Implemented whitelist handling for systemtests #2534

sechub-doc/src/main/java/com/mercedesbenz/sechub/docgen/adopt/AdoptedSystemTestDefaultFallback.java

@@ -21,9 +21,9 @@
  */
 public enum AdoptedSystemTestDefaultFallback {
 
-    FALLBACK_PROJECT_NAME("default-test-project", "Project id"),
+    FALLBACK_PROJECT_NAME(StringConstants.DEFAULT_PROJECT_ID, "Project id"),
 
-    FALLBACK_PROFILE_ID("default-test-profile", "Profile id"),
+    FALLBACK_PROFILE_ID(StringConstants.DEFAULT_PROFILE_ID, "Profile id"),
 
     /** Same like default in /sechub-solution/env-sechub */
     FALLBACK_LOCAL_SECHUB_URL("https://localhost:8443", "Local", "SecHub url"),
@@ -53,14 +53,22 @@ public enum AdoptedSystemTestDefaultFallback {
 
     FALLBACK_SECHUB_WAIT_FOR_AVAILABLE("true", "SecHub wait for available"),
 
-    FALLBACK_UPLOAD_REF_ID("default-ref", "Upload reference id"),
+    FALLBACK_UPLOAD_REF_ID(StringConstants.DEFAULT_REFERENCE_ID, "Upload reference id"),
 
     ;
 
     private String scope;
     private String value;
     private String description;
 
+    public class StringConstants {
+
+        public static final String DEFAULT_PROJECT_ID = "default-test-project";
+        public static final String DEFAULT_PROFILE_ID = "default-test-profile";
+        public static final String DEFAULT_REFERENCE_ID = "default-ref";
+
+    }
+
     AdoptedSystemTestDefaultFallback(String value, String description) {
         this(value, null, description);
     }

sechub-systemtest/src/main/java/com/mercedesbenz/sechub/systemtest/config/DefaultFallback.java

@@ -17,9 +17,9 @@
  */
 public enum DefaultFallback {
 
-    FALLBACK_PROJECT_NAME("default-test-project", "Project id"),
+    FALLBACK_PROJECT_NAME(StringConstants.DEFAULT_PROJECT_ID, "Project id"),
 
-    FALLBACK_PROFILE_ID("default-test-profile", "Profile id"),
+    FALLBACK_PROFILE_ID(StringConstants.DEFAULT_PROFILE_ID, "Profile id"),
 
     /** Same like default in /sechub-solution/env-sechub */
     FALLBACK_LOCAL_SECHUB_URL("https://localhost:8443", "Local", "SecHub url"),
@@ -49,14 +49,22 @@ public enum DefaultFallback {
 
     FALLBACK_SECHUB_WAIT_FOR_AVAILABLE("true", "SecHub wait for available"),
 
-    FALLBACK_UPLOAD_REF_ID("default-ref", "Upload reference id"),
+    FALLBACK_UPLOAD_REF_ID(StringConstants.DEFAULT_REFERENCE_ID, "Upload reference id"),
 
     ;
 
     private String scope;
     private String value;
     private String description;
 
+    public class StringConstants {
+
+        public static final String DEFAULT_PROJECT_ID = "default-test-project";
+        public static final String DEFAULT_PROFILE_ID = "default-test-profile";
+        public static final String DEFAULT_REFERENCE_ID = "default-ref";
+
+    }
+
     DefaultFallback(String value, String description) {
         this(value, null, description);
     }

sechub-systemtest/src/main/java/com/mercedesbenz/sechub/systemtest/config/ProjectDefinition.java

@@ -8,6 +8,7 @@ public class ProjectDefinition extends AbstractDefinition {
 
     private String name;
     private List<String> profiles = new ArrayList<>();
+    private List<String> whitelistedURIs = new ArrayList<>();
 
     public String getName() {
         return name;
@@ -20,4 +21,8 @@ public void setName(String name) {
     public List<String> getProfiles() {
         return profiles;
     }
+
+    public List<String> getWhitelistedURIs() {
+        return whitelistedURIs;
+    }
 }

sechub-systemtest/src/main/java/com/mercedesbenz/sechub/systemtest/config/SystemTestConfigurationBuilder.java

