github.com/jfrog/frogbot/v2@v2.21.0/utils/comment_test.go

github.com/jfrog/frogbot/v2@v2.21.0/utils/comment_test.go (about)

     1  package utils
     2  
     3  import (
     4  	"testing"
     5  
     6  	"github.com/jfrog/frogbot/v2/utils/outputwriter"
     7  	"github.com/jfrog/froggit-go/vcsclient"
     8  	"github.com/jfrog/jfrog-cli-core/v2/utils/coreutils"
     9  	"github.com/jfrog/jfrog-cli-security/formats"
    10  	"github.com/stretchr/testify/assert"
    11  )
    12  
    13  func TestGetFrogbotReviewComments(t *testing.T) {
    14  	writer := &outputwriter.StandardOutput{}
    15  	testCases := []struct {
    16  		name             string
    17  		existingComments []vcsclient.CommentInfo
    18  		expectedOutput   []vcsclient.CommentInfo
    19  	}{
    20  		{
    21  			name: "No frogbot comments",
    22  			existingComments: []vcsclient.CommentInfo{
    23  				{Content: outputwriter.FrogbotTitlePrefix},
    24  				{Content: "some comment text" + outputwriter.MarkdownComment("with hidden comment")},
    25  				{Content: outputwriter.CommentGeneratedByFrogbot},
    26  			},
    27  			expectedOutput: []vcsclient.CommentInfo{},
    28  		},
    29  		{
    30  			name: "With frogbot comments",
    31  			existingComments: []vcsclient.CommentInfo{
    32  				{Content: outputwriter.FrogbotTitlePrefix},
    33  				{Content: outputwriter.MarkdownComment(outputwriter.ReviewCommentId) + "A Frogbot review comment"},
    34  				{Content: "some comment text" + outputwriter.MarkdownComment("with hidden comment")},
    35  				{Content: outputwriter.ReviewCommentId},
    36  				{Content: outputwriter.CommentGeneratedByFrogbot},
    37  			},
    38  			expectedOutput: []vcsclient.CommentInfo{
    39  				{Content: outputwriter.MarkdownComment(outputwriter.ReviewCommentId) + "A Frogbot review comment"},
    40  				{Content: outputwriter.ReviewCommentId},
    41  			},
    42  		},
    43  	}
    44  	for _, tc := range testCases {
    45  		t.Run(tc.name, func(t *testing.T) {
    46  			output := getFrogbotComments(writer, tc.existingComments)
    47  			assert.ElementsMatch(t, tc.expectedOutput, output)
    48  		})
    49  	}
    50  }
    51  
    52  func TestGetNewReviewComments(t *testing.T) {
    53  	repo := &Repository{OutputWriter: &outputwriter.StandardOutput{}}
    54  	testCases := []struct {
    55  		name           string
    56  		issues         *IssuesCollection
    57  		expectedOutput []ReviewComment
    58  	}{
    59  		{
    60  			name: "No issues for review comments",
    61  			issues: &IssuesCollection{
    62  				Vulnerabilities: []formats.VulnerabilityOrViolationRow{
    63  					{
    64  						Summary:    "summary-2",
    65  						Applicable: "Applicable",
    66  						IssueId:    "XRAY-2",
    67  						ImpactedDependencyDetails: formats.ImpactedDependencyDetails{
    68  							SeverityDetails:        formats.SeverityDetails{Severity: "low"},
    69  							ImpactedDependencyName: "component-C",
    70  						},
    71  						Cves:       []formats.CveRow{{Id: "CVE-2023-4321"}},
    72  						Technology: coreutils.Npm,
    73  					},
    74  				},
    75  				Secrets: []formats.SourceCodeRow{
    76  					{
    77  						SeverityDetails: formats.SeverityDetails{
    78  							Severity:         "High",
    79  							SeverityNumValue: 13,
    80  						},
    81  						Finding: "Secret",
    82  						Location: formats.Location{
    83  							File:        "index.js",
    84  							StartLine:   5,
    85  							StartColumn: 6,
    86  							EndLine:     7,
    87  							EndColumn:   8,
    88  							Snippet:     "access token exposed",
    89  						},
    90  					},
    91  				},
    92  			},
    93  			expectedOutput: []ReviewComment{},
    94  		},
    95  		{
    96  			name: "With issues for review comments",
    97  			issues: &IssuesCollection{
    98  				Vulnerabilities: []formats.VulnerabilityOrViolationRow{
    99  					{
   100  						Summary:    "summary-2",
   101  						Applicable: "Applicable",
   102  						IssueId:    "XRAY-2",
   103  						ImpactedDependencyDetails: formats.ImpactedDependencyDetails{
   104  							SeverityDetails:        formats.SeverityDetails{Severity: "Low"},
   105  							ImpactedDependencyName: "component-C",
   106  						},
   107  						Cves:       []formats.CveRow{{Id: "CVE-2023-4321", Applicability: &formats.Applicability{Status: "Applicable", Evidence: []formats.Evidence{{Location: formats.Location{File: "file1", StartLine: 1, StartColumn: 10, EndLine: 2, EndColumn: 11, Snippet: "snippet"}}}}}},
   108  						Technology: coreutils.Npm,
   109  					},
   110  				},
   111  				Iacs: []formats.SourceCodeRow{
   112  					{
   113  						SeverityDetails: formats.SeverityDetails{
