github.com/jfrog/frogbot/v2@v2.21.0/utils/comment_test.go (about) 1 package utils 2 3 import ( 4 "testing" 5 6 "github.com/jfrog/frogbot/v2/utils/outputwriter" 7 "github.com/jfrog/froggit-go/vcsclient" 8 "github.com/jfrog/jfrog-cli-core/v2/utils/coreutils" 9 "github.com/jfrog/jfrog-cli-security/formats" 10 "github.com/stretchr/testify/assert" 11 ) 12 13 func TestGetFrogbotReviewComments(t *testing.T) { 14 writer := &outputwriter.StandardOutput{} 15 testCases := []struct { 16 name string 17 existingComments []vcsclient.CommentInfo 18 expectedOutput []vcsclient.CommentInfo 19 }{ 20 { 21 name: "No frogbot comments", 22 existingComments: []vcsclient.CommentInfo{ 23 {Content: outputwriter.FrogbotTitlePrefix}, 24 {Content: "some comment text" + outputwriter.MarkdownComment("with hidden comment")}, 25 {Content: outputwriter.CommentGeneratedByFrogbot}, 26 }, 27 expectedOutput: []vcsclient.CommentInfo{}, 28 }, 29 { 30 name: "With frogbot comments", 31 existingComments: []vcsclient.CommentInfo{ 32 {Content: outputwriter.FrogbotTitlePrefix}, 33 {Content: outputwriter.MarkdownComment(outputwriter.ReviewCommentId) + "A Frogbot review comment"}, 34 {Content: "some comment text" + outputwriter.MarkdownComment("with hidden comment")}, 35 {Content: outputwriter.ReviewCommentId}, 36 {Content: outputwriter.CommentGeneratedByFrogbot}, 37 }, 38 expectedOutput: []vcsclient.CommentInfo{ 39 {Content: outputwriter.MarkdownComment(outputwriter.ReviewCommentId) + "A Frogbot review comment"}, 40 {Content: outputwriter.ReviewCommentId}, 41 }, 42 }, 43 } 44 for _, tc := range testCases { 45 t.Run(tc.name, func(t *testing.T) { 46 output := getFrogbotComments(writer, tc.existingComments) 47 assert.ElementsMatch(t, tc.expectedOutput, output) 48 }) 49 } 50 } 51 52 func TestGetNewReviewComments(t *testing.T) { 53 repo := &Repository{OutputWriter: &outputwriter.StandardOutput{}} 54 testCases := []struct { 55 name string 56 issues *IssuesCollection 57 expectedOutput []ReviewComment 58 }{ 59 { 60 name: "No issues for review comments", 61 issues: &IssuesCollection{ 62 Vulnerabilities: []formats.VulnerabilityOrViolationRow{ 63 { 64 Summary: "summary-2", 65 Applicable: "Applicable", 66 IssueId: "XRAY-2", 67 ImpactedDependencyDetails: formats.ImpactedDependencyDetails{ 68 SeverityDetails: formats.SeverityDetails{Severity: "low"}, 69 ImpactedDependencyName: "component-C", 70 }, 71 Cves: []formats.CveRow{{Id: "CVE-2023-4321"}}, 72 Technology: coreutils.Npm, 73 }, 74 }, 75 Secrets: []formats.SourceCodeRow{ 76 { 77 SeverityDetails: formats.SeverityDetails{ 78 Severity: "High", 79 SeverityNumValue: 13, 80 }, 81 Finding: "Secret", 82 Location: formats.Location{ 83 File: "index.js", 84 StartLine: 5, 85 StartColumn: 6, 86 EndLine: 7, 87 EndColumn: 8, 88 Snippet: "access token exposed", 89 }, 90 }, 91 }, 92 }, 93 expectedOutput: []ReviewComment{}, 94 }, 95 { 96 name: "With issues for review comments", 97 issues: &IssuesCollection{ 98 Vulnerabilities: []formats.VulnerabilityOrViolationRow{ 99 { 100 Summary: "summary-2", 101 Applicable: "Applicable", 102 IssueId: "XRAY-2", 103 ImpactedDependencyDetails: formats.ImpactedDependencyDetails{ 104 SeverityDetails: formats.SeverityDetails{Severity: "Low"}, 105 ImpactedDependencyName: "component-C", 106 }, 107 Cves: []formats.CveRow{{Id: "CVE-2023-4321", Applicability: &formats.Applicability{Status: "Applicable", Evidence: []formats.Evidence{{Location: formats.Location{File: "file1", StartLine: 