github.com/SAP/jenkins-library@v1.362.0/cmd/checkmarxOneExecuteScan_test.go

github.com/SAP/jenkins-library@v1.362.0/cmd/checkmarxOneExecuteScan_test.go (about)

     1  package cmd
     2  
     3  import (
     4  	"context"
     5  	"encoding/json"
     6  	"fmt"
     7  	"testing"
     8  
     9  	"github.com/stretchr/testify/assert"
    10  
    11  	checkmarxOne "github.com/SAP/jenkins-library/pkg/checkmarxone"
    12  	"github.com/SAP/jenkins-library/pkg/piperutils"
    13  	"github.com/pkg/errors"
    14  )
    15  
    16  type checkmarxOneSystemMock struct {
    17  	response interface{}
    18  }
    19  
    20  func (sys *checkmarxOneSystemMock) DownloadReport(reportID string) ([]byte, error) {
    21  	return nil, nil
    22  }
    23  
    24  func (sys *checkmarxOneSystemMock) GetReportStatus(reportID string) (checkmarxOne.ReportStatus, error) {
    25  	return checkmarxOne.ReportStatus{}, nil
    26  }
    27  
    28  func (sys *checkmarxOneSystemMock) RequestNewReport(scanID, projectID, branch, reportType string) (string, error) {
    29  	return "", nil
    30  }
    31  
    32  func (sys *checkmarxOneSystemMock) CreateApplication(appname string) (checkmarxOne.Application, error) {
    33  	return checkmarxOne.Application{}, nil
    34  }
    35  
    36  func (sys *checkmarxOneSystemMock) GetApplicationByName(appname string) (checkmarxOne.Application, error) {
    37  	return checkmarxOne.Application{}, nil
    38  }
    39  
    40  func (sys *checkmarxOneSystemMock) GetApplicationByID(appname string) (checkmarxOne.Application, error) {
    41  	return checkmarxOne.Application{}, nil
    42  }
    43  
    44  func (sys *checkmarxOneSystemMock) UpdateApplication(app *checkmarxOne.Application) error {
    45  	return nil
    46  }
    47  
    48  func (sys *checkmarxOneSystemMock) GetScan(scanID string) (checkmarxOne.Scan, error) {
    49  	return checkmarxOne.Scan{}, nil
    50  }
    51  
    52  func (sys *checkmarxOneSystemMock) GetScanMetadata(scanID string) (checkmarxOne.ScanMetadata, error) {
    53  	return checkmarxOne.ScanMetadata{}, nil
    54  }
    55  
    56  func (sys *checkmarxOneSystemMock) GetScanResults(scanID string, limit uint64) ([]checkmarxOne.ScanResult, error) {
    57  	return []checkmarxOne.ScanResult{}, nil
    58  }
    59  
    60  func (sys *checkmarxOneSystemMock) GetScanSummary(scanID string) (checkmarxOne.ScanSummary, error) {
    61  	return checkmarxOne.ScanSummary{}, nil
    62  }
    63  
    64  func (sys *checkmarxOneSystemMock) GetResultsPredicates(SimilarityID int64, ProjectID string) ([]checkmarxOne.ResultsPredicates, error) {
    65  	return []checkmarxOne.ResultsPredicates{}, nil
    66  }
    67  
    68  func (sys *checkmarxOneSystemMock) GetScanWorkflow(scanID string) ([]checkmarxOne.WorkflowLog, error) {
    69  	return []checkmarxOne.WorkflowLog{}, nil
    70  }
    71  
    72  func (sys *checkmarxOneSystemMock) GetLastScans(projectID string, limit int) ([]checkmarxOne.Scan, error) {
    73  	return []checkmarxOne.Scan{}, nil
    74  }
    75  
    76  func (sys *checkmarxOneSystemMock) GetLastScansByStatus(projectID string, limit int, status []string) ([]checkmarxOne.Scan, error) {
    77  	return []checkmarxOne.Scan{}, nil
    78  }
    79  
    80  func (sys *checkmarxOneSystemMock) ScanProject(projectID, sourceUrl, branch, scanType string, settings []checkmarxOne.ScanConfiguration) (checkmarxOne.Scan, error) {
    81  	return checkmarxOne.Scan{}, nil
    82  }
    83  
