-
Notifications
You must be signed in to change notification settings - Fork 190
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
toolsconfig: create tests and rename public objects
Previously the toolsconfig package does not have any unit tests and the public functions and types was a bit confused, since two types was exported to represents the same "thing". This commit implements the tests to cover scenarios of toolsconfig parsing. This commit also rename ToolsConfigStruct to toolsConfig and also made private, since this struct is only used as schema to parse the values and only the Map type is used by other packages. The Map and Config struct was also renamed to don't be repetitive on names. The function ParseInterfaceToMapToolsConfig was also renamed to MustParseToolsConfig to follow the Go standards of functions that can cause errors that will be not returned. The signature was also changed to avoid bugs when accepting an empty interface{}, since the viper will always return a map[string]interface{} when we get the tools config from config file, this function does not need to accept an empty interface. A new function Default was also created to return the default values from tools config. Updates #718 Signed-off-by: Matheus Alcantara <matheus.alcantara@zup.com.br>
- Loading branch information
1 parent
77afb54
commit c5060d0
Showing
26 changed files
with
353 additions
and
121 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,141 @@ | ||
// Copyright 2021 ZUP IT SERVICOS EM TECNOLOGIA E INOVACAO SA | ||
// | ||
// Licensed under the Apache License, Version 2.0 (the "License"); | ||
// you may not use this file except in compliance with the License. | ||
// You may obtain a copy of the License at | ||
// | ||
// http://www.apache.org/licenses/LICENSE-2.0 | ||
// | ||
// Unless required by applicable law or agreed to in writing, software | ||
// distributed under the License is distributed on an "AS IS" BASIS, | ||
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
// See the License for the specific language governing permissions and | ||
// limitations under the License. | ||
|
||
package toolsconfig | ||
|
||
import ( | ||
"bytes" | ||
"testing" | ||
|
||
"github.com/ZupIT/horusec-devkit/pkg/enums/tools" | ||
"github.com/ZupIT/horusec-devkit/pkg/utils/logger" | ||
"github.com/ZupIT/horusec/internal/helpers/messages" | ||
"github.com/stretchr/testify/assert" | ||
) | ||
|
||
func TestDefaultValues(t *testing.T) { | ||
cfg := Default() | ||
|
||
tools := tools.Values() | ||
|
||
assert.Len(t, cfg, len(tools), "Expected all tools on default values") | ||
|
||
for tool, cfg := range cfg { | ||
assert.Contains(t, tools, tool, "Tool %s is invalid", tool) | ||
assert.False(t, cfg.IsToIgnore, "Expected default value as false to IsToIgnore") | ||
} | ||
} | ||
|
||
func TestParseToolsConfig(t *testing.T) { | ||
testcases := []struct { | ||
name string | ||
input map[string]interface{} | ||
expected ToolsConfig | ||
output string | ||
}{ | ||
{ | ||
name: "Should parse values incomplete correctly and return all tools", | ||
input: map[string]interface{}{ | ||
"bandit": map[string]bool{ | ||
"istoignore": false, | ||
}, | ||
"gosec": map[string]bool{ | ||
"istoignore": true, | ||
}, | ||
}, | ||
expected: ToolsConfig{ | ||
tools.Bandit: Config{false}, | ||
tools.BundlerAudit: Config{false}, | ||
tools.Brakeman: Config{false}, | ||
tools.Checkov: Config{false}, | ||
tools.Flawfinder: Config{false}, | ||
tools.GitLeaks: Config{false}, | ||
tools.GoSec: Config{true}, | ||
tools.HorusecEngine: Config{false}, | ||
tools.MixAudit: Config{false}, | ||
tools.NpmAudit: Config{false}, | ||
tools.PhpCS: Config{false}, | ||
tools.Safety: Config{false}, | ||
tools.SecurityCodeScan: Config{false}, | ||
tools.Semgrep: Config{false}, | ||
tools.ShellCheck: Config{false}, | ||
tools.Sobelow: Config{false}, | ||
tools.TfSec: Config{false}, | ||
tools.YarnAudit: Config{false}, | ||
tools.OwaspDependencyCheck: Config{false}, | ||
tools.DotnetCli: Config{false}, | ||
tools.Nancy: Config{false}, | ||
tools.Trivy: Config{false}, | ||
}, | ||
}, | ||
{ | ||
name: "Should error on invalid configuration and use default values", | ||
input: map[string]interface{}{ | ||
"gosec": map[string]string{ | ||
"istoigore": "invalid data type", | ||
}, | ||
"bandit": "invalid type", | ||
}, | ||
expected: Default(), | ||
output: messages.MsgErrorParseStringToToolsConfig, | ||
}, | ||
{ | ||
name: "Should parse using lower and upper case", | ||
input: map[string]interface{}{ | ||
"trivy": map[string]bool{ | ||
"istoignore": true, | ||
}, | ||
"HorusecEngine": map[string]bool{ | ||
"istoignore": true, | ||
}, | ||
}, | ||
expected: ToolsConfig{ | ||
tools.Bandit: Config{false}, | ||
tools.BundlerAudit: Config{false}, | ||
tools.Brakeman: Config{false}, | ||
tools.Checkov: Config{false}, | ||
tools.Flawfinder: Config{false}, | ||
tools.GitLeaks: Config{false}, | ||
tools.GoSec: Config{false}, | ||
tools.HorusecEngine: Config{true}, | ||
tools.MixAudit: Config{false}, | ||
tools.NpmAudit: Config{false}, | ||
tools.PhpCS: Config{false}, | ||
tools.Safety: Config{false}, | ||
tools.SecurityCodeScan: Config{false}, | ||
tools.Semgrep: Config{false}, | ||
tools.ShellCheck: Config{false}, | ||
tools.Sobelow: Config{false}, | ||
tools.TfSec: Config{false}, | ||
tools.YarnAudit: Config{false}, | ||
tools.OwaspDependencyCheck: Config{false}, | ||
tools.DotnetCli: Config{false}, | ||
tools.Nancy: Config{false}, | ||
tools.Trivy: Config{true}, | ||
}, | ||
}, | ||
} | ||
|
||
output := bytes.NewBufferString("") | ||
logger.LogSetOutput(output) | ||
|
||
for _, tt := range testcases { | ||
t.Run(tt.name, func(t *testing.T) { | ||
config := MustParseToolsConfig(tt.input) | ||
|
||
assert.Equal(t, tt.expected, config) | ||
assert.Contains(t, output.String(), tt.output) | ||
}) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.