From 70fe6e5b0e77100521b259353071d20d4f7ac915 Mon Sep 17 00:00:00 2001 From: nscuro Date: Tue, 13 Feb 2024 16:08:24 +0100 Subject: [PATCH 1/9] Switch all tests to use Postgres testcontainers instead of H2 Avoids having to deal with differences between Postgres and H2. Just adds friction considering the application will never run with H2 in production. Might even be faster since the same container is reused across all test methods in a class, whereas the previous H2 way would re-create the entire database for each test method. Signed-off-by: nscuro --- pom.xml | 7 -- .../AbstractPostgresEnabledTest.java | 106 ------------------ .../PersistenceCapableTest.java | 94 +++++++++++++++- .../org/dependencytrack/ResourceTest.java | 35 +++++- .../java/org/dependencytrack/TestUtil.java | 24 ---- .../event/PurlMigratorTest.java | 4 +- .../SupportedMetaHandlerTest.java | 4 +- .../UnSupportedMetaHandlerTest.java | 4 +- .../processor/AbstractProcessorTest.java | 4 +- ...msDelayedBomProcessedNotificationTest.java | 2 +- .../streams/KafkaStreamsPostgresTest.java | 99 ---------------- .../event/kafka/streams/KafkaStreamsTest.java | 31 ++++- .../streams/KafkaStreamsTopologyTest.java | 6 +- .../VulnerabilityScanResultProcessorTest.java | 12 +- .../ComponentQueryManangerPostgresTest.java | 4 +- ...IntegrityMetaQueryManagerPostgresTest.java | 4 +- .../persistence/WorkflowQueryManagerTest.java | 4 +- .../persistence/jdbi/JdbiFactoryTest.java | 6 +- .../jdbi/NotificationSubjectDaoTest.java | 8 +- .../jdbi/VulnerabilityPolicyDaoTest.java | 12 +- .../policy/cel/CelPolicyEngineTest.java | 8 +- .../CelVulnerabilityPolicyEvaluatorTest.java | 8 +- .../cel/compat/ComponentAgeCelPolicyTest.java | 4 +- .../cel/compat/CoordinatesConditionTest.java | 4 +- .../policy/cel/compat/CpeConditionTest.java | 4 +- .../policy/cel/compat/CweConditionTest.java | 4 +- .../policy/cel/compat/HashConditionTest.java | 4 +- .../cel/compat/LicenseConditionTest.java | 4 +- .../cel/compat/LicenseGroupConditionTest.java | 4 +- .../cel/compat/PackageUrlConditionTest.java | 4 +- .../cel/compat/SeverityConditionTest.java | 4 +- .../cel/compat/SwidTagIdConditionTest.java | 4 +- .../cel/compat/VersionConditionTest.java | 4 +- ...VersionDistanceCelPolicyEvaluatorTest.java | 4 +- .../compat/VulnerabilityIdConditionTest.java | 4 +- .../cel/persistence/CelPolicyDaoTest.java | 4 +- .../v1/AbstractPostgresResourceTest.java | 101 ----------------- .../v1/ComponentResourcePostgresTest.java | 3 +- .../v1/VulnerabilityPolicyResourceTest.java | 4 +- .../tasks/BomUploadProcessingTaskTest.java | 8 +- .../tasks/IntegrityAnalysisTaskTest.java | 4 +- .../IntegrityMetaInitializerTaskTest.java | 4 +- ...ternalComponentIdentificationTaskTest.java | 8 +- .../tasks/PolicyEvaluationTaskTest.java | 4 +- .../tasks/RepositoryMetaAnalyzerTaskTest.java | 4 +- .../tasks/VulnerabilityAnalysisTaskTest.java | 4 +- .../tasks/WorkflowStateCleanupTaskTest.java | 4 +- .../AbstractMetricsUpdateTaskTest.java | 12 +- .../VulnerabilityPolicyFetchTaskTest.java | 4 +- .../blobstorage/NginxStorageHandlerTest.java | 4 +- .../util/VulnerabilityPolicyUtilTest.java | 4 +- 51 files changed, 260 insertions(+), 454 deletions(-) delete mode 100644 src/test/java/org/dependencytrack/AbstractPostgresEnabledTest.java delete mode 100644 src/test/java/org/dependencytrack/TestUtil.java delete mode 100644 src/test/java/org/dependencytrack/event/kafka/streams/KafkaStreamsPostgresTest.java delete mode 100644 src/test/java/org/dependencytrack/resources/v1/AbstractPostgresResourceTest.java diff --git a/pom.xml b/pom.xml index 6c371ce24..c9b9902ba 100644 --- a/pom.xml +++ b/pom.xml @@ -402,13 +402,6 @@ test - - com.h2database - h2 - 2.2.224 - test - - org.postgresql diff --git a/src/test/java/org/dependencytrack/AbstractPostgresEnabledTest.java b/src/test/java/org/dependencytrack/AbstractPostgresEnabledTest.java deleted file mode 100644 index f314a469c..000000000 --- a/src/test/java/org/dependencytrack/AbstractPostgresEnabledTest.java +++ /dev/null @@ -1,106 +0,0 @@ -package org.dependencytrack; - -import alpine.Config; -import alpine.server.persistence.PersistenceManagerFactory; -import org.apache.kafka.clients.producer.MockProducer; -import org.datanucleus.api.jdo.JDOPersistenceManagerFactory; -import org.dependencytrack.event.kafka.KafkaProducerInitializer; -import org.dependencytrack.persistence.QueryManager; -import org.dependencytrack.persistence.migration.MigrationInitializer; -import org.junit.After; -import org.junit.AfterClass; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Rule; -import org.junit.contrib.java.lang.system.EnvironmentVariables; -import org.postgresql.ds.PGSimpleDataSource; -import org.testcontainers.containers.PostgreSQLContainer; -import org.testcontainers.utility.DockerImageName; - -import javax.jdo.JDOHelper; -import java.sql.Connection; -import java.sql.Statement; - -public abstract class AbstractPostgresEnabledTest { - - @Rule - public EnvironmentVariables environmentVariables = new EnvironmentVariables(); - - protected static PostgreSQLContainer postgresContainer; - protected MockProducer kafkaMockProducer; - protected QueryManager qm; - - @BeforeClass - public static void init() throws Exception { - Config.enableUnitTests(); - - postgresContainer = new PostgreSQLContainer<>(DockerImageName.parse("postgres:11-alpine")) - .withUsername("dtrack") - .withPassword("dtrack") - .withDatabaseName("dtrack"); - postgresContainer.start(); - - final var dataSource = new PGSimpleDataSource(); - dataSource.setUrl(postgresContainer.getJdbcUrl()); - dataSource.setUser(postgresContainer.getUsername()); - dataSource.setPassword(postgresContainer.getPassword()); - MigrationInitializer.runMigration(dataSource, /* silent */ true); - } - - @Before - public void setUp() throws Exception { - // Truncate all tables to ensure each test starts from a clean slate. - // https://stackoverflow.com/a/63227261 - try (final Connection connection = postgresContainer.createConnection(""); - final Statement statement = connection.createStatement()) { - statement.execute(""" - DO $$ DECLARE - r RECORD; - BEGIN - FOR r IN (SELECT tablename FROM pg_tables WHERE schemaname = current_schema()) LOOP - EXECUTE 'TRUNCATE TABLE ' || quote_ident(r.tablename) || ' CASCADE'; - END LOOP; - END $$; - """); - } - - PersistenceManagerFactory.setJdoPersistenceManagerFactory(createPmf()); - - qm = new QueryManager(); - - environmentVariables.set("TASK_PORTFOLIO_REPOMETAANALYSIS_LOCKATLEASTFORINMILLIS", "2000"); - this.kafkaMockProducer = (MockProducer) KafkaProducerInitializer.getProducer(); - } - - @After - public void tearDown() { - // PersistenceManager will refuse to close when there's an active transaction - // that was neither committed nor rolled back. Unfortunately some areas of the - // code base can leave such a broken state behind if they run into unexpected - // errors. See: https://github.com/DependencyTrack/dependency-track/issues/2677 - if (!qm.getPersistenceManager().isClosed() - && qm.getPersistenceManager().currentTransaction().isActive()) { - qm.getPersistenceManager().currentTransaction().rollback(); - } - - PersistenceManagerFactory.tearDown(); - KafkaProducerInitializer.tearDown(); - } - - @AfterClass - public static void tearDownClass() { - if (postgresContainer != null) { - postgresContainer.stop(); - } - } - - protected JDOPersistenceManagerFactory createPmf() { - final var dnProps = TestUtil.getDatanucleusProperties(postgresContainer.getJdbcUrl(), - postgresContainer.getDriverClassName(), - postgresContainer.getUsername(), - postgresContainer.getPassword()); - - return (JDOPersistenceManagerFactory) JDOHelper.getPersistenceManagerFactory(dnProps, "Alpine"); - } - -} diff --git a/src/test/java/org/dependencytrack/PersistenceCapableTest.java b/src/test/java/org/dependencytrack/PersistenceCapableTest.java index 3b9e33912..7f9dd9cd9 100644 --- a/src/test/java/org/dependencytrack/PersistenceCapableTest.java +++ b/src/test/java/org/dependencytrack/PersistenceCapableTest.java @@ -21,25 +21,52 @@ import alpine.Config; import alpine.server.persistence.PersistenceManagerFactory; import org.apache.kafka.clients.producer.MockProducer; +import org.datanucleus.PropertyNames; +import org.datanucleus.api.jdo.JDOPersistenceManagerFactory; import org.dependencytrack.event.kafka.KafkaProducerInitializer; import org.dependencytrack.persistence.QueryManager; +import org.dependencytrack.persistence.migration.MigrationInitializer; import org.junit.After; +import org.junit.AfterClass; import org.junit.Before; import org.junit.BeforeClass; +import org.junit.Rule; +import org.junit.contrib.java.lang.system.EnvironmentVariables; +import org.postgresql.ds.PGSimpleDataSource; +import org.testcontainers.containers.PostgreSQLContainer; +import org.testcontainers.utility.DockerImageName; + +import javax.jdo.JDOHelper; +import java.sql.Connection; +import java.sql.Statement; +import java.util.Properties; public abstract class PersistenceCapableTest { - protected QueryManager qm; + @Rule + public EnvironmentVariables environmentVariables = new EnvironmentVariables(); + + protected static PostgreSQLContainer postgresContainer; protected MockProducer kafkaMockProducer; + protected QueryManager qm; @BeforeClass - public static void init() { + public static void init() throws Exception { Config.enableUnitTests(); + + postgresContainer = createPostgresContainer(); + postgresContainer.start(); + runMigrations(postgresContainer); } @Before public void before() throws Exception { - this.qm = new QueryManager(); + truncateTables(postgresContainer); + configurePmf(postgresContainer); + + qm = new QueryManager(); + + environmentVariables.set("TASK_PORTFOLIO_REPOMETAANALYSIS_LOCKATLEASTFORINMILLIS", "2000"); this.kafkaMockProducer = (MockProducer) KafkaProducerInitializer.getProducer(); } @@ -50,11 +77,70 @@ public void after() { // code base can leave such a broken state behind if they run into unexpected // errors. See: https://github.com/DependencyTrack/dependency-track/issues/2677 if (!qm.getPersistenceManager().isClosed() - && qm.getPersistenceManager().currentTransaction().isActive()) { + && qm.getPersistenceManager().currentTransaction().isActive()) { qm.getPersistenceManager().currentTransaction().rollback(); } + PersistenceManagerFactory.tearDown(); KafkaProducerInitializer.tearDown(); } + @AfterClass + public static void tearDownClass() { + if (postgresContainer != null) { + postgresContainer.stop(); + } + } + + @SuppressWarnings("resource") + protected static PostgreSQLContainer createPostgresContainer() { + return new PostgreSQLContainer<>(DockerImageName.parse("postgres:11-alpine")) + .withUsername("dtrack") + .withPassword("dtrack") + .withDatabaseName("dtrack"); + } + + protected static void configurePmf(final PostgreSQLContainer postgresContainer) { + final var dnProps = new Properties(); + dnProps.put(PropertyNames.PROPERTY_PERSISTENCE_UNIT_NAME, "Alpine"); + dnProps.put(PropertyNames.PROPERTY_SCHEMA_AUTOCREATE_DATABASE, "false"); + dnProps.put(PropertyNames.PROPERTY_SCHEMA_AUTOCREATE_TABLES, "false"); + dnProps.put(PropertyNames.PROPERTY_SCHEMA_AUTOCREATE_COLUMNS, "false"); + dnProps.put(PropertyNames.PROPERTY_SCHEMA_AUTOCREATE_CONSTRAINTS, "false"); + dnProps.put("datanucleus.schema.generatedatabase.mode", "none"); + dnProps.put("datanucleus.query.jdoql.allowall", "true"); + dnProps.put(PropertyNames.PROPERTY_CONNECTION_URL, postgresContainer.getJdbcUrl()); + dnProps.put(PropertyNames.PROPERTY_CONNECTION_DRIVER_NAME, postgresContainer.getDriverClassName()); + dnProps.put(PropertyNames.PROPERTY_CONNECTION_USER_NAME, postgresContainer.getUsername()); + dnProps.put(PropertyNames.PROPERTY_CONNECTION_PASSWORD, postgresContainer.getPassword()); + + final var pmf = (JDOPersistenceManagerFactory) JDOHelper.getPersistenceManagerFactory(dnProps, "Alpine"); + PersistenceManagerFactory.setJdoPersistenceManagerFactory(pmf); + } + + protected static void runMigrations(final PostgreSQLContainer postgresContainer) throws Exception { + final var dataSource = new PGSimpleDataSource(); + dataSource.setUrl(postgresContainer.getJdbcUrl()); + dataSource.setUser(postgresContainer.getUsername()); + dataSource.setPassword(postgresContainer.getPassword()); + MigrationInitializer.runMigration(dataSource, /* silent */ true); + } + + protected static void truncateTables(final PostgreSQLContainer postgresContainer) throws Exception { + // Truncate all tables to ensure each test starts from a clean slate. + // https://stackoverflow.com/a/63227261 + try (final Connection connection = postgresContainer.createConnection(""); + final Statement statement = connection.createStatement()) { + statement.execute(""" + DO $$ DECLARE + r RECORD; + BEGIN + FOR r IN (SELECT tablename FROM pg_tables WHERE schemaname = CURRENT_SCHEMA()) LOOP + EXECUTE 'TRUNCATE TABLE ' || QUOTE_IDENT(r.tablename) || ' CASCADE'; + END LOOP; + END $$; + """); + } + } + } diff --git a/src/test/java/org/dependencytrack/ResourceTest.java b/src/test/java/org/dependencytrack/ResourceTest.java index 8493ffc09..b7f079afa 100644 --- a/src/test/java/org/dependencytrack/ResourceTest.java +++ b/src/test/java/org/dependencytrack/ResourceTest.java @@ -34,8 +34,10 @@ import org.glassfish.jersey.test.JerseyTest; import org.glassfish.jersey.test.spi.TestContainerFactory; import org.junit.After; +import org.junit.AfterClass; import org.junit.Before; import org.junit.BeforeClass; +import org.testcontainers.containers.PostgreSQLContainer; import javax.json.Json; import javax.json.JsonArray; @@ -46,6 +48,11 @@ import java.util.ArrayList; import java.util.List; +import static org.dependencytrack.PersistenceCapableTest.configurePmf; +import static org.dependencytrack.PersistenceCapableTest.createPostgresContainer; +import static org.dependencytrack.PersistenceCapableTest.runMigrations; +import static org.dependencytrack.PersistenceCapableTest.truncateTables; + public abstract class ResourceTest extends JerseyTest { protected final String V1_ANALYSIS = "/v1/analysis"; @@ -89,9 +96,10 @@ public abstract class ResourceTest extends JerseyTest { protected final String SIZE = "size"; protected final String TOTAL_COUNT_HEADER = "X-Total-Count"; protected final String X_API_KEY = "X-Api-Key"; - protected final String V1_TAG = "/v1/tag"; + protected static PostgreSQLContainer postgresContainer; + protected QueryManager qm; protected MockProducer kafkaMockProducer; protected ManagedUser testUser; @@ -100,12 +108,19 @@ public abstract class ResourceTest extends JerseyTest { protected String apiKey; @BeforeClass - public static void init() { + public static void init() throws Exception { Config.enableUnitTests(); + + postgresContainer = createPostgresContainer(); + postgresContainer.start(); + runMigrations(postgresContainer); } @Before public void before() throws Exception { + truncateTables(postgresContainer); + configurePmf(postgresContainer); + // Add a test user and team with API key. Optional if this is used, but its available to all tests. this.qm = new QueryManager(); this.kafkaMockProducer = (MockProducer) KafkaProducerInitializer.getProducer(); @@ -118,10 +133,26 @@ public void before() throws Exception { @After public void after() { + // PersistenceManager will refuse to close when there's an active transaction + // that was neither committed nor rolled back. Unfortunately some areas of the + // code base can leave such a broken state behind if they run into unexpected + // errors. See: https://github.com/DependencyTrack/dependency-track/issues/2677 + if (!qm.getPersistenceManager().isClosed() + && qm.getPersistenceManager().currentTransaction().isActive()) { + qm.getPersistenceManager().currentTransaction().rollback(); + } + PersistenceManagerFactory.tearDown(); KafkaProducerInitializer.tearDown(); } + @AfterClass + public static void tearDownClass() { + if (postgresContainer != null) { + postgresContainer.stop(); + } + } + @Override