    84  func (sys *checkmarxOneSystemMock) ScanProjectZip(projectID, sourceUrl, branch string, settings []checkmarxOne.ScanConfiguration) (checkmarxOne.Scan, error) {
    85  	return checkmarxOne.Scan{}, nil
    86  }
    87  
    88  func (sys *checkmarxOneSystemMock) ScanProjectGit(projectID, repoUrl, branch string, settings []checkmarxOne.ScanConfiguration) (checkmarxOne.Scan, error) {
    89  	return checkmarxOne.Scan{}, nil
    90  }
    91  
    92  func (sys *checkmarxOneSystemMock) UploadProjectSourceCode(projectID string, zipFile string) (string, error) {
    93  	return "", nil
    94  }
    95  
    96  func (sys *checkmarxOneSystemMock) CreateProject(projectName string, groupIDs []string) (checkmarxOne.Project, error) {
    97  	return checkmarxOne.Project{}, nil
    98  }
    99  
   100  func (sys *checkmarxOneSystemMock) CreateProjectInApplication(projectName, applicationId string, groupIDs []string) (checkmarxOne.Project, error) {
   101  	return checkmarxOne.Project{}, nil
   102  }
   103  
   104  func (sys *checkmarxOneSystemMock) GetPresets() ([]checkmarxOne.Preset, error) {
   105  	return []checkmarxOne.Preset{}, nil
   106  }
   107  
   108  func (sys *checkmarxOneSystemMock) GetProjectByID(projectID string) (checkmarxOne.Project, error) {
   109  	return checkmarxOne.Project{}, nil
   110  }
   111  
   112  func (sys *checkmarxOneSystemMock) GetProjectsByName(projectName string) ([]checkmarxOne.Project, error) {
   113  	str := `[        
   114  		{
   115  			"id": "3cb99ae5-5245-4cf7-83aa-9b517b8c1c57",
   116  			"name": "ssba-github",
   117  			"createdAt": "2023-03-21T16:48:33.224554Z",
   118  			"updatedAt": "2023-03-21T16:48:33.224554Z",
   119  			"groups": [
   120  				"af361bd1-e478-40f6-a4fb-d479828d5998"
   121  			],
   122  			"tags": {},
   123  			"repoUrl": "",
   124  			"mainBranch": "",
   125  			"criticality": 3
   126  		},
   127  		{
   128  			"id": "3cb99ae5-5245-4cf7-83aa-9b517b8c1c58",
   129  			"name": "ssba-local",
   130  			"createdAt": "2023-03-21T16:48:33.224554Z",
   131  			"updatedAt": "2023-03-21T16:48:33.224554Z",
   132  			"groups": [
   133  				"af361bd1-e478-40f6-a4fb-d479828d5998"
   134  			],
   135  			"tags": {},
   136  			"repoUrl": "",
   137  			"mainBranch": "",
   138  			"criticality": 3
   139  		},
   140  		{
   141  			"id": "3cb99ae5-5245-4cf7-83aa-9b517b8c1c59",
   142  			"name": "ssba-zip",
   143  			"createdAt": "2023-03-21T16:48:33.224554Z",
   144  			"updatedAt": "2023-03-21T16:48:33.224554Z",
   145  			"groups": [
   146  				"af361bd1-e478-40f6-a4fb-d479828d5998"
   147  			],
   148  			"tags": {},
   149  			"repoUrl": "",
   150  			"mainBranch": "",
   151  			"criticality": 3
   152  		}
   153  	]`
   154  	projects := []checkmarxOne.Project{}
   155  	_ = json.Unmarshal([]byte(str), &projects)
   156  
   157  	return projects, nil
   158  }
   159  
   160  func (sys *checkmarxOneSystemMock) GetProjectsByNameAndGroup(projectName, groupID string) ([]checkmarxOne.Project, error) {
   161  	return []checkmarxOne.Project{}, nil
   162  }
   163  
   164  func (sys *checkmarxOneSystemMock) GetProjects() ([]checkmarxOne.Project, error) {
   165  	return []checkmarxOne.Project{}, nil
   166  }
   167  
   168  func (sys *checkmarxOneSystemMock) GetQueries() ([]checkmarxOne.Query, error) {
   169  	return []checkmarxOne.Query{}, nil
   170  }
   171  
   172  func (sys *checkmarxOneSystemMock) GetGroups() ([]checkmarxOne.Group, error) {
   173  	str := `
   174  	[
   175  		{
   176  			"id": "d857c923-cf53-48bc-bfe4-163f66ed7b39",
   177  			"name": "Group1"
   178  		},
