15:47:05 +02:00
|
|
|
assert.ErrorContains(t, err, "Repository not set")
|
2023-02-22 19:00:53 +02:00
|
|
|
})
|
2023-04-28 15:47:05 +02:00
|
|
|
|
2023-02-22 19:00:53 +02:00
|
|
|
t.Run("Empty analyzedRef", func(t *testing.T) {
|
2023-04-28 15:47:05 +02:00
|
|
|
repoInfo := RepoInfo{serverUrl: "https://github.hello.test", commitId: "test", ref: "", owner: "Testing", repo: "fortify"}
|
|
|
|
repoUrl, repoReference, repoCodeqlScanUrl := getRepoReferences(repoInfo)
|
|
|
|
_, err := createToolRecordCodeql(newCodeqlExecuteScanTestsUtils(), repoInfo, repoUrl, repoReference, repoCodeqlScanUrl)
|
|
|
|
|
2023-02-22 19:00:53 +02:00
|
|
|
assert.Error(t, err)
|
2023-04-28 15:47:05 +02:00
|
|
|
assert.ErrorContains(t, err, "Analyzed Reference not set")
|
|
|
|
})
|
|
|
|
|
|
|
|
t.Run("Empty CommitId", func(t *testing.T) {
|
|
|
|
repoInfo := RepoInfo{serverUrl: "https://github.hello.test", commitId: "", ref: "refs/head/branch", owner: "Testing", repo: "fortify"}
|
|
|
|
repoUrl, repoReference, repoCodeqlScanUrl := getRepoReferences(repoInfo)
|
|
|
|
_, err := createToolRecordCodeql(newCodeqlExecuteScanTestsUtils(), repoInfo, repoUrl, repoReference, repoCodeqlScanUrl)
|
|
|
|
|
|
|
|
assert.Error(t, err)
|
|
|
|
assert.ErrorContains(t, err, "CommitId not set")
|
2023-02-22 19:00:53 +02:00
|
|
|
})
|
|
|
|
t.Run("Invalid analyzedRef", func(t *testing.T) {
|
2023-04-28 15:47:05 +02:00
|
|
|
repoInfo := RepoInfo{serverUrl: "https://github.hello.test", commitId: "", ref: "refs/branch", owner: "Testing", repo: "fortify"}
|
|
|
|
repoUrl, repoReference, repoCodeqlScanUrl := getRepoReferences(repoInfo)
|
|
|
|
_, err := createToolRecordCodeql(newCodeqlExecuteScanTestsUtils(), repoInfo, repoUrl, repoReference, repoCodeqlScanUrl)
|
|
|
|
|
|
|
|
assert.Error(t, err)
|
2023-02-22 19:00:53 +02:00
|
|
|
})
|
|
|
|
}
|
2023-06-20 14:50:28 +02:00
|
|
|
|
|
|
|
func TestWaitSarifUploaded(t *testing.T) {
|
|
|
|
t.Parallel()
|
|
|
|
config := codeqlExecuteScanOptions{SarifCheckRetryInterval: 1, SarifCheckMaxRetries: 5}
|
|
|
|
t.Run("Fast complete upload", func(t *testing.T) {
|
|
|
|
codeqlScanAuditMock := CodeqlSarifUploaderMock{counter: 0}
|
|
|
|
timerStart := time.Now()
|
|
|
|
err := waitSarifUploaded(&config, &codeqlScanAuditMock)
|
|
|
|
assert.Less(t, time.Now().Sub(timerStart), time.Second)
|
|
|
|
assert.NoError(t, err)
|
|
|
|
})
|
|
|
|
t.Run("Long completed upload", func(t *testing.T) {
|
|
|
|
codeqlScanAuditMock := CodeqlSarifUploaderMock{counter: 2}
|
|
|
|
timerStart := time.Now()
|
|
|
|
err := waitSarifUploaded(&config, &codeqlScanAuditMock)
|
|
|
|
assert.GreaterOrEqual(t, time.Now().Sub(timerStart), time.Second*2)
|
|
|
|
assert.NoError(t, err)
|
|
|
|
})
|
|
|
|
t.Run("Failed upload", func(t *testing.T) {
|
|
|
|
codeqlScanAuditMock := CodeqlSarifUploaderMock{counter: -1}
|
|
|
|
err := waitSarifUploaded(&config, &codeqlScanAuditMock)
|
|
|
|
assert.Error(t, err)
|
|
|
|
assert.ErrorContains(t, err, "failed to upload sarif file")
|
|
|
|
})
|
|
|
|
t.Run("Error while checking sarif uploading", func(t *testing.T) {
|
|
|
|
codeqlScanAuditErrorMock := CodeqlSarifUploaderErrorMock{counter: -1}
|
|
|
|
err := waitSarifUploaded(&config, &codeqlScanAuditErrorMock)
|
|
|
|
assert.Error(t, err)
|
|
|
|
assert.ErrorContains(t, err, "test error")
|
|
|
|
})
|
|
|
|
t.Run("Completed upload after getting errors from server", func(t *testing.T) {
|
|
|
|
codeqlScanAuditErrorMock := CodeqlSarifUploaderErrorMock{counter: 3}
|
|
|
|
err := waitSarifUploaded(&config, &codeqlScanAuditErrorMock)
|
|
|
|
assert.NoError(t, err)
|
|
|
|
})
|
|
|
|
t.Run("Max retries reached", func(t *testing.T) {
|
|
|
|
codeqlScanAuditErrorMock := CodeqlSarifUploaderErrorMock{counter: 6}
|
|
|
|
err := waitSarifUploaded(&config, &codeqlScanAuditErrorMock)
|
|
|
|
assert.Error(t, err)
|
|
|
|
assert.ErrorContains(t, err, "max retries reached")
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
type CodeqlSarifUploaderMock struct {
|
|
|
|
counter int
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *CodeqlSarifUploaderMock) GetSarifStatus() (codeql.SarifFileInfo, error) {
|
|
|
|
if c.counter == 0 {
|
|
|
|
return codeql.SarifFileInfo{
|
|
|
|
ProcessingStatus: "complete",
|
|
|
|
Errors: nil,
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
if c.counter == -1 {
|
|
|
|
return codeql.SarifFileInfo{
|
|
|
|
ProcessingStatus: "failed",
|
|
|
|
Errors: []string{"upload error"},
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
c.counter--
|
|
|
|
return codeql.SarifFileInfo{
|
|
|
|
ProcessingStatus: "pending",
|
|
|
|
Errors: nil,
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
type CodeqlSarifUploaderErrorMock struct {
|
|
|
|
counter int
|
|
|
|
}
|
|
|
|
|
|
|
|
func (c *CodeqlSarifUploaderErrorMock) GetSarifStatus() (codeql.SarifFileInfo, error) {
|
|
|
|
if c.counter == -1 {
|
|
|
|
return codeql.SarifFileInfo{}, errors.New("test error")
|
|
|
|
}
|
|
|
|
if c.counter == 0 {
|
|
|
|
return codeql.SarifFileInfo{
|
|
|
|
ProcessingStatus: "complete",
|
|
|
|
Errors: nil,
|
|
|
|
}, nil
|
|
|
|
}
|
|
|
|
c.counter--
|
|
|
|
return codeql.SarifFileInfo{ProcessingStatus: "Service unavailable"}, nil
|
|
|
|
}
|