protected TestContainerFactory getTestContainerFactory() { return new DTGrizzlyWebTestContainerFactory(); diff --git a/src/test/java/org/dependencytrack/TestUtil.java b/src/test/java/org/dependencytrack/TestUtil.java deleted file mode 100644 index 22c6af67d..000000000 --- a/src/test/java/org/dependencytrack/TestUtil.java +++ /dev/null @@ -1,24 +0,0 @@ -package org.dependencytrack; - -import org.datanucleus.PropertyNames; - -import java.util.Properties; - -public class TestUtil { - - public static Properties getDatanucleusProperties(String jdbcUrl, String driverName, String username, String pwd) { - final var dnProps = new Properties(); - dnProps.put(PropertyNames.PROPERTY_PERSISTENCE_UNIT_NAME, "Alpine"); - dnProps.put(PropertyNames.PROPERTY_SCHEMA_AUTOCREATE_DATABASE, "false"); - dnProps.put(PropertyNames.PROPERTY_SCHEMA_AUTOCREATE_TABLES, "false"); - dnProps.put(PropertyNames.PROPERTY_SCHEMA_AUTOCREATE_COLUMNS, "false"); - dnProps.put(PropertyNames.PROPERTY_SCHEMA_AUTOCREATE_CONSTRAINTS, "false"); - dnProps.put("datanucleus.schema.generatedatabase.mode", "none"); - dnProps.put("datanucleus.query.jdoql.allowall", "true"); - dnProps.put(PropertyNames.PROPERTY_CONNECTION_URL, jdbcUrl); - dnProps.put(PropertyNames.PROPERTY_CONNECTION_DRIVER_NAME, driverName); - dnProps.put(PropertyNames.PROPERTY_CONNECTION_USER_NAME, username); - dnProps.put(PropertyNames.PROPERTY_CONNECTION_PASSWORD, pwd); - return dnProps; - } -} diff --git a/src/test/java/org/dependencytrack/event/PurlMigratorTest.java b/src/test/java/org/dependencytrack/event/PurlMigratorTest.java index 1191df236..372a00d6f 100644 --- a/src/test/java/org/dependencytrack/event/PurlMigratorTest.java +++ b/src/test/java/org/dependencytrack/event/PurlMigratorTest.java @@ -1,6 +1,6 @@ package org.dependencytrack.event; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.IntegrityMetaComponent; import org.junit.Before; @@ -14,7 +14,7 @@ import static org.dependencytrack.model.FetchStatus.IN_PROGRESS; import static org.dependencytrack.model.FetchStatus.PROCESSED; -public class PurlMigratorTest extends AbstractPostgresEnabledTest { +public class PurlMigratorTest extends PersistenceCapableTest { final Component componentPersisted = new Component(); diff --git a/src/test/java/org/dependencytrack/event/kafka/componentmeta/SupportedMetaHandlerTest.java b/src/test/java/org/dependencytrack/event/kafka/componentmeta/SupportedMetaHandlerTest.java index 8bfb5312d..85c2e0f03 100644 --- a/src/test/java/org/dependencytrack/event/kafka/componentmeta/SupportedMetaHandlerTest.java +++ b/src/test/java/org/dependencytrack/event/kafka/componentmeta/SupportedMetaHandlerTest.java @@ -2,7 +2,7 @@ import com.github.packageurl.MalformedPackageURLException; import com.github.packageurl.PackageURL; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.event.kafka.KafkaEventDispatcher; import org.dependencytrack.event.kafka.KafkaTopics; import org.dependencytrack.model.FetchStatus; @@ -20,7 +20,7 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.dependencytrack.util.KafkaTestUtil.deserializeValue; -public class SupportedMetaHandlerTest extends AbstractPostgresEnabledTest { +public class SupportedMetaHandlerTest extends PersistenceCapableTest { @Test public void testHandleIntegrityComponentNotInDB() throws MalformedPackageURLException { diff --git a/src/test/java/org/dependencytrack/event/kafka/componentmeta/UnSupportedMetaHandlerTest.java b/src/test/java/org/dependencytrack/event/kafka/componentmeta/UnSupportedMetaHandlerTest.java index 1c2596857..ccce590c8 100644 --- a/src/test/java/org/dependencytrack/event/kafka/componentmeta/UnSupportedMetaHandlerTest.java +++ b/src/test/java/org/dependencytrack/event/kafka/componentmeta/UnSupportedMetaHandlerTest.java @@ -2,7 +2,7 @@ import com.github.packageurl.MalformedPackageURLException; import com.github.packageurl.PackageURL; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.event.kafka.KafkaEventDispatcher; import org.dependencytrack.event.kafka.KafkaTopics; import org.dependencytrack.model.IntegrityMetaComponent; @@ -14,7 +14,7 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.dependencytrack.util.KafkaTestUtil.deserializeValue; -public class UnSupportedMetaHandlerTest extends AbstractPostgresEnabledTest { +public class UnSupportedMetaHandlerTest extends PersistenceCapableTest { @Test public void testHandleComponentInDb() throws MalformedPackageURLException { diff --git a/src/test/java/org/dependencytrack/event/kafka/processor/AbstractProcessorTest.java b/src/test/java/org/dependencytrack/event/kafka/processor/AbstractProcessorTest.java index f344651e4..864df2cef 100644 --- a/src/test/java/org/dependencytrack/event/kafka/processor/AbstractProcessorTest.java +++ b/src/test/java/org/dependencytrack/event/kafka/processor/AbstractProcessorTest.java @@ -4,14 +4,14 @@ import org.apache.kafka.common.header.Headers; import org.apache.kafka.common.header.internals.RecordHeaders; import org.apache.kafka.common.record.TimestampType; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import java.time.Instant; import java.util.Optional; import static java.util.Objects.requireNonNullElseGet; -abstract class AbstractProcessorTest extends AbstractPostgresEnabledTest { +abstract class AbstractProcessorTest extends PersistenceCapableTest { static ConsumerRecordBuilder aConsumerRecord(final K key, final V value) { return new ConsumerRecordBuilder<>(key, value); diff --git a/src/test/java/org/dependencytrack/event/kafka/streams/KafkaStreamsDelayedBomProcessedNotificationTest.java b/src/test/java/org/dependencytrack/event/kafka/streams/KafkaStreamsDelayedBomProcessedNotificationTest.java index c84db7b3c..2425564dc 100644 --- a/src/test/java/org/dependencytrack/event/kafka/streams/KafkaStreamsDelayedBomProcessedNotificationTest.java +++ b/src/test/java/org/dependencytrack/event/kafka/streams/KafkaStreamsDelayedBomProcessedNotificationTest.java @@ -32,7 +32,7 @@ import static org.dependencytrack.proto.vulnanalysis.v1.ScanStatus.SCAN_STATUS_SUCCESSFUL; import static org.dependencytrack.proto.vulnanalysis.v1.Scanner.SCANNER_INTERNAL; -public class KafkaStreamsDelayedBomProcessedNotificationTest extends KafkaStreamsPostgresTest { +public class KafkaStreamsDelayedBomProcessedNotificationTest extends KafkaStreamsTest { public KafkaStreamsDelayedBomProcessedNotificationTest() { super(new KafkaStreamsTopologyFactory(true)::createTopology); diff --git a/src/test/java/org/dependencytrack/event/kafka/streams/KafkaStreamsPostgresTest.java b/src/test/java/org/dependencytrack/event/kafka/streams/KafkaStreamsPostgresTest.java deleted file mode 100644 index d62d50917..000000000 --- a/src/test/java/org/dependencytrack/event/kafka/streams/KafkaStreamsPostgresTest.java +++ /dev/null @@ -1,99 +0,0 @@ -package org.dependencytrack.event.kafka.streams; - -import net.mguenther.kafka.junit.ExternalKafkaCluster; -import net.mguenther.kafka.junit.TopicConfig; -import org.apache.kafka.streams.KafkaStreams; -import org.apache.kafka.streams.StreamsConfig; -import org.apache.kafka.streams.Topology; -import org.dependencytrack.AbstractPostgresEnabledTest; -import org.dependencytrack.event.kafka.KafkaTopics; -import org.dependencytrack.event.kafka.serialization.KafkaProtobufDeserializer; -import org.dependencytrack.proto.notification.v1.Notification; -import org.junit.After; -import org.junit.Before; -import org.junit.Rule; -import org.testcontainers.redpanda.RedpandaContainer; -import org.testcontainers.utility.DockerImageName; - -import java.nio.file.Files; -import java.nio.file.Path; -import java.time.Duration; -import java.util.function.Supplier; - -import static org.dependencytrack.assertion.Assertions.assertConditionWithTimeout; - -abstract class KafkaStreamsPostgresTest extends AbstractPostgresEnabledTest { - - @Rule - public RedpandaContainer container = new RedpandaContainer(DockerImageName - .parse("docker.redpanda.com/vectorized/redpanda:v23.3.3")); - - KafkaStreams kafkaStreams; - ExternalKafkaCluster kafka; - private final Supplier topologySupplier; - private Path kafkaStreamsStateDirectory; - - protected KafkaStreamsPostgresTest() { - this(new KafkaStreamsTopologyFactory()::createTopology); - } - - protected KafkaStreamsPostgresTest(final Supplier topologySupplier) { - this.topologySupplier = topologySupplier; - } - - @Before - public void setUp() throws Exception { - super.setUp(); - kafka = ExternalKafkaCluster.at(container.getBootstrapServers()); - - kafka.createTopic(TopicConfig - .withName(KafkaTopics.VULN_ANALYSIS_COMMAND.name()) - .withNumberOfPartitions(3) - .withNumberOfReplicas(1)); - kafka.createTopic(TopicConfig - .withName(KafkaTopics.VULN_ANALYSIS_RESULT.name()) - .withNumberOfPartitions(3) - .withNumberOfReplicas(1)); - kafka.createTopic(TopicConfig - .withName(KafkaTopics.REPO_META_ANALYSIS_RESULT.name()) - .withNumberOfPartitions(3) - .withNumberOfReplicas(1)); - kafka.createTopic(TopicConfig - .withName(KafkaTopics.NEW_VULNERABILITY.name()) - .withNumberOfPartitions(3) - .withNumberOfReplicas(1)); - - kafkaStreamsStateDirectory = Files.createTempDirectory(getClass().getSimpleName()); - - final var streamsConfig = KafkaStreamsInitializer.getDefaultProperties(); - streamsConfig.put(StreamsConfig.BOOTSTRAP_SERVERS_CONFIG, container.getBootstrapServers()); - streamsConfig.put(StreamsConfig.APPLICATION_ID_CONFIG, getClass().getSimpleName()); - streamsConfig.put(StreamsConfig.STATE_DIR_CONFIG, kafkaStreamsStateDirectory.toString()); - streamsConfig.put(StreamsConfig.NUM_STREAM_THREADS_CONFIG, "3"); - - kafkaStreams = new KafkaStreams(topologySupplier.get(), streamsConfig); - kafkaStreams.start(); - - assertConditionWithTimeout(() -> KafkaStreams.State.RUNNING == kafkaStreams.state(), Duration.ofSeconds(5)); - } - - @After - public void tearDown() { - if (kafkaStreams != null) { - kafkaStreams.close(); - } - if (kafkaStreamsStateDirectory != null) { - kafkaStreamsStateDirectory.toFile().delete(); - } - super.tearDown(); - } - - public static class NotificationDeserializer extends KafkaProtobufDeserializer { - - public NotificationDeserializer() { - super(Notification.parser()); - } - - } - -} diff --git a/src/test/java/org/dependencytrack/event/kafka/streams/KafkaStreamsTest.java b/src/test/java/org/dependencytrack/event/kafka/streams/KafkaStreamsTest.java index 0b850bdee..d869de591 100644 --- a/src/test/java/org/dependencytrack/event/kafka/streams/KafkaStreamsTest.java +++ b/src/test/java/org/dependencytrack/event/kafka/streams/KafkaStreamsTest.java @@ -4,8 +4,11 @@ import net.mguenther.kafka.junit.TopicConfig; import org.apache.kafka.streams.KafkaStreams; import org.apache.kafka.streams.StreamsConfig; +import org.apache.kafka.streams.Topology; import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.event.kafka.KafkaTopics; +import org.dependencytrack.event.kafka.serialization.KafkaProtobufDeserializer; +import org.dependencytrack.proto.notification.v1.Notification; import org.junit.After; import org.junit.Before; import org.junit.Rule; @@ -15,6 +18,7 @@ import java.nio.file.Files; import java.nio.file.Path; import java.time.Duration; +import java.util.function.Supplier; import static org.dependencytrack.assertion.Assertions.assertConditionWithTimeout; @@ -26,10 +30,21 @@ abstract class KafkaStreamsTest extends PersistenceCapableTest { KafkaStreams kafkaStreams; ExternalKafkaCluster kafka; + private final Supplier topologySupplier; private Path kafkaStreamsStateDirectory; + protected KafkaStreamsTest() { + this(new KafkaStreamsTopologyFactory()::createTopology); + } + + protected KafkaStreamsTest(final Supplier topologySupplier) { + this.topologySupplier = topologySupplier; + } + @Before - public void setUp() throws Exception { + public void before() throws Exception { + super.before(); + kafka = ExternalKafkaCluster.at(container.getBootstrapServers()); kafka.createTopic(TopicConfig @@ -57,20 +72,30 @@ public void setUp() throws Exception { streamsConfig.put(StreamsConfig.STATE_DIR_CONFIG, kafkaStreamsStateDirectory.toString()); streamsConfig.put(StreamsConfig.NUM_STREAM_THREADS_CONFIG, "3"); - kafkaStreams = new KafkaStreams(new KafkaStreamsTopologyFactory().createTopology(), streamsConfig); + kafkaStreams = new KafkaStreams(topologySupplier.get(), streamsConfig); kafkaStreams.start(); assertConditionWithTimeout(() -> KafkaStreams.State.RUNNING == kafkaStreams.state(), Duration.ofSeconds(5)); } @After - public void tearDown() { + public void after() { if (kafkaStreams != null) { kafkaStreams.close(); } if (kafkaStreamsStateDirectory != null) { kafkaStreamsStateDirectory.toFile().delete(); } + + super.after(); + } + + public static class NotificationDeserializer extends KafkaProtobufDeserializer { + + public NotificationDeserializer() { + super(Notification.parser()); + } + } } diff --git a/src/test/java/org/dependencytrack/event/kafka/streams/KafkaStreamsTopologyTest.java b/src/test/java/org/dependencytrack/event/kafka/streams/KafkaStreamsTopologyTest.java index e3c632f93..2fd7cca2e 100644 --- a/src/test/java/org/dependencytrack/event/kafka/streams/KafkaStreamsTopologyTest.java +++ b/src/test/java/org/dependencytrack/event/kafka/streams/KafkaStreamsTopologyTest.java @@ -65,7 +65,7 @@ import static org.dependencytrack.proto.vulnanalysis.v1.Scanner.SCANNER_OSSINDEX; import static org.dependencytrack.proto.vulnanalysis.v1.Scanner.SCANNER_SNYK; -public class KafkaStreamsTopologyTest extends KafkaStreamsPostgresTest { +public class KafkaStreamsTopologyTest extends KafkaStreamsTest { public static class EventSubscriber implements Subscriber { @@ -85,8 +85,8 @@ public static void setUpClass() { } @After - public void tearDown() { - super.tearDown(); + public void after() { + super.after(); EVENTS.clear(); } diff --git a/src/test/java/org/dependencytrack/event/kafka/streams/processor/VulnerabilityScanResultProcessorTest.java b/src/test/java/org/dependencytrack/event/kafka/streams/processor/VulnerabilityScanResultProcessorTest.java index 457cb413e..705dfc4c9 100644 --- a/src/test/java/org/dependencytrack/event/kafka/streams/processor/VulnerabilityScanResultProcessorTest.java +++ b/src/test/java/org/dependencytrack/event/kafka/streams/processor/VulnerabilityScanResultProcessorTest.java @@ -18,7 +18,7 @@ import org.cyclonedx.proto.v1_4.Source; import org.cyclonedx.proto.v1_4.VulnerabilityRating; import org.cyclonedx.proto.v1_4.VulnerabilityReference; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.TestCacheManager; import org.dependencytrack.event.kafka.KafkaEventHeaders; import org.dependencytrack.event.kafka.KafkaTopics; @@ -94,15 +94,15 @@ import static org.dependencytrack.util.KafkaTestUtil.deserializeValue; @RunWith(JUnitParamsRunner.class) -public class VulnerabilityScanResultProcessorTest extends AbstractPostgresEnabledTest { +public class VulnerabilityScanResultProcessorTest extends PersistenceCapableTest { private TopologyTestDriver testDriver; private TestInputTopic inputTopic; private TestOutputTopic outputTopic; @Before - public void setUp() throws Exception { - super.setUp(); + public void before() throws Exception { + super.before(); final var cacheManager = new TestCacheManager(5, TimeUnit.MINUTES, 100); final var scriptHost = new CelPolicyScriptHost(cacheManager, CelPolicyType.VULNERABILITY); @@ -127,12 +127,12 @@ public void setUp() throws Exception { } @After - public void tearDown() { + public void after() { if (testDriver != null) { testDriver.close(); } - super.tearDown(); + super.after(); } @Test diff --git a/src/test/java/org/dependencytrack/persistence/ComponentQueryManangerPostgresTest.java b/src/test/java/org/dependencytrack/persistence/ComponentQueryManangerPostgresTest.java index 6df6ba80b..73c657200 100644 --- a/src/test/java/org/dependencytrack/persistence/ComponentQueryManangerPostgresTest.java +++ b/src/test/java/org/dependencytrack/persistence/ComponentQueryManangerPostgresTest.java @@ -2,7 +2,7 @@ import