diff --git a/sechub-pds-solutions/xray/docker/scripts/xray.sh b/sechub-pds-solutions/xray/docker/scripts/xray.sh index 4211c380e3..e9c90d444c 100755 --- a/sechub-pds-solutions/xray/docker/scripts/xray.sh +++ b/sechub-pds-solutions/xray/docker/scripts/xray.sh @@ -11,8 +11,8 @@ echo "PDS Job UUID: $PDS_JOB_UUID" echo "" SKOPEO_AUTH="auth.json" -# UPLOAD_DIR=$PDS_JOB_EXTRACTED_BINARIES_FOLDER -UPLOAD_DIR=$PDS_JOB_EXTRACTED_SOURCES_FOLDER +UPLOAD_DIR=$PDS_JOB_EXTRACTED_BINARIES_FOLDER +# UPLOAD_DIR=$PDS_JOB_EXTRACTED_SOURCES_FOLDER check_valid_upload () { if [ $(ls $UPLOAD_DIR | wc -l) -ge 2 ] @@ -64,4 +64,4 @@ do java -jar "$TOOL_FOLDER/wrapperxray.jar" "--name" "$IMAGE" "--sha256" "$SHA256" "--scantype" "docker" "--outputfile" "$PDS_JOB_RESULT_FILE" done -clean_workspace \ No newline at end of file +clean_workspace diff --git a/sechub-wrapper-xray/src/main/java/com.mercedesbenz.sechub.xraywrapper/cli/XrayClientArtifactoryController.java b/sechub-wrapper-xray/src/main/java/com.mercedesbenz.sechub.xraywrapper/cli/XrayClientArtifactoryController.java index 869cbe2a17..f3ee5ca58f 100644 --- a/sechub-wrapper-xray/src/main/java/com.mercedesbenz.sechub.xraywrapper/cli/XrayClientArtifactoryController.java +++ b/sechub-wrapper-xray/src/main/java/com.mercedesbenz.sechub.xraywrapper/cli/XrayClientArtifactoryController.java @@ -1,14 +1,14 @@ package com.mercedesbenz.sechub.xraywrapper.cli; -import java.io.IOException; -import java.util.concurrent.TimeUnit; - import com.fasterxml.jackson.databind.node.ObjectNode; import com.mercedesbenz.sechub.xraywrapper.config.XrayArtifact; import com.mercedesbenz.sechub.xraywrapper.config.XrayConfiguration; import com.mercedesbenz.sechub.xraywrapper.http.XrayArtifactoryClient; import com.mercedesbenz.sechub.xraywrapper.reportgenerator.XrayReportReader; +import java.io.IOException; +import java.util.concurrent.TimeUnit; + public class XrayClientArtifactoryController { private final XrayConfiguration xrayConfiguration; @@ -22,7 +22,7 @@ public XrayClientArtifactoryController(XrayConfiguration xrayConfiguration, Xray } /** - * manages communication with the xray server in correct order + * controls the communication to the Xray artifactory server * * @throws IOException */ @@ -30,7 +30,6 @@ public void waitForScansToFinishAndDownloadReport() throws IOException { // get xray version from artifactory String xray_version = artifactoryClient.getXrayVersion(); - System.out.println("XRAY Version: " + xray_version); // check if artifact is uploaded boolean isUploaded = artifactoryClient.checkArtifactoryUpload(); diff --git a/sechub-wrapper-xray/src/main/java/com.mercedesbenz.sechub.xraywrapper/http/XrayArtifactoryClient.java b/sechub-wrapper-xray/src/main/java/com.mercedesbenz.sechub.xraywrapper/http/XrayArtifactoryClient.java index c1ce6b898d..8fd735239c 100644 --- a/sechub-wrapper-xray/src/main/java/com.mercedesbenz.sechub.xraywrapper/http/XrayArtifactoryClient.java +++ b/sechub-wrapper-xray/src/main/java/com.mercedesbenz.sechub.xraywrapper/http/XrayArtifactoryClient.java @@ -21,21 +21,21 @@ public XrayArtifactoryClient(XrayArtifact artifact, XrayConfiguration xrayConfig } public String getXrayVersion() throws IOException { - XrayAPIRequest request = XrayHttpRequestBuilder.generateGetXrayVersion(xrayConfiguration.getArtifactory()); + XrayAPIRequest request = XrayHttpRequestBuilder.buildGetXrayVersion(xrayConfiguration.getArtifactory()); XrayAPIResponse response = send(request); JsonNode node = getBodyAsNode(response.getBody()); return node.get("xray_version").asText(); } public boolean checkArtifactoryUpload() throws IOException { - XrayAPIRequest request = XrayHttpRequestBuilder.generateCheckArtifactUpload(xrayConfiguration.getArtifactory(), artifact, + XrayAPIRequest request = XrayHttpRequestBuilder.buildCheckArtifactUpload(xrayConfiguration.getArtifactory(), artifact, xrayConfiguration.getRegister()); XrayAPIResponse response = send(request); return !