@@ -3,6 +3,7 @@
 
 import java.net.URI;
 import java.net.URL;
+import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.List;
 import java.util.Optional;
@@ -266,6 +267,25 @@ public SecHubSetupBuilder admin(String userId, String apiToken) {
                 return this;
             }
 
+            /**
+             * Start definition for project using default project name:
+             * {@value com.mercedesbenz.sechub.systemtest.config.DefaultFallback.StringConstants#DEFAULT_PROJECT_ID}
+             *
+             * @return project setup builder
+             */
+            public ProjectSetupBuilder project() {
+                return project(DefaultFallback.FALLBACK_PROJECT_NAME.getValue());
+            }
+
+            /**
+             * Start definition for project using given project project id.
+             *
+             * @return project setup builder
+             */
+            public ProjectSetupBuilder project(String projectId) {
+                return new ProjectSetupBuilder(projectId);
+            }
+
             public ConfigurationBuilder configure() {
                 return new ConfigurationBuilder();
             }
@@ -346,6 +366,55 @@ public ExecutorConfigBuilder name(String name) {
                 }
 
             }
+
+            public class ProjectSetupBuilder extends AbstractDefinitionBuilder<ProjectSetupBuilder> {
+
+                private ProjectDefinition projectDefinition;
+
+                public ProjectSetupBuilder(String projectId) {
+
+                    SecHubConfigurationDefinition configuration = SecHubSetupBuilder.this.getSechubDefinition().getConfigure();
+                    Optional<List<ProjectDefinition>> projectsOpt = configuration.getProjects();
+
+                    List<ProjectDefinition> projects = null;
+                    if (projectsOpt.isPresent()) {
+                        projects = projectsOpt.get();
+                    } else {
+                        projects = new ArrayList<>();
+                        configuration.setProjects(Optional.of(projects));
+                    }
+
+                    for (ProjectDefinition foundProjectDefinition : projects) {
+                        if (foundProjectDefinition.getName().equalsIgnoreCase(projectId)) {
+                            projectDefinition = foundProjectDefinition;
+                            break;
+                        }
+                    }
+
+                    if (projectDefinition == null) {
+                        projectDefinition = new ProjectDefinition();
+                        projectDefinition.setName(projectId);
+
+                        projects.add(projectDefinition);
+                    }
+                }
+
+                public SecHubSetupBuilder endProject() {
+                    return SecHubSetupBuilder.this;
+                }
+
+                @Override
+                protected AbstractDefinition resolveDefinition() {
+                    return projectDefinition;
+                }
+
+                public ProjectSetupBuilder addURItoWhiteList(String uri) {
+                    projectDefinition.getWhitelistedURIs().add(uri);
+                    return this;
+                }
+
+            }
+
         }
 
         public class SolutionSetupBuilder extends AbstractDefinitionBuilder<SolutionSetupBuilder> {

sechub-systemtest/src/main/java/com/mercedesbenz/sechub/systemtest/runtime/config/SystemTestRuntimeLocalSecHubProductConfigurator.java

@@ -22,6 +22,7 @@
 import com.mercedesbenz.sechub.api.ExecutorConfigurationSetup;
 import com.mercedesbenz.sechub.api.ExecutorConfigurationSetupCredentials;
 import com.mercedesbenz.sechub.api.Project;
+import com.mercedesbenz.sechub.api.ProjectWhiteList;
 import com.mercedesbenz.sechub.api.SecHubClient;
 import com.mercedesbenz.sechub.api.SecHubClientException;
 import com.mercedesbenz.sechub.commons.model.ScanType;
@@ -111,7 +112,12 @@ private void createProjects(SystemTestRuntimeContext context) throws SecHubClien
             project.setName(projectName);
             project.setOwner(client.getUsername());// we use the administrator as owner of the project
 