com.github.packageurl.MalformedPackageURLException; import com.github.packageurl.PackageURL; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.Classifier; import org.dependencytrack.model.Component; import org.dependencytrack.model.ExternalReference; @@ -22,7 +22,7 @@ import static org.assertj.core.api.Assertions.assertThat; -public class ComponentQueryManangerPostgresTest extends AbstractPostgresEnabledTest { +public class ComponentQueryManangerPostgresTest extends PersistenceCapableTest { @Test public void testGetAllComponents() throws MalformedPackageURLException { diff --git a/src/test/java/org/dependencytrack/persistence/IntegrityMetaQueryManagerPostgresTest.java b/src/test/java/org/dependencytrack/persistence/IntegrityMetaQueryManagerPostgresTest.java index 0171b115e..a19b679f3 100644 --- a/src/test/java/org/dependencytrack/persistence/IntegrityMetaQueryManagerPostgresTest.java +++ b/src/test/java/org/dependencytrack/persistence/IntegrityMetaQueryManagerPostgresTest.java @@ -1,6 +1,6 @@ package org.dependencytrack.persistence; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.FetchStatus; import org.dependencytrack.model.IntegrityMetaComponent; @@ -11,7 +11,7 @@ import static org.assertj.core.api.Assertions.assertThat; -public class IntegrityMetaQueryManagerPostgresTest extends AbstractPostgresEnabledTest { +public class IntegrityMetaQueryManagerPostgresTest extends PersistenceCapableTest { @Test public void testCreateIntegrityMetadataHandlingConflict() { diff --git a/src/test/java/org/dependencytrack/persistence/WorkflowQueryManagerTest.java b/src/test/java/org/dependencytrack/persistence/WorkflowQueryManagerTest.java index e30f54cf4..f2a3958bc 100644 --- a/src/test/java/org/dependencytrack/persistence/WorkflowQueryManagerTest.java +++ b/src/test/java/org/dependencytrack/persistence/WorkflowQueryManagerTest.java @@ -1,6 +1,6 @@ package org.dependencytrack.persistence; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.WorkflowState; import org.junit.Test; @@ -16,7 +16,7 @@ import static org.dependencytrack.model.WorkflowStep.REPO_META_ANALYSIS; import static org.junit.jupiter.api.Assertions.assertThrows; -public class WorkflowQueryManagerTest extends AbstractPostgresEnabledTest { +public class WorkflowQueryManagerTest extends PersistenceCapableTest { @Test public void testWorkflowStateIsCreated() { diff --git a/src/test/java/org/dependencytrack/persistence/jdbi/JdbiFactoryTest.java b/src/test/java/org/dependencytrack/persistence/jdbi/JdbiFactoryTest.java index e80b5512f..0bc94e5d0 100644 --- a/src/test/java/org/dependencytrack/persistence/jdbi/JdbiFactoryTest.java +++ b/src/test/java/org/dependencytrack/persistence/jdbi/JdbiFactoryTest.java @@ -1,7 +1,7 @@ package org.dependencytrack.persistence.jdbi; import alpine.server.persistence.PersistenceManagerFactory; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.Project; import org.dependencytrack.persistence.QueryManager; @@ -13,7 +13,7 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; -public class JdbiFactoryTest extends AbstractPostgresEnabledTest { +public class JdbiFactoryTest extends PersistenceCapableTest { @Test public void testGlobalInstance() { @@ -62,7 +62,7 @@ public void testGlobalInstanceWhenPmfChanges() { .withMessage("Pool not open"); // Create a new QueryManager. - PersistenceManagerFactory.setJdoPersistenceManagerFactory(super.createPmf()); + configurePmf(postgresContainer); try (final var otherQm = new QueryManager()) { // Request the global JDBI instance again and verify it differs from the original one. // Because the PMF changed, a new instance must have been created. diff --git a/src/test/java/org/dependencytrack/persistence/jdbi/NotificationSubjectDaoTest.java b/src/test/java/org/dependencytrack/persistence/jdbi/NotificationSubjectDaoTest.java index 0156f567f..fc62669a0 100644 --- a/src/test/java/org/dependencytrack/persistence/jdbi/NotificationSubjectDaoTest.java +++ b/src/test/java/org/dependencytrack/persistence/jdbi/NotificationSubjectDaoTest.java @@ -1,7 +1,7 @@ package org.dependencytrack.persistence.jdbi; import com.google.protobuf.util.JsonFormat; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.Analysis; import org.dependencytrack.model.AnalysisState; import org.dependencytrack.model.AnalyzerIdentity; @@ -26,11 +26,11 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.hamcrest.Matchers.equalTo; -public class NotificationSubjectDaoTest extends AbstractPostgresEnabledTest { +public class NotificationSubjectDaoTest extends PersistenceCapableTest { @Before - public void setUp() throws Exception { - super.setUp(); + public void before() throws Exception { + super.before(); new CweImporter().processCweDefinitions(); } diff --git a/src/test/java/org/dependencytrack/persistence/jdbi/VulnerabilityPolicyDaoTest.java b/src/test/java/org/dependencytrack/persistence/jdbi/VulnerabilityPolicyDaoTest.java index 57c154a57..beb2b07be 100644 --- a/src/test/java/org/dependencytrack/persistence/jdbi/VulnerabilityPolicyDaoTest.java +++ b/src/test/java/org/dependencytrack/persistence/jdbi/VulnerabilityPolicyDaoTest.java @@ -2,7 +2,7 @@ import alpine.persistence.PaginatedResult; import org.apache.commons.lang3.function.TriConsumer; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.Analysis; import org.dependencytrack.model.AnalysisComment; import org.dependencytrack.model.AnalysisJustification; @@ -32,26 +32,26 @@ import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNull; -public class VulnerabilityPolicyDaoTest extends AbstractPostgresEnabledTest { +public class VulnerabilityPolicyDaoTest extends PersistenceCapableTest { private Handle jdbiHandle; private VulnerabilityPolicyDao vulnPolicyDao; @Before - public void setUp() throws Exception { - super.setUp(); + public void before() throws Exception { + super.before(); jdbiHandle = jdbi(qm).open(); vulnPolicyDao = jdbiHandle.attach(VulnerabilityPolicyDao.class); } @After - public void tearDown() { + public void after() { if (jdbiHandle != null) { jdbiHandle.close(); } - super.tearDown(); + super.after(); } private static VulnerabilityPolicy getVulnerabilityPolicyInstance() throws ParseException { diff --git a/src/test/java/org/dependencytrack/policy/cel/CelPolicyEngineTest.java b/src/test/java/org/dependencytrack/policy/cel/CelPolicyEngineTest.java index c58a53b76..483a8237d 100644 --- a/src/test/java/org/dependencytrack/policy/cel/CelPolicyEngineTest.java +++ b/src/test/java/org/dependencytrack/policy/cel/CelPolicyEngineTest.java @@ -3,7 +3,7 @@ import alpine.model.IConfigProperty; import com.github.packageurl.MalformedPackageURLException; import com.github.packageurl.PackageURL; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.event.BomUploadEvent; import org.dependencytrack.model.AnalyzerIdentity; import org.dependencytrack.model.Classifier; @@ -49,11 +49,11 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatNoException; -public class CelPolicyEngineTest extends AbstractPostgresEnabledTest { +public class CelPolicyEngineTest extends PersistenceCapableTest { @Before - public void setUp() throws Exception { - super.setUp(); + public void before() throws Exception { + super.before(); // Enable processing of CycloneDX BOMs qm.createConfigProperty(ConfigPropertyConstants.ACCEPT_ARTIFACT_CYCLONEDX.getGroupName(), diff --git a/src/test/java/org/dependencytrack/policy/cel/CelVulnerabilityPolicyEvaluatorTest.java b/src/test/java/org/dependencytrack/policy/cel/CelVulnerabilityPolicyEvaluatorTest.java index 09e4f5548..f4919708b 100644 --- a/src/test/java/org/dependencytrack/policy/cel/CelVulnerabilityPolicyEvaluatorTest.java +++ b/src/test/java/org/dependencytrack/policy/cel/CelVulnerabilityPolicyEvaluatorTest.java @@ -1,6 +1,6 @@ package org.dependencytrack.policy.cel; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.TestCacheManager; import org.dependencytrack.model.VulnerabilityAlias; import org.dependencytrack.policy.vulnerability.VulnerabilityPolicy; @@ -27,14 +27,14 @@ import static org.mockito.Mockito.doReturn; import static org.mockito.Mockito.mock; -public class CelVulnerabilityPolicyEvaluatorTest extends AbstractPostgresEnabledTest { +public class CelVulnerabilityPolicyEvaluatorTest extends PersistenceCapableTest { private VulnerabilityPolicyProvider policyProviderMock; private VulnerabilityPolicyEvaluator policyEvaluator; @Before - public void setUp() throws Exception { - super.setUp(); + public void before() throws Exception { + super.before(); final var cacheManager = new TestCacheManager(30, TimeUnit.SECONDS, 5); final var policyScriptHost = CelPolicyScriptHost.getInstance(CelPolicyType.VULNERABILITY); diff --git a/src/test/java/org/dependencytrack/policy/cel/compat/ComponentAgeCelPolicyTest.java b/src/test/java/org/dependencytrack/policy/cel/compat/ComponentAgeCelPolicyTest.java index 7fcabeb1b..5823a2acf 100644 --- a/src/test/java/org/dependencytrack/policy/cel/compat/ComponentAgeCelPolicyTest.java +++ b/src/test/java/org/dependencytrack/policy/cel/compat/ComponentAgeCelPolicyTest.java @@ -2,7 +2,7 @@ import junitparams.JUnitParamsRunner; import junitparams.Parameters; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.FetchStatus; import org.dependencytrack.model.IntegrityMetaComponent; @@ -21,7 +21,7 @@ import static org.assertj.core.api.Assertions.assertThat; @RunWith(JUnitParamsRunner.class) -public class ComponentAgeCelPolicyTest extends AbstractPostgresEnabledTest { +public class ComponentAgeCelPolicyTest extends PersistenceCapableTest { private Object[] parameters() { return new Object[]{ diff --git a/src/test/java/org/dependencytrack/policy/cel/compat/CoordinatesConditionTest.java b/src/test/java/org/dependencytrack/policy/cel/compat/CoordinatesConditionTest.java index ef46208f0..7e596b52e 100644 --- a/src/test/java/org/dependencytrack/policy/cel/compat/CoordinatesConditionTest.java +++ b/src/test/java/org/dependencytrack/policy/cel/compat/CoordinatesConditionTest.java @@ -2,7 +2,7 @@ import junitparams.JUnitParamsRunner; import junitparams.Parameters; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.Policy; import org.dependencytrack.model.PolicyCondition; @@ -17,7 +17,7 @@ import static org.assertj.core.api.Assertions.assertThat; @RunWith(JUnitParamsRunner.class) -public class CoordinatesConditionTest extends AbstractPostgresEnabledTest { +public class CoordinatesConditionTest extends PersistenceCapableTest { private Object[] parameters() { return new Object[]{ //MATCHES group regex diff --git a/src/test/java/org/dependencytrack/policy/cel/compat/CpeConditionTest.java b/src/test/java/org/dependencytrack/policy/cel/compat/CpeConditionTest.java index ed65a5026..f63efa7c5 100644 --- a/src/test/java/org/dependencytrack/policy/cel/compat/CpeConditionTest.java +++ b/src/test/java/org/dependencytrack/policy/cel/compat/CpeConditionTest.java @@ -2,7 +2,7 @@ import junitparams.JUnitParamsRunner; import junitparams.Parameters; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.Policy; import org.dependencytrack.model.PolicyCondition; @@ -16,7 +16,7 @@ import static org.dependencytrack.model.PolicyCondition.Operator.MATCHES; @RunWith(JUnitParamsRunner.class) -public class CpeConditionTest extends AbstractPostgresEnabledTest { +public class CpeConditionTest extends PersistenceCapableTest { private Object[] parameters() { return new Object[]{ diff --git a/src/test/java/org/dependencytrack/policy/cel/compat/CweConditionTest.java b/src/test/java/org/dependencytrack/policy/cel/compat/CweConditionTest.java index 87388e9cf..147cedfa7 100644 --- a/src/test/java/org/dependencytrack/policy/cel/compat/CweConditionTest.java +++ b/src/test/java/org/dependencytrack/policy/cel/compat/CweConditionTest.java @@ -2,7 +2,7 @@ import junitparams.JUnitParamsRunner; import junitparams.Parameters; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.AnalyzerIdentity; import org.dependencytrack.model.Component; import org.dependencytrack.model.Policy; @@ -17,7 +17,7 @@ import static org.assertj.core.api.Assertions.assertThat; @RunWith(JUnitParamsRunner.class) -public class CweConditionTest extends AbstractPostgresEnabledTest { +public class CweConditionTest extends PersistenceCapableTest { private Object[] parameters() { return new Object[]{ new Object[]{Policy.Operator.ANY, Policy.ViolationState.INFO, PolicyCondition.Operator.CONTAINS_ANY, diff --git a/src/test/java/org/dependencytrack/policy/cel/compat/HashConditionTest.java b/src/test/java/org/dependencytrack/policy/cel/compat/HashConditionTest.java index ad0cee6f7..70ef9fd42 100644 --- a/src/test/java/org/dependencytrack/policy/cel/compat/HashConditionTest.java +++ b/src/test/java/org/dependencytrack/policy/cel/compat/HashConditionTest.java @@ -2,7 +2,7 @@ import junitparams.JUnitParamsRunner; import junitparams.Parameters; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.Policy; import org.dependencytrack.model.Policy.ViolationState; @@ -17,7 +17,7 @@ import static org.assertj.core.api.Assertions.assertThat; @RunWith(JUnitParamsRunner.class) -public class HashConditionTest extends AbstractPostgresEnabledTest { +public class HashConditionTest extends PersistenceCapableTest { private Object[] parameters() { return new Object[]{ diff --git a/src/test/java/org/dependencytrack/policy/cel/compat/LicenseConditionTest.java b/src/test/java/org/dependencytrack/policy/cel/compat/LicenseConditionTest.java index 4ec271338..f33bdf96b 100644 --- a/src/test/java/org/dependencytrack/policy/cel/compat/LicenseConditionTest.java +++ b/src/test/java/org/dependencytrack/policy/cel/compat/LicenseConditionTest.java @@ -1,6 +1,6 @@ package org.dependencytrack.policy.cel.compat; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.License; import org.dependencytrack.model.Policy; @@ -13,7 +13,7 @@ import static org.assertj.core.api.Assertions.assertThat; -public class LicenseConditionTest extends AbstractPostgresEnabledTest { +public class LicenseConditionTest extends PersistenceCapableTest { @Test public void hasMatch() { diff --git a/src/test/java/org/dependencytrack/policy/cel/compat/LicenseGroupConditionTest.java b/src/test/java/org/dependencytrack/policy/cel/compat/LicenseGroupConditionTest.java index 2712d9afe..7af21a980 100644 --- a/src/test/java/org/dependencytrack/policy/cel/compat/LicenseGroupConditionTest.java +++ b/src/test/java/org/dependencytrack/policy/cel/compat/LicenseGroupConditionTest.java @@ -1,6 +1,6 @@ package org.dependencytrack.policy.cel.compat; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.License; import org.dependencytrack.model.LicenseGroup; @@ -15,7 +15,7 @@ import static org.assertj.core.api.Assertions.assertThat; -public class LicenseGroupConditionTest extends AbstractPostgresEnabledTest { +public class LicenseGroupConditionTest extends PersistenceCapableTest { @Test public void hasMatch() { diff --git a/src/test/java/org/dependencytrack/policy/cel/compat/PackageUrlConditionTest.java b/src/test/java/org/dependencytrack/policy/cel/compat/PackageUrlConditionTest.java index 4b1f1988e..cd3628ca0 100644 --- a/src/test/java/org/dependencytrack/policy/cel/compat/PackageUrlConditionTest.java +++ b/src/test/java/org/dependencytrack/policy/cel/compat/PackageUrlConditionTest.java @@ -3,7 +3,7 @@ import com.github.packageurl.PackageURL; import junitparams.JUnitParamsRunner; import junitparams.Parameters; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.Policy; import org.dependencytrack.model.PolicyCondition; @@ -19,7 +19,7 @@ import static org.junit.jupiter.api.Assertions.assertEquals; @RunWith(JUnitParamsRunner.class) -public class PackageUrlConditionTest extends AbstractPostgresEnabledTest { +public class PackageUrlConditionTest extends PersistenceCapableTest { private Object[] parameters() { return new Object[]{ diff --git a/src/test/java/org/dependencytrack/policy/cel/compat/SeverityConditionTest.java b/src/test/java/org/dependencytrack/policy/cel/compat/SeverityConditionTest.java index dc8d62afb..1c7fc47a0 