mirror of
https://github.com/SAP/jenkins-library.git
synced 2025-01-18 05:18:24 +02:00
1291 lines
77 KiB
Groovy
1291 lines
77 KiB
Groovy
import com.sap.piper.DescriptorUtils
|
|
import com.sap.piper.JsonUtils
|
|
import com.sap.piper.integration.WhitesourceOrgAdminRepository
|
|
import com.sap.piper.integration.WhitesourceRepository
|
|
import com.sap.piper.MapUtils
|
|
import hudson.AbortException
|
|
import org.hamcrest.Matchers
|
|
import org.junit.Assert
|
|
import org.junit.Before
|
|
import org.junit.Rule
|
|
import org.junit.Test
|
|
import org.junit.rules.ExpectedException
|
|
import org.junit.rules.RuleChain
|
|
import org.springframework.beans.factory.annotation.Autowired
|
|
import util.*
|
|
|
|
import static org.hamcrest.Matchers.*
|
|
import static org.junit.Assert.assertEquals
|
|
import static org.junit.Assert.assertNotEquals
|
|
import static org.junit.Assert.assertThat
|
|
import static org.junit.Assert.assertTrue
|
|
|
|
class WhitesourceExecuteScanTest extends BasePiperTest {
|
|
|
|
private ExpectedException thrown = ExpectedException.none()
|
|
private JenkinsDockerExecuteRule dockerExecuteRule = new JenkinsDockerExecuteRule(this)
|
|
private JenkinsShellCallRule shellRule = new JenkinsShellCallRule(this)
|
|
private JenkinsLoggingRule loggingRule = new JenkinsLoggingRule(this)
|
|
private JenkinsWriteFileRule writeFileRule = new JenkinsWriteFileRule(this)
|
|
private JenkinsStepRule stepRule = new JenkinsStepRule(this)
|
|
|
|
@Rule
|
|
public RuleChain ruleChain = Rules
|
|
.getCommonRules(this)
|
|
.around(new JenkinsReadYamlRule(this))
|
|
.around(thrown)
|
|
.around(dockerExecuteRule)
|
|
.around(shellRule)
|
|
.around(loggingRule)
|
|
.around(writeFileRule)
|
|
.around(stepRule)
|
|
.around(new JenkinsCredentialsRule(this)
|
|
.withCredentials('ID-123456789', 'token-0815')
|
|
.withCredentials('ID-9876543', 'token-0816'))
|
|
|
|
def whitesourceOrgAdminRepositoryStub
|
|
def whitesourceStub
|
|
|
|
@Autowired
|
|
DescriptorUtils descriptorUtilsStub
|
|
|
|
@Before
|
|
void init() {
|
|
helper.registerAllowedMethod("archiveArtifacts", [Map.class], { m ->
|
|
if (m.artifacts == null) {
|
|
throw new Exception('artifacts cannot be null')
|
|
}
|
|
return null
|
|
})
|
|
helper.registerAllowedMethod("findFiles", [Map.class], { map ->
|
|
return [].toArray()
|
|
})
|
|
|
|
whitesourceOrgAdminRepositoryStub = new WhitesourceOrgAdminRepository(nullScript, [whitesource: [serviceUrl: "http://some.host.whitesource.com/api/"]])
|
|
LibraryLoadingTestExecutionListener.prepareObjectInterceptors(whitesourceOrgAdminRepositoryStub)
|
|
|
|
whitesourceStub = new WhitesourceRepository(nullScript, [whitesource: [serviceUrl: "http://some.host.whitesource.com/api/"]])
|
|
LibraryLoadingTestExecutionListener.prepareObjectInterceptors(whitesourceStub)
|
|
|
|
helper.registerAllowedMethod("fetchProductMetaInfo", [], {
|
|
return new JsonUtils().jsonStringToGroovyObject("{ \"productVitals\": [{ \"id\": 59639, \"name\": \"SHC - Piper\", \"token\": \"e30132d8e8f04a4c8be6332c75a0ff0580ab326fa7534540ad326e97a74d945b\", \"creationDate\": \"2017-09-20 09:22:46 +0000\", \"lastUpdatedDate\": \"2018-09-19 09:44:40 +0000\" }]}")
|
|
})
|
|
helper.registerAllowedMethod("fetchProjectsMetaInfo", [], {
|
|
return new JsonUtils().jsonStringToGroovyObject("{ \"projectVitals\": [{ \"id\": 261964, \"name\": \"piper-demo - 0.0.1\", \"token\": \"a2a62e5d7beb4170ad4dccfa3316b5a4cd3fadefc56c49f88fbf9400a09f7d94\", \"creationDate\": \"2017-09-21 00:28:06 +0000\", \"lastUpdatedDate\": \"2017-10-12 01:03:05 +0000\" }]}").projectVitals
|
|
})
|
|
helper.registerAllowedMethod("fetchReportForProduct", [String], { })
|
|
helper.registerAllowedMethod( "fetchProjectLicenseAlerts", [Object.class], {
|
|
return new JsonUtils().jsonStringToGroovyObject("{ \"alerts\": [] }").alerts
|
|
})
|
|
helper.registerAllowedMethod( "fetchProductLicenseAlerts", [], {
|
|
return new JsonUtils().jsonStringToGroovyObject("{ \"alerts\": [] }").alerts
|
|
})
|
|
helper.registerAllowedMethod( "fetchVulnerabilities", [List], {
|
|
return new JsonUtils().jsonStringToGroovyObject("{ \"alerts\": [] }").alerts
|
|
})
|
|
helper.registerAllowedMethod( "createProduct", [], {
|
|
return new JsonUtils().jsonStringToGroovyObject("{ \"productToken\": \"e30132d8e8f04a4c8be6332c75a0ff0580ab326fa7534540ad326e97a74d945b\" }")
|
|
})
|
|
helper.registerAllowedMethod( "publishHTML", [Map], {})
|
|
|
|
helper.registerAllowedMethod( "getNpmGAV", [String], {return [group: 'com.sap.node', artifact: 'test-node', version: '1.2.3']})
|
|
helper.registerAllowedMethod( "getSbtGAV", [String], {return [group: 'com.sap.sbt', artifact: 'test-scala', version: '1.2.3']})
|
|
helper.registerAllowedMethod( "getPipGAV", [String], {return [artifact: 'test-python', version: '1.2.3']})
|
|
helper.registerAllowedMethod( "getMavenGAV", [String], {return [group: 'com.sap.maven', artifact: 'test-java', version: '1.2.3']})
|
|
helper.registerAllowedMethod( "getDubGAV", [String], {return [group: 'com.sap.dlang', artifact: 'test-dub', version: '1.2.3']})
|
|
|
|
nullScript.commonPipelineEnvironment.configuration = nullScript.commonPipelineEnvironment.configuration ?: [:]
|
|
nullScript.commonPipelineEnvironment.configuration['steps'] = nullScript.commonPipelineEnvironment.configuration['steps'] ?: [:]
|
|
nullScript.commonPipelineEnvironment.configuration['steps']['whitesourceExecuteScan'] = nullScript.commonPipelineEnvironment.configuration['steps']['whitesourceExecuteScan'] ?: [:]
|
|
nullScript.commonPipelineEnvironment.configuration['general'] = nullScript.commonPipelineEnvironment.configuration['general'] ?: [:]
|
|
nullScript.commonPipelineEnvironment.configuration['general']['whitesource'] = nullScript.commonPipelineEnvironment.configuration['general']['whitesource'] ?: [:]
|
|
nullScript.commonPipelineEnvironment.configuration['general']['whitesource']['serviceUrl'] = "http://some.host.whitesource.com/api/"
|
|
nullScript.commonPipelineEnvironment.configuration['general']['whitesource']['userTokenCredentialsId'] = 'ID-123456789'
|
|
nullScript.commonPipelineEnvironment.configuration['steps']['whitesourceExecuteScan']['userTokenCredentialsId'] = 'ID-123456789'
|
|
}
|
|
|
|
@Test
|
|
void testDockerFromCustomStepConfiguration() {
|
|
|
|
def expectedImage = 'image:test'
|
|
def expectedEnvVars = ['env1': 'value1', 'env2': 'value2']
|
|
def expectedOptions = '--opt1=val1 --opt2=val2 --opt3'
|
|
def expectedWorkspace = '/path/to/workspace'
|
|
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
result.putAll([
|
|
"apiKey": "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
|
"productName": "SHC - Piper",
|
|
"checkPolicies": "true",
|
|
"projectName": "python-test",
|
|
"projectVersion": "1.0.0"
|
|
])
|
|
return result
|
|
})
|
|
|
|
nullScript.commonPipelineEnvironment.configuration =
|
|
MapUtils.merge(nullScript.commonPipelineEnvironment.configuration,
|
|
[steps:[whitesourceExecuteScan:[
|
|
dockerImage: expectedImage,
|
|
dockerOptions: expectedOptions,
|
|
dockerEnvVars: expectedEnvVars,
|
|
dockerWorkspace: expectedWorkspace
|
|
]]]
|
|
)
|
|
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub : whitesourceOrgAdminRepositoryStub,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
scanType : 'maven',
|
|
juStabUtils : utils,
|
|
orgToken : 'testOrgToken',
|
|
whitesourceProductName : 'testProduct'
|
|
])
|
|
|
|
assert expectedImage == dockerExecuteRule.dockerParams.dockerImage
|
|
assert expectedOptions == dockerExecuteRule.dockerParams.dockerOptions
|
|
assert expectedEnvVars.equals(dockerExecuteRule.dockerParams.dockerEnvVars)
|
|
assert expectedWorkspace == dockerExecuteRule.dockerParams.dockerWorkspace
|
|
}
|
|
|
|
@Test
|
|
void testMaven() {
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
result.putAll([
|
|
"apiKey": "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
|
"productName": "SHC - Piper",
|
|
"checkPolicies": "true",
|
|
"projectName": "python-test",
|
|
"projectVersion": "1.0.0"
|
|
])
|
|
return result
|
|
})
|
|
|
|
def publishHtmlMap = [:]
|
|
