1
0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-14 11:03:09 +02:00
sap-jenkins-library/cmd/checkmarxOneExecuteScan_test.go
michaelkubiaczyk bc8d5efe46
Cxone release supporting applications (#4548)
* Initial in progress

* compiling but not yet functional

* Missed file

* updated checkmarxone step

* Working up to fetching a project then breaks

* Missed file

* Breaks when retrieving projects+proxy set

* Create project & run scan working, now polling

* Fixed polling

* added back the zipfile remove command

* Fixed polling again

* Generates and downloads PDF report

* Updated and working, prep for refactor

* Added compliance steps

* Cleanup, reporting, added groovy connector

* fixed groovy file

* checkmarxone to checkmarxOne

* checkmarxone to checkmarxOne

* split credentials (id+secret, apikey), renamed pullrequestname to branch, groovy fix

* Fixed filenames & yaml

* missed the metadata_generated.go

* added json to sarif conversion

* fix:type in new checkmarxone package

* fix:type in new checkmarxone package

* removed test logs, added temp error log for creds

* extra debugging to fix crash

* improved auth logging, fixed query parse issue

* fixed bug with group fetch when using oauth user

* CWE can be -1 if not defined, can't be uint

* Query also had CweID

* Disabled predicates-fetch in sarif generation

* Removing leftover info log message

* Better error handling

* fixed default preset configuration

* removing .bat files - sorry

* Cleanup per initial review

* refactoring per Gist, fixed project find, add apps

* small fix - sorry for commit noise while testing

* Fixing issues with incremental scans.

* removing maxretries

* Updated per PR feedback, further changes todo toda

* JSON Report changes and reporting cleanup

* removing .bat (again?)

* adding docs, groovy unit test, linter fixes

* Started adding tests maybe 15% covered

* fix(checkmarxOne): test cases for pkg and reporting

* fix(checkmarxOne):fix formatting

* feat(checkmarxone): update interface with missing method

* feat(checkmarxone):change runStep signature to be able to inject dependency

* feat(checkmarxone): add tests for step (wip)

* Adding a bit more coverage

* feat(checkmarxOne): fix code review

* feat(checkmarxOne): fix code review

* feat(checkmarxOne): fix code review

* feat(checkmarxOne): fix integration test PR

* adding scan-summary bug workaround, reportgen fail

* enforceThresholds fix when no results passed in

* fixed gap when preset empty in yaml & project conf

* fixed another gap in preset selection

* fix 0-result panic

* fail when no preset is set anywhere

* removed comment

* initial project-under-app support

* fixing sarif reportgen

* some cleanup of error messages

* post-merge test fixes

* revert previous upstream merge

* fix:formatting

* fix(checkmarxOne):yamllint too many blank lines

* fix(checkmarxOne):unit test

* fix(checkmarxOne):generated code

---------

Co-authored-by: thtri <trinhthanhhai@gmail.com>
Co-authored-by: Thanh-Hai Trinh <thanh.hai.trinh@sap.com>
2023-09-05 21:49:27 +02:00