(isErrorResponse(response)); } public String getScanStatus() throws IOException { - XrayAPIRequest request = XrayHttpRequestBuilder.generateGetScanStatus(xrayConfiguration.getArtifactory(), artifact, xrayConfiguration.getRegister()); + XrayAPIRequest request = XrayHttpRequestBuilder.buildGetScanStatus(xrayConfiguration.getArtifactory(), artifact, xrayConfiguration.getRegister()); XrayAPIResponse response = send(request); if (!isErrorResponse(response)) { JsonNode node = getBodyAsNode(response.getBody()); @@ -45,13 +45,13 @@ public String getScanStatus() throws IOException { } public boolean requestScanReports() throws IOException { - XrayAPIRequest request = XrayHttpRequestBuilder.generateGetScanReports(xrayConfiguration.getArtifactory(), artifact); + XrayAPIRequest request = XrayHttpRequestBuilder.buildGetScanReports(xrayConfiguration.getArtifactory(), artifact); XrayAPIResponse response = send(request); return !isErrorResponse(response); } public String startScanArtifact() throws IOException { - XrayAPIRequest request = XrayHttpRequestBuilder.generateScanArtifact(xrayConfiguration.getArtifactory(), artifact, xrayConfiguration.getRegister()); + XrayAPIRequest request = XrayHttpRequestBuilder.buildScanArtifact(xrayConfiguration.getArtifactory(), artifact, xrayConfiguration.getRegister()); XrayAPIResponse response = send(request); if (!isErrorResponse(response)) { JsonNode node = getBodyAsNode(response.getBody()); diff --git a/sechub-wrapper-xray/src/main/java/com.mercedesbenz.sechub.xraywrapper/http/XrayHttpRequestBuilder.java b/sechub-wrapper-xray/src/main/java/com.mercedesbenz.sechub.xraywrapper/http/XrayHttpRequestBuilder.java index dd1d84d93e..b7c11751e8 100644 --- a/sechub-wrapper-xray/src/main/java/com.mercedesbenz.sechub.xraywrapper/http/XrayHttpRequestBuilder.java +++ b/sechub-wrapper-xray/src/main/java/com.mercedesbenz.sechub.xraywrapper/http/XrayHttpRequestBuilder.java @@ -11,7 +11,7 @@ public class XrayHttpRequestBuilder { * @param baseUrl factory URL * @return XrayAPIRequest */ - public static XrayAPIRequest generateGetXrayVersion(String baseUrl) { + public static XrayAPIRequest buildGetXrayVersion(String baseUrl) { XrayAPIRequest request = new XrayAPIRequest(); request.setBaseUrl(baseUrl + "/xray/api/v1/system/version"); request.setRequestMethodEnum(XrayAPIRequest.RequestMethodEnum.GET); @@ -26,7 +26,7 @@ public static XrayAPIRequest generateGetXrayVersion(String baseUrl) { * @param repository artifactory repository * @return XrayAPIRequest */ - public static XrayAPIRequest generateCheckArtifactUpload(String baseUrl, XrayArtifact artifact, String repository) { + public static XrayAPIRequest buildCheckArtifactUpload(String baseUrl, XrayArtifact artifact, String repository) { String url = baseUrl + "/artifactory/api/storage/" + repository + "/" + artifact.getName() + "/" + artifact.getTag() + "/manifest.json"; String data = ""; return new XrayAPIRequest(url, XrayAPIRequest.RequestMethodEnum.GET, true, data); @@ -40,7 +40,7 @@ public static XrayAPIRequest generateCheckArtifactUpload(String baseUrl, XrayArt * @param repository artifactory repository * @return XrayAPIRequest */ - public static XrayAPIRequest generateScanArtifact(String baseUrl, XrayArtifact artifact, String repository) { + public static XrayAPIRequest buildScanArtifact(String baseUrl, XrayArtifact artifact, String repository) { String url = baseUrl + "/xray/api/v1/scanArtifact"; String data = "{\"componentID\": \"" + artifact.getArtifactType() + "://" + artifact.getName() + ":" + artifact.getTag() + "\"," + "\"path\": \"" + repository + "/" + artifact.getName() + "/" + artifact.getTag() + "/manifest.json\"}"; @@ -55,7 +55,7 @@ public static XrayAPIRequest generateScanArtifact(String baseUrl, XrayArtifact a * @param repository artifactory repository * @return XrayAPIRequest */ - public