-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathtest_all_sasts.py
More file actions
82 lines (61 loc) · 2.71 KB
/
test_all_sasts.py
File metadata and controls
82 lines (61 loc) · 2.71 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
"""Test the 'allsast' command integration."""
import logging
from pathlib import Path
from types import GeneratorType
import git
import pytest
from typer.testing import CliRunner
from codesectools.sasts import SASTS_ALL
from codesectools.sasts.all.cli import build_cli
from codesectools.sasts.all.sast import AllSAST
from codesectools.utils import CPU_COUNT, run_command
all_sast = AllSAST()
@pytest.fixture(autouse=True, scope="module")
def update_sast_module_state() -> GeneratorType:
"""Update the state of SAST modules before running tests in this module."""
for sast_data in SASTS_ALL.values():
sast_instance = sast_data["sast"]()
sast_data["cli_factory"].sast.__init__()
sast_data["status"] = sast_instance.status
sast_data["missing"] = sast_instance.missing
yield
runner = CliRunner(env={"COLUMNS": "200"})
def test_included() -> None:
"""Ensure that all free and offline SAST tools are available for testing."""
for sast_name, sast_data in SASTS_ALL.items():
sast_properties = sast_data["properties"]
if sast_properties.free and sast_properties.offline:
if sast_data["status"] != "full":
pytest.fail(f"{sast_data['missing']} are missing for {sast_name}")
def test_analyze(monkeypatch: pytest.MonkeyPatch) -> None:
"""Test the 'allsast analyze' command."""
logging.info("Testing All SAST analyze command on Java code") # Support Java only
git.Repo.clone_from("https://github.com/appsecco/dvja.git", "/tmp/dvja")
monkeypatch.chdir("/tmp/dvja")
retcode, stdout = run_command(
f"mvn clean compile -T {CPU_COUNT // 2}".split(" "), cwd=Path("/tmp/dvja")
)
assert retcode == 0
result = runner.invoke(
build_cli(), ["analyze", "java", "--artifacts", "target/classes"]
)
assert result.exit_code == 0
def test_list() -> None:
"""Test the 'allsast list' command."""
logging.info("Testing All SAST list command on Java code")
result = runner.invoke(build_cli(), ["list"])
assert result.exit_code == 0
assert "dvja" in result.output
def test_plot() -> None:
"""Test the 'allsast plot' command."""
logging.info("Testing All SAST plot command on Java code")
result = runner.invoke(build_cli(), ["plot", "dvja"])
assert result.exit_code == 0
assert (all_sast.output_dir / "dvja" / "_figures").is_dir()
def test_report() -> None:
"""Test the 'allsast report' command."""
logging.info("Testing All SAST report command on Java code")
result = runner.invoke(build_cli(), ["report", "dvja"])
assert result.exit_code == 0
assert (all_sast.output_dir / "dvja" / "report").is_dir()
assert list((all_sast.output_dir / "dvja" / "report").glob("*.html"))