   114  							Severity:         "High",
   115  							SeverityNumValue: 13,
   116  						},
   117  						Finding: "Missing auto upgrade was detected",
   118  						Location: formats.Location{
   119  							File:        "file1",
   120  							StartLine:   1,
   121  							StartColumn: 10,
   122  							EndLine:     2,
   123  							EndColumn:   11,
   124  							Snippet:     "aws-violation",
   125  						},
   126  					},
   127  				},
   128  				Sast: []formats.SourceCodeRow{
   129  					{
   130  						SeverityDetails: formats.SeverityDetails{
   131  							Severity:         "High",
   132  							SeverityNumValue: 13,
   133  						},
   134  						Finding: "XSS Vulnerability",
   135  						Location: formats.Location{
   136  							File:        "file1",
   137  							StartLine:   1,
   138  							StartColumn: 10,
   139  							EndLine:     2,
   140  							EndColumn:   11,
   141  							Snippet:     "snippet",
   142  						},
   143  					},
   144  				},
   145  			},
   146  			expectedOutput: []ReviewComment{
   147  				{
   148  					Location: formats.Location{
   149  						File:        "file1",
   150  						StartLine:   1,
   151  						StartColumn: 10,
   152  						EndLine:     2,
   153  						EndColumn:   11,
   154  						Snippet:     "snippet",
   155  					},
   156  					Type: ApplicableComment,
   157  					CommentInfo: vcsclient.PullRequestComment{
   158  						CommentInfo: vcsclient.CommentInfo{
   159  							Content: outputwriter.GenerateReviewCommentContent(outputwriter.ApplicableCveReviewContent("Low", "", "", "CVE-2023-4321", "summary-2", "component-C:", "", repo.OutputWriter), repo.OutputWriter),
   160  						},
   161  						PullRequestDiff: vcsclient.PullRequestDiff{
   162  							OriginalFilePath:    "file1",
   163  							OriginalStartLine:   1,
   164  							OriginalStartColumn: 10,
   165  							OriginalEndLine:     2,
   166  							OriginalEndColumn:   11,
   167  							NewFilePath:         "file1",
   168  							NewStartLine:        1,
   169  							NewStartColumn:      10,
   170  							NewEndLine:          2,
   171  							NewEndColumn:        11,
   172  						},
   173  					},
   174  				},
   175  				{
   176  					Location: formats.Location{
   177  						File:        "file1",
   178  						StartLine:   1,
   179  						StartColumn: 10,
   180  						EndLine:     2,
   181  						EndColumn:   11,
   182  						Snippet:     "aws-violation",
   183  					},
   184  					Type: IacComment,
   185  					CommentInfo: vcsclient.PullRequestComment{
   186  						CommentInfo: vcsclient.CommentInfo{
   187  							Content: outputwriter.GenerateReviewCommentContent(outputwriter.IacReviewContent("High", "Missing auto upgrade was detected", "", repo.OutputWriter), repo.OutputWriter),
   188  						},
   189  						PullRequestDiff: vcsclient.PullRequestDiff{
   190  							OriginalFilePath:    "file1",
   191  							OriginalStartLine:   1,
   192  							OriginalStartColumn: 10,
   193  							OriginalEndLine:     2,
   194  							OriginalEndColumn:   11,
   195  							NewFilePath:         "file1",
   196  							NewStartLine:        1,
   197  							NewStartColumn:      10,
   198  							NewEndLine:          2,
   199  							NewEndColumn:        11,
   200  						},
   201  					},
   202  				},
   203  				{
   204  					Location: formats.Location{
   205  						File:        "file1",
   206  						StartLine:   1,
   207  						StartColumn: 10,
   208  						EndLine:     2,
   209  						EndColumn:   11,
   210  						Snippet:     "snippet",
   211  					},
   212  					Type: SastComment,
   213  					CommentInfo: vcsclient.PullRequestComment{
   214  						CommentInfo: vcsclient.CommentInfo{
   215  							Content: outputwriter.GenerateReviewCommentContent(outputwriter.SastReviewContent("High", "XSS Vulnerability", "", [][]formats.Location{}, repo.OutputWriter), repo.OutputWriter),
   216  						},
   217  						PullRequestDiff: vcsclient.PullRequestDiff{
   218  							OriginalFilePath:    "file1",
   219  							OriginalStartLine:   1,
   220  							OriginalStartColumn: 10,
   221  							OriginalEndLine:     2,
   222  							OriginalEndColumn:   11,
   223  							NewFilePath:         "file1",
   224  							NewStartLine:        1,
   225  							NewStartColumn:      10,
   226  							NewEndLine:          2,
   227  							NewEndColumn:        11,
   228  						},
   229  					},
   230  				},
   231  			},
   232  		},
   233  	}
   234  	for _, tc := range testCases {
   235  		t.Run(tc.name, func(t *testing.T) {
   236  			output := getNewReviewComments(repo, tc.issues)
   237  			assert.ElementsMatch(t, tc.expectedOutput, output)
   238  		})
   239  	}
   240  }