static XrayAPIRequest generateGetScanStatus(String baseUrl, XrayArtifact artifact, String repository) { + public static XrayAPIRequest buildGetScanStatus(String baseUrl, XrayArtifact artifact, String repository) { String url = baseUrl + "/xray/api/v1/scan/status/artifact"; String data = "{\"path\": \"" + repository + "/" + artifact.getName() + "/" + artifact.getTag() + "/manifest.json\", \"repository_pkg_type\":\"" + artifact.getArtifactType() + "\", \"sha256\": \"" + artifact.getSha256() + "\"}"; @@ -69,7 +69,7 @@ public static XrayAPIRequest generateGetScanStatus(String baseUrl, XrayArtifact * @param artifact Artifact to scan * @return XrayAPIRequest */ - public static XrayAPIRequest generateGetScanReports(String baseUrl, XrayArtifact artifact) { + public static XrayAPIRequest buildGetScanReports(String baseUrl, XrayArtifact artifact) { String url = baseUrl + "/xray/api/v1/component/exportDetails"; String data = "{\"component_name\": \"" + artifact.getName() + ":" + artifact.getTag() + "\"," + "\"package_type\": \"" + artifact.getArtifactType() + "\"," + "\"sha_256\" : \"" + artifact.getSha256() + "\"," + "\"violations\": true," + "\"include_ignored_violations\": true," diff --git a/sechub-wrapper-xray/src/main/java/com.mercedesbenz.sechub.xraywrapper/reportgenerator/XrayReportWriter.java b/sechub-wrapper-xray/src/main/java/com.mercedesbenz.sechub.xraywrapper/reportgenerator/XrayReportWriter.java index 5c9f41be5c..c68474f54b 100644 --- a/sechub-wrapper-xray/src/main/java/com.mercedesbenz.sechub.xraywrapper/reportgenerator/XrayReportWriter.java +++ b/sechub-wrapper-xray/src/main/java/com.mercedesbenz.sechub.xraywrapper/reportgenerator/XrayReportWriter.java @@ -1,18 +1,17 @@ package com.mercedesbenz.sechub.xraywrapper.reportgenerator; -import java.io.File; -import java.io.IOException; - import com.fasterxml.jackson.core.util.DefaultPrettyPrinter; import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectWriter; import com.fasterxml.jackson.databind.node.ObjectNode; +import java.io.File; +import java.io.IOException; + public class XrayReportWriter { public static void writeReport(ObjectNode rootObject, File report) throws IOException { ObjectMapper mapper = new ObjectMapper(); ObjectWriter writer = mapper.writer(new DefaultPrettyPrinter()); writer.writeValue(new File(report.toURI()), rootObject); - } } diff --git a/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/http/XrayAPIResponseTest.java b/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/http/XrayAPIResponseTest.java index f1490b7ad1..7da310af0e 100644 --- a/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/http/XrayAPIResponseTest.java +++ b/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/http/XrayAPIResponseTest.java @@ -1,32 +1,32 @@ package com.mercedesbenz.sechub.xraywrapper.http; -import static org.junit.jupiter.api.Assertions.assertEquals; +import org.junit.jupiter.api.Test; import java.util.Arrays; import java.util.Collections; import java.util.List; import java.util.Map; -import org.junit.jupiter.api.Test; +import static org.junit.jupiter.api.Assertions.assertEquals; class XrayAPIResponseTest { @Test public void testXrayAPIResponseEmpty() { - // prepare + /* prepare */ XrayAPIResponse response; - // execute + /* execute */ response = new XrayAPIResponse(); - // assert + /* test */ assertEquals(0, response.getStatus_code()); assertEquals("", response.getBody()); } @Test public void testXrayAPIResponse() { - // prepare + /* prepare */ XrayAPIResponse response; int status = 200; String body = "body"; @@ -34,13 +34,13 @@ public void testXrayAPIResponse() { List values = Arrays.asList("elem", "elem2"); headers.put("header", values); - // execute + /* execute */ response = new XrayAPIResponse(); response.setBody(body); response.setStatus_code(status); response.setHeaders(headers); - // assert + /* test */ assertEquals(200, response.getStatus_code()); assertEquals("body", response.getBody()); assertEquals(values, response.getHeaders().get("header")); diff --git a/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/http/XrayHttpRequestBuilderTest.java b/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/http/XrayHttpRequestBuilderTest.java index 5060f5dfc3..55ca8eafc0 100644 --- a/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/http/XrayHttpRequestBuilderTest.java +++ b/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/http/XrayHttpRequestBuilderTest.java @@ -1,12 +1,11 @@ package com.mercedesbenz.sechub.xraywrapper.http; -import static com.mercedesbenz.sechub.xraywrapper.http.XrayHttpRequestBuilder.*; -import static org.junit.jupiter.api.Assertions.*; - +import com.mercedesbenz.sechub.xraywrapper.config.XrayArtifact; import org.junit.jupiter.api.BeforeEach; import org.junit.jupiter.api.Test; -import com.mercedesbenz.sechub.xraywrapper.config.XrayArtifact; +import static com.mercedesbenz.sechub.xraywrapper.http.XrayHttpRequestBuilder.*; +import static org.junit.jupiter.api.Assertions.*; class XrayHttpRequestBuilderTest { @@ -22,78 +21,109 @@ public void beforeEach() { } @Test - public void testGenerateGetXrayVersion() { - // prepare + public void test_buildGetXrayVersion() { + /* prepare */ XrayAPIRequest request; String apiUrl = "/xray/api/v1/system/version"; - // execute - request = generateGetXrayVersion(url); + /* execute */ + request = buildGetXrayVersion(url); - // assert + /* test */ assertEquals(XrayAPIRequest.RequestMethodEnum.GET, request.getRequestMethodEnum()); assertEquals(url + apiUrl, request.getBaseUrl()); } @Test - public void testGenerateCheckArtifactUpload() { - // prepare + public void test_generateGetXrayVersion_null() { + /* execute + test */ + assertThrows(NullPointerException.class, () -> buildGetXrayVersion(null)); + } + + @Test + public void test_buildCheckArtifactUpload() { + /* prepare */ XrayAPIRequest request; String apiUrl = "/artifactory/api/storage/myregister/myname/tag/manifest.json"; - // execute - request = generateCheckArtifactUpload(url, artifact, register); + /* execute */ + request = buildCheckArtifactUpload(url, artifact, register); - // assert + /* test */ assertEquals(XrayAPIRequest.RequestMethodEnum.GET, request.getRequestMethodEnum()); assertEquals(url + apiUrl, request.getBaseUrl()); } @Test - public void testGenerateScanArtifact() { - // prepare + public void test_buildCheckArtifactUpload_null() { + /* execute + test */ + assertThrows(NullPointerException.class, () -> buildCheckArtifactUpload(null, null, null)); + } + + @Test + public void test_buildScanArtifact() { + /* prepare */ XrayAPIRequest request; String apiUrl = "/xray/api/v1/scanArtifact"; String data = "{\"componentID\": \"docker://myname:tag\"," + "\"path\": \"myregister/myname/tag/manifest.json\"}"; - // execute - request = generateScanArtifact(url, artifact, register); + /* execute */ + request = buildScanArtifact(url, artifact, register); - // assert + /* test */ assertEquals(XrayAPIRequest.RequestMethodEnum.POST, request.getRequestMethodEnum()); assertEquals(url + apiUrl, request.getBaseUrl()); assertEquals(data, request.getData()); } @Test - public void testGenerateGetScanStatus() { - // prepare + public void test_buildScanArtifact_null() { + /* execute + test */ + assertThrows(NullPointerException.class, () -> buildScanArtifact(null, null, null)); + } + + + @Test + public void test_buildGetScanStatus() { + /* prepare */ XrayAPIRequest request; String apiUrl = "/xray/api/v1/scan/status/artifact"; String data = "{\"path\": \"myregister/myname/tag/manifest.json\", \"repository_pkg_type\":\"docker\", \"sha256\": \"sha256\"}"; - // execute - request = generateGetScanStatus(url, artifact, register); + /* execute */ + request = buildGetScanStatus(url, artifact, register); - // assert + /* test */ assertEquals(XrayAPIRequest.RequestMethodEnum.POST, request.getRequestMethodEnum()); assertEquals(url + apiUrl, request.getBaseUrl()); assertEquals(data, request.getData()); } @Test - public void testGenerateGetScanReports() { - // prepare + public void test_buildGetScanStatus_null() { + /* execute + test */ + assertThrows(NullPointerException.class, () -> buildGetScanStatus(null, null, null)); + } + + @Test + public void test_buildGetScanReports() { + /* prepare */ XrayAPIRequest request; String apiUrl = "/xray/api/v1/component/exportDetails"; String data = "{\"component_name\": \"myname:tag\"," + "\"package_type\": \"docker\"," + "\"sha_256\" : \"sha256\""; - // execute - request = generateGetScanReports(url, artifact); + /* execute */ + request = buildGetScanReports(url, artifact); - // assert + /* test */ assertEquals(XrayAPIRequest.RequestMethodEnum.POST, request.getRequestMethodEnum()); assertEquals(url + apiUrl, request.getBaseUrl()); assertTrue(request.getData().contains(data)); } + + @Test + public void test_buildGetScanReports_null() { + /* execute + test */ + assertThrows(NullPointerException.class, () -> buildGetScanReports(null, null)); + } } \ No newline at end of file diff --git a/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/http/XrayHttpRequestExecutorTest.java b/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/http/XrayHttpRequestExecutorTest.java index c45d2ba546..550766eef7 100644 --- a/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/http/XrayHttpRequestExecutorTest.java +++ b/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/http/XrayHttpRequestExecutorTest.java @@ -1,16 +1,17 @@ package com.mercedesbenz.sechub.xraywrapper.http; -import static com.mercedesbenz.sechub.xraywrapper.http.XrayHttpRequestExecutor.setUpGetConnection; -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.mockito.Mockito.mock; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.mockito.Mockito; import java.io.IOException; import java.net.HttpURLConnection; import java.net.URL; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.Test; -import org.mockito.Mockito; +import static com.mercedesbenz.sechub.xraywrapper.http.XrayHttpRequestExecutor.setUpGetConnection; +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertThrows; +import static org.mockito.Mockito.mock; class XrayHttpRequestExecutorTest { @@ -22,8 +23,8 @@ public void beforeEach() { } @Test - public void testSetUpGetConnection() throws IOException { - // prepare + public void test_setUpGetConnection() throws IOException { + /* prepare */ HttpURLConnection con; String stringUrls = url.toString(); HttpURLConnection mockedCon = mock(HttpURLConnection.class); @@ -31,11 +32,17 @@ public void testSetUpGetConnection() throws IOException { XrayAPIRequest request = new XrayAPIRequest(stringUrls, XrayAPIRequest.RequestMethodEnum.GET, false, ""); request.setUrl(url); - // execute + /* execute */ con = setUpGetConnection(request); - // assert + /* test */ assertEquals(0, con.getConnectTimeout()); } + @Test + public void test_setUpGetConnection_null() throws IOException { + /* execute */ + assertThrows(NullPointerException.class, () -> setUpGetConnection(null)); + } + } \ No newline at end of file diff --git a/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/http/XrayHttpResponseBuilderTest.java b/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/http/XrayHttpResponseBuilderTest.java index 3ae72ef290..85a80c8ba6 100644 --- a/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/http/XrayHttpResponseBuilderTest.java +++ b/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/http/XrayHttpResponseBuilderTest.java @@ -1,17 +1,18 @@ package com.mercedesbenz.sechub.xraywrapper.http; -import static com.mercedesbenz.sechub.xraywrapper.http.XrayHttpResponseBuilder.getHttpResponseFromConnection; -import static org.junit.jupiter.api.Assertions.