helper.registerAllowedMethod("publishHTML", [Map.class], { m ->
|
|
publishHtmlMap = m
|
|
return null
|
|
})
|
|
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub : whitesourceOrgAdminRepositoryStub,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
scanType : 'maven',
|
|
juStabUtils : utils,
|
|
orgToken : 'testOrgToken',
|
|
whitesourceProductName : 'testProduct'
|
|
])
|
|
|
|
assertThat(loggingRule.log, containsString('Unstash content: buildDescriptor'))
|
|
assertThat(loggingRule.log, containsString('Unstash content: opensourceConfiguration'))
|
|
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerImage', 'maven:3.5-jdk-8'))
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerWorkspace', '/home/java'))
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('stashContent', ['buildDescriptor', 'opensourceConfiguration', 'modified whitesource config d3aa80454919391024374ba46b4df082d15ab9a3']))
|
|
|
|
assertThat(shellRule.shell, Matchers.hasItems(
|
|
is('curl --location --output wss-unified-agent.jar https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar'),
|
|
is('./bin/java -jar wss-unified-agent.jar -c \'./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProduct\'')
|
|
))
|
|
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('apiKey=testOrgToken'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productName=testProduct'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('userKey=token-0815'))
|
|
}
|
|
|
|
|
|
@Test
|
|
void testNpm() {
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
result.putAll([
|
|
"apiKey": "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
|
"productName": "SHC - Piper",
|
|
"devDep": "false",
|
|
"checkPolicies": "true",
|
|
"projectName": "pipeline-test-node",
|
|
"projectVersion": "1.0.0"
|
|
])
|
|
return result
|
|
})
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub : whitesourceOrgAdminRepositoryStub,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
scanType : 'npm',
|
|
juStabUtils : utils,
|
|
orgToken : 'testOrgToken',
|
|
productName : 'testProductName',
|
|
productToken : 'testProductToken',
|
|
reporting : false
|
|
])
|
|
|
|
assertThat(loggingRule.log, containsString('Unstash content: buildDescriptor'))
|
|
assertThat(loggingRule.log, containsString('Unstash content: opensourceConfiguration'))
|
|
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerImage', 'node:lts-stretch'))
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerWorkspace', '/home/node'))
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('stashContent', ['buildDescriptor', 'opensourceConfiguration', 'modified whitesource config d3aa80454919391024374ba46b4df082d15ab9a3']))
|
|
assertThat(shellRule.shell, Matchers.hasItems(
|
|
is('curl --location --output wss-unified-agent.jar https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar'),
|
|
is('curl --location --output jvm.tar.gz https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.2/sapmachine-jre-11.0.2_linux-x64_bin.tar.gz && tar --strip-components=1 -xzf jvm.tar.gz'),
|
|
is('./bin/java -jar wss-unified-agent.jar -c \'./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProductName\'')
|
|
))
|
|
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('apiKey=testOrgToken'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productName=testProductName'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productToken=testProductToken'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productVersion=1'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('projectName=com.sap.node.test-node'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('userKey=token-0815'))
|
|
}
|
|
|
|
@Test
|
|
void testNpmWithCustomConfigAndFilePath() {
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
result.putAll([
|
|
"apiKey": "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
|
"productName": "SHC - Piper",
|
|
"devDep": "false",
|
|
"checkPolicies": "true",
|
|
"projectName": "pipeline-test-node",
|
|
"projectVersion": "1.0.0"
|
|
])
|
|
return result
|
|
})
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub : whitesourceOrgAdminRepositoryStub,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
scanType : 'npm',
|
|
productName : 'SHC - Piper',
|
|
configFilePath : './../../testConfigPath',
|
|
file : 'package.json',
|
|
juStabUtils : utils,
|
|
orgToken : 'b39d1328-52e2-42e3-98f0-932709daf3f0'
|
|
])
|
|
|
|
assertThat(shellRule.shell, Matchers.hasItems(
|
|
is('curl --location --output wss-unified-agent.jar https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar'),
|
|
is('curl --location --output jvm.tar.gz https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.2/sapmachine-jre-11.0.2_linux-x64_bin.tar.gz && tar --strip-components=1 -xzf jvm.tar.gz'),
|
|
is('./bin/java -jar wss-unified-agent.jar -c \'./../../testConfigPath.2766cacc0cf1449dd4034385f4a9f0a6fdb755cf\' -apiKey \'b39d1328-52e2-42e3-98f0-932709daf3f0\' -userKey \'token-0815\' -product \'SHC - Piper\'')
|
|
))
|
|
}
|
|
|
|
@Test
|
|
void testPip() {
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
result.putAll([
|
|
"apiKey": "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
|
"productName": "SHC - Piper",
|
|
"checkPolicies": "true",
|
|
"projectName": "python-test",
|
|
"projectVersion": "1.0.0"
|
|
])
|
|
return result
|
|
})
|
|
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub : whitesourceOrgAdminRepositoryStub,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
scanType : 'pip',
|
|
juStabUtils : utils,
|
|
orgToken : 'testOrgToken',
|
|
productName : 'testProductName',
|
|
reporting : false
|
|
])
|
|
|
|
assertThat(loggingRule.log, containsString('Unstash content: buildDescriptor'))
|
|
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerImage', 'python:3.7.2-stretch'))
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerWorkspace', '/home/python'))
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('stashContent', ['buildDescriptor', 'opensourceConfiguration', 'modified whitesource config d3aa80454919391024374ba46b4df082d15ab9a3']))
|
|
|
|
assertThat(shellRule.shell, Matchers.hasItems(
|
|
is('curl --location --output wss-unified-agent.jar https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar'),
|
|
is('curl --location --output jvm.tar.gz https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.2/sapmachine-jre-11.0.2_linux-x64_bin.tar.gz && tar --strip-components=1 -xzf jvm.tar.gz'),
|
|
is('./bin/java -jar wss-unified-agent.jar -c \'./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProductName\'')
|
|
))
|
|
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('apiKey=testOrgToken'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productName=testProductName'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('userKey=token-0815'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productVersion=1'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('projectName=test-python'))
|
|
}
|
|
|
|
@Test
|
|
void testWithOrgAdminCredentials() {
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
result.putAll([
|
|
"apiKey": "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
|
"productName": "SHC - Piper",
|
|
"checkPolicies": "true",
|
|
"projectName": "python-test",
|
|
"projectVersion": "1.0.0"
|
|
])
|
|
return result
|
|
})
|
|
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub : whitesourceOrgAdminRepositoryStub,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
scanType : 'pip',
|
|
juStabUtils : utils,
|
|
orgToken : 'testOrgToken',
|
|
productName : 'testProductName',
|
|
orgAdminUserTokenCredentialsId : 'ID-9876543',
|
|
reporting : false
|
|
])
|
|
|
|
assertThat(loggingRule.log, containsString('Unstash content: buildDescriptor'))
|
|
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerImage', 'python:3.7.2-stretch'))
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerWorkspace', '/home/python'))
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('stashContent', ['buildDescriptor', 'opensourceConfiguration', 'modified whitesource config d3aa80454919391024374ba46b4df082d15ab9a3']))
