Skip to content

Commit

Permalink
Add test for webgoat findings to CI
Browse files Browse the repository at this point in the history
  • Loading branch information
drdavella committed Sep 13, 2023
1 parent 2922572 commit 4d0adb0
Show file tree
Hide file tree
Showing 2 changed files with 36 additions and 0 deletions.
4 changes: 4 additions & 0 deletions .github/workflows/codemod_pygoat.yml
Original file line number Diff line number Diff line change
Expand Up @@ -28,10 +28,14 @@ jobs:
uses: actions/checkout@v4
- name: Install Codemodder Package
run: pip install .
- name: Install Test Dependencies
run: pip install -r requirements/test.txt
- name: Check out Pygoat
uses: actions/checkout@v4
with:
repository: pixee/pygoat
path: pygoat
- name: Run Codemodder
run: codemodder --output output.codetf pygoat
- name: Check PyGoat Findings
run: pytest -v ci_tests/test_webgoat_findings.py
32 changes: 32 additions & 0 deletions ci_tests/test_webgoat_findings.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
import json

import pytest


EXPECTED_FINDINGS = [
"pixee:python/order-imports",
"pixee:python/secure-random",
"pixee:python/sandbox-process-creation",
"pixee:python/unused-imports",
"pixee:python/django-session-cookie-secure-off",
"pixee:python/harden-pyyaml",
"pixee:python/django-debug-flag-on",
"pixee:python/url-sandbox",
]


@pytest.fixture(scope="session")
def webgoat_findings():
with open("output.codetf2") as ff:
results = json.load(ff)

yield set([x["codemod"] for x in results["results"]])


def test_num_webgoat_findings(webgoat_findings):
assert len(webgoat_findings) == len(EXPECTED_FINDINGS)


@pytest.mark.parametrize("finding", EXPECTED_FINDINGS)
def test_webgoat_findings(webgoat_findings, finding):
assert finding in webgoat_findings

0 comments on commit 4d0adb0

Please sign in to comment.