323 lines
11 KiB
Go

package cmd
import (
"context"
"encoding/json"
"fmt"
"testing"
"github.com/stretchr/testify/assert"
checkmarxOne "github.com/SAP/jenkins-library/pkg/checkmarxone"
"github.com/SAP/jenkins-library/pkg/piperutils"
"github.com/pkg/errors"
)
type checkmarxOneSystemMock struct {
response interface{}
}
func (sys *checkmarxOneSystemMock) DownloadReport(reportID string) ([]byte, error) {
return nil, nil
}
func (sys *checkmarxOneSystemMock) GetReportStatus(reportID string) (checkmarxOne.ReportStatus, error) {
return checkmarxOne.ReportStatus{}, nil
}
func (sys *checkmarxOneSystemMock) RequestNewReport(scanID, projectID, branch, reportType string) (string, error) {
return "", nil
}
func (sys *checkmarxOneSystemMock) CreateApplication(appname string) (checkmarxOne.Application, error) {
return checkmarxOne.Application{}, nil
}
func (sys *checkmarxOneSystemMock) GetApplicationByName(appname string) (checkmarxOne.Application, error) {
return checkmarxOne.Application{}, nil
}
func (sys *checkmarxOneSystemMock) GetApplicationByID(appname string) (checkmarxOne.Application, error) {
return checkmarxOne.Application{}, nil
}
func (sys *checkmarxOneSystemMock) UpdateApplication(app *checkmarxOne.Application) error {
return nil
}
func (sys *checkmarxOneSystemMock) GetScan(scanID string) (checkmarxOne.Scan, error) {
return checkmarxOne.Scan{}, nil
}
func (sys *checkmarxOneSystemMock) GetScanMetadata(scanID string) (checkmarxOne.ScanMetadata, error) {
return checkmarxOne.ScanMetadata{}, nil
}
func (sys *checkmarxOneSystemMock) GetScanResults(scanID string, limit uint64) ([]checkmarxOne.ScanResult, error) {
return []checkmarxOne.ScanResult{}, nil
}
func (sys *checkmarxOneSystemMock) GetScanSummary(scanID string) (checkmarxOne.ScanSummary, error) {
return checkmarxOne.ScanSummary{}, nil
}
func (sys *checkmarxOneSystemMock) GetResultsPredicates(SimilarityID int64, ProjectID string) ([]checkmarxOne.ResultsPredicates, error) {
return []checkmarxOne.ResultsPredicates{}, nil
}
func (sys *checkmarxOneSystemMock) GetScanWorkflow(scanID string) ([]checkmarxOne.WorkflowLog, error) {
return []checkmarxOne.WorkflowLog{}, nil
}
func (sys *checkmarxOneSystemMock) GetLastScans(projectID string, limit int) ([]checkmarxOne.Scan, error) {
return []checkmarxOne.Scan{}, nil
}
func (sys *checkmarxOneSystemMock) GetLastScansByStatus(projectID string, limit int, status []string) ([]checkmarxOne.Scan, error) {
return []checkmarxOne.Scan{}, nil
}
func (sys *checkmarxOneSystemMock) ScanProject(projectID, sourceUrl, branch, scanType string, settings []checkmarxOne.ScanConfiguration) (checkmarxOne.Scan, error) {
return checkmarxOne.Scan{}, nil
}
func (sys *checkmarxOneSystemMock) ScanProjectZip(projectID, sourceUrl, branch string, settings []checkmarxOne.ScanConfiguration) (checkmarxOne.Scan, error) {
return checkmarxOne.Scan{}, nil
}
func (sys *checkmarxOneSystemMock) ScanProjectGit(projectID, repoUrl, branch string, settings []checkmarxOne.ScanConfiguration) (checkmarxOne.Scan, error) {
return checkmarxOne.Scan{}, nil
}
func (sys *checkmarxOneSystemMock) UploadProjectSourceCode(projectID string, zipFile string) (string, error) {
return "", nil
}
func (sys *checkmarxOneSystemMock) CreateProject(projectName string, groupIDs []string) (checkmarxOne.Project, error) {
return checkmarxOne.Project{}, nil
}
func (sys *checkmarxOneSystemMock) CreateProjectInApplication(projectName, applicationId string, groupIDs []string) (checkmarxOne.Project, error) {
return checkmarxOne.Project{}, nil
}
func (sys *checkmarxOneSystemMock) GetPresets() ([]checkmarxOne.Preset, error) {
return []checkmarxOne.Preset{}, nil
}