|
|
|
|
assertThat(shellRule.shell, Matchers.hasItems(
|
|
is('curl --location --output wss-unified-agent.jar https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar'),
|
|
is('curl --location --output jvm.tar.gz https://github.com/SAP/SapMachine/releases/download/sapmachine-11.0.2/sapmachine-jre-11.0.2_linux-x64_bin.tar.gz && tar --strip-components=1 -xzf jvm.tar.gz'),
|
|
is('./bin/java -jar wss-unified-agent.jar -c \'./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProductName\'')
|
|
))
|
|
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('apiKey=testOrgToken'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productName=testProductName'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('userKey=token-0815'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productVersion=1'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('projectName=test-python'))
|
|
}
|
|
|
|
@Test
|
|
void testNoProjectNoCreation() {
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
result.putAll([
|
|
"apiKey": "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
|
"productName": "SHC - Piper",
|
|
"checkPolicies": "true",
|
|
"projectName": "python-test",
|
|
"projectVersion": "1.0.0"
|
|
])
|
|
return result
|
|
})
|
|
|
|
def errorCaught = false
|
|
try {
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub: whitesourceOrgAdminRepositoryStub,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
scanType : 'pip',
|
|
juStabUtils : utils,
|
|
orgToken : 'testOrgToken',
|
|
productName : 'testProductName',
|
|
createProductFromPipeline : false,
|
|
orgAdminUserTokenCredentialsId : 'ID-9876543',
|
|
reporting : false
|
|
])
|
|
} catch (e) {
|
|
errorCaught = true
|
|
assertThat(e, isA(AbortException.class))
|
|
assertThat(e.getMessage(), is("[WhiteSource] Could not fetch/find requested product 'testProductName' and automatic creation has been disabled"))
|
|
}
|
|
|
|
assertThat(loggingRule.log, containsString('Unstash content: buildDescriptor'))
|
|
assertThat(errorCaught, is(true))
|
|
}
|
|
|
|
@Test
|
|
void testSbt() {
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
result.putAll([
|
|
"apiKey": "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
|
"productName": "SHC - Piper",
|
|
"checkPolicies": "true",
|
|
"projectName": "python-test",
|
|
"projectVersion": "1.0.0"
|
|
])
|
|
return result
|
|
})
|
|
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub : whitesourceOrgAdminRepositoryStub,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
scanType : 'sbt',
|
|
juStabUtils : utils,
|
|
productName : 'testProductName',
|
|
orgToken : 'testOrgToken',
|
|
reporting : false
|
|
])
|
|
|
|
assertThat(loggingRule.log, containsString('Unstash content: buildDescriptor'))
|
|
assertThat(loggingRule.log, containsString('Unstash content: opensourceConfiguration'))
|
|
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerImage', 'hseeberger/scala-sbt:8u181_2.12.8_1.2.8'))
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerWorkspace', '/home/scala'))
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('stashContent', ['buildDescriptor', 'opensourceConfiguration', 'modified whitesource config d3aa80454919391024374ba46b4df082d15ab9a3']))
|
|
|
|
assertThat(shellRule.shell, Matchers.hasItems(
|
|
is('curl --location --output wss-unified-agent.jar https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar'),
|
|
is('./bin/java -jar wss-unified-agent.jar -c \'./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProductName\'')
|
|
))
|
|
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('apiKey=testOrgToken'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productName=testProductName'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('userKey=token-0815'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productVersion=1'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('projectName=com.sap.sbt.test-scala'))
|
|
}
|
|
|
|
@Test
|
|
void testDub() {
|
|
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
result.putAll([
|
|
"apiKey": "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
|
"productName": "SHC - Piper",
|
|
"checkPolicies": "true",
|
|
"projectName": "python-test",
|
|
"projectVersion": "2.0.0"
|
|
])
|
|
return result
|
|
})
|
|
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub : whitesourceOrgAdminRepositoryStub,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
scanType : 'dub',
|
|
juStabUtils : utils,
|
|
productName : 'testProductName',
|
|
orgToken : 'testOrgToken',
|
|
reporting : false
|
|
])
|
|
|
|
assertThat(loggingRule.log, containsString('Unstash content: buildDescriptor'))
|
|
assertThat(loggingRule.log, containsString('Unstash content: checkmarx'))
|
|
|
|
assertThat(shellRule.shell, Matchers.hasItems(
|
|
is('curl --location --output wss-unified-agent.jar https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar'),
|
|
is('./bin/java -jar wss-unified-agent.jar -c \'./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProductName\'')
|
|
))
|
|
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('apiKey=testOrgToken'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productName=testProductName'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('userKey=token-0815'))
|
|
}
|
|
|
|
@Test
|
|
void testGo() {
|
|
nullScript.commonPipelineEnvironment.gitHttpsUrl = 'https://github.com/test/golang'
|
|
|
|
helper.registerAllowedMethod("readFile", [Map.class], {
|
|
map ->
|
|
def path = 'test/resources/DescriptorUtils/go/' + map.file.substring(map.file.lastIndexOf('/') + 1, map.file.length())
|
|
def descriptorFile = new File(path)
|
|
if(descriptorFile.exists())
|
|
return descriptorFile.text
|
|
else
|
|
return null
|
|
})
|
|
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
result.putAll([
|
|
"apiKey": "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
|
"productName": "SHC - Piper",
|
|
"checkPolicies": "true",
|
|
"projectName": "python-test",
|
|
"projectVersion": "2.0.0"
|
|
])
|
|
return result
|
|
})
|
|
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub : whitesourceOrgAdminRepositoryStub,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
scanType : 'golang',
|
|
juStabUtils : utils,
|
|
productName : 'testProductName',
|
|
orgToken : 'testOrgToken',
|
|
reporting : false,
|
|
buildDescriptorFile : './myProject/glide.yaml'
|
|
])
|
|
|
|
assertThat(loggingRule.log, containsString('Unstash content: buildDescriptor'))
|
|
assertThat(loggingRule.log, containsString('Unstash content: opensourceConfiguration'))
|
|
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerImage', 'golang:1.12-stretch'))
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerWorkspace', '/home/dep'))
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('stashContent', ['buildDescriptor', 'opensourceConfiguration', 'checkmarx', 'modified whitesource config 7d1c90ed46c66061fc8ea45dd96e209bf767f038']))
|
|
|
|
assertThat(shellRule.shell, Matchers.hasItems(
|
|
is('curl --location --output wss-unified-agent.jar https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar'),
|
|
is('./bin/java -jar wss-unified-agent.jar -c \'./myProject/wss-unified-agent.config.7d1c90ed46c66061fc8ea45dd96e209bf767f038\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProductName\'')
|
|
))
|
|
|
|
assertThat(writeFileRule.files['./myProject/wss-unified-agent.config.7d1c90ed46c66061fc8ea45dd96e209bf767f038'], containsString('apiKey=testOrgToken'))
|
|
assertThat(writeFileRule.files['./myProject/wss-unified-agent.config.7d1c90ed46c66061fc8ea45dd96e209bf767f038'], containsString('productName=testProductName'))
|
|
assertThat(writeFileRule.files['./myProject/wss-unified-agent.config.7d1c90ed46c66061fc8ea45dd96e209bf767f038'], containsString('userKey=token-0815'))
|
|
assertThat(writeFileRule.files['./myProject/wss-unified-agent.config.7d1c90ed46c66061fc8ea45dd96e209bf767f038'], containsString('productVersion=1'))
|
|
