Skip to content

Commit

Permalink
Merge pull request #3188 from mercedes-benz/gha_feature-SecHub-GHA-Ad…
Browse files Browse the repository at this point in the history
…d-an-option-addScmHistory

add 'addScmHistory' flag to GitHub actions scan command #3146
  • Loading branch information
hamidonos authored Jun 5, 2024
2 parents e55e90f + 5050a96 commit 389c754
Show file tree
Hide file tree
Showing 4 changed files with 98 additions and 8 deletions.
3 changes: 1 addition & 2 deletions github-actions/scan/__test__/integrationtest.test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -88,9 +88,8 @@ function initInputMap() {
mockedInputMap.set(input.PARAM_SECHUB_SERVER_URL, `https://localhost:${integrationTestContext.serverPort}`);
mockedInputMap.set(input.PARAM_SECHUB_USER, `${integrationTestContext.serverUserId}`);
mockedInputMap.set(input.PARAM_API_TOKEN, `${integrationTestContext.serverApiToken}`);

mockedInputMap.set(input.PARAM_CLIENT_VERSION, 'latest');

mockedInputMap.set(input.PARAM_ADD_SCM_HISTORY, 'false');
mockedInputMap.set(input.PARAM_REPORT_FORMATS, 'json');
mockedInputMap.set(input.PARAM_TRUST_ALL, 'true'); // self signed certificate in test...
mockedInputMap.set(input.PARAM_FAIL_JOB_ON_FINDING, 'true');
Expand Down
94 changes: 89 additions & 5 deletions github-actions/scan/__test__/sechub-cli.test.ts
Original file line number Diff line number Diff line change
@@ -1,11 +1,96 @@
// SPDX-License-Identifier: MIT

import * as cli from '../src/sechub-cli';
import { scan } from '../src/sechub-cli';
import * as shell from 'shelljs';

jest.mock('@actions/core');

const output = `
WARNING: Configured to trust all - means unknown service certificate is accepted. Don't use this in production!
2024-03-08 13:58:18 (+01:00) Zipping folder: __test__/integrationtest/test-sources (/home/xyzgithub-actions/scan/__test__/integrationtest/test-sources)
2024-03-08 13:58:18 (+01:00) Creating new SecHub job: 6880e518-88db-406a-bc67-851933e7e5b7
2024-03-08 13:58:18 (+01:00) Uploading source zip file
2024-03-08 13:58:18 (+01:00) Approve sechub job
2024-03-08 13:58:18 (+01:00) Waiting for job 6880e518-88db-406a-bc67-851933e7e5b7 to be done
.
2024-03-08 13:58:20 (+01:00) Fetching result (format=json) for job 6880e518-88db-406a-bc67-851933e7e5b7
other
`;

jest.mock('shelljs', () => ({
exec: jest.fn(() => ({
code: 0,
stdout: output,
stderr: ''
}))
}));

beforeEach(() => {
jest.clearAllMocks();
});

describe('sechub-cli', function() {
it('extractJobUUID returns job uuid from sechub client output snippet', function () {


it('scan - return correct job id', function () {
/* prepare */
const context: any = {
clientExecutablePath: '/path/to/sechub-cli',
configFileLocation: '/path/to/config.json',
workspaceFolder: '/path/to/workspace',
inputData: {
addScmHistory: 'false'
}
};

/* execute */
scan(context);

/* test */
expect(context.lastClientExitCode).toEqual(0);
expect(context.jobUUID).toEqual('6880e518-88db-406a-bc67-851933e7e5b7');
});

it('scan - with addScmHistory flag true - executes SecHub client with -addScmHistory', function () {
/* prepare */
const context: any = {
clientExecutablePath: '/path/to/sechub-cli',
configFileLocation: '/path/to/config.json',
workspaceFolder: '/path/to/workspace',
inputData: {
addScmHistory: 'true'
}
};

/* execute */
scan(context);

/* test */
expect(shell.exec).toBeCalledTimes(1);
expect(shell.exec).toBeCalledWith('/path/to/sechub-cli -configfile /path/to/config.json -output /path/to/workspace -addScmHistory scan');
});

it('scan - with addScmHistory flag false - executes SecHub client without -addScmHistory', function () {
/* prepare */
const context: any = {
clientExecutablePath: '/path/to/sechub-cli',
configFileLocation: '/path/to/config.json',
workspaceFolder: '/path/to/workspace',
inputData: {
addScmHistory: 'false'
}
};