1, StartColumn: 10, EndLine: 2, EndColumn: 11, Snippet: "snippet"}}}}}}, 108 Technology: coreutils.Npm, 109 }, 110 }, 111 Iacs: []formats.SourceCodeRow{ 112 { 113 SeverityDetails: formats.SeverityDetails{ 114 Severity: "High", 115 SeverityNumValue: 13, 116 }, 117 Finding: "Missing auto upgrade was detected", 118 Location: formats.Location{ 119 File: "file1", 120 StartLine: 1, 121 StartColumn: 10, 122 EndLine: 2, 123 EndColumn: 11, 124 Snippet: "aws-violation", 125 }, 126 }, 127 }, 128 Sast: []formats.SourceCodeRow{ 129 { 130 SeverityDetails: formats.SeverityDetails{ 131 Severity: "High", 132 SeverityNumValue: 13, 133 }, 134 Finding: "XSS Vulnerability", 135 Location: formats.Location{ 136 File: "file1", 137 StartLine: 1, 138 StartColumn: 10, 139 EndLine: 2, 140 EndColumn: 11, 141 Snippet: "snippet", 142 }, 143 }, 144 }, 145 }, 146 expectedOutput: []ReviewComment{ 147 { 148 Location: formats.Location{ 149 File: "file1", 150 StartLine: 1, 151 StartColumn: 10, 152 EndLine: 2, 153 EndColumn: 11, 154 Snippet: "snippet", 155 }, 156 Type: ApplicableComment, 157 CommentInfo: vcsclient.PullRequestComment{ 158 CommentInfo: vcsclient.CommentInfo{ 159 Content: outputwriter.GenerateReviewCommentContent(outputwriter.ApplicableCveReviewContent("Low", "", "", "CVE-2023-4321", "summary-2", "component-C:", "", repo.OutputWriter), repo.OutputWriter), 160 }, 161 PullRequestDiff: vcsclient.PullRequestDiff{ 162 OriginalFilePath: "file1", 163 OriginalStartLine: 1, 164 OriginalStartColumn: 10, 165 OriginalEndLine: 2, 166 OriginalEndColumn: 11, 167 NewFilePath: "file1", 168 NewStartLine: 1, 169 NewStartColumn: 10, 170 NewEndLine: 2, 171 NewEndColumn: 11, 172 }, 173 }, 174 }, 175 { 176 Location: formats.Location{ 177 File: "file1", 178 StartLine: 1, 179 StartColumn: 10, 180 EndLine: 2, 181 EndColumn: 11, 182 Snippet: "aws-violation", 183 }, 184 Type: IacComment, 185 CommentInfo: vcsclient.PullRequestComment{ 186 CommentInfo: vcsclient.CommentInfo{ 187 Content: outputwriter.GenerateReviewCommentContent(outputwriter.IacReviewContent("High", "Missing auto upgrade was detected", "", repo.OutputWriter), repo.OutputWriter), 188 }, 189 PullRequestDiff: vcsclient.PullRequestDiff{ 190 OriginalFilePath: "file1", 191 OriginalStartLine: 1, 192 OriginalStartColumn: 10, 193 OriginalEndLine: 2, 194 OriginalEndColumn: 11, 195 NewFilePath: "file1", 196 NewStartLine: 1, 197 NewStartColumn: 10, 198 NewEndLine: 2, 199 NewEndColumn: 11, 200 }, 201 }, 202 }, 203 { 204 Location: formats.Location{ 205 File: "file1", 206 StartLine: 1, 207 StartColumn: 10, 208 EndLine: 2, 209 EndColumn: 11, 210 Snippet: "snippet", 211 }, 212 Type: SastComment, 213 CommentInfo: vcsclient.PullRequestComment{ 214 CommentInfo: vcsclient.CommentInfo{ 215 Content: outputwriter.GenerateReviewCommentContent(outputwriter.SastReviewContent("High", "XSS Vulnerability", "", [][]formats.Location{}, repo.OutputWriter), repo.OutputWriter), 216 }, 217 PullRequestDiff: vcsclient.PullRequestDiff{ 218 OriginalFilePath: "file1", 219 OriginalStartLine: 1, 220 OriginalStartColumn: 10, 221 OriginalEndLine: 2, 222 OriginalEndColumn: 11, 223 NewFilePath: "file1", 224 NewStartLine: 1, 225 NewStartColumn: 10, 226 NewEndLine: 2, 227 NewEndColumn: 11, 228 }, 229 }, 230 }, 231 }, 232 }, 233 } 234 for _, tc := range testCases { 235 t.Run(tc.name, func(t *testing.T) { 236 output := getNewReviewComments(repo, tc.issues) 237 assert.ElementsMatch(t, tc.expectedOutput, output) 238 }) 239 } 240 }