-
Notifications
You must be signed in to change notification settings - Fork 79
/
Copy pathscanmultiplerepositories_test.go
142 lines (129 loc) · 8.97 KB
/
scanmultiplerepositories_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
package scanrepository
import (
"bytes"
"encoding/json"
"fmt"
"github.com/jfrog/jfrog-cli-security/utils/xsc"
"net/http"
"net/http/httptest"
"os"
"path/filepath"
"strings"
"testing"
"github.com/go-git/go-git/v5/plumbing"
"github.com/go-git/go-git/v5/plumbing/protocol/packp"
"github.com/go-git/go-git/v5/plumbing/protocol/packp/capability"
"github.com/jfrog/frogbot/v2/utils"
"github.com/jfrog/froggit-go/vcsclient"
"github.com/jfrog/froggit-go/vcsutils"
"github.com/stretchr/testify/assert"
)
var testScanMultipleRepositoriesConfigPath = filepath.Join("..", "testdata", "config", "frogbot-config-scan-multiple-repositories.yml")
var testRepositories = []string{"pip-repo", "npm-repo", "mvn-repo"}
func TestScanAndFixRepos(t *testing.T) {
serverParams, restoreEnv := utils.VerifyEnv(t)
defer restoreEnv()
_, restoreJfrogHomeFunc := utils.CreateTempJfrogHomeWithCallback(t)
defer restoreJfrogHomeFunc()
xrayVersion, xscVersion, err := xsc.GetJfrogServicesVersion(&serverParams)
assert.NoError(t, err)
baseWd, err := os.Getwd()
assert.NoError(t, err)
var port string
server := httptest.NewServer(createScanRepoGitHubHandler(t, &port, nil, testRepositories...))
defer server.Close()
port = server.URL[strings.LastIndex(server.URL, ":")+1:]
client, err := vcsclient.NewClientBuilder(vcsutils.GitHub).ApiEndpoint(server.URL).Token("123456").Build()
assert.NoError(t, err)
gitTestParams := utils.Git{
GitProvider: vcsutils.GitHub,
RepoOwner: "jfrog",
VcsInfo: vcsclient.VcsInfo{
Token: "123456",
APIEndpoint: server.URL,
},
}
configData, err := utils.ReadConfigFromFileSystem(testScanMultipleRepositoriesConfigPath)
assert.NoError(t, err)
testDir, cleanup := utils.CopyTestdataProjectsToTemp(t, "scanmultiplerepositories")
defer func() {
assert.NoError(t, os.Chdir(baseWd))
cleanup()
}()
utils.CreateDotGitWithCommit(t, testDir, port, testRepositories...)
configAggregator, err := utils.BuildRepoAggregator(xrayVersion, xscVersion, client, configData, &gitTestParams, &serverParams, utils.ScanMultipleRepositories)
assert.NoError(t, err)
var cmd = ScanMultipleRepositories{dryRun: true, dryRunRepoPath: testDir}
assert.NoError(t, cmd.Run(configAggregator, client, utils.MockHasConnection()))
}
func createScanRepoGitHubHandler(t *testing.T, port *string, response interface{}, projectNames ...string) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
for _, projectName := range projectNames {
if r.RequestURI == fmt.Sprintf("/%s/info/refs?service=git-upload-pack", projectName) {
hash := plumbing.NewHash("5e3021cf22da163f0d312d8fcf299abaa79726fb")
capabilities := capability.NewList()
assert.NoError(t, capabilities.Add(capability.SymRef, "HEAD:/refs/heads/master"))
ar := &packp.AdvRefs{
References: map[string]plumbing.Hash{
"refs/heads/master": plumbing.NewHash("5e3021cf22da163f0d312d8fcf299abaa79726fb"),
},
Head: &hash,
Capabilities: capabilities,
}
var buf bytes.Buffer
assert.NoError(t, ar.Encode(&buf))
_, err := w.Write(buf.Bytes())
assert.NoError(t, err)
w.WriteHeader(http.StatusOK)
return
}
if r.RequestURI == fmt.Sprintf("/repos/jfrog/%s/pulls", projectName) {
w.WriteHeader(http.StatusOK)
return
}
if r.RequestURI == fmt.Sprintf("/%s", projectName) {
file, err := os.ReadFile(fmt.Sprintf("%s.tar.gz", projectName))
assert.NoError(t, err)
_, err = w.Write(file)
assert.NoError(t, err)
return
}
if r.RequestURI == fmt.Sprintf("/repos/jfrog/%s/tarball/master", projectName) {
w.Header().Add("Location", fmt.Sprintf("http://127.0.0.1:%s/%s", *port, projectName))
w.WriteHeader(http.StatusFound)
_, err := w.Write([]byte{})
assert.NoError(t, err)
return
}