100644 --- a/src/test/java/org/dependencytrack/policy/cel/compat/SeverityConditionTest.java +++ b/src/test/java/org/dependencytrack/policy/cel/compat/SeverityConditionTest.java @@ -2,7 +2,7 @@ import junitparams.JUnitParamsRunner; import junitparams.Parameters; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.AnalyzerIdentity; import org.dependencytrack.model.Component; import org.dependencytrack.model.Policy; @@ -22,7 +22,7 @@ import static org.assertj.core.api.Assertions.assertThat; @RunWith(JUnitParamsRunner.class) -public class SeverityConditionTest extends AbstractPostgresEnabledTest { +public class SeverityConditionTest extends PersistenceCapableTest { private Object[] parameters() { return new Object[]{ diff --git a/src/test/java/org/dependencytrack/policy/cel/compat/SwidTagIdConditionTest.java b/src/test/java/org/dependencytrack/policy/cel/compat/SwidTagIdConditionTest.java index d94541adc..7530f68d5 100644 --- a/src/test/java/org/dependencytrack/policy/cel/compat/SwidTagIdConditionTest.java +++ b/src/test/java/org/dependencytrack/policy/cel/compat/SwidTagIdConditionTest.java @@ -2,7 +2,7 @@ import junitparams.JUnitParamsRunner; import junitparams.Parameters; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.Policy; import org.dependencytrack.model.PolicyCondition; @@ -15,7 +15,7 @@ import static org.assertj.core.api.Assertions.assertThat; @RunWith(JUnitParamsRunner.class) -public class SwidTagIdConditionTest extends AbstractPostgresEnabledTest { +public class SwidTagIdConditionTest extends PersistenceCapableTest { private Object[] parameters() { return new Object[]{ diff --git a/src/test/java/org/dependencytrack/policy/cel/compat/VersionConditionTest.java b/src/test/java/org/dependencytrack/policy/cel/compat/VersionConditionTest.java index 1f1a3ab7e..41467786b 100644 --- a/src/test/java/org/dependencytrack/policy/cel/compat/VersionConditionTest.java +++ b/src/test/java/org/dependencytrack/policy/cel/compat/VersionConditionTest.java @@ -2,7 +2,7 @@ import junitparams.JUnitParamsRunner; import junitparams.Parameters; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.Policy; import org.dependencytrack.model.PolicyCondition; @@ -14,7 +14,7 @@ import static org.assertj.core.api.Assertions.assertThat; @RunWith(JUnitParamsRunner.class) -public class VersionConditionTest extends AbstractPostgresEnabledTest { +public class VersionConditionTest extends PersistenceCapableTest { private Object[] parameters() { return new Object[]{ diff --git a/src/test/java/org/dependencytrack/policy/cel/compat/VersionDistanceCelPolicyEvaluatorTest.java b/src/test/java/org/dependencytrack/policy/cel/compat/VersionDistanceCelPolicyEvaluatorTest.java index 0018d8ce2..e009f9764 100644 --- a/src/test/java/org/dependencytrack/policy/cel/compat/VersionDistanceCelPolicyEvaluatorTest.java +++ b/src/test/java/org/dependencytrack/policy/cel/compat/VersionDistanceCelPolicyEvaluatorTest.java @@ -18,7 +18,7 @@ */ package org.dependencytrack.policy.cel.compat; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.Policy; import org.dependencytrack.model.PolicyCondition.Operator; @@ -39,7 +39,7 @@ import static org.assertj.core.api.Assertions.assertThat; @RunWith(Parameterized.class) -public class VersionDistanceCelPolicyEvaluatorTest extends AbstractPostgresEnabledTest { +public class VersionDistanceCelPolicyEvaluatorTest extends PersistenceCapableTest { @Parameterized.Parameters(name = "[{index}] version={0} latestVersion={1} operator={2} distance={3} shouldViolate={4}") public static Collection testParameters() { diff --git a/src/test/java/org/dependencytrack/policy/cel/compat/VulnerabilityIdConditionTest.java b/src/test/java/org/dependencytrack/policy/cel/compat/VulnerabilityIdConditionTest.java index 63f27958d..37607e4bd 100644 --- a/src/test/java/org/dependencytrack/policy/cel/compat/VulnerabilityIdConditionTest.java +++ b/src/test/java/org/dependencytrack/policy/cel/compat/VulnerabilityIdConditionTest.java @@ -2,7 +2,7 @@ import junitparams.JUnitParamsRunner; import junitparams.Parameters; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.AnalyzerIdentity; import org.dependencytrack.model.Component; import org.dependencytrack.model.Policy; @@ -16,7 +16,7 @@ import static org.assertj.core.api.Assertions.assertThat; @RunWith(JUnitParamsRunner.class) -public class VulnerabilityIdConditionTest extends AbstractPostgresEnabledTest { +public class VulnerabilityIdConditionTest extends PersistenceCapableTest { private Object[] parameters() { return new Object[]{ diff --git a/src/test/java/org/dependencytrack/policy/cel/persistence/CelPolicyDaoTest.java b/src/test/java/org/dependencytrack/policy/cel/persistence/CelPolicyDaoTest.java index 669281c30..e9d21ec9c 100644 --- a/src/test/java/org/dependencytrack/policy/cel/persistence/CelPolicyDaoTest.java +++ b/src/test/java/org/dependencytrack/policy/cel/persistence/CelPolicyDaoTest.java @@ -6,7 +6,7 @@ import com.google.protobuf.util.JsonFormat; import net.javacrumbs.jsonunit.core.Option; import org.apache.commons.collections4.multimap.HashSetValuedHashMap; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.Classifier; import org.dependencytrack.model.Component; import org.dependencytrack.model.FetchStatus; @@ -35,7 +35,7 @@ import static org.dependencytrack.policy.cel.definition.CelPolicyTypes.TYPE_VULNERABILITY_ALIAS; import static org.hamcrest.Matchers.equalTo; -public class CelPolicyDaoTest extends AbstractPostgresEnabledTest { +public class CelPolicyDaoTest extends PersistenceCapableTest { @Test public void testLoadRequiredFieldsForProject() throws Exception { diff --git a/src/test/java/org/dependencytrack/resources/v1/AbstractPostgresResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/AbstractPostgresResourceTest.java deleted file mode 100644 index 8d7b8fb04..000000000 --- a/src/test/java/org/dependencytrack/resources/v1/AbstractPostgresResourceTest.java +++ /dev/null @@ -1,101 +0,0 @@ -package org.dependencytrack.resources.v1; - -import alpine.Config; -import alpine.model.Permission; -import alpine.server.auth.JsonWebToken; -import alpine.server.auth.PasswordService; -import alpine.server.persistence.PersistenceManagerFactory; -import org.apache.kafka.clients.producer.MockProducer; -import org.datanucleus.api.jdo.JDOPersistenceManagerFactory; -import org.dependencytrack.ResourceTest; -import org.dependencytrack.TestUtil; -import org.dependencytrack.auth.Permissions; -import org.dependencytrack.event.kafka.KafkaProducerInitializer; -import org.dependencytrack.persistence.QueryManager; -import org.dependencytrack.persistence.migration.MigrationInitializer; -import org.junit.After; -import org.junit.Before; -import org.junit.BeforeClass; -import org.junit.Rule; -import org.junit.contrib.java.lang.system.EnvironmentVariables; -import org.postgresql.ds.PGSimpleDataSource; -import org.testcontainers.containers.PostgreSQLContainer; -import org.testcontainers.utility.DockerImageName; - -import javax.jdo.JDOHelper; -import java.util.ArrayList; -import java.util.List; - -public class AbstractPostgresResourceTest extends ResourceTest { - protected PostgreSQLContainer postgresContainer; - protected MockProducer kafkaMockProducer; - protected QueryManager qm; - - @Rule - public EnvironmentVariables environmentVariables = new EnvironmentVariables(); - - @BeforeClass - public static void init() { - Config.enableUnitTests(); - } - - @Before - public void setUp() throws Exception { - super.setUp(); - postgresContainer = new PostgreSQLContainer<>(DockerImageName.parse("postgres:11-alpine")) - .withUsername("dtrack") - .withPassword("dtrack") - .withDatabaseName("dtrack"); - postgresContainer.start(); - - final var dataSource = new PGSimpleDataSource(); - dataSource.setUrl(postgresContainer.getJdbcUrl()); - dataSource.setUser(postgresContainer.getUsername()); - dataSource.setPassword(postgresContainer.getPassword()); - MigrationInitializer.runMigration(dataSource, /* silent */ true); - - final var dnProps = TestUtil.getDatanucleusProperties(postgresContainer.getJdbcUrl(), - postgresContainer.getDriverClassName(), - postgresContainer.getUsername(), - postgresContainer.getPassword()); - - final var pmf = (JDOPersistenceManagerFactory) JDOHelper.getPersistenceManagerFactory(dnProps, "Alpine"); - PersistenceManagerFactory.tearDown(); - PersistenceManagerFactory.setJdoPersistenceManagerFactory(pmf); - - qm = new QueryManager(); - this.kafkaMockProducer = (MockProducer) KafkaProducerInitializer.getProducer(); - - testUser = qm.createManagedUser("testuser", String.valueOf(PasswordService.createHash("testuser".toCharArray()))); - this.jwt = new JsonWebToken().createToken(testUser); - team = qm.createTeam("Test Users", true); - qm.addUserToTeam(testUser, team); - this.apiKey = team.getApiKeys().get(0).getKey(); - } - - @After - public void tearDown() throws Exception { - super.tearDown(); - if (!qm.getPersistenceManager().isClosed() - && qm.getPersistenceManager().currentTransaction().isActive()) { - qm.getPersistenceManager().currentTransaction().rollback(); - } - - PersistenceManagerFactory.tearDown(); - if (postgresContainer != null) { - postgresContainer.stop(); - } - KafkaProducerInitializer.tearDown(); - } - - public void initializeWithPermissions(Permissions... permissions) { - List permissionList = new ArrayList<>(); - for (Permissions permission : permissions) { - permissionList.add(qm.createPermission(permission.name(), null)); - } - testUser.setPermissions(permissionList); - team.setPermissions(permissionList); - qm.persist(team); - testUser = qm.persist(testUser); - } -} diff --git a/src/test/java/org/dependencytrack/resources/v1/ComponentResourcePostgresTest.java b/src/test/java/org/dependencytrack/resources/v1/ComponentResourcePostgresTest.java index 518ef2938..183040a9d 100644 --- a/src/test/java/org/dependencytrack/resources/v1/ComponentResourcePostgresTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/ComponentResourcePostgresTest.java @@ -4,6 +4,7 @@ import com.github.packageurl.MalformedPackageURLException; import com.github.packageurl.PackageURL; import org.apache.http.HttpStatus; +import org.dependencytrack.ResourceTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.Project; import org.dependencytrack.model.RepositoryMetaComponent; @@ -25,7 +26,7 @@ import static org.assertj.core.api.Assertions.assertThat; -public class ComponentResourcePostgresTest extends AbstractPostgresResourceTest { +public class ComponentResourcePostgresTest extends ResourceTest { @Override protected DeploymentContext configureDeployment() { diff --git a/src/test/java/org/dependencytrack/resources/v1/VulnerabilityPolicyResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/VulnerabilityPolicyResourceTest.java index dd31cce1d..1e4ca8005 100644 --- a/src/test/java/org/dependencytrack/resources/v1/VulnerabilityPolicyResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/VulnerabilityPolicyResourceTest.java @@ -22,7 +22,7 @@ import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; import org.apache.http.HttpStatus; -import org.dependencytrack.common.ConfigKey; +import org.dependencytrack.ResourceTest; import org.dependencytrack.event.VulnerabilityPolicyFetchEvent; import org.dependencytrack.model.WorkflowState; import org.dependencytrack.model.WorkflowStatus; @@ -54,7 +54,7 @@ import static org.dependencytrack.common.ConfigKey.VULNERABILITY_POLICY_ANALYSIS_ENABLED; import static org.dependencytrack.persistence.jdbi.JdbiFactory.jdbi; -public class VulnerabilityPolicyResourceTest extends AbstractPostgresResourceTest { +public class VulnerabilityPolicyResourceTest extends ResourceTest { @Rule public final EnvironmentVariables environmentVariables = new EnvironmentVariables(); diff --git a/src/test/java/org/dependencytrack/tasks/BomUploadProcessingTaskTest.java b/src/test/java/org/dependencytrack/tasks/BomUploadProcessingTaskTest.java index 2db95d049..5ccaddff8 100644 --- a/src/test/java/org/dependencytrack/tasks/BomUploadProcessingTaskTest.java +++ b/src/test/java/org/dependencytrack/tasks/BomUploadProcessingTaskTest.java @@ -20,7 +20,7 @@ import com.github.packageurl.PackageURL; import org.apache.kafka.clients.producer.ProducerRecord; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.event.BomUploadEvent; import org.dependencytrack.event.kafka.KafkaEventDispatcher; import org.dependencytrack.event.kafka.KafkaTopics; @@ -75,11 +75,11 @@ import static org.dependencytrack.util.KafkaTestUtil.deserializeKey; import static org.dependencytrack.util.KafkaTestUtil.deserializeValue; -public class BomUploadProcessingTaskTest extends AbstractPostgresEnabledTest { +public class BomUploadProcessingTaskTest extends PersistenceCapableTest { @Before - public void setUp() throws Exception { - super.setUp(); + public void before() throws Exception { + super.before(); // Enable processing of CycloneDX BOMs qm.createConfigProperty(ConfigPropertyConstants.ACCEPT_ARTIFACT_CYCLONEDX.getGroupName(), ConfigPropertyConstants.ACCEPT_ARTIFACT_CYCLONEDX.getPropertyName(), "true", diff --git a/src/test/java/org/dependencytrack/tasks/IntegrityAnalysisTaskTest.java b/src/test/java/org/dependencytrack/tasks/IntegrityAnalysisTaskTest.java index 5f11a3d34..60387c15d 100644 --- a/src/test/java/org/dependencytrack/tasks/IntegrityAnalysisTaskTest.java +++ b/src/test/java/org/dependencytrack/tasks/IntegrityAnalysisTaskTest.java @@ -1,6 +1,6 @@ package org.dependencytrack.tasks; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.event.IntegrityAnalysisEvent; import org.dependencytrack.model.Component; import org.dependencytrack.model.FetchStatus; @@ -19,7 +19,7 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.dependencytrack.model.IntegrityMatchStatus.HASH_MATCH_PASSED; -public class IntegrityAnalysisTaskTest extends AbstractPostgresEnabledTest { +public class IntegrityAnalysisTaskTest extends PersistenceCapableTest { @Rule public EnvironmentVariables environmentVariables = new EnvironmentVariables(); diff --git a/src/test/java/org/dependencytrack/tasks/IntegrityMetaInitializerTaskTest.java b/src/test/java/org/dependencytrack/tasks/IntegrityMetaInitializerTaskTest.java index 42508c84a..b972bbcc7 100644 --- a/src/test/java/org/dependencytrack/tasks/IntegrityMetaInitializerTaskTest.java +++ b/src/test/java/org/dependencytrack/tasks/IntegrityMetaInitializerTaskTest.java @@ -1,6 +1,6 @@ package org.dependencytrack.tasks; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.event.IntegrityMetaInitializerEvent; import org.dependencytrack.event.kafka.KafkaTopics; import org.dependencytrack.model.Component; @@ -17,7 +17,7 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.dependencytrack.model.FetchStatus.IN_PROGRESS; -public class IntegrityMetaInitializerTaskTest extends AbstractPostgresEnabledTest { +public class IntegrityMetaInitializerTaskTest extends PersistenceCapableTest { @Rule public EnvironmentVariables environmentVariables = new EnvironmentVariables(); diff --git a/src/test/java/org/dependencytrack/tasks/InternalComponentIdentificationTaskTest.java b/src/test/java/org/dependencytrack/tasks/InternalComponentIdentificationTaskTest.java index 87287c4a3..c0c4ea9e4 100644 --- a/src/test/java/org/dependencytrack/tasks/InternalComponentIdentificationTaskTest.java +++ b/src/test/java/org/dependencytrack/tasks/InternalComponentIdentificationTaskTest.java @@ -19,7 +19,7 @@ package org.dependencytrack.tasks; import alpine.model.IConfigProperty.PropertyType; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.event.InternalComponentIdentificationEvent; import org.dependencytrack.model.Component; import org.dependencytrack.model.ConfigPropertyConstants; @@ -32,11 +32,11 @@ import static org.assertj.core.api.Assertions.assertThat; -public class InternalComponentIdentificationTaskTest extends AbstractPostgresEnabledTest { +public class InternalComponentIdentificationTaskTest extends PersistenceCapableTest { @Before - public void