/* execute */
scan(context);

/* test */
expect(shell.exec).toBeCalledTimes(1);
expect(shell.exec).toBeCalledWith('/path/to/sechub-cli -configfile /path/to/config.json -output /path/to/workspace scan');
});

it('extractJobUUID - returns job uuid from sechub client output snippet', function () {

const output = `
WARNING: Configured to trust all - means unknown service certificate is accepted. Don't use this in production!
2024-03-08 13:58:18 (+01:00) Zipping folder: __test__/integrationtest/test-sources (/home/xyzgithub-actions/scan/__test__/integrationtest/test-sources)
Expand All @@ -25,7 +110,7 @@ describe('sechub-cli', function() {
expect(jobUUID).toEqual('6880e518-88db-406a-bc67-851933e7e5b7');
});

it('extractJobUUID returns job uuid from string with "job: xxxx"', function () {
it('extractJobUUID - returns job uuid from string with "job: xxxx"', function () {

const output = `
The uuid for job:1234
Expand All @@ -39,7 +124,7 @@ describe('sechub-cli', function() {
expect(jobUUID).toEqual('1234');
});

it('extractJobUUID returns empty string when no job id is available', function () {
it('extractJobUUID - returns empty string when no job id is available', function () {

const output = `
WARNING: Configured to trust all - means unknown service certificate is accepted. Don't use this in production!
Expand All @@ -55,5 +140,4 @@ describe('sechub-cli', function() {
/* test */
expect(jobUUID).toEqual('');
});

});
4 changes: 4 additions & 0 deletions github-actions/scan/src/github-input.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,7 @@ export const PARAM_API_TOKEN = 'api-token';
export const PARAM_SECHUB_USER = 'user';
export const PARAM_PROJECT_NAME = 'project-name';
export const PARAM_CLIENT_VERSION = 'version';
export const PARAM_ADD_SCM_HISTORY = 'add-scm-history';
export const PARAM_DEBUG = 'debug';
export const PARAM_INCLUDED_FOLDERS = 'include-folders';
export const PARAM_EXCLUDED_FOLDERS = 'exclude-folders';
Expand All @@ -25,6 +26,7 @@ export interface GitHubInputData {
user: string;
projectName: string;
sechubCLIVersion: string;
addScmHistory: string;
debug: string;
includeFolders: string;
excludeFolders: string;
Expand All @@ -43,6 +45,7 @@ export const INPUT_DATA_DEFAULTS: GitHubInputData = {
user: '',
projectName: '',
sechubCLIVersion: 'latest',
addScmHistory: 'false',
debug: '',
includeFolders: '',
excludeFolders: '',
Expand All @@ -62,6 +65,7 @@ export function resolveGitHubInputData(): GitHubInputData {
user: core.getInput(PARAM_SECHUB_USER),
projectName: core.getInput(PARAM_PROJECT_NAME),
sechubCLIVersion: core.getInput(PARAM_CLIENT_VERSION),
addScmHistory: core.getInput(PARAM_ADD_SCM_HISTORY),
debug: core.getInput(PARAM_DEBUG),
includeFolders: core.getInput(PARAM_INCLUDED_FOLDERS),
excludeFolders: core.getInput(PARAM_EXCLUDED_FOLDERS),
Expand Down
5 changes: 4 additions & 1 deletion github-actions/scan/src/sechub-cli.ts
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,10 @@ import * as core from '@actions/core';
* @param context launch context
*/
export function scan(context: LaunchContext) {
const shellCommand = `${context.clientExecutablePath} -configfile ${context.configFileLocation} -output ${context.workspaceFolder} scan`;
const addScmHistory = context.inputData.addScmHistory === 'true' ? '-addScmHistory' : '';
let shellCommand = `${context.clientExecutablePath} -configfile ${context.configFileLocation} -output ${context.workspaceFolder} ${addScmHistory} scan`;
// remove duplicate whitespaces caused by optional arguments
shellCommand = shellCommand.replace(/\s+/g, ' ');
core.debug(`scan shell command: ${shellCommand}`);

const shellString = shell.exec(shellCommand);
Expand Down

0 comments on commit 389c754

Please sign in to comment.