   179  		{
   180  			"id": "a8009bce-c24f-4edc-a931-06eb91ace2f5",
   181  			"name": "Group2"
   182  		},
   183  		{
   184  			"id": "a9ef684c-a61b-4647-9c49-363efc3879d7",
   185  			"name": "01100035870000224721"
   186  		},
   187  		{
   188  			"id": "3078680e-d796-4607-8e96-0d658eff799a",
   189  			"name": "Group3"
   190  		}
   191  	]
   192  	`
   193  	groups := []checkmarxOne.Group{}
   194  	_ = json.Unmarshal([]byte(str), &groups)
   195  
   196  	return groups, nil
   197  }
   198  
   199  func (sys *checkmarxOneSystemMock) GetGroupByName(groupName string) (checkmarxOne.Group, error) {
   200  	groups, err := sys.GetGroups()
   201  	var group checkmarxOne.Group
   202  	if err != nil {
   203  		return group, err
   204  	}
   205  
   206  	for _, g := range groups {
   207  		if g.Name == groupName {
   208  			return g, nil
   209  		}
   210  	}
   211  
   212  	return group, errors.New(fmt.Sprintf("No group matching %v", groupName))
   213  }
   214  
   215  func (sys *checkmarxOneSystemMock) GetGroupByID(groupID string) (checkmarxOne.Group, error) {
   216  	return checkmarxOne.Group{}, nil
   217  }
   218  
   219  func (sys *checkmarxOneSystemMock) SetProjectBranch(projectID, branch string, allowOverride bool) error {
   220  	return nil
   221  }
   222  
   223  func (sys *checkmarxOneSystemMock) SetProjectPreset(projectID, presetName string, allowOverride bool) error {
   224  	return nil
   225  }
   226  
   227  func (sys *checkmarxOneSystemMock) SetProjectLanguageMode(projectID, languageMode string, allowOverride bool) error {
   228  	return nil
   229  }
   230  
   231  func (sys *checkmarxOneSystemMock) SetProjectFileFilter(projectID, filter string, allowOverride bool) error {
   232  	return nil
   233  }
   234  
   235  func (sys *checkmarxOneSystemMock) GetProjectConfiguration(projectID string) ([]checkmarxOne.ProjectConfigurationSetting, error) {
   236  	return []checkmarxOne.ProjectConfigurationSetting{}, nil
   237  }
   238  
   239  func (sys *checkmarxOneSystemMock) UpdateProjectConfiguration(projectID string, settings []checkmarxOne.ProjectConfigurationSetting) error {
   240  	return nil
   241  }
   242  
   243  func (sys *checkmarxOneSystemMock) GetVersion() (checkmarxOne.VersionInfo, error) {
   244  	return checkmarxOne.VersionInfo{}, nil
   245  }
   246  
   247  type checkmarxOneExecuteScanHelperMock struct {
   248  	ctx     context.Context
   249  	config  checkmarxOneExecuteScanOptions
   250  	sys     *checkmarxOne.SystemInstance
   251  	influx  *checkmarxOneExecuteScanInflux
   252  	utils   checkmarxOneExecuteScanUtils
   253  	Project *checkmarxOne.Project
   254  	Group   *checkmarxOne.Group
   255  	App     *checkmarxOne.Application
   256  	reports []piperutils.Path
   257  }
   258  
   259  func TestGetProjectByName(t *testing.T) {
   260  	t.Parallel()
   261  	sys := &checkmarxOneSystemMock{}
   262  	t.Run("project name not found", func(t *testing.T) {
   263  		t.Parallel()
   264  
   265  		options := checkmarxOneExecuteScanOptions{ProjectName: "ssba_notexist", VulnerabilityThresholdUnit: "absolute", FullScanCycle: "2", Incremental: true, FullScansScheduled: true, Preset: "CheckmarxDefault", GroupName: "TestGroup", VulnerabilityThresholdEnabled: true, GeneratePdfReport: true, APIKey: "testAPIKey", ServerURL: "testURL", IamURL: "testIamURL", Tenant: "testTenant"}
   266  
   267  		cx1sh := checkmarxOneExecuteScanHelper{nil, options, sys, nil, nil, nil, nil, nil, nil}
   268  
   269  		_, err := cx1sh.GetProjectByName()
