From bd04f36a3c65537f6430e4ef27241094d1db47f9 Mon Sep 17 00:00:00 2001 From: Ruud Senden <8635138+rsenden@users.noreply.github.com> Date: Fri, 17 May 2024 16:11:03 +0200 Subject: [PATCH] ftest: Add basic action tests --- .../fod/FoDBuiltinActionDefinitionSpec.groovy | 63 ++++++++++++++ .../ssc/SSCBuiltinActionDefinitionSpec.groovy | 63 ++++++++++++++ .../ftest/ssc/SSCBuiltinActionRunSpec.groovy | 83 +++++++++++++++++++ 3 files changed, 209 insertions(+) create mode 100644 fcli-other/fcli-functional-test/src/ftest/groovy/com/fortify/cli/ftest/fod/FoDBuiltinActionDefinitionSpec.groovy create mode 100644 fcli-other/fcli-functional-test/src/ftest/groovy/com/fortify/cli/ftest/ssc/SSCBuiltinActionDefinitionSpec.groovy create mode 100644 fcli-other/fcli-functional-test/src/ftest/groovy/com/fortify/cli/ftest/ssc/SSCBuiltinActionRunSpec.groovy diff --git a/fcli-other/fcli-functional-test/src/ftest/groovy/com/fortify/cli/ftest/fod/FoDBuiltinActionDefinitionSpec.groovy b/fcli-other/fcli-functional-test/src/ftest/groovy/com/fortify/cli/ftest/fod/FoDBuiltinActionDefinitionSpec.groovy new file mode 100644 index 0000000000..745bff4182 --- /dev/null +++ b/fcli-other/fcli-functional-test/src/ftest/groovy/com/fortify/cli/ftest/fod/FoDBuiltinActionDefinitionSpec.groovy @@ -0,0 +1,63 @@ +/** + * Copyright 2023 Open Text. + * + * The only warranties for products and services of Open Text + * and its affiliates and licensors ("Open Text") are as may + * be set forth in the express warranty statements accompanying + * such products and services. Nothing herein should be construed + * as constituting an additional warranty. Open Text shall not be + * liable for technical or editorial errors or omissions contained + * herein. The information contained herein is subject to change + * without notice. + */ +package com.fortify.cli.ftest.fod + +import static com.fortify.cli.ftest._common.spec.FcliSession.FcliSessionType.SSC + +import com.fortify.cli.ftest._common.Fcli +import com.fortify.cli.ftest._common.spec.FcliBaseSpec +import com.fortify.cli.ftest._common.spec.FcliSession +import com.fortify.cli.ftest._common.spec.Prefix + +import spock.lang.AutoCleanup +import spock.lang.Requires +import spock.lang.Shared + +@Prefix("fod.action") +class FoDBuiltinActionDefinitionSpec extends FcliBaseSpec { + + def "list"() { + def args = "fod action list -q origin=='FCLI'" + when: + def result = Fcli.run(args) + then: + verifyAll(result.stdout) { + size()>1 + it[0].replace(' ', '').equals("NameAuthorOriginStatusSignatureUsageheader") + // TODO Is this working correctly? Ideally, we should ignore empty lines, + // rather than lines not containing FCLI, but that doesn't work. + it[2..-1].every { + !it.contains('FCLI') || it.replace(' ', '').contains("FortifyFCLIVALIDVALID") + } + } + } + + def "help"() { + def args = "fod action help ${action}" + when: + def result = Fcli.run(args) + then: + verifyAll(result.stdout) { + size()>1 + it.any { + it.contains('Origin:') && it.contains('FCLI') + it.contains('Signature status:') && it.contains('VALID') + it.contains('Author:') && it.contains('Fortify') + it.contains('Signed by:') && it.contains('Fortify') + it.contains('Certified by:') && it.contains('Fortify') + } + } + where: + action << Fcli.run("fod action list -q origin=='FCLI' -o expr={name}\\n").stdout + } +} diff --git a/fcli-other/fcli-functional-test/src/ftest/groovy/com/fortify/cli/ftest/ssc/SSCBuiltinActionDefinitionSpec.groovy b/fcli-other/fcli-functional-test/src/ftest/groovy/com/fortify/cli/ftest/ssc/SSCBuiltinActionDefinitionSpec.groovy new file mode 100644 index 0000000000..ac9ad6cbc8 --- /dev/null +++ b/fcli-other/fcli-functional-test/src/ftest/groovy/com/fortify/cli/ftest/ssc/SSCBuiltinActionDefinitionSpec.groovy @@ -0,0 +1,63 @@ +/** + * Copyright 2023 Open Text. + * + * The only warranties for products and services of Open Text + * and its affiliates and licensors ("Open Text") are as may + * be set forth in the express warranty statements accompanying + * such products and services. Nothing herein should be construed + * as constituting an additional warranty. Open Text shall not be + * liable for technical or editorial errors or omissions contained + * herein. The information contained herein is subject to change + * without notice. + */ +package com.fortify.cli.ftest.ssc + +import static com.fortify.cli.ftest._common.spec.FcliSession.FcliSessionType.SSC + +import com.fortify.cli.ftest._common.Fcli +import com.fortify.cli.ftest._common.spec.FcliBaseSpec +import com.fortify.cli.ftest._common.spec.FcliSession +import com.fortify.cli.ftest._common.spec.Prefix + +import spock.lang.AutoCleanup +import spock.lang.Requires +import spock.lang.Shared + +@Prefix("ssc.action") +class SSCBuiltinActionDefinitionSpec extends FcliBaseSpec { + + def "list"() { + def args = "ssc action list -q origin=='FCLI'" + when: + def result = Fcli.run(args) + then: + verifyAll(result.stdout) { + size()>1 + it[0].replace(' ', '').equals("NameAuthorOriginStatusSignatureUsageheader") + // TODO Is this working correctly? Ideally, we should ignore empty lines, + // rather than lines not containing FCLI, but that doesn't work. + it[2..