assertThat(writeFileRule.files['./myProject/wss-unified-agent.config.7d1c90ed46c66061fc8ea45dd96e209bf767f038'], containsString('projectName=github.com/test/golang.myProject'))
|
|
}
|
|
|
|
@Test
|
|
void testGoDefaults() {
|
|
nullScript.commonPipelineEnvironment.gitHttpsUrl = 'https://github.com/test/golang'
|
|
|
|
helper.registerAllowedMethod("readFile", [Map.class], {
|
|
map ->
|
|
def path = 'test/resources/DescriptorUtils/go/' + map.file.substring(map.file.lastIndexOf('/') + 1, map.file.length())
|
|
def descriptorFile = new File(path)
|
|
if(descriptorFile.exists())
|
|
return descriptorFile.text
|
|
else
|
|
return null
|
|
})
|
|
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
result.putAll([
|
|
"apiKey": "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
|
"productName": "SHC - Piper",
|
|
"checkPolicies": "true",
|
|
"projectName": "python-test",
|
|
"projectVersion": "2.0.0"
|
|
])
|
|
return result
|
|
})
|
|
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub : whitesourceOrgAdminRepositoryStub,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
scanType : 'golang',
|
|
juStabUtils : utils,
|
|
productName : 'testProductName',
|
|
orgToken : 'testOrgToken',
|
|
reporting : false
|
|
])
|
|
|
|
assertThat(loggingRule.log, containsString('Unstash content: buildDescriptor'))
|
|
assertThat(loggingRule.log, containsString('Unstash content: opensourceConfiguration'))
|
|
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerImage', 'golang:1.12-stretch'))
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerWorkspace', '/home/dep'))
|
|
assertThat(dockerExecuteRule.dockerParams, hasEntry('stashContent', ['buildDescriptor', 'opensourceConfiguration', 'checkmarx', 'modified whitesource config d3aa80454919391024374ba46b4df082d15ab9a3']))
|
|
|
|
assertThat(shellRule.shell, Matchers.hasItems(
|
|
is('curl --location --output wss-unified-agent.jar https://github.com/whitesource/unified-agent-distribution/releases/latest/download/wss-unified-agent.jar'),
|
|
is('./bin/java -jar wss-unified-agent.jar -c \'./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProductName\'')
|
|
))
|
|
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('apiKey=testOrgToken'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productName=testProductName'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('userKey=token-0815'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('productVersion=1'))
|
|
assertThat(writeFileRule.files['./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3'], containsString('projectName=github.com/test/golang'))
|
|
}
|
|
|
|
|
|
@Test
|
|
void testAgentNoDownloads() {
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
result.putAll([
|
|
"apiKey": "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
|
"productName": "SHC - Piper",
|
|
"checkPolicies": "true",
|
|
"projectName": "python-test",
|
|
"projectVersion": "2.0.0"
|
|
])
|
|
return result
|
|
})
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub : whitesourceOrgAdminRepositoryStub,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
scanType : 'maven',
|
|
agentDownloadUrl : '',
|
|
jreDownloadUrl : '',
|
|
agentParameters : 'testParams',
|
|
juStabUtils : utils,
|
|
orgToken : 'testOrgToken',
|
|
productName : 'testProductName'
|
|
])
|
|
|
|
assertThat(shellRule.shell[0], is('java -jar wss-unified-agent.jar -c \'./wss-unified-agent.config.d3aa80454919391024374ba46b4df082d15ab9a3\' -apiKey \'testOrgToken\' -userKey \'token-0815\' -product \'testProductName\' testParams'))
|
|
}
|
|
|
|
@Test
|
|
void testMta() {
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
result.putAll([
|
|
"apiKey": "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
|
"productName": "SHC - Piper",
|
|
"checkPolicies": "true",
|
|
"projectName": "python-test",
|
|
"projectVersion": "2.0.0"
|
|
])
|
|
return result
|
|
})
|
|
helper.registerAllowedMethod("findFiles", [Map.class], { map ->
|
|
if (map.glob == "**${File.separator}pom.xml") {
|
|
return [new File('maven1/pom.xml'), new File('maven2/pom.xml')].toArray()
|
|
}
|
|
if (map.glob == "**${File.separator}package.json") {
|
|
return [new File('npm1/package.json'), new File('npm2/package.json')].toArray()
|
|
}
|
|
if (map.glob == "**${File.separator}setup.py") {
|
|
return [new File('pip/setup.py')].toArray()
|
|
}
|
|
return [].toArray()
|
|
})
|
|
|
|
def whitesourceCalls = []
|
|
helper.registerAllowedMethod("whitesourceExecuteScan", [Map.class], { map ->
|
|
whitesourceCalls.add(map)
|
|
stepRule.step.call(map)
|
|
})
|
|
|
|
def parallelMap = [:]
|
|
helper.registerAllowedMethod("parallel", [Map.class], { map ->
|
|
parallelMap = map
|
|
parallelMap['Whitesource - maven1']()
|
|
parallelMap['Whitesource - npm1']()
|
|
parallelMap['Whitesource - pip']()
|
|
})
|
|
|
|
//need to use call due to mock above
|
|
stepRule.step.call([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub : whitesourceOrgAdminRepositoryStub,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
scanType : 'mta',
|
|
whitesource: [
|
|
productName : 'SHC - Piper',
|
|
orgToken : 'b39d1328-52e2-42e3-98f0-932709daf3f0'
|
|
],
|
|
buildDescriptorExcludeList : ["maven2${File.separator}pom.xml".toString(), "npm2${File.separator}package.json".toString()],
|
|
reporting : true,
|
|
juStabUtils : utils
|
|
])
|
|
|
|
assertThat(loggingRule.log, containsString('Unstash content: buildDescriptor'))
|
|
assertThat(loggingRule.log, containsString('Unstash content: opensourceConfiguration'))
|
|
|
|
assertThat(parallelMap, hasKey('Whitesource - maven1'))
|
|
assertThat(parallelMap, hasKey('Whitesource - npm1'))
|
|
assertThat(parallelMap, hasKey('Whitesource - pip'))
|
|
assertThat(parallelMap.keySet(), hasSize(4))
|
|
|
|
assertThat(whitesourceCalls,
|
|
contains(
|
|
allOf(
|
|
hasEntry('scanType', 'maven'),
|
|
hasEntry('buildDescriptorFile', "maven1${File.separator}pom.xml".toString())
|
|
),
|
|
allOf(
|
|
hasEntry('scanType', 'npm'),
|
|
hasEntry('buildDescriptorFile', "npm1${File.separator}package.json".toString())
|
|
),
|
|
allOf(
|
|
hasEntry('scanType', 'pip'),
|
|
hasEntry('buildDescriptorFile', "pip${File.separator}setup.py".toString())
|
|
)
|
|
)
|
|
)
|
|
|
|
assertThat(whitesourceCalls[0]['whitesource']['projectNames'], contains("com.sap.maven.test-java - 1", "com.sap.node.test-node - 1", "test-python - 1"))
|
|
assertThat(whitesourceCalls[1]['whitesource']['projectNames'], contains("com.sap.maven.test-java - 1", "com.sap.node.test-node - 1", "test-python - 1"))
|
|
assertThat(whitesourceCalls[2]['whitesource']['projectNames'], contains("com.sap.maven.test-java - 1", "com.sap.node.test-node - 1", "test-python - 1"))
|
|
}
|
|
|
|
@Test
|
|
void testMtaBlocks() {
|
|
helper.registerAllowedMethod("findFiles", [Map.class], { map ->
|
|
if (map.glob == "**${File.separator}pom.xml") {
|
|
return [new File('maven1/pom.xml'), new File('maven2/pom.xml')].toArray()
|
|
}
|
|
if (map.glob == "**${File.separator}package.json") {
|
|
return [new File('npm1/package.json'), new File('npm2/package.json'), new File('npm3/package.json'), new File('npm4/package.json')].toArray()
|
|
}
|
|
return [].toArray()
|
|
})
|
|
|
|
def whitesourceCalls = []
|
|
helper.registerAllowedMethod("whitesourceExecuteScan", [Map.class], { map ->
|
|
whitesourceCalls.add(map)
|
|
})
|
|
|
|
def invocation = 0
|
|
def parallelMap = [:]
|
|
helper.registerAllowedMethod("parallel", [Map.class], { map ->
|
|
parallelMap[invocation] = map
|
|
for(i = 0; i < parallelMap[invocation].keySet().size(); i++) {
|
|
def key = parallelMap[invocation].keySet()[i]
|
|
if(key != "failFast")
|
|
parallelMap[invocation][key]()
|
|
}
|
|
invocation++
|
|
})
|
|
|
|
//need to use call due to mock above
|
|
stepRule.step.call([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub : whitesourceOrgAdminRepositoryStub,
|
|
scanType : 'mta',
|
|
productName : 'SHC - Piper',
|
|
buildDescriptorExcludeList : ["maven2${File.separator}pom.xml".toString()],
|
|
juStabUtils : utils,
|
|
parallelLimit : 3,
|
|
orgToken : 'b39d1328-52e2-42e3-98f0-932709daf3f0'
|
|
])
|
|
|
|
assertThat(loggingRule.log, containsString('Unstash content: buildDescriptor'))