*; -import static org.mockito.Mockito.doReturn; -import static org.mockito.Mockito.mock; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; +import org.mockito.Mock; import java.io.ByteArrayInputStream; import java.io.IOException; import java.net.HttpURLConnection; -import org.junit.jupiter.api.BeforeEach; -import org.junit.jupiter.api.Test; -import org.mockito.Mock; +import static com.mercedesbenz.sechub.xraywrapper.http.XrayHttpResponseBuilder.getHttpResponseFromConnection; +import static org.junit.jupiter.api.Assertions.assertEquals; +import static org.junit.jupiter.api.Assertions.assertThrows; +import static org.mockito.Mockito.doReturn; +import static org.mockito.Mockito.mock; class XrayHttpResponseBuilderTest { @@ -25,48 +26,57 @@ public void beforeEach() { } @Test - public void testGetHttpResponseFromConnection() throws IOException { - // prepare + public void test_getHttpResponseFromConnection() throws IOException { + /* prepare */ XrayAPIResponse response; int statusCode = 200; is = new ByteArrayInputStream("testData".getBytes("UTF-8")); doReturn(is).when(con).getInputStream(); doReturn(statusCode).when(con).getResponseCode(); - // execute + /* execute */ response = getHttpResponseFromConnection(con, "filename"); - // assert + /* test */ assertEquals("testData", response.getBody()); assertEquals(200, response.getStatus_code()); } @Test - public void testEmptyGetHttpResponseFromConnection() throws IOException { - // prepare + public void test_getHttpResponseFromConnection_empty() throws IOException { + /* prepare */ XrayAPIResponse response; - // execute + /* execute */ response = getHttpResponseFromConnection(con, "filename"); - // assert + /* test */ assertEquals("", response.getBody()); assertEquals(0, response.getStatus_code()); } @Test - public void testErrorGetHttpResponseFromConnection() throws IOException { - // prepare + public void test_getHttpResponseFromConnection_null() throws IOException { + /* prepare */ + XrayAPIResponse response; + + /* execute + test */ + assertThrows(NullPointerException.class, () -> getHttpResponseFromConnection(null, null)); + } + + @Test + public void test_getHttpResponseFromConnection_error() throws IOException { + /* prepare */ XrayAPIResponse response; int statusCode = 404; is = new ByteArrayInputStream("Error".getBytes("UTF-8")); doReturn(is).when(con).getErrorStream(); doReturn(statusCode).when(con).getResponseCode(); - // execute + /* execute */ response = getHttpResponseFromConnection(con, "filename"); - // assert + /* test */ assertEquals("Error", response.getBody()); assertEquals(404, response.getStatus_code()); } diff --git a/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/reportgenerator/XrayCycloneVulnerabilityTest.java b/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/reportgenerator/XrayCycloneVulnerabilityTest.java index 9db3565faa..8916b5543b 100644 --- a/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/reportgenerator/XrayCycloneVulnerabilityTest.java +++ b/sechub-wrapper-xray/src/test/java/com.mercedesbenz.sechub.xraywrapper/reportgenerator/XrayCycloneVulnerabilityTest.java @@ -1,65 +1,69 @@ package com.mercedesbenz.sechub.xraywrapper.reportgenerator; +import com.fasterxml.jackson.databind.ObjectMapper; +import com.fasterxml.jackson.databind.node.ArrayNode; +import org.junit.jupiter.api.BeforeEach; +import org.junit.jupiter.api.Test; + import static org.junit.jupiter.api.Assertions.assertEquals; import static org.junit.jupiter.api.Assertions.assertTrue; -import org.junit.jupiter.api.Test; +class XrayCycloneVulnerabilityTest { -import com.fasterxml.jackson.databind.ObjectMapper; -import com.fasterxml.jackson.databind.node.ArrayNode; + ObjectMapper mapper; + XrayCycloneVulnerability vulnerability; -class XrayCycloneVulnerabilityTest { - ObjectMapper mapper = new ObjectMapper(); + @BeforeEach + public void beforeEach(){ + mapper = new ObjectMapper(); + vulnerability = new XrayCycloneVulnerability("id"); + } @Test public void testSetCwe() { - // prepare - XrayCycloneVulnerability vul = new XrayCycloneVulnerability("id"); + /* prepare */ ArrayNode cwe = mapper.createArrayNode(); cwe.add("CEW-123"); - // execute - vul.setCwe(cwe); + /* execute */ + vulnerability.setCwe(cwe); - // assert - assertEquals("[123]", vul.getVulnerability().get("cwes").toString()); + /* test */ + assertEquals("[123]", vulnerability.getVulnerability().get("cwes").toString()); } @Test public void testSetCweNoInfo() { - // prepare - XrayCycloneVulnerability vul = new XrayCycloneVulnerability("id"); + /* prepare */ ArrayNode cwe = mapper.createArrayNode(); cwe.add("CEW-noinfo"); - // execute - vul.setCwe(cwe); + /* execute */ + vulnerability.setCwe(cwe); - // assert - assertEquals("[]", vul.getVulnerability().get("cwes").toString()); + /* test */ + assertEquals("[]", vulnerability.getVulnerability().get("cwes").toString()); } @Test public void testSetCweMultiple() { - // prepare - XrayCycloneVulnerability vul = new XrayCycloneVulnerability("id"); + /* prepare */ ArrayNode cwe = mapper.createArrayNode(); cwe.add("CEW-123"); cwe.add("CEW-892"); cwe.add("CEW-883"); - // execute - vul.setCwe(cwe); + /* execute */ + vulnerability.setCwe(cwe); - // assert - assertEquals("[123,892,883]", vul.getVulnerability().get("cwes").toString()); + /* test */ + assertEquals("[123,892,883]", vulnerability.getVulnerability().get("cwes").toString()); } @Test public void testAddAffectsVersion() { - // prepare - XrayCycloneVulnerability vul = new XrayCycloneVulnerability("id"); + /* prepare */ ArrayNode vul_versions = mapper.createArrayNode(); ArrayNode fixed_version = mapper.createArrayNode(); String ref = "testref"; @@ -69,20 +73,19 @@ public void testAddAffectsVersion() { fixed_version.add("17.02"); fixed_version.add("12.02"); - // execute - vul.addAffects(ref, vul_versions, fixed_version, purls); - vul.putAffects(); + /* execute */ + vulnerability.addAffects(ref, vul_versions, fixed_version, purls); + vulnerability.putAffects(); - // assert - String ref_vul = vul.getVulnerability().get("affects").toString(); + /* test */ + String ref_vul = vulnerability.getVulnerability().get("affects").toString(); assertTrue(ref_vul.contains(ref)); assertTrue(ref_vul.contains("{\"version\":\"8.0\",\"status\":\"affected\"}")); } @Test public void testAddAffectsRangeMulti() { - // prepare - XrayCycloneVulnerability vul = new XrayCycloneVulnerability("id"); + /* prepare */ ArrayNode vul_versions = mapper.createArrayNode(); ArrayNode fixed_version = mapper.createArrayNode(); String ref = "testref"; @@ -92,31 +95,30 @@ public void testAddAffectsRangeMulti() { fixed_version.add("17.02"); fixed_version.add("<8.0.02"); - // execute - vul.addAffects(ref, vul_versions, fixed_version, purls); - vul.putAffects(); + /* execute */ + vulnerability.addAffects(ref, vul_versions, fixed_version, purls); + vulnerability.putAffects(); - // assert - String ref_vul = vul.getVulnerability().get("affects").toString(); + /* test */ + String ref_vul = vulnerability.getVulnerability().get("affects").toString(); assertTrue(ref_vul.contains(ref)); assertTrue(ref_vul.contains("{\"range\":\"tests://mytest@<17.02\",\"status\":\"affected\"}")); } @Test public void testSetRating() { - // prepare - XrayCycloneVulnerability vul = new XrayCycloneVulnerability("id"); + /* prepare */ Float score = 10.0F; String severity = "high"; String method = "CVSSv2"; String vector = "vector"; String source = "NVD"; - // execute - vul.setRating(score, severity, method, vector, source); + /* execute */ + vulnerability.setRating(score, severity, method, vector, source); - String rating = vul.getVulnerability().get("ratings").toString(); - // assert + String rating = vulnerability.getVulnerability().get("ratings").toString(); + /* test */ assertTrue(rating.contains("\"method\":\"CVSSv2\"")); }