github.com/ouraigua/jenkins-library@v0.0.0-20231028010029-fbeaf2f3aa9b/pkg/codeql/codeql_test.go (about) 1 //go:build unit 2 // +build unit 3 4 package codeql 5 6 import ( 7 "context" 8 "errors" 9 "testing" 10 11 "github.com/google/go-github/v45/github" 12 "github.com/stretchr/testify/assert" 13 ) 14 15 type githubCodeqlScanningMock struct { 16 } 17 18 func (g *githubCodeqlScanningMock) ListAlertsForRepo(ctx context.Context, owner, repo string, opts *github.AlertListOptions) ([]*github.Alert, *github.Response, error) { 19 openState := "open" 20 dismissedState := "dismissed" 21 alerts := []*github.Alert{} 22 response := github.Response{} 23 codeqlToolName := "CodeQL" 24 testToolName := "Test" 25 26 if repo == "testRepo1" { 27 alerts = append(alerts, &github.Alert{State: &openState, Tool: &github.Tool{Name: &codeqlToolName}}) 28 alerts = append(alerts, &github.Alert{State: &openState, Tool: &github.Tool{Name: &codeqlToolName}}) 29 alerts = append(alerts, &github.Alert{State: &dismissedState, Tool: &github.Tool{Name: &codeqlToolName}}) 30 alerts = append(alerts, &github.Alert{State: &dismissedState, Tool: &github.Tool{Name: &testToolName}}) 31 response.NextPage = 0 32 } 33 34 if repo == "testRepo2" { 35 if opts.Page == 1 { 36 for i := 0; i < 50; i++ { 37 alerts = append(alerts, &github.Alert{State: &openState, Tool: &github.Tool{Name: &codeqlToolName}}) 38 } 39 for i := 0; i < 50; i++ { 40 alerts = append(alerts, &github.Alert{State: &dismissedState, Tool: &github.Tool{Name: &codeqlToolName}}) 41 } 42 response.NextPage = 2 43 } 44 45 if opts.Page == 2 { 46 for i := 0; i < 10; i++ { 47 alerts = append(alerts, &github.Alert{State: &openState, Tool: &github.Tool{Name: &codeqlToolName}}) 48 } 49 for i := 0; i < 30; i++ { 50 alerts = append(alerts, &github.Alert{State: &dismissedState, Tool: &github.Tool{Name: &codeqlToolName}}) 51 } 52 response.NextPage = 0 53 } 54 } 55 56 return alerts, &response, nil 57 } 58 59 type githubCodeqlScanningErrorMock struct { 60 } 61 62 func (g *githubCodeqlScanningErrorMock) ListAlertsForRepo(ctx context.Context, owner, repo string, opts *github.AlertListOptions) ([]*github.Alert, *github.Response, error) { 63 return []*github.Alert{}, nil, errors.New("Some error") 64 } 65 66 func TestGetVulnerabilitiesFromClient(t *testing.T) { 67 ctx := context.Background() 68 t.Parallel() 69 t.Run("Success", func(t *testing.T) { 70 ghCodeqlScanningMock := githubCodeqlScanningMock{} 71 codeqlScanAuditInstance := NewCodeqlScanAuditInstance("", "", "testRepo1", "", []string{}) 72 codeScanning, err := getVulnerabilitiesFromClient(ctx, &ghCodeqlScanningMock, "ref", &codeqlScanAuditInstance) 73 assert.NoError(t, err) 74 assert.NotEmpty(t, codeScanning) 75 assert.Equal(t, 1, len(codeScanning)) 76 assert.Equal(t, 3, codeScanning[0].Total) 77 assert.Equal(t, 1, codeScanning[0].Audited) 78 }) 79 80 t.Run("Success with pagination results", func(t *testing.T) { 81 ghCodeqlScanningMock := githubCodeqlScanningMock{} 82 codeqlScanAuditInstance := NewCodeqlScanAuditInstance("", "", "testRepo2", "", []string{}) 83 codeScanning, err := getVulnerabilitiesFromClient(ctx, &ghCodeqlScanningMock, "ref", &codeqlScanAuditInstance) 84 assert.NoError(t, err) 85 assert.NotEmpty(t, codeScanning) 86 assert.Equal(t, 1, len(codeScanning)) 87 assert.Equal(t, 140, codeScanning[0].Total) 88 assert.Equal(t, 80, codeScanning[0].Audited) 89 }) 90 91 t.Run("Error", func(t *testing.T) { 92 ghCodeqlScanningErrorMock := githubCodeqlScanningErrorMock{} 93 codeqlScanAuditInstance := NewCodeqlScanAuditInstance("", "", "", "", []string{}) 94 _, err := getVulnerabilitiesFromClient(ctx, &ghCodeqlScanningErrorMock, "ref", &codeqlScanAuditInstance) 95 assert.Error(t, err) 96 }) 97 } 98 99 func TestGetApiUrl(t *testing.T) { 100 t.Run("public url", func(t *testing.T) { 101 assert.Equal(t, "https://api.github.com", getApiUrl("https://github.com")) 102 }) 103 104 t.Run("enterprise github url", func(t *testing.T) { 105 assert.Equal(t, "https://github.test.org/api/v3", getApiUrl("https://github.test.org")) 106 }) 107 }