+            ProjectWhiteList whiteList = project.getWhiteList();
+            for (String whiteListEntry : projectDefinition.getWhitelistedURIs()) {
+                whiteList.getUris().add(whiteListEntry);
+            }
             client.createProject(project);
+
         }
     }
 

sechub-systemtest/src/main/java/com/mercedesbenz/sechub/systemtest/runtime/init/SystemTestRuntimePreparator.java

@@ -72,10 +72,6 @@ public void prepare(SystemTestRuntimeContext context) {
 
         initializeAlteredConfiguration(context);
 
-        if (!context.isLocalRun()) {
-            LOG.debug("Skip preparation - run is not local");
-            return;
-        }
         prepareLocal(context);
 
         prepareTests(context);
@@ -244,6 +240,10 @@ private Map<String, String> createRuntimeVariables(SystemTestRuntimeContext cont
     }
 
     private void prepareLocal(SystemTestRuntimeContext context) {
+        if (!context.isLocalRun()) {
+            LOG.debug("Skip local preparation - run is not local");
+            return;
+        }
         createDefaultsWhereNothingDefined(context);
 
         prepareScripts(context);
@@ -267,29 +267,38 @@ private void addFallbackDefaultProfileToExecutorsWithoutProfile(SystemTestRuntim
         }
     }
 
-    private void createFallbackDefaultProjectWhenNoProjectsDefined(SystemTestRuntimeContext context) {
+    private void addFallbackDefaultProjectAndProfilesWhenNotDefined(SystemTestRuntimeContext context) {
         SecHubConfigurationDefinition sechubConfig = context.getLocalSecHubConfigurationOrFail();
-        Optional<List<ProjectDefinition>> projects = sechubConfig.getProjects();
-        if (!projects.isPresent()) {
+        Optional<List<ProjectDefinition>> projectsOpt = sechubConfig.getProjects();
+        if (!projectsOpt.isPresent()) {
             sechubConfig.setProjects(Optional.of(new ArrayList<>()));
         }
 
-        List<ProjectDefinition> projectDefinitions = sechubConfig.getProjects().get();
-        if (projectDefinitions.isEmpty()) {
+        List<ProjectDefinition> projects = sechubConfig.getProjects().get();
 
-            ProjectDefinition fallback = new ProjectDefinition();
+        /* handle missing project definitions */
+        if (projects.isEmpty()) {
+            ProjectDefinition fallbackProject = new ProjectDefinition();
 
-            fallback.setName(FALLBACK_PROJECT_NAME.getValue());
-            fallback.setComment("Auto created fallback default project");
-            fallback.getProfiles().add(FALLBACK_PROFILE_ID.getValue());
-            projectDefinitions.add(fallback);
+            fallbackProject.setName(FALLBACK_PROJECT_NAME.getValue());
+            fallbackProject.setComment("Auto created fallback default project");
+
+            projects.add(fallbackProject);
+        }
+
+        /* handle missing profile definitions for projects */
+        for (ProjectDefinition projectDefinition : projects) {
+            List<String> profiles = projectDefinition.getProfiles();
+            if (profiles.isEmpty()) {
+                profiles.add(FALLBACK_PROFILE_ID.getValue());
+            }
         }
     }
 
     private void createDefaultsWhereNothingDefined(SystemTestRuntimeContext context) {
 
         createFallbackSecHubSetupParts(context);
-        createFallbackDefaultProjectWhenNoProjectsDefined(context);
+        addFallbackDefaultProjectAndProfilesWhenNotDefined(context);
         createFallbackNamesForExecutorsWithoutName(context);
         addFallbackDefaultProfileToExecutorsWithoutProfile(context);
 

sechub-systemtest/src/main/java/com/mercedesbenz/sechub/systemtest/runtime/launch/SystemTestRuntimeProductLauncher.java

