Added upload assert to integration tests #2438

- the bug was already fixed in former commits - the files are all fetched by "sechub_report_*.*" and the integration tests check other formats are in filesystem available
mercedes-benz · Mar 20, 2024 · 403f14c · 403f14c
1 parent e0e3ae2
commit 403f14c
Show file tree

Hide file tree

Showing 2 changed files with 44 additions and 7 deletions.
diff --git a/github-actions/scan/__test__/integrationtest.test.ts b/github-actions/scan/__test__/integrationtest.test.ts
@@ -1,6 +1,6 @@
 // SPDX-License-Identifier: MIT
 
-import { create } from '@actions/artifact';
+import { ArtifactClient, create } from '@actions/artifact';
 import { debug, error, getInput, info, isDebug, warning, setFailed } from '@actions/core';
 import * as shell from 'shelljs';
 import { getWorkspaceDir } from '../src/fs-helper';
@@ -10,7 +10,7 @@ import * as launcher from '../src/launcher';
 import { LaunchContext } from '../src/launcher';
 import { IntegrationTestContext } from './integrationtest/testframework';
 import * as fs from 'fs';
-
+import { uploadArtifact } from '../src/post-scan';
 jest.mock('@actions/core');
 jest.mock('@actions/artifact');
 
@@ -40,6 +40,8 @@ integrationTestContext.finish();
 
 const mockedInputMap = new Map();
 
+var mockedUploadFunction: jest.Mock;
+
 beforeEach(() => {
 
     shell.echo('----------------------------------------------------------------------------------------------------------------------------------');
@@ -71,9 +73,11 @@ beforeEach(() => {
     });
 
     (create as jest.Mock).mockName('artifactClient');
+
+    mockedUploadFunction = jest.fn();
     (create as jest.Mock).mockImplementation(() => {
         return {
-            'uploadArtifact': jest.fn(),
+            'uploadArtifact': mockedUploadFunction,
         };
     });
 });
@@ -109,6 +113,7 @@ describe('integrationtest codescan generated config', () => {
         assertTrafficLight(result, 'GREEN');
         assertActionIsNotMarkedAsFailed();
         assertJsonReportContains(result, 'result-green');
+        assertUploadDone();
 
     });
     test('codescan yellow', async () => {
@@ -126,7 +131,7 @@ describe('integrationtest codescan generated config', () => {
         assertActionIsNotMarkedAsFailed();
         assertTrafficLight(result, 'YELLOW');
         assertJsonReportContains(result, 'result-yellow');
-
+        assertUploadDone();
     });
 
     test('codescan red', async () => {
@@ -144,6 +149,7 @@ describe('integrationtest codescan generated config', () => {
         assertTrafficLight(result, 'RED');
         assertActionIsMarkedAsFailed();
         assertJsonReportContains(result, 'result-red');
+        assertUploadDone();
     });
     test('codescan red - fail-job-with-findings=false', async () => {
 
@@ -161,6 +167,7 @@ describe('integrationtest codescan generated config', () => {
         assertTrafficLight(result, 'RED');
         assertActionIsNotMarkedAsFailed(); // important: exit code 1 but action is NOT marked as failed because fail-job-with-findings=false
         assertJsonReportContains(result, 'result-red');
+        assertUploadDone();
     });
 
 });
@@ -182,9 +189,10 @@ describe('integrationtest secretscan generated config', () => {
         assertLastClientExitCode(result, 0);
         assertActionIsNotMarkedAsFailed();
         assertJsonReportContains(result, 'generic-api-key has detected secret for file UnSAFE_Bank/Backend/docker-compose.yml');
+        assertUploadDone();
 
     });
-    test('secretscan yellow, html', async () => {
+    test('secretscan yellow, html only', async () => {
 
         /* prepare */
         initInputMap();
@@ -201,6 +209,29 @@ describe('integrationtest secretscan generated config', () => {
         assertLastClientExitCode(result, 0);
         assertActionIsNotMarkedAsFailed();
         assertJsonReportContains(result, 'generic-api-key has detected secret for file UnSAFE_Bank/Backend/docker-compose.yml');
+        assertUploadDone();
+
+        loadHTMLReportAndAssertItContains(result, 'generic-api-key has detected secret for file UnSAFE_Bank/Backend/docker-compose.yml');
+
+    });
+    test('secretscan yellow, json,html', async () => {
+
+        /* prepare */
+        initInputMap();
+        mockedInputMap.set(input.PARAM_INCLUDED_FOLDERS, '__test__/integrationtest/test-sources');
+        mockedInputMap.set(input.PARAM_PROJECT_NAME, 'test-project-5');
+        mockedInputMap.set(input.PARAM_SCAN_TYPES, 'secretScan');
+        mockedInputMap.set(input.PARAM_REPORT_FORMATS, 'json,html');
+
+        /* execute */
+        const result = await launcher.launch();
+
+        /* test */
+        assertTrafficLight(result, 'YELLOW');
+        assertLastClientExitCode(result, 0);
+        assertActionIsNotMarkedAsFailed();
+        assertJsonReportContains(result, 'generic-api-key has detected secret for file UnSAFE_Bank/Backend/docker-compose.yml');
+        assertUploadDone();
 
         loadHTMLReportAndAssertItContains(result, 'generic-api-key has detected secret for file UnSAFE_Bank/Backend/docker-compose.yml');
 
@@ -226,7 +257,8 @@ describe('integrationtest licensescan generated config', () => {
         assertLastClientExitCode(result, 0);
         assertActionIsNotMarkedAsFailed();
         assertJsonReportContains(result, 'findings'); // findings in json available - but green, because only licensescan
-
+        assertUploadDone();
+
         loadSpdxJsonReportAndAssertItContains(result, 'LGPL');
     });
 
@@ -264,6 +296,7 @@ describe('integrationtest non-generated config', () => {
         assertActionIsMarkedAsFailed();
         assertTrafficLight(result, 'RED');
         assertJsonReportContains(result, 'XSS attackable parameter output: </p><script>alert(1)');
+        assertUploadDone();
 
     });
 
@@ -293,6 +326,10 @@ function assertJsonReportContains(context: LaunchContext, textPart: string) {
     expect(text).toContain(textPart);
 }
 
+function assertUploadDone(){
+    expect(mockedUploadFunction).toHaveBeenCalled();
+}
+
 function loadHTMLReportAndAssertItContains(context: LaunchContext, textPart: string) {
 
     const fileName = context.secHubReportJsonFileName.replace('.json','.html');

diff --git a/github-actions/scan/src/launcher.ts b/github-actions/scan/src/launcher.ts
@@ -159,7 +159,7 @@ async function postScan(context: LaunchContext): Promise<void> {
     /* reporting - analysis etc. */
     reportOutputs(context.secHubReportJsonObject);
 
-    /* upload artifact */
+    /* upload artifacts */
     await uploadArtifact(context, 'sechub scan-report', getFiles(`${context.workspaceFolder}/sechub_report_*.*`));
 
     if (context.lastClientExitCode !== 0) {