setUp() throws Exception { - super.setUp(); + public void before() throws Exception { + super.before(); // Configure internal components to be identified by group "org.acme" // and names starting with "foobar-". diff --git a/src/test/java/org/dependencytrack/tasks/PolicyEvaluationTaskTest.java b/src/test/java/org/dependencytrack/tasks/PolicyEvaluationTaskTest.java index 171e76e28..773f5ce34 100644 --- a/src/test/java/org/dependencytrack/tasks/PolicyEvaluationTaskTest.java +++ b/src/test/java/org/dependencytrack/tasks/PolicyEvaluationTaskTest.java @@ -1,7 +1,7 @@ package org.dependencytrack.tasks; import org.assertj.core.api.Assertions; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.event.ComponentPolicyEvaluationEvent; import org.dependencytrack.event.ProjectPolicyEvaluationEvent; import org.dependencytrack.model.Component; @@ -17,7 +17,7 @@ import static org.dependencytrack.model.WorkflowStatus.COMPLETED; import static org.dependencytrack.model.WorkflowStep.POLICY_EVALUATION; -public class PolicyEvaluationTaskTest extends AbstractPostgresEnabledTest { +public class PolicyEvaluationTaskTest extends PersistenceCapableTest { @Test public void testWorkflowStateIsCompletedForComponent() { diff --git a/src/test/java/org/dependencytrack/tasks/RepositoryMetaAnalyzerTaskTest.java b/src/test/java/org/dependencytrack/tasks/RepositoryMetaAnalyzerTaskTest.java index a27c51f1f..75520dd46 100644 --- a/src/test/java/org/dependencytrack/tasks/RepositoryMetaAnalyzerTaskTest.java +++ b/src/test/java/org/dependencytrack/tasks/RepositoryMetaAnalyzerTaskTest.java @@ -1,6 +1,6 @@ package org.dependencytrack.tasks; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.event.PortfolioRepositoryMetaAnalysisEvent; import org.dependencytrack.event.ProjectRepositoryMetaAnalysisEvent; import org.dependencytrack.event.kafka.KafkaTopics; @@ -13,7 +13,7 @@ import static org.assertj.core.api.Assertions.assertThatNoException; import static org.dependencytrack.util.KafkaTestUtil.deserializeValue; -public class RepositoryMetaAnalyzerTaskTest extends AbstractPostgresEnabledTest { +public class RepositoryMetaAnalyzerTaskTest extends PersistenceCapableTest { @Test public void testPortfolioRepositoryMetaAnalysis() { diff --git a/src/test/java/org/dependencytrack/tasks/VulnerabilityAnalysisTaskTest.java b/src/test/java/org/dependencytrack/tasks/VulnerabilityAnalysisTaskTest.java index 31afba2f6..21a25dccd 100644 --- a/src/test/java/org/dependencytrack/tasks/VulnerabilityAnalysisTaskTest.java +++ b/src/test/java/org/dependencytrack/tasks/VulnerabilityAnalysisTaskTest.java @@ -1,6 +1,6 @@ package org.dependencytrack.tasks; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.event.PortfolioVulnerabilityAnalysisEvent; import org.dependencytrack.event.ProjectVulnerabilityAnalysisEvent; import org.dependencytrack.event.kafka.KafkaTopics; @@ -14,7 +14,7 @@ import static org.assertj.core.api.Assertions.assertThatNoException; import static org.dependencytrack.util.KafkaTestUtil.deserializeValue; -public class VulnerabilityAnalysisTaskTest extends AbstractPostgresEnabledTest { +public class VulnerabilityAnalysisTaskTest extends PersistenceCapableTest { @Test public void testPortfolioVulnerabilityAnalysis() { diff --git a/src/test/java/org/dependencytrack/tasks/WorkflowStateCleanupTaskTest.java b/src/test/java/org/dependencytrack/tasks/WorkflowStateCleanupTaskTest.java index f96c40c54..4369a4b97 100644 --- a/src/test/java/org/dependencytrack/tasks/WorkflowStateCleanupTaskTest.java +++ b/src/test/java/org/dependencytrack/tasks/WorkflowStateCleanupTaskTest.java @@ -1,6 +1,6 @@ package org.dependencytrack.tasks; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.event.WorkflowStateCleanupEvent; import org.dependencytrack.model.WorkflowState; import org.dependencytrack.model.WorkflowStatus; @@ -18,7 +18,7 @@ import static org.assertj.core.api.Assertions.assertThatExceptionOfType; import static org.assertj.core.api.Assertions.assertThatNoException; -public class WorkflowStateCleanupTaskTest extends AbstractPostgresEnabledTest { +public class WorkflowStateCleanupTaskTest extends PersistenceCapableTest { @Test public void testTransitionToTimedOut() { diff --git a/src/test/java/org/dependencytrack/tasks/metrics/AbstractMetricsUpdateTaskTest.java b/src/test/java/org/dependencytrack/tasks/metrics/AbstractMetricsUpdateTaskTest.java index 018a3527d..c6ec21a95 100644 --- a/src/test/java/org/dependencytrack/tasks/metrics/AbstractMetricsUpdateTaskTest.java +++ b/src/test/java/org/dependencytrack/tasks/metrics/AbstractMetricsUpdateTaskTest.java @@ -18,7 +18,7 @@ */ package org.dependencytrack.tasks.metrics; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.Component; import org.dependencytrack.model.Policy; import org.dependencytrack.model.PolicyCondition; @@ -31,23 +31,23 @@ import java.util.Date; import java.util.UUID; -abstract class AbstractMetricsUpdateTaskTest extends AbstractPostgresEnabledTest { +abstract class AbstractMetricsUpdateTaskTest extends PersistenceCapableTest { @Rule public EnvironmentVariables environmentVariables = new EnvironmentVariables(); @Before - public void setUp() throws Exception { - super.setUp(); + public void before() throws Exception { + super.before(); environmentVariables.set("TASK_METRICS_PORTFOLIO_LOCKATLEASTFORINMILLIS", "2000"); } @After - public void tearDown() { + public void after() { environmentVariables.clear("TASK_METRICS_PORTFOLIO_LOCKATLEASTFORINMILLIS"); - super.tearDown(); + super.after(); } protected PolicyViolation createPolicyViolation(final Component component, final Policy.ViolationState violationState, final PolicyViolation.Type type) { diff --git a/src/test/java/org/dependencytrack/tasks/vulnerabilitypolicy/VulnerabilityPolicyFetchTaskTest.java b/src/test/java/org/dependencytrack/tasks/vulnerabilitypolicy/VulnerabilityPolicyFetchTaskTest.java index 0c8409b11..2ad32953b 100644 --- a/src/test/java/org/dependencytrack/tasks/vulnerabilitypolicy/VulnerabilityPolicyFetchTaskTest.java +++ b/src/test/java/org/dependencytrack/tasks/vulnerabilitypolicy/VulnerabilityPolicyFetchTaskTest.java @@ -3,7 +3,7 @@ import com.github.tomakehurst.wiremock.client.WireMock; import com.github.tomakehurst.wiremock.junit.WireMockRule; import org.apache.http.HttpStatus; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.event.VulnerabilityPolicyFetchEvent; import org.dependencytrack.model.VulnerabilityPolicyBundle; import org.dependencytrack.model.WorkflowState; @@ -35,7 +35,7 @@ import static org.dependencytrack.persistence.jdbi.JdbiFactory.jdbi; import static org.dependencytrack.tasks.vulnerabilitypolicy.VulnerabilityPolicyTestUtil.createPolicyBundle; -public class VulnerabilityPolicyFetchTaskTest extends AbstractPostgresEnabledTest { +public class VulnerabilityPolicyFetchTaskTest extends PersistenceCapableTest { @Rule public EnvironmentVariables environmentVariables = new EnvironmentVariables(); diff --git a/src/test/java/org/dependencytrack/tasks/vulnerabilitypolicy/blobstorage/NginxStorageHandlerTest.java b/src/test/java/org/dependencytrack/tasks/vulnerabilitypolicy/blobstorage/NginxStorageHandlerTest.java index 71b306ef1..6290d7889 100644 --- a/src/test/java/org/dependencytrack/tasks/vulnerabilitypolicy/blobstorage/NginxStorageHandlerTest.java +++ b/src/test/java/org/dependencytrack/tasks/vulnerabilitypolicy/blobstorage/NginxStorageHandlerTest.java @@ -4,7 +4,7 @@ import com.github.tomakehurst.wiremock.junit.WireMockRule; import org.apache.http.HttpStatus; import org.assertj.core.api.Assertions; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.ConfigPropertyConstants; import org.junit.After; import org.junit.Before; @@ -18,7 +18,7 @@ import static org.assertj.core.api.Assertions.assertThat; import static org.junit.Assert.assertThrows; -public class NginxStorageHandlerTest extends AbstractPostgresEnabledTest { +public class NginxStorageHandlerTest extends PersistenceCapableTest { @Rule public WireMockRule wireMockRule = new WireMockRule(options().dynamicPort()); diff --git a/src/test/java/org/dependencytrack/util/VulnerabilityPolicyUtilTest.java b/src/test/java/org/dependencytrack/util/VulnerabilityPolicyUtilTest.java index 07f6cdddd..d01d06eca 100644 --- a/src/test/java/org/dependencytrack/util/VulnerabilityPolicyUtilTest.java +++ b/src/test/java/org/dependencytrack/util/VulnerabilityPolicyUtilTest.java @@ -1,6 +1,6 @@ package org.dependencytrack.util; -import org.dependencytrack.AbstractPostgresEnabledTest; +import org.dependencytrack.PersistenceCapableTest; import org.dependencytrack.model.ConfigPropertyConstants; import org.dependencytrack.persistence.jdbi.VulnerabilityPolicyDao; import org.dependencytrack.policy.vulnerability.VulnerabilityPolicy; @@ -16,7 +16,7 @@ import static org.dependencytrack.persistence.jdbi.JdbiFactory.jdbi; import static org.junit.Assert.assertEquals; -public class VulnerabilityPolicyUtilTest extends AbstractPostgresEnabledTest { +public class VulnerabilityPolicyUtilTest extends PersistenceCapableTest { @Test public void testParseVulnerabilityPolicy() throws ScriptCreateException, IOException { From e41fc50ffe7f8b5697db371611b78f39f7a56d76 Mon Sep 17 00:00:00 2001 From: nscuro Date: Tue, 13 Feb 2024 17:31:01 +0100 Subject: [PATCH 2/9] Enable reuse of Postgres testcontainer in CI Signed-off-by: nscuro --- .github/workflows/ci-test.yaml | 1 + .../PersistenceCapableTest.java | 30 +++---------- .../PostgresTestContainer.java | 45 +++++++++++++++++++ .../org/dependencytrack/ResourceTest.java | 8 +--- 4 files changed, 53 insertions(+), 31 deletions(-) create mode 100644 src/test/java/org/dependencytrack/PostgresTestContainer.java diff --git a/.github/workflows/ci-test.yaml b/.github/workflows/ci-test.yaml index d9b069ea7..31624e79b 100644 --- a/.github/workflows/ci-test.yaml +++ b/.github/workflows/ci-test.yaml @@ -43,6 +43,7 @@ jobs: - name: Execute unit tests env: MAVEN_ARGS: "-B --no-transfer-progress" + TESTCONTAINERS_REUSE_ENABLE: "true" run: |- mvn clean mvn test -P enhance diff --git a/src/test/java/org/dependencytrack/PersistenceCapableTest.java b/src/test/java/org/dependencytrack/PersistenceCapableTest.java index 7f9dd9cd9..99d3d729d 100644 --- a/src/test/java/org/dependencytrack/PersistenceCapableTest.java +++ b/src/test/java/org/dependencytrack/PersistenceCapableTest.java @@ -25,16 +25,13 @@ import org.datanucleus.api.jdo.JDOPersistenceManagerFactory; import org.dependencytrack.event.kafka.KafkaProducerInitializer; import org.dependencytrack.persistence.QueryManager; -import org.dependencytrack.persistence.migration.MigrationInitializer; import org.junit.After; import org.junit.AfterClass; import org.junit.Before; import org.junit.BeforeClass; import org.junit.Rule; import org.junit.contrib.java.lang.system.EnvironmentVariables; -import org.postgresql.ds.PGSimpleDataSource; import org.testcontainers.containers.PostgreSQLContainer; -import org.testcontainers.utility.DockerImageName; import javax.jdo.JDOHelper; import java.sql.Connection; @@ -46,7 +43,7 @@ public abstract class PersistenceCapableTest { @Rule public EnvironmentVariables environmentVariables = new EnvironmentVariables(); - protected static PostgreSQLContainer postgresContainer; + protected static PostgresTestContainer postgresContainer; protected MockProducer kafkaMockProducer; protected QueryManager qm; @@ -54,9 +51,8 @@ public abstract class PersistenceCapableTest { public static void init() throws Exception { Config.enableUnitTests(); - postgresContainer = createPostgresContainer(); + postgresContainer = new PostgresTestContainer(); postgresContainer.start(); - runMigrations(postgresContainer); } @Before @@ -87,17 +83,9 @@ public void after() { @AfterClass public static void tearDownClass() { - if (postgresContainer != null) { - postgresContainer.stop(); - } - } - - @SuppressWarnings("resource") - protected static PostgreSQLContainer createPostgresContainer() { - return new PostgreSQLContainer<>(DockerImageName.parse("postgres:11-alpine")) - .withUsername("dtrack") - .withPassword("dtrack") - .withDatabaseName("dtrack"); +// if (postgresContainer != null) { +// postgresContainer.stop(); +// } } protected static void configurePmf(final PostgreSQLContainer postgresContainer) { @@ -118,14 +106,6 @@ protected static void configurePmf(final PostgreSQLContainer postgresContaine PersistenceManagerFactory.setJdoPersistenceManagerFactory(pmf); } - protected static void runMigrations(final PostgreSQLContainer postgresContainer) throws Exception { - final var dataSource = new PGSimpleDataSource(); - dataSource.setUrl(postgresContainer.getJdbcUrl()); - dataSource.setUser(postgresContainer.getUsername()); - dataSource.setPassword(postgresContainer.getPassword()); - MigrationInitializer.runMigration(dataSource, /* silent */ true); - } - protected static void truncateTables(final PostgreSQLContainer postgresContainer) throws Exception { // Truncate all tables to ensure each test starts from a clean slate. // https://stackoverflow.com/a/63227261 diff --git a/src/test/java/org/dependencytrack/PostgresTestContainer.java b/src/test/java/org/dependencytrack/PostgresTestContainer.java new file mode 100644 index 000000000..99f682f7a --- /dev/null +++ b/src/test/java/org/dependencytrack/PostgresTestContainer.java @@ -0,0 +1,45 @@ +package org.dependencytrack; + +import com.github.dockerjava.api.command.InspectContainerResponse; +import org.dependencytrack.persistence.migration.MigrationInitializer; +import org.postgresql.ds.PGSimpleDataSource; +import org.testcontainers.containers.PostgreSQLContainer; +import org.testcontainers.utility.DockerImageName; + +public class PostgresTestContainer extends PostgreSQLContainer { + + @SuppressWarnings("resource") + public PostgresTestContainer() { + super(DockerImageName.parse("postgres:11-alpine")); + withUsername("dtrack"); + withPassword("dtrack"); + withDatabaseName("dtrack"); + withLabel("owner", "hyades-apiserver"); + + // NB: Container reuse won't be active unless either: + // - The environment variable TESTCONTAINERS_REUSE_ENABLE=true is set + // - testcontainers.reuse.enable=false is set in ~/.testcontainers.properties + withReuse(true); + } + + @Override + protected void containerIsStarted(final InspectContainerResponse containerInfo, final boolean reused) { + super.containerIsStarted(containerInfo, reused); + + if (reused) { + logger().debug("Reusing container; Migration not necessary"); + return; + } + + final var dataSource = new PGSimpleDataSource(); + dataSource.setUrl(getJdbcUrl()); + dataSource.setUser(getUsername()); + dataSource.setPassword(getPassword()); + + try { + MigrationInitializer.runMigration(dataSource, /* silent */ true); + } catch (Exception e) { + throw new RuntimeException(e); + } + } +} diff --git a/src/test/java/org/dependencytrack/ResourceTest.java b/src/test/java/org/dependencytrack/ResourceTest.java index b7f079afa..89b2e939c 100644 --- a/src/test/java/org/dependencytrack/ResourceTest.java +++ b/src/test/java/org/dependencytrack/ResourceTest.java @@ -37,7 +37,6 @@ import org.junit.AfterClass; import org.junit.Before; import org.junit.BeforeClass; -import org.testcontainers.containers.PostgreSQLContainer; import javax.json.Json; import javax.json.JsonArray; @@ -49,8 +48,6 @@ import java.util.List; import static org.dependencytrack.PersistenceCapableTest.configurePmf; -import static org.dependencytrack.PersistenceCapableTest.createPostgresContainer; -import static org.dependencytrack.PersistenceCapableTest.runMigrations; import static org.dependencytrack.PersistenceCapableTest.truncateTables; public abstract class ResourceTest extends JerseyTest { @@ -98,7 +95,7 @@ public abstract class ResourceTest extends JerseyTest { protected final String X_API_KEY = "X-Api-Key"; protected final String V1_TAG = "/v1/tag"; - protected static PostgreSQLContainer postgresContainer; + protected static PostgresTestContainer postgresContainer; protected QueryManager qm; protected MockProducer kafkaMockProducer; @@ -111,9 +108,8 @@ public abstract class ResourceTest extends JerseyTest { public static void init() throws Exception { Config.enableUnitTests(); - postgresContainer = createPostgresContainer(); + postgresContainer = new PostgresTestContainer(); postgresContainer.start(); - runMigrations(postgresContainer); } @Before From 4e43508d4c5c9bf32da31f5c5cef87a7c148ec8d Mon Sep 17 00:00:00 2001 From: nscuro Date: Tue, 13 Feb 2024 18:06:55 +0100 Subject: [PATCH 3/9] Fix test failures caused by switch to Postgres and/or testcontainer reuse Signed-off-by: nscuro --- .../org/dependencytrack/model/Component.java | 2 ++ .../org/dependencytrack/model/Project.java | 3 +++ .../PersistenceCapableTest.java | 8 ++++--- .../IntegrityMetaQueryManagerTest.java | 1 - .../jdbi/binding/DefineOrderingTest.java | 22 +++++++++++++------ .../tasks/IntegrityAnalysisTaskTest.java | 4 +++- 6 files changed, 28 insertions(+), 12 deletions(-) diff --git a/src/main/java/org/dependencytrack/model/Component.java b/src/main/java/org/dependencytrack/model/Component.java index 4011012ef..91ce613e3 100644 --- a/src/main/java/org/dependencytrack/model/Component.java +++ b/src/main/java/org/dependencytrack/model/Component.java @@ -237,6 +237,7 @@ public enum FetchGroup { @Persistent @Index(name = "COMPONENT_CPE_IDX") + @Column(name = "CPE") @Size(max = 255) //Patterns obtained from https://csrc.nist.gov/schema/cpe/2.3/cpe-naming_2.3.xsd @Pattern(regexp = "(cpe:2\\.3:[aho\\*\\-](:(((\\?