if r.RequestURI == fmt.Sprintf("/repos/jfrog/%s/commits?page=1&per_page=%d&sha=master", projectName, vcsutils.NumberOfCommitsToFetch) {
w.WriteHeader(http.StatusOK)
rawJson := "[\n {\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/commits/6dcb09b5b57875f334f61aebed695e2e4193db5e\",\n \"sha\": \"6dcb09b5b57875f334f61aebed695e2e4193db5e\",\n \"node_id\": \"MDY6Q29tbWl0NmRjYjA5YjViNTc4NzVmMzM0ZjYxYWViZWQ2OTVlMmU0MTkzZGI1ZQ==\",\n \"html_url\": \"https://github.com/octocat/Hello-World/commit/6dcb09b5b57875f334f61aebed695e2e4193db5e\",\n \"comments_url\": \"https://api.github.com/repos/octocat/Hello-World/commits/6dcb09b5b57875f334f61aebed695e2e4193db5e/comments\",\n \"commit\": {\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/git/commits/6dcb09b5b57875f334f61aebed695e2e4193db5e\",\n \"author\": {\n \"name\": \"Monalisa Octocat\",\n \"email\": \"support@github.com\",\n \"date\": \"2011-04-14T16:00:49Z\"\n },\n \"committer\": {\n \"name\": \"Monalisa Octocat\",\n \"email\": \"support@github.com\",\n \"date\": \"2011-04-14T16:00:49Z\"\n },\n \"message\": \"Fix all the bugs\",\n \"tree\": {\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/tree/6dcb09b5b57875f334f61aebed695e2e4193db5e\",\n \"sha\": \"6dcb09b5b57875f334f61aebed695e2e4193db5e\"\n },\n \"comment_count\": 0,\n \"verification\": {\n \"verified\": false,\n \"reason\": \"unsigned\",\n \"signature\": null,\n \"payload\": null\n }\n },\n \"author\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"committer\": {\n \"login\": \"octocat\",\n \"id\": 1,\n \"node_id\": \"MDQ6VXNlcjE=\",\n \"avatar_url\": \"https://github.com/images/error/octocat_happy.gif\",\n \"gravatar_id\": \"\",\n \"url\": \"https://api.github.com/users/octocat\",\n \"html_url\": \"https://github.com/octocat\",\n \"followers_url\": \"https://api.github.com/users/octocat/followers\",\n \"following_url\": \"https://api.github.com/users/octocat/following{/other_user}\",\n \"gists_url\": \"https://api.github.com/users/octocat/gists{/gist_id}\",\n \"starred_url\": \"https://api.github.com/users/octocat/starred{/owner}{/repo}\",\n \"subscriptions_url\": \"https://api.github.com/users/octocat/subscriptions\",\n \"organizations_url\": \"https://api.github.com/users/octocat/orgs\",\n \"repos_url\": \"https://api.github.com/users/octocat/repos\",\n \"events_url\": \"https://api.github.com/users/octocat/events{/privacy}\",\n \"received_events_url\": \"https://api.github.com/users/octocat/received_events\",\n \"type\": \"User\",\n \"site_admin\": false\n },\n \"parents\": [\n {\n \"url\": \"https://api.github.com/repos/octocat/Hello-World/commits/6dcb09b5b57875f334f61aebed695e2e4193db5e\",\n \"sha\": \"6dcb09b5b57875f334f61aebed695e2e4193db5e\"\n }\n ]\n }\n]"
b := []byte(rawJson)
_, err := w.Write(b)
assert.NoError(t, err)
return
}
if r.RequestURI == fmt.Sprintf("/repos/jfrog/%v/code-scanning/sarifs", projectName) {
w.WriteHeader(http.StatusAccepted)
rawJson := "{\n \"id\": \"47177e22-5596-11eb-80a1-c1e54ef945c6\",\n \"url\": \"https://api.github.com/repos/octocat/hello-world/code-scanning/sarifs/47177e22-5596-11eb-80a1-c1e54ef945c6\"\n}"
b := []byte(rawJson)
_, err := w.Write(b)
assert.NoError(t, err)
return
}
if r.RequestURI == fmt.Sprintf("/repos/jfrog/%s/pulls?state=open", projectName) {
jsonResponse, err := json.Marshal(response)
assert.NoError(t, err)
_, err = w.Write(jsonResponse)
assert.NoError(t, err)
return
}
if r.RequestURI == fmt.Sprintf("/repos/jfrog/%s", projectName) {
jsonResponse := `{"id": 1296269,"node_id": "MDEwOlJlcG9zaXRvcnkxMjk2MjY5","name": "Hello-World","full_name": "octocat/Hello-World","private": false,"description": "This your first repo!","ssh_url": "git@github.com:octocat/Hello-World.git","clone_url": "https://github.com/octocat/Hello-World.git","visibility": "public"}`
_, err := w.Write([]byte(jsonResponse))
assert.NoError(t, err)
return
}
}
}
}