-1].every { + !it.contains('FCLI') || it.replace(' ', '').contains("FortifyFCLIVALIDVALID") + } + } + } + + def "help"() { + def args = "ssc action help ${action}" + when: + def result = Fcli.run(args) + then: + verifyAll(result.stdout) { + size()>1 + it.any { + it.contains('Origin:') && it.contains('FCLI') + it.contains('Signature status:') && it.contains('VALID') + it.contains('Author:') && it.contains('Fortify') + it.contains('Signed by:') && it.contains('Fortify') + it.contains('Certified by:') && it.contains('Fortify') + } + } + where: + action << Fcli.run("ssc action list -q origin=='FCLI' -o expr={name}\\n").stdout + } +} diff --git a/fcli-other/fcli-functional-test/src/ftest/groovy/com/fortify/cli/ftest/ssc/SSCBuiltinActionRunSpec.groovy b/fcli-other/fcli-functional-test/src/ftest/groovy/com/fortify/cli/ftest/ssc/SSCBuiltinActionRunSpec.groovy new file mode 100644 index 0000000000..3a4b482c82 --- /dev/null +++ b/fcli-other/fcli-functional-test/src/ftest/groovy/com/fortify/cli/ftest/ssc/SSCBuiltinActionRunSpec.groovy @@ -0,0 +1,83 @@ +/** + * Copyright 2023 Open Text. + * + * The only warranties for products and services of Open Text + * and its affiliates and licensors ("Open Text") are as may + * be set forth in the express warranty statements accompanying + * such products and services. Nothing herein should be construed + * as constituting an additional warranty. Open Text shall not be + * liable for technical or editorial errors or omissions contained + * herein. The information contained herein is subject to change + * without notice. + */ +package com.fortify.cli.ftest.ssc + +import static com.fortify.cli.ftest._common.spec.FcliSession.FcliSessionType.SSC + +import java.nio.file.Files +import java.nio.file.Path + +import com.fortify.cli.ftest._common.Fcli +import com.fortify.cli.ftest._common.spec.FcliBaseSpec +import com.fortify.cli.ftest._common.spec.FcliSession +import com.fortify.cli.ftest._common.spec.Global +import com.fortify.cli.ftest._common.spec.Prefix +import com.fortify.cli.ftest._common.spec.TempDir +import com.fortify.cli.ftest.ssc._common.SSCAppVersionSupplier + +import spock.lang.Shared + +@Prefix("ssc.action") @FcliSession(SSC) +class SSCBuiltinActionRunSpec extends FcliBaseSpec { + @Shared @TempDir("action-output") String actionOutputDir; + @Global(SSCAppVersionSupplier.EightBall.class) SSCAppVersionSupplier eightBallVersionSupplier; + + def "runWithOutputFile"() { + def random = System.currentTimeMillis() + def outputFile = "${actionOutputDir}/output-${random}" + def args = "ssc action run ${action} -f ${outputFile} --av ${eightBallVersionSupplier.version.get("id")}" + when: + def result = Fcli.run(args) + then: + verifyAll(result.stdout) { + size()==1 + Files.exists(Path.of(outputFile)) + } + where: + action << ['appversion-summary', + 'github-sast-report', + 'gitlab-dast-report', + 'gitlab-debricked-report', + 'gitlab-sast-report', + 'gitlab-sonatype-report', + 'sarif-sast-report', + 'sonarqube-sast-report'] + } + + def "runBitBucketSastReport"() { + def random = System.currentTimeMillis() + def reportFile = "${actionOutputDir}/bb-report-${random}" + def annotationsFile = "${actionOutputDir}/bb-annotations-${random}" + def args = "ssc action run bitbucket-sast-report -r ${reportFile} -a ${annotationsFile} --av ${eightBallVersionSupplier.version.get("id")}" + when: + def result = Fcli.run(args) + then: + verifyAll(result.stdout) { + size()==2 + Files.exists(Path.of(reportFile)) + Files.exists(Path.of(annotationsFile)) + } + } + + def "runCheckPolicy"() { + def args = "ssc action run check-policy --av ${eightBallVersionSupplier.version.get("id")}" + when: + def result = Fcli.run(args, {}) + then: + verifyAll(result.stdout) { + size()>1 + it.any { it.contains('PASS') || it.contains('FAIL') } + it.any { it.contains("Status: ") } + } + } +}