Merge pull request #2 from violinist-dev/feat/integration-tests

Feat/integration tests
violinist-dev · Feb 2, 2019 · 58c809a · 58c809a
2 parents a7929c9 + 01ffdab
commit 58c809a
Show file tree

Hide file tree

Showing 10 changed files with 206 additions and 1 deletion.
diff --git a/.gitignore b/.gitignore
@@ -1,4 +1,5 @@
 .idea
 composer.lock
+!/tests/assets/projects/*/composer.lock
 vendor
 data
diff --git a/composer.json b/composer.json
@@ -12,6 +12,11 @@
       "Violinist\\SymfonyCloudSecurityChecker\\": "src"
     }
   },
+  "autoload-dev": {
+    "psr-4": {
+      "Violinist\\SymfonyCloudSecurityChecker\\Tests\\": "tests"
+    }
+  },
   "require": {
     "symfony/process": "^2.7 || ^3.0 || ^4.0"
   },

diff --git a/phpunit.xml.dist b/phpunit.xml.dist
@@ -12,6 +12,7 @@
     <testsuites>
         <testsuite name="Cloud checker Test Suite">
             <directory>tests/Unit</directory>
+            <directory>tests/Integration</directory>
         </testsuite>
     </testsuites>
     <logging>

diff --git a/src/SecurityChecker.php b/src/SecurityChecker.php
@@ -6,6 +6,9 @@
 
 class SecurityChecker
 {
+
+    protected $symfonyCommand = 'symfony';
+
     protected $processFactory;
 
     public function checkDirectory($dir)
@@ -21,7 +24,7 @@ public function checkDirectory($dir)
             $process = $this->getProcess($command);
             $process->run();
         }
-        $command = sprintf('symfony security:check --dir=%s --format=json', $dir);
+        $command = sprintf('%s security:check --dir=%s --format=json', $this->symfonyCommand, $dir);
         $process = $this->getProcess($command);
         $process->run();
         $string = $process->getOutput();

diff --git a/tests/Integration/IntegrationTest.php b/tests/Integration/IntegrationTest.php
@@ -0,0 +1,23 @@
+<?php
+
+namespace Violinist\SymfonyCloudSecurityChecker\Tests\Integration;
+
+use PHPUnit\Framework\TestCase;
+
+class IntegrationTest extends TestCase
+{
+    public function testInsecure()
+    {
+        $checker = new TestSecurityChecker();
+        $result = $checker->checkDirectory(__DIR__ . '/../assets/projects/unsecure');
+        $this->assertTrue(count($result) > 0);
+        $this->assertEquals('CVE-2010-4879', $result["dompdf/dompdf"]["advisories"][0]["cve"]);
+    }
+
+    public function testSecure()
+    {
+        $checker = new TestSecurityChecker();
+        $result = $checker->checkDirectory(__DIR__ . '/../assets/projects/secure');
+        $this->assertTrue(count($result) === 0);
+    }
+}
diff --git a/tests/Integration/TestSecurityChecker.php b/tests/Integration/TestSecurityChecker.php
@@ -0,0 +1,14 @@
+<?php
+
+namespace Violinist\SymfonyCloudSecurityChecker\Tests\Integration;
+
+use Violinist\SymfonyCloudSecurityChecker\SecurityChecker;
+
+class TestSecurityChecker extends SecurityChecker
+{
+    public function __construct()
+    {
+        $os = strtolower(PHP_OS);
+        $this->symfonyCommand = __DIR__ . '/../assets/bin/symfony-' . $os;
+    }
+}
diff --git a/tests/assets/bin/symfony-darwin b/tests/assets/bin/symfony-darwin
diff --git a/tests/assets/bin/symfony-linux b/tests/assets/bin/symfony-linux
diff --git a/tests/assets/projects/secure/composer.lock b/tests/assets/projects/secure/composer.lock
diff --git a/tests/assets/projects/unsecure/composer.lock b/tests/assets/projects/unsecure/composer.lock