*|\\*?)([a-zA-Z0-9\\-\\._]|(\\\\[\\\\\\*\\?!\"#$$%&'\\(\\)\\+,/:;<=>@\\[\\]\\^`\\{\\|}~]))+(\\?*|\\*?))|[\\*\\-])){5}(:(([a-zA-Z]{2,3}(-([a-zA-Z]{2}|[0-9]{3}))?)|[\\*\\-]))(:(((\\?*|\\*?)([a-zA-Z0-9\\-\\._]|(\\\\[\\\\\\*\\?!\"#$$%&'\\(\\)\\+,/:;<=>@\\[\\]\\^`\\{\\|}~]))+(\\?*|\\*?))|[\\*\\-])){4})|([c][pP][eE]:/[AHOaho]?(:[A-Za-z0-9\\._\\-~%]*){0,6})", message = "The CPE must conform to the CPE v2.2 or v2.3 specification defined by NIST") @@ -258,6 +259,7 @@ public enum FetchGroup { private String purlCoordinates; // Field should contain only type, namespace, name, and version. Everything up to the qualifiers @Persistent + @Column(name = "SWIDTAGID") @Index(name = "COMPONENT_SWID_TAGID_IDX") @Size(max = 255) @Pattern(regexp = RegexSequence.Definition.PRINTABLE_CHARS, message = "The SWID tagId may only contain printable characters") diff --git a/src/main/java/org/dependencytrack/model/Project.java b/src/main/java/org/dependencytrack/model/Project.java index 184b5492c..2e371c2b9 100644 --- a/src/main/java/org/dependencytrack/model/Project.java +++ b/src/main/java/org/dependencytrack/model/Project.java @@ -185,6 +185,7 @@ public enum FetchGroup { @Persistent @Index(name = "PROJECT_CPE_IDX") + @Column(name = "CPE") @Size(max = 255) @JsonDeserialize(using = TrimmedStringDeserializer.class) //Patterns obtained from https://csrc.nist.gov/schema/cpe/2.3/cpe-naming_2.3.xsd @@ -193,6 +194,7 @@ public enum FetchGroup { @Persistent @Index(name = "PROJECT_PURL_IDX") + @Column(name = "PURL") @Size(max = 255) @com.github.packageurl.validator.PackageURL @JsonDeserialize(using = TrimmedStringDeserializer.class) @@ -200,6 +202,7 @@ public enum FetchGroup { @Persistent @Index(name = "PROJECT_SWID_TAGID_IDX") + @Column(name = "SWIDTAGID") @Size(max = 255) @JsonDeserialize(using = TrimmedStringDeserializer.class) @Pattern(regexp = RegexSequence.Definition.PRINTABLE_CHARS, message = "The SWID tagId may only contain printable characters") diff --git a/src/test/java/org/dependencytrack/PersistenceCapableTest.java b/src/test/java/org/dependencytrack/PersistenceCapableTest.java index 99d3d729d..e0b73bca9 100644 --- a/src/test/java/org/dependencytrack/PersistenceCapableTest.java +++ b/src/test/java/org/dependencytrack/PersistenceCapableTest.java @@ -32,6 +32,7 @@ import org.junit.Rule; import org.junit.contrib.java.lang.system.EnvironmentVariables; import org.testcontainers.containers.PostgreSQLContainer; +import org.testcontainers.utility.TestcontainersConfiguration; import javax.jdo.JDOHelper; import java.sql.Connection; @@ -83,9 +84,10 @@ public void after() { @AfterClass public static void tearDownClass() { -// if (postgresContainer != null) { -// postgresContainer.stop(); -// } + final boolean canReuseContainers = TestcontainersConfiguration.getInstance().environmentSupportsReuse(); + if (postgresContainer != null && (!canReuseContainers || !postgresContainer.isShouldBeReused())) { + postgresContainer.stop(); + } } protected static void configurePmf(final PostgreSQLContainer postgresContainer) { diff --git a/src/test/java/org/dependencytrack/persistence/IntegrityMetaQueryManagerTest.java b/src/test/java/org/dependencytrack/persistence/IntegrityMetaQueryManagerTest.java index a687b814d..0613060a2 100644 --- a/src/test/java/org/dependencytrack/persistence/IntegrityMetaQueryManagerTest.java +++ b/src/test/java/org/dependencytrack/persistence/IntegrityMetaQueryManagerTest.java @@ -29,7 +29,6 @@ public void testGetIntegrityMetaComponent() { assertThat(qm.getIntegrityMetaComponent(result.getPurl())).satisfies( meta -> { assertThat(meta.getStatus()).isEqualTo(FetchStatus.IN_PROGRESS); - assertThat(meta.getId()).isEqualTo(1L); assertThat(meta.getMd5()).isNull(); assertThat(meta.getSha1()).isNull(); assertThat(meta.getSha256()).isNull(); diff --git a/src/test/java/org/dependencytrack/persistence/jdbi/binding/DefineOrderingTest.java b/src/test/java/org/dependencytrack/persistence/jdbi/binding/DefineOrderingTest.java index 779b456d2..88f45f099 100644 --- a/src/test/java/org/dependencytrack/persistence/jdbi/binding/DefineOrderingTest.java +++ b/src/test/java/org/dependencytrack/persistence/jdbi/binding/DefineOrderingTest.java @@ -11,7 +11,9 @@ import org.junit.Before; import org.junit.Test; +import java.util.HashMap; import java.util.List; +import java.util.Map; import static org.assertj.core.api.Assertions.assertThat; import static org.assertj.core.api.Assertions.assertThatExceptionOfType; @@ -30,6 +32,7 @@ public interface TestDao { } private Jdbi jdbi; + private final Map projectIdsByName = new HashMap<>(); @Before public void setUp() { @@ -47,6 +50,8 @@ public void setUp() { final var project = new Project(); project.setName("project-" + i); qm.persist(project); + + projectIdsByName.put(project.getName(), project.getId()); } } @@ -113,10 +118,13 @@ public void testWithOrderDirectionUnspecified() { @Test public void testWithOrderingAlsoBy() { + final var duplicateProjectIdsByName = new HashMap(); for (int i = 0; i < 2; i++) { final var project = new Project(); project.setName("project-" + i); qm.persist(project); + + duplicateProjectIdsByName.put(project.getName(), project.getId()); } assertThat(qm.getCount(Project.class)).isEqualTo(7); @@ -124,31 +132,31 @@ public void testWithOrderingAlsoBy() { dao -> dao.getProjectsWithOrderingAlsoById(new Ordering("nameAlias", OrderDirection.ASCENDING))); assertThat(projects).satisfiesExactly( project -> { - assertThat(project.getId()).isEqualTo(6); + assertThat(project.getId()).isEqualTo(duplicateProjectIdsByName.get("project-0")); assertThat(project.getName()).isEqualTo("project-0"); }, project -> { - assertThat(project.getId()).isEqualTo(1); + assertThat(project.getId()).isEqualTo(projectIdsByName.get("project-0")); assertThat(project.getName()).isEqualTo("project-0"); }, project -> { - assertThat(project.getId()).isEqualTo(7); + assertThat(project.getId()).isEqualTo(duplicateProjectIdsByName.get("project-1")); assertThat(project.getName()).isEqualTo("project-1"); }, project -> { - assertThat(project.getId()).isEqualTo(2); + assertThat(project.getId()).isEqualTo(projectIdsByName.get("project-1")); assertThat(project.getName()).isEqualTo("project-1"); }, project -> { - assertThat(project.getId()).isEqualTo(3); + assertThat(project.getId()).isEqualTo(projectIdsByName.get("project-2")); assertThat(project.getName()).isEqualTo("project-2"); }, project -> { - assertThat(project.getId()).isEqualTo(4); + assertThat(project.getId()).isEqualTo(projectIdsByName.get("project-3")); assertThat(project.getName()).isEqualTo("project-3"); }, project -> { - assertThat(project.getId()).isEqualTo(5); + assertThat(project.getId()).isEqualTo(projectIdsByName.get("project-4")); assertThat(project.getName()).isEqualTo("project-4"); } ); diff --git a/src/test/java/org/dependencytrack/tasks/IntegrityAnalysisTaskTest.java b/src/test/java/org/dependencytrack/tasks/IntegrityAnalysisTaskTest.java index 60387c15d..93f5a4778 100644 --- a/src/test/java/org/dependencytrack/tasks/IntegrityAnalysisTaskTest.java +++ b/src/test/java/org/dependencytrack/tasks/IntegrityAnalysisTaskTest.java @@ -25,7 +25,9 @@ public class IntegrityAnalysisTaskTest extends PersistenceCapableTest { public EnvironmentVariables environmentVariables = new EnvironmentVariables(); @Before - public void before() { + public void before() throws Exception { + super.before(); + environmentVariables.set("INTEGRITY_CHECK_ENABLED", "true"); } From db0befae5a7d11205e659d3363887b0f333b28c2 Mon Sep 17 00:00:00 2001 From: nscuro Date: Tue, 13 Feb 2024 18:11:07 +0100 Subject: [PATCH 4/9] Consider reusability when stopping Postgres testcontainer Signed-off-by: nscuro --- .../java/org/dependencytrack/PersistenceCapableTest.java | 8 +++----- .../java/org/dependencytrack/PostgresTestContainer.java | 8 ++++++++ src/test/java/org/dependencytrack/ResourceTest.java | 2 +- 3 files changed, 12 insertions(+), 6 deletions(-) diff --git a/src/test/java/org/dependencytrack/PersistenceCapableTest.java b/src/test/java/org/dependencytrack/PersistenceCapableTest.java index e0b73bca9..a78a20efc 100644 --- a/src/test/java/org/dependencytrack/PersistenceCapableTest.java +++ b/src/test/java/org/dependencytrack/PersistenceCapableTest.java @@ -32,7 +32,6 @@ import org.junit.Rule; import org.junit.contrib.java.lang.system.EnvironmentVariables; import org.testcontainers.containers.PostgreSQLContainer; -import org.testcontainers.utility.TestcontainersConfiguration; import javax.jdo.JDOHelper; import java.sql.Connection; @@ -49,7 +48,7 @@ public abstract class PersistenceCapableTest { protected QueryManager qm; @BeforeClass - public static void init() throws Exception { + public static void init() { Config.enableUnitTests(); postgresContainer = new PostgresTestContainer(); @@ -84,9 +83,8 @@ public void after() { @AfterClass public static void tearDownClass() { - final boolean canReuseContainers = TestcontainersConfiguration.getInstance().environmentSupportsReuse(); - if (postgresContainer != null && (!canReuseContainers || !postgresContainer.isShouldBeReused())) { - postgresContainer.stop(); + if (postgresContainer != null) { + postgresContainer.stopWhenNotReusing(); } } diff --git a/src/test/java/org/dependencytrack/PostgresTestContainer.java b/src/test/java/org/dependencytrack/PostgresTestContainer.java index 99f682f7a..967caa2d4 100644 --- a/src/test/java/org/dependencytrack/PostgresTestContainer.java +++ b/src/test/java/org/dependencytrack/PostgresTestContainer.java @@ -5,6 +5,7 @@ import org.postgresql.ds.PGSimpleDataSource; import org.testcontainers.containers.PostgreSQLContainer; import org.testcontainers.utility.DockerImageName; +import org.testcontainers.utility.TestcontainersConfiguration; public class PostgresTestContainer extends PostgreSQLContainer { @@ -42,4 +43,11 @@ protected void containerIsStarted(final InspectContainerResponse containerInfo, throw new RuntimeException(e); } } + + public void stopWhenNotReusing() { + if (!TestcontainersConfiguration.getInstance().environmentSupportsReuse() || !isShouldBeReused()) { + stop(); + } + } + } diff --git a/src/test/java/org/dependencytrack/ResourceTest.java b/src/test/java/org/dependencytrack/ResourceTest.java index 89b2e939c..ba34602ea 100644 --- a/src/test/java/org/dependencytrack/ResourceTest.java +++ b/src/test/java/org/dependencytrack/ResourceTest.java @@ -145,7 +145,7 @@ public void after() { @AfterClass public static void tearDownClass() { if (postgresContainer != null) { - postgresContainer.stop(); + postgresContainer.stopWhenNotReusing(); } } From 10c87a85dbf44125e6d26bdb97d144bec5e07718 Mon Sep 17 00:00:00 2001 From: nscuro Date: Tue, 13 Feb 2024 19:11:13 +0100 Subject: [PATCH 5/9] Address remaining test failures Signed-off-by: nscuro --- .../org/dependencytrack/persistence/QueryManager.java | 4 ++-- .../dependencytrack/resources/v1/ProjectResourceTest.java | 1 + .../resources/v1/VulnerabilityResourceTest.java | 8 ++++---- 3 files changed, 7 insertions(+), 6 deletions(-) diff --git a/src/main/java/org/dependencytrack/persistence/QueryManager.java b/src/main/java/org/dependencytrack/persistence/QueryManager.java index 36914b51d..098a39cfd 100644 --- a/src/main/java/org/dependencytrack/persistence/QueryManager.java +++ b/src/main/java/org/dependencytrack/persistence/QueryManager.java @@ -1525,9 +1525,9 @@ public void recursivelyDeleteTeam(Team team) { pm.currentTransaction().begin(); pm.deletePersistentAll(team.getApiKeys()); String aclDeleteQuery = """ - DELETE FROM PROJECT_ACCESS_TEAMS WHERE \"PROJECT_ACCESS_TEAMS\".\"TEAM_ID\" = ? + DELETE FROM "PROJECT_ACCESS_TEAMS" WHERE "TEAM_ID" = ? """; - final Query query = pm.newQuery(JDOQuery.SQL_QUERY_LANGUAGE, aclDeleteQuery); + final Query query = pm.newQuery(JDOQuery.SQL_QUERY_LANGUAGE, aclDeleteQuery); query.executeWithArray(team.getId()); pm.deletePersistent(team); pm.currentTransaction().commit(); diff --git a/src/test/java/org/dependencytrack/resources/v1/ProjectResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/ProjectResourceTest.java index db344f2be..3d64759a5 100644 --- a/src/test/java/org/dependencytrack/resources/v1/ProjectResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/ProjectResourceTest.java @@ -501,6 +501,7 @@ public void updateProjectEmptyNameTest() { public void updateProjectDuplicateTest() { qm.createProject("ABC", null, "1.0", null, null, null, true, false); Project project = qm.createProject("DEF", null, "1.0", null, null, null, true, false); + project = qm.detach(Project.class, project.getId()); project.setName("ABC"); Response response = target(V1_PROJECT) .request() diff --git a/src/test/java/org/dependencytrack/resources/v1/VulnerabilityResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/VulnerabilityResourceTest.java index 73ad9d594..b3766ca11 100644 --- a/src/test/java/org/dependencytrack/resources/v1/VulnerabilityResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/VulnerabilityResourceTest.java @@ -400,8 +400,8 @@ public void createVulnerabilityTest() throws Exception { Assert.assertEquals(2.8, json.getJsonNumber("cvssV3ExploitabilitySubScore").doubleValue(), 0); Assert.assertEquals("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", json.getString("cvssV3Vector")); Assert.assertEquals(1.0, json.getJsonNumber("owaspRRLikelihoodScore").doubleValue(), 0); - Assert.assertEquals(1.3, json.getJsonNumber("owaspRRTechnicalImpactScore").doubleValue(), 0); - Assert.assertEquals(1.8, json.getJsonNumber("owaspRRBusinessImpactScore").doubleValue(), 0); + Assert.assertEquals(1.25, json.getJsonNumber("owaspRRTechnicalImpactScore").doubleValue(), 0); + Assert.assertEquals(1.75, json.getJsonNumber("owaspRRBusinessImpactScore").doubleValue(), 0); Assert.assertEquals("SL:1/M:1/O:0/S:2/ED:1/EE:1/A:1/ID:1/LC:2/LI:1/LAV:1/LAC:1/FD:1/RD:1/NC:2/PV:3", json.getString("owaspRRVector")); Assert.assertEquals("MEDIUM", json.getString("severity")); Assert.assertNotNull(json.getJsonObject("cwe")); @@ -531,8 +531,8 @@ public void updateVulnerabilityTest() throws Exception { Assert.assertEquals(3.4, json.getJsonNumber("cvssV3ImpactSubScore").doubleValue(), 0); Assert.assertEquals(2.8, json.getJsonNumber("cvssV3ExploitabilitySubScore").doubleValue(), 0); Assert.assertEquals(1.0, json.getJsonNumber("owaspRRLikelihoodScore").doubleValue(), 0); - Assert.assertEquals(1.3, json.getJsonNumber("owaspRRTechnicalImpactScore").doubleValue(), 0); - Assert.assertEquals(1.8, json.getJsonNumber("owaspRRBusinessImpactScore").doubleValue(), 0); + Assert.assertEquals(1.25, json.getJsonNumber("owaspRRTechnicalImpactScore").doubleValue(), 0); + Assert.assertEquals(1.75, json.getJsonNumber("owaspRRBusinessImpactScore").doubleValue(), 0); Assert.assertEquals("CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", json.getString("cvssV3Vector")); Assert.assertEquals("SL:1/M:1/O:0/S:2/ED:1/EE:1/A:1/ID:1/LC:2/LI:1/LAV:1/LAC:1/FD:1/RD:1/NC:2/PV:3", json.getString("owaspRRVector")); Assert.assertEquals("MEDIUM", json.getString("severity")); From 3c391c1eacebdbbc8dc7687eda39bc7f5a237bd2 Mon Sep 17 00:00:00 2001 From: nscuro Date: Tue, 13 Feb 2024 20:06:34 +0100 Subject: [PATCH 6/9] Fix test failure due to incorrect ordering assumption Signed-off-by: nscuro --- .../org/dependencytrack/persistence/ProjectQueryManager.java | 1 + 1 file changed, 1 insertion(+) diff --git a/src/main/java/org/dependencytrack/persistence/ProjectQueryManager.java b/src/main/java/org/dependencytrack/persistence/ProjectQueryManager.java index 9a8c1113f..ffe2c04e2 100644 --- a/src/main/java/org/dependencytrack/persistence/ProjectQueryManager.java +++ b/src/main/java/org/dependencytrack/persistence/ProjectQueryManager.java @@ -1285,6 +1285,7 @@ private List getProjectVersions(Project project) { query.setFilter("name == :name"); query.setParameters(project.getName()); query.setResult("uuid, version"); + query.setOrdering("id asc"); // Ensure consistent ordering return query.executeResultList(ProjectVersion.class); } } From 76528db360207b68a99d7e1ea4914943d3df1303 Mon Sep 17 00:00:00 2001 From: nscuro Date: Tue, 13 Feb 2024 21:30:21 +0100 Subject: [PATCH 7/9] Attempt to stabilize thread safety tests Signed-off-by: nscuro --- .../resources/v1/VulnerabilityPolicyResourceTest.