github.com/ouraigua/jenkins-library@v0.0.0-20231028010029-fbeaf2f3aa9b/test/groovy/SnykExecuteTest.groovy (about) 1 import static org.hamcrest.Matchers.hasEntry 2 import static org.hamcrest.Matchers.hasItem 3 import static org.hamcrest.Matchers.is 4 5 import org.junit.After 6 import org.junit.Before 7 import org.junit.Rule 8 import org.junit.Test 9 import org.junit.rules.RuleChain 10 import org.junit.rules.ExpectedException 11 import static org.junit.Assert.assertThat 12 13 import util.BasePiperTest 14 import util.JenkinsDockerExecuteRule 15 import util.JenkinsReadYamlRule 16 import util.JenkinsShellCallRule 17 import util.JenkinsStepRule 18 import util.JenkinsLoggingRule 19 import util.Rules 20 21 import com.sap.piper.Utils 22 import com.sap.piper.MapUtils 23 24 class SnykExecuteTest extends BasePiperTest { 25 private ExpectedException thrown = ExpectedException.none() 26 private JenkinsDockerExecuteRule dockerExecuteRule = new JenkinsDockerExecuteRule(this) 27 private JenkinsShellCallRule shellRule = new JenkinsShellCallRule(this) 28 private JenkinsLoggingRule loggingRule = new JenkinsLoggingRule(this) 29 private JenkinsStepRule stepRule = new JenkinsStepRule(this) 30 31 @Rule 32 public RuleChain ruleChain = Rules 33 .getCommonRules(this) 34 .around(new JenkinsReadYamlRule(this)) 35 .around(thrown) 36 .around(dockerExecuteRule) 37 .around(shellRule) 38 .around(loggingRule) 39 .around(stepRule) 40 41 def withCredentialsParameters 42 List archiveStepPatterns 43 44 @Before 45 void init() { 46 archiveStepPatterns = [] 47 nullScript.commonPipelineEnvironment.configuration = [ 48 steps: [ 49 snykExecute: [ 50 snykCredentialsId: 'myPassword' 51 ] 52 ] 53 ] 54 helper.registerAllowedMethod('string', [Map], { m -> withCredentialsParameters = m 55 return m }) 56 helper.registerAllowedMethod('withCredentials', [List, Closure], { l, c -> 57 binding.setProperty('token', 'test_snyk') 58 try { 59 c() 60 } finally { 61 binding.setProperty('token', null) 62 } 63 }) 64 helper.registerAllowedMethod("findFiles", [Map.class], { map -> 65 if (map.glob == "**${File.separator}pom.xml") 66 return [new File("some-service${File.separator}pom.xml"), new File("some-other-service${File.separator}pom.xml")].toArray() 67 if (map.glob == "**${File.separator}package.json") 68 return [new File("some-ui${File.separator}package.json"), new File("some-service-broker${File.separator}package.json")].toArray() 69 return [].toArray() 70 }) 71 helper.registerAllowedMethod('archiveArtifacts', [String], { 72 s -> archiveStepPatterns.push(s.toString()) 73 }) 74 75 Utils.metaClass.echo = { def m -> } 76 } 77 78 @After 79 public void tearDown() { 80 Utils.metaClass = null 81 } 82 83 @Test 84 void testUnsupportedScanType() throws Exception { 85 thrown.expect(hudson.AbortException) 86 thrown.expectMessage('[ERROR][snykExecute] ScanType \'seagul\' not supported!') 87 88 stepRule.step.snykExecute( 89 script: nullScript, 90 juStabUtils: utils, 91 scanType: 'seagul' 92 ) 93 } 94 95 @Test 96 void testDefaultsSettings() throws Exception { 97 stepRule.step.snykExecute( 98 script: nullScript, 99 juStabUtils: utils 100 ) 101 102 assertThat(withCredentialsParameters.credentialsId, is('myPassword')) 103 assertThat(dockerExecuteRule.dockerParams, hasEntry('dockerImage', 'node:lts-buster')) 104 assertThat(dockerExecuteRule.dockerParams.stashContent, hasItem('buildDescriptor')) 105 assertThat(dockerExecuteRule.dockerParams.stashContent, hasItem('opensourceConfiguration')) 106 } 107 108 @Test 109 void testDockerFromCustomStepConfiguration() { 110 111 def expectedImage = 'image:test' 112 def expectedEnvVars = ['SNYK_TOKEN':'', 'env1': 'value1', 'env2': 'value2'] 113 def expectedOptions = '--opt1=val1 --opt2=val2 --opt3' 114 def expectedWorkspace = '/path/to/workspace' 115 116 117 nullScript.commonPipelineEnvironment.configuration = MapUtils.merge( 118 nullScript.commonPipelineEnvironment.configuration, 119 [steps:[snykExecute:[ 120 dockerImage: expectedImage, 121 dockerOptions: expectedOptions, 122 dockerEnvVars: expectedEnvVars, 123 dockerWorkspace: expectedWorkspace 124 ]]]) 125 126 stepRule.step.snykExecute( 127 script: nullScript, 128 juStabUtils: utils 129 ) 130 131 assert expectedImage == dockerExecuteRule.dockerParams.dockerImage 132 assert expectedOptions == dockerExecuteRule.dockerParams.dockerOptions 133 assert expectedEnvVars.equals(dockerExecuteRule.dockerParams.dockerEnvVars) 134 assert expectedWorkspace == dockerExecuteRule.dockerParams.dockerWorkspace 135 } 136 137 @Test 138 void testScanTypeNpm() throws Exception { 139 stepRule.step.snykExecute( 140 script: nullScript, 141 juStabUtils: utils 142 ) 143 // asserts 144 assertThat(shellRule.shell, hasItem('npm install snyk --global --quiet')) 145 assertThat(shellRule.shell, hasItem('cd \'./\' && npm install --quiet')) 146 assertThat(shellRule.shell, hasItem('cd \'./\' && snyk monitor && snyk test')) 147 } 148 149 @Test 150 void testScanTypeNpmWithOrgAndJsonReport() throws Exception { 151 stepRule.step.snykExecute( 152 script: nullScript, 153 juStabUtils: utils, 154 snykOrg: 'myOrg', 155 toJson: true 156 ) 157 // asserts 158 assertThat(shellRule.shell, hasItem("cd './' && snyk monitor --org=myOrg && snyk test --json > snyk.json".toString())) 159 assertThat(archiveStepPatterns, hasItem('snyk.json')) 160 } 161 162 @Test 163 void testScanTypeMta() throws Exception { 164 stepRule.step.snykExecute( 165 script: nullScript, 166 juStabUtils: utils, 167 scanType: 'mta' 168 ) 169 // asserts 170 assertThat(shellRule.shell, hasItem("cd 'some-ui${File.separator}' && snyk monitor && snyk test".toString())) 171 assertThat(shellRule.shell, hasItem("cd 'some-service-broker${File.separator}' && snyk monitor && snyk test".toString())) 172 } 173 }