|
|
assertThat(loggingRule.log, containsString('Unstash content: opensourceConfiguration'))
|
|
|
|
assertThat(invocation, is(2))
|
|
assertThat(parallelMap[0], hasKey('Whitesource - maven1'))
|
|
assertThat(parallelMap[0], hasKey('Whitesource - npm1'))
|
|
assertThat(parallelMap[0], hasKey('Whitesource - npm2'))
|
|
assertThat(parallelMap[0].keySet(), hasSize(4))
|
|
assertThat(parallelMap[1], hasKey('Whitesource - npm3'))
|
|
assertThat(parallelMap[1], hasKey('Whitesource - npm4'))
|
|
assertThat(parallelMap[1].keySet(), hasSize(3))
|
|
|
|
assertThat(whitesourceCalls, hasItem(allOf(
|
|
hasEntry('scanType', 'maven'),
|
|
hasEntry('buildDescriptorFile', "maven1${File.separator}pom.xml".toString())
|
|
)))
|
|
assertThat(whitesourceCalls, hasItem(allOf(
|
|
hasEntry('scanType', 'npm'),
|
|
hasEntry('buildDescriptorFile', "npm1${File.separator}package.json".toString())
|
|
)))
|
|
assertThat(whitesourceCalls, hasItem(allOf(
|
|
hasEntry('scanType', 'npm'),
|
|
hasEntry('buildDescriptorFile', "npm2${File.separator}package.json".toString())
|
|
)))
|
|
assertThat(whitesourceCalls, hasItem(allOf(
|
|
hasEntry('scanType', 'npm'),
|
|
hasEntry('buildDescriptorFile', "npm3${File.separator}package.json".toString())
|
|
)))
|
|
assertThat(whitesourceCalls, hasItem(allOf(
|
|
hasEntry('scanType', 'npm'),
|
|
hasEntry('buildDescriptorFile', "npm4${File.separator}package.json".toString())
|
|
)))
|
|
}
|
|
|
|
@Test
|
|
void testMtaSingleExclude() {
|
|
|
|
helper.registerAllowedMethod("findFiles", [Map.class], { map ->
|
|
if (map.glob == "**${File.separator}pom.xml") {
|
|
return [new File('maven1/pom.xml'), new File('maven2/pom.xml')].toArray()
|
|
}
|
|
if (map.glob == "**${File.separator}package.json") {
|
|
return [new File('npm1/package.json'), new File('npm2/package.json')].toArray()
|
|
}
|
|
return [].toArray()
|
|
})
|
|
|
|
def parallelMap = [:]
|
|
helper.registerAllowedMethod("parallel", [Map.class], { map ->
|
|
parallelMap = map
|
|
})
|
|
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub : whitesourceOrgAdminRepositoryStub,
|
|
scanType : 'mta',
|
|
productName : 'SHC - Piper',
|
|
buildDescriptorExcludeList : "maven2${File.separator}pom.xml",
|
|
juStabUtils : utils,
|
|
orgToken : 'b39d1328-52e2-42e3-98f0-932709daf3f0'
|
|
])
|
|
|
|
assertThat(parallelMap.keySet(), hasSize(4))
|
|
|
|
}
|
|
|
|
@Test
|
|
void testPassProjectNamesToCPE() {
|
|
helper.registerAllowedMethod("findFiles", [Map.class], { map ->
|
|
if (map.glob == "**${File.separator}pom.xml") {
|
|
return [new File('maven1/pom.xml'), new File('maven2/pom.xml')].toArray()
|
|
}
|
|
if (map.glob == "**${File.separator}package.json") {
|
|
return [new File('npm1/package.json'), new File('npm2/package.json'), new File('npm3/package.json'), new File('npm4/package.json')].toArray()
|
|
}
|
|
return [].toArray()
|
|
})
|
|
|
|
helper.registerAllowedMethod("parallel", [Map.class], { map ->
|
|
map.each {m ->
|
|
if (m.key != 'failFast') {
|
|
m.value()
|
|
}
|
|
}
|
|
})
|
|
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
return result
|
|
})
|
|
|
|
//need to use call due to mock above
|
|
stepRule.step.call([
|
|
script : nullScript,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub: whitesourceOrgAdminRepositoryStub,
|
|
scanType : 'mta',
|
|
productName : 'SHC - Piper',
|
|
buildDescriptorExcludeList : ["maven2${File.separator}pom.xml".toString()],
|
|
juStabUtils : utils,
|
|
orgToken : 'b39d1328-52e2-42e3-98f0-932709daf3f0'
|
|
])
|
|
|
|
assertThat(nullScript.commonPipelineEnvironment.getValue('whitesourceProjectNames'), hasItem('com.sap.maven.test-java - 1'))
|
|
assertThat(nullScript.commonPipelineEnvironment.getValue('whitesourceProjectNames'), hasItem('com.sap.node.test-node - 1'))
|
|
|
|
|
|
}
|
|
|
|
@Test
|
|
void testNPMStatusCheckScanException() {
|
|
thrown.expect(AbortException.class)
|
|
stepRule.step.checkStatus(-1 & 0xFF, [whitesource:[licensingVulnerabilities: true]])
|
|
}
|
|
|
|
@Test
|
|
void testNPMStatusCheckPolicyViolation() {
|
|
thrown.expect(AbortException.class)
|
|
stepRule.step.checkStatus(-2 & 0xFF, [whitesource:[licensingVulnerabilities: true]])
|
|
}
|
|
|
|
@Test
|
|
void testNPMStatusCheckNoPolicyViolation() {
|
|
stepRule.step.checkStatus(-2 & 0xFF, [whitesource:[licensingVulnerabilities: false]])
|
|
}
|
|
|
|
@Test
|
|
void testNPMStatusCheckClientException() {
|
|
thrown.expect(AbortException.class)
|
|
stepRule.step.checkStatus(-3 & 0xFF, [whitesource:[licensingVulnerabilities: true]])
|
|
}
|
|
|
|
@Test
|
|
void testNPMStatusCheckConnectionException() {
|
|
thrown.expect(AbortException.class)
|
|
stepRule.step.checkStatus(-4 & 0xFF, [whitesource:[licensingVulnerabilities: true]])
|
|
}
|
|
|
|
@Test
|
|
void testNPMStatusCheckServerException() {
|
|
thrown.expect(AbortException.class)
|
|
stepRule.step.checkStatus(-3 & 0xFF, [whitesource:[licensingVulnerabilities: true]])
|
|
}
|
|
|
|
@Test
|
|
void testViolationPolicy() {
|
|
stepRule.step.checkViolationStatus(0)
|
|
}
|
|
|
|
@Test
|
|
void testViolationPolicyException() {
|
|
thrown.expect(AbortException.class)
|
|
thrown.expectMessage("1")
|
|
stepRule.step.checkViolationStatus(1)
|
|
}
|
|
|
|
@Test
|
|
void testFetchViolationCountProject() {
|
|
|
|
def config = [projectNames: ["piper-java-cc - 0.0.1", "pipeline-test - 0.0.1"], productToken: "product-token"]
|
|
|
|
def projectTokens = [[token:"abc-project-token"],[token:"def-project-token"]]
|
|
helper.registerAllowedMethod('fetchProjectsMetaInfo', [], { return projectTokens })
|
|
helper.registerAllowedMethod('fetchProjectLicenseAlerts', [String], { projectToken ->
|
|
if(projectToken == projectTokens[0].token)
|
|
return [alerts: []]
|
|
if(projectToken == projectTokens[1].token)
|
|
return [alerts: []]
|
|
})
|
|
|
|
def violationCount = stepRule.step.fetchViolationCount(config, whitesourceStub)
|
|
|
|
Assert.assertTrue(violationCount == 0)
|
|
}
|
|
|
|
|
|
@Test
|
|
void testFetchViolationCountProjectNotZero() {
|
|
|
|
def config = [whitesource: [projectNames: ["piper-java-cc - 0.0.1", "pipeline-test - 0.0.1"]]]
|
|
def projectTokens = [[token:"abc-project-token"],[token:"def-project-token"]]
|
|
helper.registerAllowedMethod('fetchProjectsMetaInfo', [], { return projectTokens })
|
|
helper.registerAllowedMethod('fetchProjectLicenseAlerts', [String], { projectToken ->
|
|
if(projectToken == projectTokens[0].token)
|
|
return [alerts: [{}, {}]]
|
|
if(projectToken == projectTokens[1].token)
|
|
return [alerts: [{}, {}, {}]]
|
|
})
|
|
|
|
def violationCount = stepRule.step.fetchViolationCount(config, whitesourceStub)
|
|
|
|
Assert.assertTrue(violationCount == 5)
|
|
}
|
|
|
|
@Test
|
|
void testFetchViolationCountProduct() {
|
|
|
|
def config = [:]
|
|
|
|
helper.registerAllowedMethod('fetchProductLicenseAlerts', [], { return [alerts: []] })
|
|
|
|
def violationCount = stepRule.step.fetchViolationCount(config, whitesourceStub)
|
|
|
|
Assert.assertTrue(violationCount == 0)
|
|
}
|
|
|
|
@Test
|
|
void testFetchViolationCountProductNotZero() {
|
|
|
|
def config = [:]
|
|
|
|
helper.registerAllowedMethod('fetchProductLicenseAlerts', [], { return [alerts: [{}, {}]]})
|
|
|
|
def violationCount = stepRule.step.fetchViolationCount(config, whitesourceStub)
|
|
|
|
Assert.assertTrue(violationCount == 2)
|
|
}
|
|
|
|
@Test
|
|
void testCheckException() {
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
result.putAll([
|
|
"apiKey": "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
|
"productName": "SHC - Piper",
|
|
"checkPolicies": "true",
|
|
"projectName": "python-test",
|
|
"projectVersion": "2.0.0"
|
|
])
|
|
return result
|
|
})
|
|
helper.registerAllowedMethod("fetchVulnerabilities", [List], {
|
|
return new JsonUtils().jsonStringToGroovyObject("""{"alerts":[{"vulnerability":{"name":"CVE-2017-15095","type":"CVE","severity":"high","score":7.5,"cvss3_severity":"high","cvss3_score":9.8,"scoreMetadataVector":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","publishDate":"2018-02-06","url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15095",