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/test/java/org/dependencytrack/resources/v1/VulnerabilityPolicyResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/VulnerabilityPolicyResourceTest.java index 1e4ca8005..6bfb3c582 100644 --- a/src/test/java/org/dependencytrack/resources/v1/VulnerabilityPolicyResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/VulnerabilityPolicyResourceTest.java @@ -212,7 +212,7 @@ public void triggerVulnerabilityPolicyBundleSyncThreadSafetyForCreateTest() thro assertThat(responses).hasSize(50); assertThat(responses).satisfiesOnlyOnce(response -> assertThat(response.getStatus()).isEqualTo(202)); - assertThat(responses.stream().filter(response -> response.getStatus() == 409)).hasSize(49); + assertThat(responses.stream().map(Response::getStatus).filter(status -> status != 202)).containsOnly(409); } @Test @@ -222,7 +222,7 @@ public void triggerVulnerabilityPolicyBundleSyncThreadSafetyForUpdateTest() thro final ExecutorService executor = Executors.newFixedThreadPool(10); final var countDownLatch = new CountDownLatch(1); - // Create an existing workflow state that is has a terminal status. + // Create an existing workflow state that has a terminal status. // Trigger requests will reset it to a PENDING state. final WorkflowState workflowState = new WorkflowState(); workflowState.setStep(WorkflowStep.POLICY_BUNDLE_SYNC); @@ -254,7 +254,7 @@ public void triggerVulnerabilityPolicyBundleSyncThreadSafetyForUpdateTest() thro assertThat(responses).hasSize(50); assertThat(responses).satisfiesOnlyOnce(response -> assertThat(response.getStatus()).isEqualTo(202)); - assertThat(responses.stream().filter(response -> response.getStatus() == 409)).hasSize(49); + assertThat(responses.stream().map(Response::getStatus).filter(status -> status != 202)).containsOnly(409); } @Test From 0c77e6fc1e23e8c61b1b14e540760c84870c515d Mon Sep 17 00:00:00 2001 From: nscuro Date: Tue, 13 Feb 2024 22:54:37 +0100 Subject: [PATCH 8/9] Fix test failures due to incorrect ordering assumption Signed-off-by: nscuro --- .../resources/v1/BomResourceTest.java | 4 + .../resources/v1/FindingResourceTest.java | 250 ++++++++++-------- 2 files changed, 144 insertions(+), 110 deletions(-) diff --git a/src/test/java/org/dependencytrack/resources/v1/BomResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/BomResourceTest.java index a32b632d7..7240f9643 100644 --- a/src/test/java/org/dependencytrack/resources/v1/BomResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/BomResourceTest.java @@ -23,6 +23,7 @@ import alpine.server.filters.AuthenticationFilter; import junitparams.JUnitParamsRunner; import junitparams.Parameters; +import net.javacrumbs.jsonunit.core.Option; import org.apache.commons.io.FileUtils; import org.apache.commons.io.IOUtils; import org.apache.http.HttpStatus; @@ -185,6 +186,7 @@ public void exportProjectAsCycloneDxInventoryTest() { final String jsonResponse = getPlainTextBody(response); assertThatJson(jsonResponse) + .withOptions(Option.IGNORING_ARRAY_ORDER) .withMatcher("projectUuid", equalTo(project.getUuid().toString())) .withMatcher("componentWithoutVulnUuid", equalTo(componentWithoutVuln.getUuid().toString())) .withMatcher("componentWithVulnUuid", equalTo(componentWithVuln.getUuid().toString())) @@ -333,6 +335,7 @@ public void exportProjectAsCycloneDxInventoryWithVulnerabilitiesTest() { final String jsonResponse = getPlainTextBody(response); assertThatJson(jsonResponse) + .withOptions(Option.IGNORING_ARRAY_ORDER) .withMatcher("vulnUuid", equalTo(vulnerability.getUuid().toString())) .withMatcher("projectUuid", equalTo(project.getUuid().toString())) .withMatcher("componentWithoutVulnUuid", equalTo(componentWithoutVuln.getUuid().toString())) @@ -526,6 +529,7 @@ public void exportProjectAsCycloneDxVdrTest() { final String jsonResponse = getPlainTextBody(response); assertThatJson(jsonResponse) + .withOptions(Option.IGNORING_ARRAY_ORDER) .withMatcher("vulnUuid", equalTo(vulnerability.getUuid().toString())) .withMatcher("projectUuid", equalTo(project.getUuid().toString())) .withMatcher("componentWithoutVulnUuid", equalTo(componentWithoutVuln.getUuid().toString())) diff --git a/src/test/java/org/dependencytrack/resources/v1/FindingResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/FindingResourceTest.java index 3b8154fb8..6a683a63f 100644 --- a/src/test/java/org/dependencytrack/resources/v1/FindingResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/FindingResourceTest.java @@ -21,7 +21,6 @@ import alpine.Config; import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; -import org.assertj.core.api.Assertions; import org.dependencytrack.ResourceTest; import org.dependencytrack.model.AnalyzerIdentity; import org.dependencytrack.model.Component; @@ -49,6 +48,7 @@ import java.util.Map; import java.util.UUID; +import static org.assertj.core.api.Assertions.assertThat; import static org.dependencytrack.model.WorkflowStatus.PENDING; import static org.junit.Assert.assertEquals; @@ -94,37 +94,47 @@ public void getFindingsByProjectTest() { assertEquals(String.valueOf(3), response.getHeaderString(TOTAL_COUNT_HEADER)); JsonArray json = parseJsonArray(response); Assert.assertNotNull(json); - assertEquals(3, json.size()); - assertEquals("Component A", json.getJsonObject(0).getJsonObject("component").getString("name")); - assertEquals("1.0", json.getJsonObject(0).getJsonObject("component").getString("version")); - assertEquals("Vuln-1", json.getJsonObject(0).getJsonObject("vulnerability").getString("vulnId")); - assertEquals(Severity.CRITICAL.name(), json.getJsonObject(0).getJsonObject("vulnerability").getString("severity")); - assertEquals(80, json.getJsonObject(0).getJsonObject("vulnerability").getInt("cweId")); - assertEquals(2, json.getJsonObject(0).getJsonObject("vulnerability").getJsonArray("cwes").size()); - assertEquals(80, json.getJsonObject(0).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(0).getInt("cweId")); - assertEquals(666, json.getJsonObject(0).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(1).getInt("cweId")); - Assert.assertFalse(json.getJsonObject(0).getJsonObject("analysis").getBoolean("isSuppressed")); - assertEquals(p1.getUuid().toString() + ":" + c1.getUuid().toString() + ":" + v1.getUuid().toString(), json.getJsonObject(0).getString("matrix")); - assertEquals("Component A", json.getJsonObject(1).getJsonObject("component").getString("name")); - assertEquals("1.0", json.getJsonObject(1).getJsonObject("component").getString("version")); - assertEquals("Vuln-2", json.getJsonObject(1).getJsonObject("vulnerability").getString("vulnId")); - assertEquals(Severity.HIGH.name(), json.getJsonObject(1).getJsonObject("vulnerability").getString("severity")); - assertEquals(80, json.getJsonObject(1).getJsonObject("vulnerability").getInt("cweId")); - assertEquals(2, json.getJsonObject(1).getJsonObject("vulnerability").getJsonArray("cwes").size()); - assertEquals(80, json.getJsonObject(1).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(0).getInt("cweId")); - assertEquals(666, json.getJsonObject(1).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(1).getInt("cweId")); - Assert.assertFalse(json.getJsonObject(1).getJsonObject("analysis").getBoolean("isSuppressed")); - assertEquals(p1.getUuid().toString() + ":" + c1.getUuid().toString() + ":" + v2.getUuid().toString(), json.getJsonObject(1).getString("matrix")); - assertEquals("Component B", json.getJsonObject(2).getJsonObject("component").getString("name")); - assertEquals("1.0", json.getJsonObject(2).getJsonObject("component").getString("version")); - assertEquals("Vuln-3", json.getJsonObject(2).getJsonObject("vulnerability").getString("vulnId")); - assertEquals(Severity.MEDIUM.name(), json.getJsonObject(2).getJsonObject("vulnerability").getString("severity")); - assertEquals(80, json.getJsonObject(2).getJsonObject("vulnerability").getInt("cweId")); - assertEquals(2, json.getJsonObject(2).getJsonObject("vulnerability").getJsonArray("cwes").size()); - assertEquals(80, json.getJsonObject(2).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(0).getInt("cweId")); - assertEquals(666, json.getJsonObject(2).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(1).getInt("cweId")); - Assert.assertFalse(json.getJsonObject(0).getJsonObject("analysis").getBoolean("isSuppressed")); - assertEquals(p1.getUuid().toString() + ":" + c2.getUuid().toString() + ":" + v3.getUuid().toString(), json.getJsonObject(2).getString("matrix")); + assertThat(json).satisfiesExactlyInAnyOrder( + jsonValue -> { + final JsonObject finding = jsonValue.asJsonObject(); + assertEquals("Component A", finding.getJsonObject("component").getString("name")); + assertEquals("1.0", finding.getJsonObject("component").getString("version")); + assertEquals("Vuln-1", finding.getJsonObject("vulnerability").getString("vulnId")); + assertEquals(Severity.CRITICAL.name(), finding.getJsonObject("vulnerability").getString("severity")); + assertEquals(80, finding.getJsonObject("vulnerability").getInt("cweId")); + assertEquals(2, finding.getJsonObject("vulnerability").getJsonArray("cwes").size()); + assertEquals(80, finding.getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(0).getInt("cweId")); + assertEquals(666, finding.getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(1).getInt("cweId")); + Assert.assertFalse(finding.getJsonObject("analysis").getBoolean("isSuppressed")); + assertEquals(p1.getUuid().toString() + ":" + c1.getUuid().toString() + ":" + v1.getUuid().toString(), finding.getString("matrix")); + }, + jsonValue -> { + final JsonObject finding = jsonValue.asJsonObject(); + assertEquals("Component A", finding.getJsonObject("component").getString("name")); + assertEquals("1.0", finding.getJsonObject("component").getString("version")); + assertEquals("Vuln-2", finding.getJsonObject("vulnerability").getString("vulnId")); + assertEquals(Severity.HIGH.name(), finding.getJsonObject("vulnerability").getString("severity")); + assertEquals(80, finding.getJsonObject("vulnerability").getInt("cweId")); + assertEquals(2, finding.getJsonObject("vulnerability").getJsonArray("cwes").size()); + assertEquals(80, finding.getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(0).getInt("cweId")); + assertEquals(666, finding.getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(1).getInt("cweId")); + Assert.assertFalse(finding.getJsonObject("analysis").getBoolean("isSuppressed")); + assertEquals(p1.getUuid().toString() + ":" + c1.getUuid().toString() + ":" + v2.getUuid().toString(), finding.getString("matrix")); + }, + jsonValue -> { + final JsonObject finding = jsonValue.asJsonObject(); + assertEquals("Component B", finding.getJsonObject("component").getString("name")); + assertEquals("1.0", finding.getJsonObject("component").getString("version")); + assertEquals("Vuln-3", finding.getJsonObject("vulnerability").getString("vulnId")); + assertEquals(Severity.MEDIUM.name(), finding.getJsonObject("vulnerability").getString("severity")); + assertEquals(80, finding.getJsonObject("vulnerability").getInt("cweId")); + assertEquals(2, finding.getJsonObject("vulnerability").getJsonArray("cwes").size()); + assertEquals(80, finding.getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(0).getInt("cweId")); + assertEquals(666, finding.getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(1).getInt("cweId")); + Assert.assertFalse(finding.getJsonObject("analysis").getBoolean("isSuppressed")); + assertEquals(p1.getUuid().toString() + ":" + c2.getUuid().toString() + ":" + v3.getUuid().toString(), finding.getString("matrix")); + } + ); } @Test @@ -171,37 +181,47 @@ public void exportFindingsByProjectTest() { assertEquals(p1.getUuid().toString(), json.getJsonObject("project").getString("uuid")); assertEquals("1.2", json.getString("version")); // FPF version JsonArray findings = json.getJsonArray("findings"); - assertEquals(3, findings.size()); - assertEquals("Component A", findings.getJsonObject(0).getJsonObject("component").getString("name")); - assertEquals("1.0", findings.getJsonObject(0).getJsonObject("component").getString("version")); - assertEquals("Vuln-1", findings.getJsonObject(0).getJsonObject("vulnerability").getString("vulnId")); - assertEquals(Severity.CRITICAL.name(), findings.getJsonObject(0).getJsonObject("vulnerability").getString("severity")); - assertEquals(80, findings.getJsonObject(1).getJsonObject("vulnerability").getInt("cweId")); - assertEquals(2, findings.getJsonObject(1).getJsonObject("vulnerability").getJsonArray("cwes").size()); - assertEquals(80, findings.getJsonObject(1).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(0).getInt("cweId")); - assertEquals(666, findings.getJsonObject(1).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(1).getInt("cweId")); - Assert.assertFalse(findings.getJsonObject(0).getJsonObject("analysis").getBoolean("isSuppressed")); - assertEquals(p1.getUuid().toString() + ":" + c1.getUuid().toString() + ":" + v1.getUuid().toString(), findings.getJsonObject(0).getString("matrix")); - assertEquals("Component A", findings.getJsonObject(1).getJsonObject("component").getString("name")); - assertEquals("1.0", findings.getJsonObject(1).getJsonObject("component").getString("version")); - assertEquals("Vuln-2", findings.getJsonObject(1).getJsonObject("vulnerability").getString("vulnId")); - assertEquals(Severity.HIGH.name(), findings.getJsonObject(1).getJsonObject("vulnerability").getString("severity")); - assertEquals(80, findings.getJsonObject(1).getJsonObject("vulnerability").getInt("cweId")); - assertEquals(2, findings.getJsonObject(1).getJsonObject("vulnerability").getJsonArray("cwes").size()); - assertEquals(80, findings.getJsonObject(1).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(0).getInt("cweId")); - assertEquals(666, findings.getJsonObject(1).