Acasă Explorează Ajutor
Autentificare
LBP
/
gitleaks
oglindă de https://github.com/gitleaks/gitleaks.git
4
0
Bifurcare 0
Fisiere Probleme 0 Wiki
Arbore: v8.23.1
Ramuri Etichete
gitleaks
/
report
/
sarif_test.go

sarif_test.go 1.8 KB
Permalink Istoric Crud

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182 
  1. package report
    2. 

  2. 

  3. import (
    4. 

  4. 	"os"
    5. 

  5. 	"path/filepath"
    6. 

  6. 	"testing"
    7. 

  7. 

  8. 	"github.com/zricethezav/gitleaks/v8/config"
    9. 

  9. 

  10. 	"github.com/stretchr/testify/assert"
    11. 

  11. 	"github.com/stretchr/testify/require"
    12. 

  12. )
    13. 

  13. 

  14. func TestWriteSarif(t *testing.T) {
    15. 

  15. 	tests := []struct {
    16. 

  16. 		findings       []Finding
    17. 

  17. 		testReportName string
    18. 

  18. 		expected       string
    19. 

  19. 		wantEmpty      bool
    20. 

  20. 		cfgName        string
    21. 

  21. 	}{
    22. 

  22. 		{
    23. 

  23. 			cfgName:        "simple",
    24. 

  24. 			testReportName: "simple",
    25. 

  25. 			expected:       filepath.Join(expectPath, "report", "sarif_simple.sarif"),
    26. 

  26. 			findings: []Finding{
    27. 

  27. 				{
    28. 

  28. 

  29. 					RuleID:      "test-rule",
    30. 

  30. 					Description: "A test rule",
    31. 

  31. 					Match:       "line containing secret",
    32. 

  32. 					Secret:      "a secret",
    33. 

  33. 					StartLine:   1,
    34. 

  34. 					EndLine:     2,
    35. 

  35. 					StartColumn: 1,
    36. 

  36. 					EndColumn:   2,
    37. 

  37. 					Message:     "opps",
    38. 

  38. 					File:        "auth.py",
    39. 

  39. 					Commit:      "0000000000000000",
    40. 

  40. 					Author:      "John Doe",
    41. 

  41. 					Email:       "johndoe@gmail.com",
    42. 

  42. 					Date:        "10-19-2003",
    43. 

  43. 					Tags:        []string{"tag1", "tag2", "tag3"},
    44. 

  44. 				},
    45. 

  45. 			}},
    46. 

  46. 	}
    47. 

  47. 

  48. 	for _, test := range tests {
    49. 

  49. 		t.Run(test.cfgName, func(t *testing.T) {
    50. 

  50. 			tmpfile, err := os.Create(filepath.Join(t.TempDir(), test.testReportName+".json"))
    51. 

  51. 			require.NoError(t, err)
    52. 

  52. 

  53. 			reporter := SarifReporter{
    54. 

  54. 				OrderedRules: []config.Rule{
    55. 

  55. 					{
    56. 

  56. 						RuleID:      "aws-access-key",
    57. 

  57. 						Description: "AWS Access Key",
    58. 

  58. 					},
    59. 

  59. 					{
    60. 

  60. 						RuleID:      "pypi",
    61. 

  61. 						Description: "PyPI upload token",
    62. 

  62. 					},
    63. 

  63. 				},
    64. 

  64. 			}
    65. 

  65. 			err = reporter.Write(tmpfile, test.findings)
    66. 

  66. 			require.NoError(t, err)
    67. 

  67. 			assert.FileExists(t, tmpfile.Name())
    68. 

  68. 

  69. 			got, err := os.ReadFile(tmpfile.Name())
    70. 

  70. 			require.NoError(t, err)
    71. 

  71. 

  72. 			if test.wantEmpty {
    73. 

  73. 				assert.Empty(t, got)
    74. 

  74. 				return
    75. 

  75. 			}
    76. 

  76. 

  77. 			want, err := os.ReadFile(test.expected)
    78. 

  78. 			require.NoError(t, err)
    79. 

  79. 			assert.Equal(t, string(want), string(got))
    80. 

  80. 		})
    81. 

  81. 	}
    82. 

  82. }
    83.