func (sys *checkmarxOneSystemMock) GetProjectByID(projectID string) (checkmarxOne.Project, error) {
return checkmarxOne.Project{}, nil
}
func (sys *checkmarxOneSystemMock) GetProjectsByName(projectName string) ([]checkmarxOne.Project, error) {
str := `[
{
"id": "3cb99ae5-5245-4cf7-83aa-9b517b8c1c57",
"name": "ssba-github",
"createdAt": "2023-03-21T16:48:33.224554Z",
"updatedAt": "2023-03-21T16:48:33.224554Z",
"groups": [
"af361bd1-e478-40f6-a4fb-d479828d5998"
],
"tags": {},
"repoUrl": "",
"mainBranch": "",
"criticality": 3
},
{
"id": "3cb99ae5-5245-4cf7-83aa-9b517b8c1c58",
"name": "ssba-local",
"createdAt": "2023-03-21T16:48:33.224554Z",
"updatedAt": "2023-03-21T16:48:33.224554Z",
"groups": [
"af361bd1-e478-40f6-a4fb-d479828d5998"
],
"tags": {},
"repoUrl": "",
"mainBranch": "",
"criticality": 3
},
{
"id": "3cb99ae5-5245-4cf7-83aa-9b517b8c1c59",
"name": "ssba-zip",
"createdAt": "2023-03-21T16:48:33.224554Z",
"updatedAt": "2023-03-21T16:48:33.224554Z",
"groups": [
"af361bd1-e478-40f6-a4fb-d479828d5998"
],
"tags": {},
"repoUrl": "",
"mainBranch": "",
"criticality": 3
}
]`
projects := []checkmarxOne.Project{}
_ = json.Unmarshal([]byte(str), &projects)
return projects, nil
}
func (sys *checkmarxOneSystemMock) GetProjectsByNameAndGroup(projectName, groupID string) ([]checkmarxOne.Project, error) {
return []checkmarxOne.Project{}, nil
}
func (sys *checkmarxOneSystemMock) GetProjects() ([]checkmarxOne.Project, error) {
return []checkmarxOne.Project{}, nil
}
func (sys *checkmarxOneSystemMock) GetQueries() ([]checkmarxOne.Query, error) {
return []checkmarxOne.Query{}, nil
}
func (sys *checkmarxOneSystemMock) GetGroups() ([]checkmarxOne.Group, error) {
str := `
[
{
"id": "d857c923-cf53-48bc-bfe4-163f66ed7b39",
"name": "Group1"
},
{
"id": "a8009bce-c24f-4edc-a931-06eb91ace2f5",
"name": "Group2"
},
{
"id": "a9ef684c-a61b-4647-9c49-363efc3879d7",
"name": "01100035870000224721"
},
{
"id": "3078680e-d796-4607-8e96-0d658eff799a",
"name": "Group3"
}
]
`
groups := []checkmarxOne.Group{}
_ = json.Unmarshal([]byte(str), &groups)
return groups, nil
}
func (sys *checkmarxOneSystemMock) GetGroupByName(groupName string) (checkmarxOne.Group, error) {
groups, err := sys.GetGroups()
var group checkmarxOne.Group
if err != nil {
return group, err
}
for _, g := range groups {
if g.Name == groupName {
return g, nil
}
}
return group, errors.New(fmt.Sprintf("No group matching %v", groupName))
}
func (sys *checkmarxOneSystemMock) GetGroupByID(groupID string) (checkmarxOne.Group, error) {
return checkmarxOne.Group{}, nil
}
func (sys *checkmarxOneSystemMock) SetProjectBranch(projectID, branch string, allowOverride bool) error {
return nil
}
func (sys *checkmarxOneSystemMock) SetProjectPreset(projectID, presetName string, allowOverride bool) error {
return nil
}
func (sys *checkmarxOneSystemMock) SetProjectLanguageMode(projectID, languageMode string, allowOverride bool) error {
return nil
}
func (sys *checkmarxOneSystemMock) SetProjectFileFilter(projectID, filter string, allowOverride bool) error {
return nil
}
func (sys *checkmarxOneSystemMock) GetProjectConfiguration(projectID string) ([]checkmarxOne.ProjectConfigurationSetting, error) {
return []checkmarxOne.ProjectConfigurationSetting{}, nil
}
func (sys *checkmarxOneSystemMock) UpdateProjectConfiguration(projectID string, settings []checkmarxOne.ProjectConfigurationSetting) error {
return nil
}
type checkmarxOneExecuteScanHelperMock struct {
ctx context.Context
config checkmarxOneExecuteScanOptions
sys *checkmarxOne.SystemInstance
influx *checkmarxOneExecuteScanInflux
utils checkmarxOneExecuteScanUtils
Project *checkmarxOne.Project
Group *checkmarxOne.Group
App *checkmarxOne.Application
reports []piperutils.Path
}
