-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathScanTest.java
More file actions
95 lines (78 loc) · 4 KB
/
ScanTest.java
File metadata and controls
95 lines (78 loc) · 4 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
package com.checkmarx.ast;
import com.checkmarx.ast.asca.ScanDetail;
import com.checkmarx.ast.asca.ScanResult;
import com.checkmarx.ast.kicsRealtimeResults.KicsRealtimeResults;
import com.checkmarx.ast.scan.Scan;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.Test;
import java.util.List;
import java.util.Map;
import java.util.UUID;
class ScanTest extends BaseTest {
@Test
void testScanShow() throws Exception {
List<Scan> scanList = wrapper.scanList();
Assertions.assertTrue(scanList.size() > 0);
Scan scan = wrapper.scanShow(UUID.fromString(scanList.get(0).getId()));
Assertions.assertEquals(scanList.get(0).getId(), scan.getId());
}
@Test
void testScanAsca_WhenFileWithVulnerabilitiesIsSentWithAgent_ReturnSuccessfulResponseWithCorrectValues() throws Exception {
ScanResult scanResult = wrapper.ScanAsca("src/test/resources/python-vul-file.py", true, "vscode");
// Assertions for the scan result
Assertions.assertNotNull(scanResult.getRequestId(), "Request ID should not be null");
Assertions.assertTrue(scanResult.isStatus(), "Status should be true");
Assertions.assertNull(scanResult.getError(), "Error should be null");
// Ensure scan details are not null and contains at least one entry
Assertions.assertNotNull(scanResult.getScanDetails(), "Scan details should not be null");
Assertions.assertFalse(scanResult.getScanDetails().isEmpty(), "Scan details should contain at least one entry");
// Iterate over all scan details and validate each one
for (ScanDetail scanDetail : scanResult.getScanDetails()) {
Assertions.assertNotNull(scanDetail.getRemediationAdvise(), "Remediation advise should not be null");
Assertions.assertNotNull(scanDetail.getDescription(), "Description should not be null");
}
}
@Test
void testScanAsca_WhenFileWithoutVulnerabilitiesIsSent_ReturnSuccessfulResponseWithCorrectValues() throws Exception {
ScanResult scanResult = wrapper.ScanAsca("src/test/resources/csharp-no-vul.cs", true, null);
Assertions.assertNotNull(scanResult.getRequestId());
Assertions.assertTrue(scanResult.isStatus());
Assertions.assertNull(scanResult.getError());
Assertions.assertNull(scanResult.getScanDetails()); // When no vulnerabilities are found, scan details is null
}
@Test
void testScanAsca_WhenMissingFileExtension_ReturnFileExtensionIsRequiredFailure() throws Exception {
ScanResult scanResult = wrapper.ScanAsca("CODEOWNERS", true, null);
Assertions.assertNotNull(scanResult.getRequestId());
Assertions.assertNotNull(scanResult.getError());
Assertions.assertEquals("The file name must have an extension.", scanResult.getError().getDescription());
}
@Test
void testScanList() throws Exception {
List<Scan> cxOutput = wrapper.scanList("limit=10");
Assertions.assertTrue(cxOutput.size() <= 10);
}
@Test
void testScanCreate() throws Exception {
Map<String, String> params = commonParams();
Scan scan = wrapper.scanCreate(params);
Assertions.assertEquals("Completed", wrapper.scanShow(UUID.fromString(scan.getId())).getStatus());
}
@Test
void testScanCreateWithAsyncAndDebugFlag_ShouldParseScanResponseSuccessfully() throws Exception {
Map<String, String> params = commonParams();
Scan scan = wrapper.scanCreate(params, "--debug --async");
Assertions.assertNotNull(scan);
}
@Test
void testScanCancel() throws Exception {
Map<String, String> params = commonParams();
Scan scan = wrapper.scanCreate(params, "--async --sast-incremental");
Assertions.assertDoesNotThrow(() -> wrapper.scanCancel(scan.getId()));
}
@Test
void testKicsRealtimeScan() throws Exception {
KicsRealtimeResults scan = wrapper.kicsRealtimeScan("target/test-classes/Dockerfile","","v");
Assertions.assertTrue(scan.getResults().size() >= 1);
}
}