|
|
"description":"A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.",
|
|
"topFix":{"vulnerability":"CVE-2017-15095","type":"CHANGE_FILES","origin":"GITHUB_COMMIT","url":"https://github.com/FasterXML/jackson-databind/commit/60d459ce","fixResolution":"src/test/java/com/fasterxml/jackson/databind/interop/IllegalTypesCheckTest.java,release-notes/VERSION,src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java","date":"2017-04-13",
|
|
"message":"Fix #1599 for 2.8.9\\n\\nMerge branch '2.7' into 2.8","extraData":"key=60d459c&committerName=cowtowncoder&committerUrl=https://github.com/cowtowncoder&committerAvatar=https://avatars0.githubusercontent.com/u/55065?v=4"},"allFixes":[{"vulnerability":"CVE-2017-15095","type":"CHANGE_FILES","origin":"GITHUB_COMMIT",
|
|
"url":"https://github.com/FasterXML/jackson-databind/commit/60d459ce","fixResolution":"src/test/java/com/fasterxml/jackson/databind/interop/IllegalTypesCheckTest.java,release-notes/VERSION,src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java","date":"2017-04-13","message":"Fix #1599 for 2.8.9\\n\\nMerge branch '2.7' into 2.8",
|
|
"extraData":"key=60d459c&committerName=cowtowncoder&committerUrl=https://github.com/cowtowncoder&committerAvatar=https://avatars0.githubusercontent.com/u/55065?v=4"},{"vulnerability":"CVE-2017-15095","type":"CHANGE_FILES","origin":"GITHUB_COMMIT","url":"https://github.com/FasterXML/jackson-databind/commit/e865a7a4464da63ded9f4b1a2328ad85c9ded78b#diff-98084d808198119d550a9211e128a16f",
|
|
"fixResolution":"src/test/java/com/fasterxml/jackson/databind/interop/IllegalTypesCheckTest.java,release-notes/VERSION,src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java","date":"2017-12-12","message":"Fix #1737 (#1857)","extraData":"key=e865a7a&committerName=cowtowncoder&committerUrl=https://github.com/cowtowncoder&committerAvatar=https://avatars0.githubusercontent.com/u/55065?v=4"},
|
|
{"vulnerability":"CVE-2017-15095","type":"CHANGE_FILES","origin":"GITHUB_COMMIT","url":"https://github.com/FasterXML/jackson-databind/commit/e8f043d1","fixResolution":"release-notes/VERSION,src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java","date":"2017-06-30","message":"Fix #1680",
|
|
"extraData":"key=e8f043d&committerName=cowtowncoder&committerUrl=https://github.com/cowtowncoder&committerAvatar=https://avatars0.githubusercontent.com/u/55065?v=4"}],"fixResolutionText":"Replace or update the following files: IllegalTypesCheckTest.java, VERSION, BeanDeserializerFactory.java","references":[]},
|
|
"type":"SECURITY_VULNERABILITY","level":"MAJOR","library":{"keyUuid":"13f7802e-8aa1-4303-a5db-1d0c85e871a9","keyId":23410061,"filename":"jackson-databind-2.8.8.jar","name":"jackson-databind","groupId":"com.fasterxml.jackson.core","artifactId":"jackson-databind","version":"2.8.8","sha1":"bf88c7b27e95cbadce4e7c316a56c3efffda8026",
|
|
"type":"Java","references":{"url":"http://github.com/FasterXML/jackson","issueUrl":"https://github.com/FasterXML/jackson-databind/issues","pomUrl":"http://repo.jfrog.org/artifactory/list/repo1/com/fasterxml/jackson/core/jackson-databind/2.8.8/jackson-databind-2.8.8.pom","scmUrl":"http://github.com/FasterXML/jackson-databind"},
|
|
"licenses":[{"name":"Apache 2.0","url":"http://apache.org/licenses/LICENSE-2.0","profileInfo":{"copyrightRiskScore":"THREE","patentRiskScore":"ONE","copyleft":"NO","linking":"DYNAMIC","royaltyFree":"CONDITIONAL"}}]},"project":"pipeline-test - 0.0.1","projectId":302194,"projectToken":"1b8fdc36cb6949f482d0fd936a39dab69d6b34f43fff4dda8a9241f2c6e536c7","directDependency":false,"description":"High:5,","date":"2017-11-15"}]}""").alerts
|
|
})
|
|
|
|
thrown.expect(AbortException.class)
|
|
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
scanType : 'npm',
|
|
juStabUtils : utils,
|
|
securityVulnerabilities : true,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub : whitesourceOrgAdminRepositoryStub,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
cvssSeverityLimit : 7,
|
|
orgToken : 'testOrgToken',
|
|
productName : 'SHC - Piper',
|
|
projectNames : [ 'piper-demo - 0.0.1' ]
|
|
])
|
|
}
|
|
|
|
@Test
|
|
void testCheckFindingBelowThreshold() {
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
result.putAll([
|
|
"apiKey": "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
|
"productName": "SHC - Piper",
|
|
"checkPolicies": "true",
|
|
"projectName": "pipeline-test-node",
|
|
"projectVersion": "2.0.0"
|
|
])
|
|
return result
|
|
})
|
|
helper.registerAllowedMethod("fetchVulnerabilities", [List], {
|
|
return new JsonUtils().jsonStringToGroovyObject("""{ \"alerts\": [ { \"vulnerability\": { \"name\": \"CVE-2017-15095\", \"type\": \"CVE\", \"severity\": \"high\", \"score\": 2.1, \"cvss3_severity\": \"high\", \"cvss3_score\": 5.3, \"scoreMetadataVector\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"publishDate\": \"2018-02-06\", \"url\": \"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15095\", \"description\": \"A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.\", \"topFix\": { \"vulnerability\": \"CVE-2017-15095\", \"type\": \"CHANGE_FILES\", \"origin\": \"GITHUB_COMMIT\", \"url\": \"https://github.com/FasterXML/jackson-databind/commit/60d459ce\",
|
|
\"fixResolution\": \"src/test/java/com/fasterxml/jackson/databind/interop/IllegalTypesCheckTest.java,release-notes/VERSION,src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java\", \"date\": \"2017-04-13\", \"message\": \"Fix #1599 for 2.8.9\\n\\nMerge branch '2.7' into 2.8\", \"extraData\": \"key=60d459c&committerName=cowtowncoder&committerUrl=https://github.com/cowtowncoder&committerAvatar=https://avatars0.githubusercontent.com/u/55065?v=4\" }, \"allFixes\": [ { \"vulnerability\": \"CVE-2017-15095\", \"type\": \"CHANGE_FILES\", \"origin\": \"GITHUB_COMMIT\", \"url\": \"https://github.com/FasterXML/jackson-databind/commit/60d459ce\", \"fixResolution\": \"src/test/java/com/fasterxml/jackson/databind/interop/IllegalTypesCheckTest.java,release-notes/VERSION,src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java\", \"date\": \"2017-04-13\", \"message\": \"Fix #1599 for 2.8.9\\n\\nMerge branch '2.7' into 2.8\",
|
|
\"extraData\": \"key=60d459c&committerName=cowtowncoder&committerUrl=https://github.com/cowtowncoder&committerAvatar=https://avatars0.githubusercontent.com/u/55065?v=4\" }, { \"vulnerability\": \"CVE-2017-15095\", \"type\": \"CHANGE_FILES\", \"origin\": \"GITHUB_COMMIT\", \"url\": \"https://github.com/FasterXML/jackson-databind/commit/e865a7a4464da63ded9f4b1a2328ad85c9ded78b#diff-98084d808198119d550a9211e128a16f\", \"fixResolution\": \"src/test/java/com/fasterxml/jackson/databind/interop/IllegalTypesCheckTest.java,release-notes/VERSION,src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java\", \"date\": \"2017-12-12\", \"message\": \"Fix #1737 (#1857)\", \"extraData\": \"key=e865a7a&committerName=cowtowncoder&committerUrl=https://github.com/cowtowncoder&committerAvatar=https://avatars0.githubusercontent.com/u/55065?v=4\" }, { \"vulnerability\": \"CVE-2017-15095\", \"type\": \"CHANGE_FILES\", \"origin\": \"GITHUB_COMMIT\",
|
|
\"url\": \"https://github.com/FasterXML/jackson-databind/commit/e8f043d1\", \"fixResolution\": \"release-notes/VERSION,src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java\", \"date\": \"2017-06-30\", \"message\": \"Fix #1680\", \"extraData\": \"key=e8f043d&committerName=cowtowncoder&committerUrl=https://github.com/cowtowncoder&committerAvatar=https://avatars0.githubusercontent.com/u/55065?v=4\" } ], \"fixResolutionText\": \"Replace or update the following files: IllegalTypesCheckTest.java, VERSION, BeanDeserializerFactory.java\", \"references\": [] }, \"type\": \"SECURITY_VULNERABILITY\", \"level\": \"MAJOR\", \"library\": { \"keyUuid\": \"13f7802e-8aa1-4303-a5db-1d0c85e871a9\", \"keyId\": 23410061, \"filename\": \"jackson-databind-2.8.8.jar\", \"name\": \"jackson-databind\", \"groupId\": \"com.fasterxml.jackson.core\", \"artifactId\": \"jackson-databind\", \"version\": \"2.8.8\", \"sha1\": \"bf88c7b27e95cbadce4e7c316a56c3efffda8026\",