func TestGetProjectByName(t *testing.T) {
t.Parallel()
sys := &checkmarxOneSystemMock{}
t.Run("project name not found", func(t *testing.T) {
t.Parallel()
options := checkmarxOneExecuteScanOptions{ProjectName: "ssba_notexist", VulnerabilityThresholdUnit: "absolute", FullScanCycle: "2", Incremental: true, FullScansScheduled: true, Preset: "CheckmarxDefault", GroupName: "TestGroup", VulnerabilityThresholdEnabled: true, GeneratePdfReport: true, APIKey: "testAPIKey", ServerURL: "testURL", IamURL: "testIamURL", Tenant: "testTenant"}
cx1sh := checkmarxOneExecuteScanHelper{nil, options, sys, nil, nil, nil, nil, nil, nil}
_, err := cx1sh.GetProjectByName()
assert.Contains(t, fmt.Sprint(err), "project not found")
})
t.Run("project name exists", func(t *testing.T) {
t.Parallel()
options := checkmarxOneExecuteScanOptions{ProjectName: "ssba-github", VulnerabilityThresholdUnit: "absolute", FullScanCycle: "2", Incremental: true, FullScansScheduled: true, Preset: "CheckmarxDefault", GroupName: "TestGroup", VulnerabilityThresholdEnabled: true, GeneratePdfReport: true, APIKey: "testAPIKey", ServerURL: "testURL", IamURL: "testIamURL", Tenant: "testTenant"}
cx1sh := checkmarxOneExecuteScanHelper{nil, options, sys, nil, nil, nil, nil, nil, nil}
project, err := cx1sh.GetProjectByName()
assert.NoError(t, err, "Error occurred but none expected")
assert.Equal(t, project.ProjectID, "3cb99ae5-5245-4cf7-83aa-9b517b8c1c57")
assert.Equal(t, project.Name, "ssba-github")
assert.Equal(t, project.Groups[0], "af361bd1-e478-40f6-a4fb-d479828d5998")
})
}
func TestGetGroup(t *testing.T) {
t.Parallel()
sys := &checkmarxOneSystemMock{}
t.Run("group ID and group name is not provided", func(t *testing.T) {
t.Parallel()
options := checkmarxOneExecuteScanOptions{ProjectName: "ssba", VulnerabilityThresholdUnit: "absolute", FullScanCycle: "2", Incremental: true, FullScansScheduled: true, Preset: "CheckmarxDefault" /*GroupName: "NotProvided",*/, VulnerabilityThresholdEnabled: true, GeneratePdfReport: true, APIKey: "testAPIKey", ServerURL: "testURL", IamURL: "testIamURL", Tenant: "testTenant"}
cx1sh := checkmarxOneExecuteScanHelper{nil, options, sys, nil, nil, nil, nil, nil, nil}
_, err := cx1sh.GetGroup()
assert.Contains(t, fmt.Sprint(err), "No group name specified in configuration")
})
t.Run("group name not found", func(t *testing.T) {
t.Parallel()
options := checkmarxOneExecuteScanOptions{ProjectName: "ssba", VulnerabilityThresholdUnit: "absolute", FullScanCycle: "2", Incremental: true, FullScansScheduled: true, Preset: "CheckmarxDefault", GroupName: "GroupNotExist", VulnerabilityThresholdEnabled: true, GeneratePdfReport: true, APIKey: "testAPIKey", ServerURL: "testURL", IamURL: "testIamURL", Tenant: "testTenant"}
cx1sh := checkmarxOneExecuteScanHelper{nil, options, sys, nil, nil, nil, nil, nil, nil}
_, err := cx1sh.GetGroup()
assert.Contains(t, fmt.Sprint(err), "Failed to get Checkmarx One group by Name GroupNotExist: No group matching GroupNotExist")
})
t.Run("group name exists", func(t *testing.T) {
t.Parallel()
options := checkmarxOneExecuteScanOptions{ProjectName: "ssba-github", VulnerabilityThresholdUnit: "absolute", FullScanCycle: "2", Incremental: true, FullScansScheduled: true, Preset: "CheckmarxDefault", GroupName: "Group2", VulnerabilityThresholdEnabled: true, GeneratePdfReport: true, APIKey: "testAPIKey", ServerURL: "testURL", IamURL: "testIamURL", Tenant: "testTenant"}
cx1sh := checkmarxOneExecuteScanHelper{nil, options, sys, nil, nil, nil, nil, nil, nil}
group, err := cx1sh.GetGroup()
assert.NoError(t, err, "Error occurred but none expected")
assert.Equal(t, group.GroupID, "a8009bce-c24f-4edc-a931-06eb91ace2f5")
assert.Equal(t, group.Name, "Group2")
})
}