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(1).getInt("cweId")); - Assert.assertFalse(findings.getJsonObject(1).getJsonObject("analysis").getBoolean("isSuppressed")); - assertEquals(p1.getUuid().toString() + ":" + c1.getUuid().toString() + ":" + v2.getUuid().toString(), findings.getJsonObject(1).getString("matrix")); - assertEquals("Component B", findings.getJsonObject(2).getJsonObject("component").getString("name")); - assertEquals("1.0", findings.getJsonObject(2).getJsonObject("component").getString("version")); - assertEquals("Vuln-3", findings.getJsonObject(2).getJsonObject("vulnerability").getString("vulnId")); - assertEquals(Severity.MEDIUM.name(), findings.getJsonObject(2).getJsonObject("vulnerability").getString("severity")); - assertEquals(80, findings.getJsonObject(1).getJsonObject("vulnerability").getInt("cweId")); - assertEquals(2, findings.getJsonObject(1).getJsonObject("vulnerability").getJsonArray("cwes").size()); - assertEquals(80, findings.getJsonObject(1).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(0).getInt("cweId")); - assertEquals(666, findings.getJsonObject(1).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(1).getInt("cweId")); - Assert.assertFalse(findings.getJsonObject(0).getJsonObject("analysis").getBoolean("isSuppressed")); - assertEquals(p1.getUuid().toString() + ":" + c2.getUuid().toString() + ":" + v3.getUuid().toString(), findings.getJsonObject(2).getString("matrix")); + assertThat(findings).satisfiesExactlyInAnyOrder( + jsonValue -> { + final JsonObject finding = jsonValue.asJsonObject(); + assertEquals("Component A", finding.getJsonObject("component").getString("name")); + assertEquals("1.0", finding.getJsonObject("component").getString("version")); + assertEquals("Vuln-1", finding.getJsonObject("vulnerability").getString("vulnId")); + assertEquals(Severity.CRITICAL.name(), finding.getJsonObject("vulnerability").getString("severity")); + assertEquals(80, finding.getJsonObject("vulnerability").getInt("cweId")); + assertEquals(2, finding.getJsonObject("vulnerability").getJsonArray("cwes").size()); + assertEquals(80, finding.getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(0).getInt("cweId")); + assertEquals(666, finding.getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(1).getInt("cweId")); + Assert.assertFalse(finding.getJsonObject("analysis").getBoolean("isSuppressed")); + assertEquals(p1.getUuid().toString() + ":" + c1.getUuid().toString() + ":" + v1.getUuid().toString(), finding.getString("matrix")); + }, + jsonValue -> { + final JsonObject finding = jsonValue.asJsonObject(); + assertEquals("Component A", finding.getJsonObject("component").getString("name")); + assertEquals("1.0", finding.getJsonObject("component").getString("version")); + assertEquals("Vuln-2", finding.getJsonObject("vulnerability").getString("vulnId")); + assertEquals(Severity.HIGH.name(), finding.getJsonObject("vulnerability").getString("severity")); + assertEquals(80, finding.getJsonObject("vulnerability").getInt("cweId")); + assertEquals(2, finding.getJsonObject("vulnerability").getJsonArray("cwes").size()); + assertEquals(80, finding.getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(0).getInt("cweId")); + assertEquals(666, finding.getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(1).getInt("cweId")); + Assert.assertFalse(finding.getJsonObject("analysis").getBoolean("isSuppressed")); + assertEquals(p1.getUuid().toString() + ":" + c1.getUuid().toString() + ":" + v2.getUuid().toString(), finding.getString("matrix")); + }, + jsonValue -> { + final JsonObject finding = jsonValue.asJsonObject(); + assertEquals("Component B", finding.getJsonObject("component").getString("name")); + assertEquals("1.0", finding.getJsonObject("component").getString("version")); + assertEquals("Vuln-3", finding.getJsonObject("vulnerability").getString("vulnId")); + assertEquals(Severity.MEDIUM.name(), finding.getJsonObject("vulnerability").getString("severity")); + assertEquals(80, findings.getJsonObject(1).getJsonObject("vulnerability").getInt("cweId")); + assertEquals(2, findings.getJsonObject(1).getJsonObject("vulnerability").getJsonArray("cwes").size()); + assertEquals(80, findings.getJsonObject(1).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(0).getInt("cweId")); + assertEquals(666, findings.getJsonObject(1).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(1).getInt("cweId")); + Assert.assertFalse(findings.getJsonObject(0).getJsonObject("analysis").getBoolean("isSuppressed")); + assertEquals(p1.getUuid().toString() + ":" + c2.getUuid().toString() + ":" + v3.getUuid().toString(), finding.getString("matrix")); + } + ); } @Test @@ -271,40 +291,50 @@ public void getFindingsByProjectWithComponentLatestVersionTest() { assertEquals(String.valueOf(3), response.getHeaderString(TOTAL_COUNT_HEADER)); JsonArray json = parseJsonArray(response); Assert.assertNotNull(json); - assertEquals(3, json.size()); - assertEquals("Component A", json.getJsonObject(0).getJsonObject("component").getString("name")); - assertEquals("1.0", json.getJsonObject(0).getJsonObject("component").getString("version")); - assertEquals("Vuln-1", json.getJsonObject(0).getJsonObject("vulnerability").getString("vulnId")); - assertEquals(Severity.CRITICAL.name(), json.getJsonObject(0).getJsonObject("vulnerability").getString("severity")); - assertEquals(80, json.getJsonObject(0).getJsonObject("vulnerability").getInt("cweId")); - assertEquals(2, json.getJsonObject(0).getJsonObject("vulnerability").getJsonArray("cwes").size()); - assertEquals(80, json.getJsonObject(0).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(0).getInt("cweId")); - assertEquals(666, json.getJsonObject(0).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(1).getInt("cweId")); - Assert.assertFalse(json.getJsonObject(0).getJsonObject("analysis").getBoolean("isSuppressed")); - assertEquals(p1.getUuid().toString() + ":" + c1.getUuid().toString() + ":" + v1.getUuid().toString(), json.getJsonObject(0).getString("matrix")); - assertEquals("2.0.0", json.getJsonObject(0).getJsonObject("component").getString("latestVersion")); - assertEquals("Component A", json.getJsonObject(1).getJsonObject("component").getString("name")); - assertEquals("1.0", json.getJsonObject(1).getJsonObject("component").getString("version")); - assertEquals("Vuln-2", json.getJsonObject(1).getJsonObject("vulnerability").getString("vulnId")); - assertEquals(Severity.HIGH.name(), json.getJsonObject(1).getJsonObject("vulnerability").getString("severity")); - assertEquals(80, json.getJsonObject(1).getJsonObject("vulnerability").getInt("cweId")); - assertEquals(2, json.getJsonObject(1).getJsonObject("vulnerability").getJsonArray("cwes").size()); - assertEquals(80, json.getJsonObject(1).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(0).getInt("cweId")); - assertEquals(666, json.getJsonObject(1).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(1).getInt("cweId")); - Assert.assertFalse(json.getJsonObject(1).getJsonObject("analysis").getBoolean("isSuppressed")); - assertEquals(p1.getUuid().toString() + ":" + c1.getUuid().toString() + ":" + v2.getUuid().toString(), json.getJsonObject(1).getString("matrix")); - assertEquals("2.0.0", json.getJsonObject(1).getJsonObject("component").getString("latestVersion")); - assertEquals("Component B", json.getJsonObject(2).getJsonObject("component").getString("name")); - assertEquals("1.0", json.getJsonObject(2).getJsonObject("component").getString("version")); - assertEquals("Vuln-3", json.getJsonObject(2).getJsonObject("vulnerability").getString("vulnId")); - assertEquals(Severity.MEDIUM.name(), json.getJsonObject(2).getJsonObject("vulnerability").getString("severity")); - assertEquals(80, json.getJsonObject(2).getJsonObject("vulnerability").getInt("cweId")); - assertEquals(2, json.getJsonObject(2).getJsonObject("vulnerability").getJsonArray("cwes").size()); - assertEquals(80, json.getJsonObject(2).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(0).getInt("cweId")); - assertEquals(666, json.getJsonObject(2).getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(1).getInt("cweId")); - Assert.assertFalse(json.getJsonObject(0).getJsonObject("analysis").getBoolean("isSuppressed")); - assertEquals(p1.getUuid().toString() + ":" + c2.getUuid().toString() + ":" + v3.getUuid().toString(), json.getJsonObject(2).getString("matrix")); - assertEquals("3.0.0", json.getJsonObject(2).getJsonObject("component").getString("latestVersion")); + assertThat(json).satisfiesExactlyInAnyOrder( + jsonValue -> { + final JsonObject finding = jsonValue.asJsonObject(); + assertEquals("Component A", finding.getJsonObject("component").getString("name")); + assertEquals("1.0", finding.getJsonObject("component").getString("version")); + assertEquals("Vuln-1", finding.getJsonObject("vulnerability").getString("vulnId")); + assertEquals(Severity.CRITICAL.name(), finding.getJsonObject("vulnerability").getString("severity")); + assertEquals(80, finding.getJsonObject("vulnerability").getInt("cweId")); + assertEquals(2, finding.getJsonObject("vulnerability").getJsonArray("cwes").size()); + assertEquals(80, finding.getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(0).getInt("cweId")); + assertEquals(666, finding.getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(1).getInt("cweId")); + Assert.assertFalse(finding.getJsonObject("analysis").getBoolean("isSuppressed")); + assertEquals(p1.getUuid().toString() + ":" + c1.getUuid().toString() + ":" + v1.getUuid().toString(), finding.getString("matrix")); + assertEquals("2.0.0", finding.getJsonObject("component").getString("latestVersion")); + }, + jsonValue -> { + final JsonObject finding = jsonValue.asJsonObject(); + assertEquals("Component A", finding.getJsonObject("component").getString("name")); + assertEquals("1.0", finding.getJsonObject("component").getString("version")); + assertEquals("Vuln-2", finding.getJsonObject("vulnerability").getString("vulnId")); + assertEquals(Severity.HIGH.name(), finding.getJsonObject("vulnerability").getString("severity")); + assertEquals(80, finding.getJsonObject("vulnerability").getInt("cweId")); + assertEquals(2, finding.getJsonObject("vulnerability").getJsonArray("cwes").size()); + assertEquals(80, finding.getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(0).getInt("cweId")); + assertEquals(666, finding.getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(1).getInt("cweId")); + Assert.assertFalse(finding.getJsonObject("analysis").getBoolean("isSuppressed")); + assertEquals(p1.getUuid().toString() + ":" + c1.getUuid().toString() + ":" + v2.getUuid().toString(), finding.getString("matrix")); + assertEquals("2.0.0", finding.getJsonObject("component").getString("latestVersion")); + }, + jsonValue -> { + final JsonObject finding = jsonValue.asJsonObject(); + assertEquals("Component B", finding.getJsonObject("component").getString("name")); + assertEquals("1.0", finding.getJsonObject("component").getString("version")); + assertEquals("Vuln-3", finding.getJsonObject("vulnerability").getString("vulnId")); + assertEquals(Severity.MEDIUM.name(), finding.getJsonObject("vulnerability").getString("severity")); + assertEquals(80, finding.getJsonObject("vulnerability").getInt("cweId")); + assertEquals(2, finding.getJsonObject("vulnerability").getJsonArray("cwes").size()); + assertEquals(80, finding.getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(0).getInt("cweId")); + assertEquals(666, finding.getJsonObject("vulnerability").getJsonArray("cwes").getJsonObject(1).getInt("cweId")); + Assert.assertFalse(json.getJsonObject(0).getJsonObject("analysis").getBoolean("isSuppressed")); + assertEquals(p1.getUuid().toString() + ":" + c2.getUuid().toString() + ":" + v3.getUuid().toString(), finding.getString("matrix")); + assertEquals("3.0.0", finding.getJsonObject("component").getString("latestVersion")); + } + ); } @Test @@ -348,22 +378,22 @@ public void testWorkflowStepsShouldBeCreatedOnReanalyze() { Assert.assertEquals(200, response.getStatus(), 0); UUID uuid = UUID.fromString(responseMap.get("token")); - Assertions.assertThat(qm.getAllWorkflowStatesForAToken(uuid)).satisfiesExactlyInAnyOrder( + assertThat(qm.getAllWorkflowStatesForAToken(uuid)).satisfiesExactlyInAnyOrder( workflowState -> { - Assertions.assertThat(workflowState.getStep()).isEqualTo(WorkflowStep.VULN_ANALYSIS); - Assertions.assertThat(workflowState.getToken()).isEqualTo(uuid); - Assertions.assertThat(workflowState.getParent()).isNull(); - Assertions.assertThat(workflowState.getStatus()).isEqualTo(PENDING); - Assertions.assertThat(workflowState.getUpdatedAt()).isNotNull(); - Assertions.assertThat(workflowState.getStartedAt()).isNull(); + assertThat(workflowState.getStep()).isEqualTo(WorkflowStep.VULN_ANALYSIS); + assertThat(workflowState.getToken()).isEqualTo(uuid); + assertThat(workflowState.getParent()).isNull(); + assertThat(workflowState.getStatus()).isEqualTo(PENDING); + assertThat(workflowState.getUpdatedAt()).isNotNull(); + assertThat(workflowState.getStartedAt()).isNull(); }, workflowState -> { - Assertions.assertThat(workflowState.getStep()).isEqualTo(WorkflowStep.POLICY_EVALUATION); - Assertions.assertThat(workflowState.getToken()).isEqualTo(uuid); - Assertions.assertThat(workflowState.getParent()).isNotNull(); - Assertions.assertThat(workflowState.getStatus()).isEqualTo(PENDING); - Assertions.assertThat(workflowState.getUpdatedAt()).isNotNull(); - Assertions.assertThat(workflowState.getStartedAt()).isNull(); + assertThat(workflowState.getStep()).isEqualTo(WorkflowStep.POLICY_EVALUATION); + assertThat(workflowState.getToken()).isEqualTo(uuid); + assertThat(workflowState.getParent()).isNotNull(); + assertThat(workflowState.getStatus()).isEqualTo(PENDING); + assertThat(workflowState.getUpdatedAt()).isNotNull(); + assertThat(workflowState.getStartedAt()).isNull(); } ); } From 677c45a1ba5f5f3dc8ac9cf831486b0954ab4ed6 Mon Sep 17 00:00:00 2001 From: nscuro Date: Wed, 14 Feb 2024 13:44:59 +0100 Subject: [PATCH 9/9] Fix test failures due to incorrect ordering assumption Signed-off-by: nscuro --- .../java/org/dependencytrack/resources/v1/VexResourceTest.java | 2 ++ .../org/dependencytrack/resources/v1/WorkflowResourceTest.java | 2 ++ 2 files changed, 4 insertions(+) diff --git a/src/test/java/org/dependencytrack/resources/v1/VexResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/VexResourceTest.java index 0e217157f..fe4b140f7 100644 --- a/src/test/java/org/dependencytrack/resources/v1/VexResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/VexResourceTest.java @@ -20,6 +20,7 @@ import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; +import net.javacrumbs.jsonunit.core.Option; import org.dependencytrack.ResourceTest; import org.dependencytrack.model.AnalysisResponse; import org.dependencytrack.model.AnalysisState; @@ -125,6 +126,7 @@ public void exportProjectAsCycloneDxTest() { .get(Response.class); assertThat(response.getStatus()).isEqualTo(200); assertThatJson(getPlainTextBody(response)) + .withOptions(Option.IGNORING_ARRAY_ORDER) .withMatcher("vulnAUuid", equalTo(vulnA.getUuid().toString())) .withMatcher("vulnBUuid", equalTo(vulnB.getUuid().toString())) .withMatcher("projectUuid", equalTo(project.getUuid().toString())) diff --git a/src/test/java/org/dependencytrack/resources/v1/WorkflowResourceTest.java b/src/test/java/org/dependencytrack/resources/v1/WorkflowResourceTest.java index d72cdcbdb..9ee484f9a 100644 --- a/src/test/java/org/dependencytrack/resources/v1/WorkflowResourceTest.java +++ b/src/test/java/org/dependencytrack/resources/v1/WorkflowResourceTest.java @@ -2,6 +2,7 @@ import alpine.server.filters.ApiFilter; import alpine.server.filters.AuthenticationFilter; +import net.javacrumbs.jsonunit.core.Option; import org.apache.http.HttpStatus; import org.dependencytrack.ResourceTest; import org.dependencytrack.model.WorkflowState; @@ -66,6 +67,7 @@ public void getWorkflowStatusOk() { assertThat(response.getStatus()).isEqualTo(HttpStatus.SC_OK); final String jsonResponse = getPlainTextBody(response); assertThatJson(jsonResponse) + .withOptions(Option.IGNORING_ARRAY_ORDER) .withMatcher("token", equalTo(uuid.toString())) .withMatcher("step1", equalTo("BOM_CONSUMPTION")) .withMatcher("status1", equalTo("COMPLETED"))