   270  
   271  		assert.Contains(t, fmt.Sprint(err), "project not found")
   272  	})
   273  	t.Run("project name exists", func(t *testing.T) {
   274  		t.Parallel()
   275  
   276  		options := checkmarxOneExecuteScanOptions{ProjectName: "ssba-github", VulnerabilityThresholdUnit: "absolute", FullScanCycle: "2", Incremental: true, FullScansScheduled: true, Preset: "CheckmarxDefault", GroupName: "TestGroup", VulnerabilityThresholdEnabled: true, GeneratePdfReport: true, APIKey: "testAPIKey", ServerURL: "testURL", IamURL: "testIamURL", Tenant: "testTenant"}
   277  
   278  		cx1sh := checkmarxOneExecuteScanHelper{nil, options, sys, nil, nil, nil, nil, nil, nil}
   279  
   280  		project, err := cx1sh.GetProjectByName()
   281  		assert.NoError(t, err, "Error occurred but none expected")
   282  		assert.Equal(t, project.ProjectID, "3cb99ae5-5245-4cf7-83aa-9b517b8c1c57")
   283  		assert.Equal(t, project.Name, "ssba-github")
   284  		assert.Equal(t, project.Groups[0], "af361bd1-e478-40f6-a4fb-d479828d5998")
   285  	})
   286  }
   287  
   288  func TestGetGroup(t *testing.T) {
   289  	t.Parallel()
   290  
   291  	sys := &checkmarxOneSystemMock{}
   292  
   293  	t.Run("group ID and group name is not provided", func(t *testing.T) {
   294  		t.Parallel()
   295  
   296  		options := checkmarxOneExecuteScanOptions{ProjectName: "ssba", VulnerabilityThresholdUnit: "absolute", FullScanCycle: "2", Incremental: true, FullScansScheduled: true, Preset: "CheckmarxDefault" /*GroupName: "NotProvided",*/, VulnerabilityThresholdEnabled: true, GeneratePdfReport: true, APIKey: "testAPIKey", ServerURL: "testURL", IamURL: "testIamURL", Tenant: "testTenant"}
   297  
   298  		cx1sh := checkmarxOneExecuteScanHelper{nil, options, sys, nil, nil, nil, nil, nil, nil}
   299  		_, err := cx1sh.GetGroup()
   300  		assert.Contains(t, fmt.Sprint(err), "No group name specified in configuration")
   301  	})
   302  
   303  	t.Run("group name not found", func(t *testing.T) {
   304  		t.Parallel()
   305  
   306  		options := checkmarxOneExecuteScanOptions{ProjectName: "ssba", VulnerabilityThresholdUnit: "absolute", FullScanCycle: "2", Incremental: true, FullScansScheduled: true, Preset: "CheckmarxDefault", GroupName: "GroupNotExist", VulnerabilityThresholdEnabled: true, GeneratePdfReport: true, APIKey: "testAPIKey", ServerURL: "testURL", IamURL: "testIamURL", Tenant: "testTenant"}
   307  
   308  		cx1sh := checkmarxOneExecuteScanHelper{nil, options, sys, nil, nil, nil, nil, nil, nil}
   309  
   310  		_, err := cx1sh.GetGroup()
   311  		assert.Contains(t, fmt.Sprint(err), "Failed to get Checkmarx One group by Name GroupNotExist: No group matching GroupNotExist")
   312  	})
   313  
   314  	t.Run("group name exists", func(t *testing.T) {
   315  		t.Parallel()
   316  
   317  		options := checkmarxOneExecuteScanOptions{ProjectName: "ssba-github", VulnerabilityThresholdUnit: "absolute", FullScanCycle: "2", Incremental: true, FullScansScheduled: true, Preset: "CheckmarxDefault", GroupName: "Group2", VulnerabilityThresholdEnabled: true, GeneratePdfReport: true, APIKey: "testAPIKey", ServerURL: "testURL", IamURL: "testIamURL", Tenant: "testTenant"}
   318  
   319  		cx1sh := checkmarxOneExecuteScanHelper{nil, options, sys, nil, nil, nil, nil, nil, nil}
   320  
   321  		group, err := cx1sh.GetGroup()
   322  		assert.NoError(t, err, "Error occurred but none expected")
   323  		assert.Equal(t, group.GroupID, "a8009bce-c24f-4edc-a931-06eb91ace2f5")
   324  		assert.Equal(t, group.Name, "Group2")
   325  	})
   326  }