|
|
\"type\": \"Java\", \"references\": { \"url\": \"http://github.com/FasterXML/jackson\", \"issueUrl\": \"https://github.com/FasterXML/jackson-databind/issues\", \"pomUrl\": \"http://repo.jfrog.org/artifactory/list/repo1/com/fasterxml/jackson/core/jackson-databind/2.8.8/jackson-databind-2.8.8.pom\", \"scmUrl\": \"http://github.com/FasterXML/jackson-databind\" }, \"licenses\": [ { \"name\": \"Apache 2.0\", \"url\": \"http://apache.org/licenses/LICENSE-2.0\", \"profileInfo\": { \"copyrightRiskScore\": \"THREE\", \"patentRiskScore\": \"ONE\", \"copyleft\": \"NO\", \"linking\": \"DYNAMIC\", \"royaltyFree\": \"CONDITIONAL\" } } ] }, \"project\": \"pipeline-test - 0.0.1\", \"projectId\": 302194, \"projectToken\": \"1b8fdc36cb6949f482d0fd936a39dab69d6b34f43fff4dda8a9241f2c6e536c7\", \"directDependency\": false, \"description\": \"High:5,\", \"date\": \"2017-11-15\" } ] }""").alerts
|
|
})
|
|
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub : whitesourceOrgAdminRepositoryStub,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
scanType : 'npm',
|
|
juStabUtils : utils,
|
|
securityVulnerabilities : true,
|
|
orgToken : 'testOrgToken',
|
|
productName : 'SHC - Piper',
|
|
projectNames : [ 'piper-demo - 0.0.1' ],
|
|
cvssSeverityLimit : 7
|
|
])
|
|
|
|
assertThat(loggingRule.log, containsString('WARNING: 1 Open Source Software Security vulnerabilities with CVSS score below 7 detected.'))
|
|
assertThat(writeFileRule.files['piper_whitesource_vulnerability_report.json'], not(isEmptyOrNullString()))
|
|
}
|
|
|
|
@Test
|
|
void testCheckFindingAbove() {
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
result.putAll([
|
|
"apiKey": "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
|
"productName": "SHC - Piper",
|
|
"checkPolicies": "true",
|
|
"projectName": "pipeline-test-node",
|
|
"projectVersion": "2.0.0"
|
|
])
|
|
return result
|
|
})
|
|
helper.registerAllowedMethod("fetchVulnerabilities", [List], {
|
|
return new JsonUtils().jsonStringToGroovyObject("""{ \"alerts\": [ { \"vulnerability\": { \"name\": \"CVE-2017-15095\", \"type\": \"CVE\", \"severity\": \"high\", \"score\": 2.1, \"cvss3_severity\": \"high\", \"cvss3_score\": 5.3, \"scoreMetadataVector\": \"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"publishDate\": \"2018-02-06\", \"url\": \"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15095\", \"description\": \"A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously.\", \"topFix\": { \"vulnerability\": \"CVE-2017-15095\", \"type\": \"CHANGE_FILES\", \"origin\": \"GITHUB_COMMIT\", \"url\": \"https://github.com/FasterXML/jackson-databind/commit/60d459ce\",
|
|
\"fixResolution\": \"src/test/java/com/fasterxml/jackson/databind/interop/IllegalTypesCheckTest.java,release-notes/VERSION,src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java\", \"date\": \"2017-04-13\", \"message\": \"Fix #1599 for 2.8.9\\n\\nMerge branch '2.7' into 2.8\", \"extraData\": \"key=60d459c&committerName=cowtowncoder&committerUrl=https://github.com/cowtowncoder&committerAvatar=https://avatars0.githubusercontent.com/u/55065?v=4\" }, \"allFixes\": [ { \"vulnerability\": \"CVE-2017-15095\", \"type\": \"CHANGE_FILES\", \"origin\": \"GITHUB_COMMIT\", \"url\": \"https://github.com/FasterXML/jackson-databind/commit/60d459ce\", \"fixResolution\": \"src/test/java/com/fasterxml/jackson/databind/interop/IllegalTypesCheckTest.java,release-notes/VERSION,src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java\", \"date\": \"2017-04-13\", \"message\": \"Fix #1599 for 2.8.9\\n\\nMerge branch '2.7' into 2.8\",
|
|
\"extraData\": \"key=60d459c&committerName=cowtowncoder&committerUrl=https://github.com/cowtowncoder&committerAvatar=https://avatars0.githubusercontent.com/u/55065?v=4\" }, { \"vulnerability\": \"CVE-2017-15095\", \"type\": \"CHANGE_FILES\", \"origin\": \"GITHUB_COMMIT\", \"url\": \"https://github.com/FasterXML/jackson-databind/commit/e865a7a4464da63ded9f4b1a2328ad85c9ded78b#diff-98084d808198119d550a9211e128a16f\", \"fixResolution\": \"src/test/java/com/fasterxml/jackson/databind/interop/IllegalTypesCheckTest.java,release-notes/VERSION,src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java\", \"date\": \"2017-12-12\", \"message\": \"Fix #1737 (#1857)\", \"extraData\": \"key=e865a7a&committerName=cowtowncoder&committerUrl=https://github.com/cowtowncoder&committerAvatar=https://avatars0.githubusercontent.com/u/55065?v=4\" }, { \"vulnerability\": \"CVE-2017-15095\", \"type\": \"CHANGE_FILES\", \"origin\": \"GITHUB_COMMIT\",
|
|
\"url\": \"https://github.com/FasterXML/jackson-databind/commit/e8f043d1\", \"fixResolution\": \"release-notes/VERSION,src/main/java/com/fasterxml/jackson/databind/deser/BeanDeserializerFactory.java\", \"date\": \"2017-06-30\", \"message\": \"Fix #1680\", \"extraData\": \"key=e8f043d&committerName=cowtowncoder&committerUrl=https://github.com/cowtowncoder&committerAvatar=https://avatars0.githubusercontent.com/u/55065?v=4\" } ], \"fixResolutionText\": \"Replace or update the following files: IllegalTypesCheckTest.java, VERSION, BeanDeserializerFactory.java\", \"references\": [] }, \"type\": \"SECURITY_VULNERABILITY\", \"level\": \"MAJOR\", \"library\": { \"keyUuid\": \"13f7802e-8aa1-4303-a5db-1d0c85e871a9\", \"keyId\": 23410061, \"filename\": \"jackson-databind-2.8.8.jar\", \"name\": \"jackson-databind\", \"groupId\": \"com.fasterxml.jackson.core\", \"artifactId\": \"jackson-databind\", \"version\": \"2.8.8\", \"sha1\": \"bf88c7b27e95cbadce4e7c316a56c3efffda8026\",
|
|
\"type\": \"Java\", \"references\": { \"url\": \"http://github.com/FasterXML/jackson\", \"issueUrl\": \"https://github.com/FasterXML/jackson-databind/issues\", \"pomUrl\": \"http://repo.jfrog.org/artifactory/list/repo1/com/fasterxml/jackson/core/jackson-databind/2.8.8/jackson-databind-2.8.8.pom\", \"scmUrl\": \"http://github.com/FasterXML/jackson-databind\" }, \"licenses\": [ { \"name\": \"Apache 2.0\", \"url\": \"http://apache.org/licenses/LICENSE-2.0\", \"profileInfo\": { \"copyrightRiskScore\": \"THREE\", \"patentRiskScore\": \"ONE\", \"copyleft\": \"NO\", \"linking\": \"DYNAMIC\", \"royaltyFree\": \"CONDITIONAL\" } } ] }, \"project\": \"pipeline-test - 0.0.1\", \"projectId\": 302194, \"projectToken\": \"1b8fdc36cb6949f482d0fd936a39dab69d6b34f43fff4dda8a9241f2c6e536c7\", \"directDependency\": false, \"description\": \"High:5,\", \"date\": \"2017-11-15\" } ] }""").alerts
|
|
})
|
|
|
|
thrown.expect(AbortException)
|
|
thrown.expectMessage('[whitesourceExecuteScan] 1 Open Source Software Security vulnerabilities with CVSS score greater or equal 0 detected. - ')
|
|
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub: whitesourceOrgAdminRepositoryStub,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
scanType : 'npm',
|
|
juStabUtils : utils,
|
|
securityVulnerabilities : true,
|
|
orgToken : 'testOrgToken',
|
|
productName : 'SHC - Piper',
|
|
projectNames : ['piper-demo - 0.0.1'],
|
|
cvssSeverityLimit : 0
|
|
])
|
|
|
|
assertThat(writeFileRule.files['piper_whitesource_vulnerability_report.json'], not(isEmptyOrNullString()))
|
|
}
|
|
|
|
@Test
|
|
void testCheckNoFindings() {
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
result.putAll([
|
|
"apiKey": "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
|
"productName": "SHC - Piper",
|
|
"checkPolicies": "true",
|
|
"projectName": "pipeline-test-node",
|
|
"projectVersion": "2.0.0"
|
|
])
|
|
return result
|
|
})
|
|
helper.registerAllowedMethod("fetchVulnerabilities", [Object.class], {
|
|
return new JsonUtils().jsonStringToGroovyObject("{ \"alerts\": [] }").alerts
|
|
})
|
|
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub : whitesourceOrgAdminRepositoryStub,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
scanType : 'npm',
|
|
juStabUtils : utils,
|
|
securityVulnerabilities : true,
|
|
orgToken : 'testOrgToken',
|
|
productName : 'SHC - Piper',
|
|
projectNames : [ 'piper-demo - 0.0.1' ]
|
|
])
|
|
|
|
assertThat(loggingRule.log, containsString('No Open Source Software Security vulnerabilities detected.'))
