Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improved Test Structure and Tests in DefectDojo Hook #600

Merged
merged 8 commits into from
Aug 20, 2021
Merged

Improved Test Structure and Tests in DefectDojo Hook #600

merged 8 commits into from
Aug 20, 2021

Conversation

JohannesZahn
Copy link
Contributor

@JohannesZahn JohannesZahn commented Aug 18, 2021
edited

Description

The Mapper converting SecureCodeBox to DefectDojo Findings accepted and returned JSON Strings and could therefore not easily be tested. Now the Mapper only Converts secureCodeBox Findings Objects to defectDojo Findings Objects. There were previously some tests for this mapping but they were enhanced by seperating tests for mapping dates, descriptions and basic fields.

A Test Class for the ScanResultService (which returns the ScanResults that are passed to DefectDojo) was introduced that is now resposible for testing that the assembled scan results that will be uploaded to defectDojo are processed correctly.

Furthermore the PersistenceConfig now features a field to specify a Timezone for parsing dates instead of using the default timezone on a machine. Therefore the timezone can be set in the unit tests to ensure they produce the same results regardles of the location

Checklist

  • Test your changes as thoroughly as possible before you commit them. Preferably, automate your test by unit/integration tests.
  • Make sure npm test runs for the whole project.
  • Make codeclimate checks happy

@JohannesZahn
improve test structure and tests
a6caad2 
Signed-off-by: Johannes Zahn <johannes.zahn@iteratec.com>
@JohannesZahn JohannesZahn added hook Implement or update a hook defectdojo All issues regarding the DefectDojo Integration labels Aug 18, 2021
@JohannesZahn JohannesZahn self-assigned this Aug 18, 2021
@JohannesZahn JohannesZahn added this to In progress in secureCodeBox v3 via automation Aug 18, 2021
@JohannesZahn
add timezone independece, introduce ScanResult factory
e918d3d 
Signed-off-by: Johannes Zahn <johannes.zahn@iteratec.com>
@JohannesZahn
rename package, refactor some methods
5a3c9aa 
Signed-off-by: Johannes Zahn <johannes.zahn@iteratec.com>
@JohannesZahn
add comments
5b5cdcd 
Signed-off-by: Johannes Zahn <johannes.zahn@iteratec.com>
@JohannesZahn JohannesZahn marked this pull request as ready for review August 19, 2021 08:09
@JohannesZahn JohannesZahn mentioned this pull request Aug 19, 2021
Closed
3 tasks
@JohannesZahn
fix windows tests by adding uniform linefeed to jackson printer
9e2eefe 
Signed-off-by: Johannes Zahn <johannes.zahn@iteratec.com>
@JohannesZahn
replace jsonassert with jackson json node comparison
7e6783b 
Signed-off-by: Johannes Zahn <johannes.zahn@iteratec.com>
@JohannesZahn
Copy link
Contributor Author

@J12934 this is ready for review, however one check does not complete, I tried re-running all jobs but it didn't seem to help.

J12934
J12934 previously approved these changes Aug 20, 2021
View reviewed changes
Copy link
Member

@J12934 J12934 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good 👍

Added some minor suggestions to log lines which might be a bit confusing without punctuation.

...ain/java/io/securecodebox/persistence/service/scanresult/GenericParserScanResultService.java Outdated Show resolved Hide resolved
...in/java/io/securecodebox/persistence/service/scanresult/SpecificParserScanResultService.java Outdated Show resolved Hide resolved
secureCodeBox v3 automation moved this from In progress to Reviewer approved Aug 20, 2021
secureCodeBox v3 automation moved this from Reviewer approved to To Review Aug 20, 2021
JohannesZahn and others added 2 commits August 20, 2021 12:35
@JohannesZahn @J12934
Update hooks/persistence-defectdojo/hook/src/main/java/io/securecodeb…
ba55ae3 
…ox/persistence/service/scanresult/GenericParserScanResultService.java

Co-authored-by: Jannik Hollenbach <jannik.hollenbach@iteratec.com>
Signed-off-by: Johannes Zahn <johannes.zahn@iteratec.com>
@JohannesZahn @J12934
Update hooks/persistence-defectdojo/hook/src/main/java/io/securecodeb…
6921b35 
…ox/persistence/service/scanresult/SpecificParserScanResultService.java

Co-authored-by: Jannik Hollenbach <jannik.hollenbach@iteratec.com>
Signed-off-by: Johannes Zahn <johannes.zahn@iteratec.com>
@JohannesZahn JohannesZahn force-pushed the maintenance/enhance-dd-hook-tests branch from c8ad75f to 6921b35 Compare August 20, 2021 10:35
@JohannesZahn
Copy link
Contributor Author

I commited your suggestions @J12934 :)

secureCodeBox v3 automation moved this from To Review to Reviewer approved Aug 20, 2021
@J12934 J12934 merged commit 9000a41 into main Aug 20, 2021
@J12934 J12934 deleted the maintenance/enhance-dd-hook-tests branch August 20, 2021 11:31
secureCodeBox v3 automation moved this from Reviewer approved to Done Aug 20, 2021
@JohannesZahn JohannesZahn moved this from Done to counter in secureCodeBox v3 Sep 3, 2021
@snyk-bot snyk-bot mentioned this pull request Sep 27, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@J12934 J12934 J12934 approved these changes

Assignees

@JohannesZahn JohannesZahn

Labels
defectdojo All issues regarding the DefectDojo Integration hook Implement or update a hook
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@JohannesZahn @J12934