github.com/jaylevin/jenkins-library@v1.230.4/pkg/reporting/github_test.go (about) 1 package reporting 2 3 import ( 4 "fmt" 5 "testing" 6 7 piperGithub "github.com/SAP/jenkins-library/pkg/github" 8 "github.com/stretchr/testify/assert" 9 ) 10 11 type mockUploader struct { 12 issueOptions *piperGithub.CreateIssueOptions 13 uploadError error 14 } 15 16 func (m *mockUploader) CreateIssue(ghCreateIssueOptions *piperGithub.CreateIssueOptions) error { 17 m.issueOptions = ghCreateIssueOptions 18 return m.uploadError 19 } 20 21 type issueDetailMock struct { 22 vulnerabilityType string 23 vulnerabilityName string 24 libraryName string 25 vulnerabilitySeverity string 26 vulnerabilityScore float64 27 vulnerabilityCVSS3Score float64 28 } 29 30 func (idm issueDetailMock) Title() string { 31 return fmt.Sprintf("%v/%v/%v", idm.vulnerabilityType, idm.vulnerabilityName, idm.libraryName) 32 } 33 34 func (idm issueDetailMock) ToMarkdown() ([]byte, error) { 35 return []byte(fmt.Sprintf(`**Vulnerability %v** 36 | Severity | Package | Installed Version | Description | Fix Resolution | Link | 37 | --- | --- | --- | --- | --- | --- | 38 |%v|%v|%v|%v|%v|[%v](%v)| 39 `, idm.vulnerabilityName, idm.vulnerabilitySeverity, idm.libraryName, "", "", "", "", "")), nil 40 } 41 42 func (idm issueDetailMock) ToTxt() string { 43 return fmt.Sprintf(`Vulnerability %v 44 Severity: %v 45 Package: %v 46 Installed Version: %v 47 Description: %v 48 Fix Resolution: %v 49 Link: %v 50 `, idm.vulnerabilityName, idm.vulnerabilitySeverity, idm.libraryName, "", "", "", "") 51 } 52 53 func TestUploadSingleReportToGithub(t *testing.T) { 54 t.Parallel() 55 56 t.Run("success case", func(t *testing.T) { 57 t.Parallel() 58 testUploader := mockUploader{} 59 testData := struct { 60 scanReport ScanReport 61 token string 62 apiurl string 63 owner string 64 repository string 65 assignees []string 66 uploader Uploader 67 }{ 68 scanReport: ScanReport{ReportTitle: "testReportTitle"}, 69 token: "testToken", 70 apiurl: "testApiUrl", 71 owner: "testOwner", 72 repository: "testRepository", 73 assignees: []string{"testAssignee1", "testAssignee2"}, 74 uploader: &testUploader, 75 } 76 77 err := UploadSingleReportToGithub(testData.scanReport, testData.token, testData.apiurl, testData.owner, testData.repository, testData.assignees, testData.uploader) 78 79 assert.NoError(t, err) 80 81 assert.Equal(t, testData.token, testUploader.issueOptions.Token) 82 assert.Equal(t, testData.apiurl, testUploader.issueOptions.APIURL) 83 assert.Equal(t, testData.owner, testUploader.issueOptions.Owner) 84 assert.Equal(t, testData.repository, testUploader.issueOptions.Repository) 85 assert.Equal(t, testData.scanReport.ReportTitle, testUploader.issueOptions.Title) 86 assert.Contains(t, string(testUploader.issueOptions.Body), "testReportTitle") 87 assert.Equal(t, testData.assignees, testUploader.issueOptions.Assignees) 88 assert.True(t, testUploader.issueOptions.UpdateExisting) 89 }) 90 91 t.Run("error case", func(t *testing.T) { 92 t.Parallel() 93 testUploader := mockUploader{uploadError: fmt.Errorf("upload failed")} 94 var report IssueDetail 95 report = ScanReport{} 96 err := UploadSingleReportToGithub(report, "", "", "", "", []string{}, &testUploader) 97 98 assert.Contains(t, fmt.Sprint(err), "upload failed") 99 }) 100 } 101 102 func TestUploadMultipleReportsToGithub(t *testing.T) { 103 t.Parallel() 104 105 t.Run("success case", func(t *testing.T) { 106 t.Parallel() 107 testUploader := mockUploader{} 108 testData := struct { 109 reports []IssueDetail 110 token string 111 apiurl string 112 owner string 113 repository string 114 assignees []string 115 uploader Uploader 116 }{ 117 reports: []IssueDetail{issueDetailMock{vulnerabilityType: "SECURITY_VULNERABILITY", libraryName: "test-component", vulnerabilityName: "CVE-2022001", vulnerabilitySeverity: "MEDIUM", vulnerabilityScore: 5.3}}, 118 token: "testToken", 119 apiurl: "testApiUrl", 120 owner: "testOwner", 121 repository: "testRepository", 122 assignees: []string{"testAssignee1", "testAssignee2"}, 123 uploader: &testUploader, 124 } 125 126 err := UploadMultipleReportsToGithub(&testData.reports, testData.token, testData.apiurl, testData.owner, testData.repository, testData.assignees, []string{}, testData.uploader) 127 128 assert.NoError(t, err) 129 130 assert.Equal(t, testData.token, testUploader.issueOptions.Token) 131 assert.Equal(t, testData.apiurl, testUploader.issueOptions.APIURL) 132 assert.Equal(t, testData.owner, testUploader.issueOptions.Owner) 133 assert.Equal(t, testData.repository, testUploader.issueOptions.Repository) 134 assert.Equal(t, testData.reports[0].Title(), testUploader.issueOptions.Title) 135 assert.Contains(t, string(testUploader.issueOptions.Body), "CVE-2022001") 136 assert.Equal(t, testData.assignees, testUploader.issueOptions.Assignees) 137 assert.True(t, testUploader.issueOptions.UpdateExisting) 138 }) 139 140 t.Run("error case", func(t *testing.T) { 141 t.Parallel() 142 testUploader := mockUploader{uploadError: fmt.Errorf("upload failed")} 143 reports := []IssueDetail{issueDetailMock{vulnerabilityType: "SECURITY_VULNERABILITY", libraryName: "test-component", vulnerabilityName: "CVE-2022001", vulnerabilitySeverity: "MEDIUM", vulnerabilityScore: 5.3}} 144 err := UploadMultipleReportsToGithub(&reports, "", "", "", "", []string{}, []string{}, &testUploader) 145 146 assert.Contains(t, fmt.Sprint(err), "upload failed") 147 }) 148 }