|
|
assertThat(writeFileRule.files['piper_whitesource_vulnerability_report.json'], not(isEmptyOrNullString()))
|
|
}
|
|
|
|
@Test
|
|
void testCheckStatus_0() {
|
|
stepRule.step.checkStatus(0, [whitesource:[licensingVulnerabilities: true]])
|
|
}
|
|
|
|
@Test
|
|
void testCheckStatus_255() {
|
|
thrown.expect(AbortException)
|
|
thrown.expectMessage("[whitesourceExecuteScan] The scan resulted in an error")
|
|
stepRule.step.checkStatus(255, [whitesource:[licensingVulnerabilities: true]])
|
|
}
|
|
|
|
@Test
|
|
void testCheckStatus_254() {
|
|
thrown.expect(AbortException)
|
|
thrown.expectMessage("[whitesourceExecuteScan] Whitesource found one or multiple policy violations")
|
|
stepRule.step.checkStatus(254, [whitesource:[licensingVulnerabilities: true]])
|
|
}
|
|
|
|
@Test
|
|
void testCheckStatus_253() {
|
|
thrown.expect(AbortException)
|
|
thrown.expectMessage("[whitesourceExecuteScan] The local scan client failed to execute the scan")
|
|
stepRule.step.checkStatus(253, [whitesource:[licensingVulnerabilities: true]])
|
|
}
|
|
|
|
@Test
|
|
void testCheckStatus_252() {
|
|
thrown.expect(AbortException)
|
|
thrown.expectMessage("[whitesourceExecuteScan] There was a failure in the connection to the WhiteSource servers")
|
|
stepRule.step.checkStatus(252, [whitesource:[licensingVulnerabilities: true]])
|
|
}
|
|
|
|
@Test
|
|
void testCheckStatus_251() {
|
|
thrown.expect(AbortException)
|
|
thrown.expectMessage("[whitesourceExecuteScan] The server failed to analyze the scan")
|
|
stepRule.step.checkStatus(251, [whitesource:[licensingVulnerabilities: true]])
|
|
}
|
|
|
|
@Test
|
|
void testCheckStatus_250() {
|
|
thrown.expect(AbortException)
|
|
thrown.expectMessage("[whitesourceExecuteScan] Pre-step failure")
|
|
stepRule.step.checkStatus(250, [whitesource:[licensingVulnerabilities: true]])
|
|
}
|
|
|
|
@Test
|
|
void testCheckStatus_127() {
|
|
thrown.expect(AbortException)
|
|
thrown.expectMessage("[whitesourceExecuteScan] Whitesource scan failed with unknown error code '127'")
|
|
stepRule.step.checkStatus(127, [whitesource:[licensingVulnerabilities: true]])
|
|
}
|
|
|
|
@Test
|
|
void testCheckStatus_vulnerability() {
|
|
thrown.expect(AbortException)
|
|
thrown.expectMessage("[whitesourceExecuteScan] 5 Open Source Software Security vulnerabilities with CVSS score greater or equal 7 detected. - ")
|
|
stepRule.step.checkStatus(0, [whitesource:[licensingVulnerabilities: false, securityVulnerabilities: true, severeVulnerabilities: 5, cvssSeverityLimit: 7]])
|
|
}
|
|
|
|
@Test
|
|
void testCheckViolationStatus_0() {
|
|
stepRule.step.checkViolationStatus(0)
|
|
assertThat(loggingRule.log, containsString ("[whitesourceExecuteScan] No policy violations found"))
|
|
}
|
|
|
|
@Test
|
|
void testCheckViolationStatus_5() {
|
|
thrown.expect(AbortException)
|
|
thrown.expectMessage("[whitesourceExecuteScan] Whitesource found 5 policy violations for your product")
|
|
stepRule.step.checkViolationStatus(5)
|
|
}
|
|
|
|
@Test
|
|
void testGoStepFeatureToggleOn() {
|
|
String calledStep = ''
|
|
String usedMetadataFile = ''
|
|
helper.registerAllowedMethod('piperExecuteBin', [Map, String, String, List], {
|
|
Map parameters, String stepName,
|
|
String metadataFile, List credentialInfo ->
|
|
calledStep = stepName
|
|
usedMetadataFile = metadataFile
|
|
})
|
|
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
orgToken : 'testOrgToken',
|
|
productName : 'SHC - Piper',
|
|
projectNames: ['piper-demo - 0.0.1'],
|
|
useGoStep : true,
|
|
])
|
|
|
|
assertEquals('whitesourceExecuteScan', calledStep)
|
|
assertEquals('metadata/whitesource.yaml', usedMetadataFile)
|
|
}
|
|
|
|
@Test
|
|
void testGoStepFeatureToggleImplicitOff() {
|
|
String calledStep = ''
|
|
String usedMetadataFile = ''
|
|
helper.registerAllowedMethod('piperExecuteBin', [Map, String, String, List], {
|
|
Map parameters, String stepName,
|
|
String metadataFile, List credentialInfo ->
|
|
calledStep = stepName
|
|
usedMetadataFile = metadataFile
|
|
})
|
|
|
|
helper.registerAllowedMethod("readProperties", [Map], {
|
|
def result = new Properties()
|
|
result.putAll([
|
|
"apiKey" : "b39d1328-52e2-42e3-98f0-932709daf3f0",
|
|
"productName" : "SHC - Piper",
|
|
"checkPolicies" : "true",
|
|
"projectName" : "python-test",
|
|
"projectVersion": "1.0.0"
|
|
])
|
|
return result
|
|
})
|
|
|
|
helper.registerAllowedMethod("publishHTML", [Map.class], { m ->
|
|
return null
|
|
})
|
|
|
|
stepRule.step.whitesourceExecuteScan([
|
|
script : nullScript,
|
|
whitesourceRepositoryStub : whitesourceStub,
|
|
whitesourceOrgAdminRepositoryStub: whitesourceOrgAdminRepositoryStub,
|
|
descriptorUtilsStub : descriptorUtilsStub,
|
|
scanType : 'maven',
|
|
juStabUtils : utils,
|
|
orgToken : 'testOrgToken',
|
|
whitesourceProductName : 'testProduct',
|
|
])
|
|
|
|
assertEquals('', calledStep)
|
|
assertEquals('', usedMetadataFile)
|
|
}
|
|
}
|