@@ -202,6 +202,10 @@ public void waitUntilSecHubAdminAvailable(SystemTestRuntimeContext context) {
         if (!context.isLocalRun()) {
             return;
         }
+        if (context.isDryRun()) {
+            LOG.debug("Skip sechub admin available check - becaus dry run");
+            return;
+        }
         SecHubClient sechubClient = context.getLocalAdminSecHubClient();
         boolean adminAccountAvailable = false;
 

sechub-systemtest/src/test/java/com/mercedesbenz/sechub/systemtest/SystemTestDryRunTest.java

@@ -7,6 +7,8 @@
 
 import java.io.IOException;
 import java.nio.file.Path;
+import java.util.List;
+import java.util.Optional;
 import java.util.concurrent.TimeUnit;
 
 import org.junit.jupiter.api.BeforeEach;
@@ -16,7 +18,10 @@
 import org.slf4j.LoggerFactory;
 
 import com.mercedesbenz.sechub.commons.model.JSONConverter;
+import com.mercedesbenz.sechub.systemtest.config.LocalSetupDefinition;
+import com.mercedesbenz.sechub.systemtest.config.ProjectDefinition;
 import com.mercedesbenz.sechub.systemtest.config.RuntimeVariable;
+import com.mercedesbenz.sechub.systemtest.config.SecHubConfigurationDefinition;
 import com.mercedesbenz.sechub.systemtest.config.SystemTestConfiguration;
 import com.mercedesbenz.sechub.systemtest.runtime.SystemTestResult;
 import com.mercedesbenz.sechub.systemtest.runtime.SystemTestRuntimeException;
@@ -47,6 +52,43 @@ void beforeEach(TestInfo info) {
         LOG.info("--------------------------------------------------------------------------------------------------------------------------------");
     }
 
+    @Test
+    void faked_webscan_can_be_executed_without_errors_and_contains_expected_data_in_configuration() throws IOException {
+
+        /* @formatter:off */
+
+        /* prepare*/
+        SystemTestConfiguration configuration = configure().
+                localSetup().
+                    secHub().
+                        project().
+                            addURItoWhiteList("https://example.com/app-to-test").
+                        endProject().
+                    endSecHub().
+                endLocalSetup().
+                build();
+        /* @formatter:on */
+
+        /* execute */
+        SystemTestResult result = systemTestApi.runSystemTests(params().localRun().dryRun().testConfiguration(configuration)
+                .additionalResourcesPath(ADDITIONAL_RESOURCES_PATH).pdsSolutionPath(FAKED_PDS_SOLUTIONS_PATH).build());
+
+        /* test */
+        if (result.hasFailedTests()) {
+            fail("The execution failed:" + result.toString());
+        }
+
+        Optional<LocalSetupDefinition> localSetup = configuration.getSetup().getLocal();
+        SecHubConfigurationDefinition configure = localSetup.get().getSecHub().getConfigure();
+        Optional<List<ProjectDefinition>> projectsOpt = configure.getProjects();
+
+        List<ProjectDefinition> projects = projectsOpt.get();
+        assertEquals(1, projects.size());
+        ProjectDefinition project = projects.iterator().next();
+        assertTrue(project.getWhitelistedURIs().contains("https://example.com/app-to-test"));
+
+    }
+
     @Test
     void faked_gosec_can_be_executed_without_errors() throws IOException {
         /* @formatter:off */

sechub-systemtest/src/test/java/com/mercedesbenz/sechub/systemtest/SystemTestFrameworkIntTest.java

@@ -78,6 +78,9 @@ void even_integration_test_setup_can_be_tested_codescan_source_only_and_gen_exam
                         comment("We do not define start/stop here, because reuse running local SecHub server").
                         url(new URL("https://localhost:"+SECHUB_PORT)).
                         admin(toEnvVariable(ENV_TEST_INTTEST_ADMIN_USERID),toSecretEnvVariable(ENV_TEST_INTTEST_ADMIN_APITOKEN)).
+                        project().
+                            addURItoWhiteList("https://example.org/testproject1").
+                        endProject().
                         /*
                          * We do not define any steps here - developers must have started the
                          * integration test SecHub server locally in IDE