Example 1 with Report
use of com.mercedesbenz.sechub.sarif.model.Report in project sechub by mercedes-benz.
the class SarifReportSupportTest method specification_properties_snippet_properties_contains_tags.
@Test
void specification_properties_snippet_properties_contains_tags() throws IOException {
/* prepare */
File folder = sarifSpecificationSnippetsFolder;
/* execute */
Report report = supportToTest.loadReport(new File(folder, "specification-properties-snippet.sarif.json"));
/* test */
List<Result> results = report.getRuns().iterator().next().getResults();
Result result = results.iterator().next();
PropertyBag properties = result.getProperties();
assertNotNull(properties);
Object tags = properties.get("tags");
assertEquals(Collections.singleton("openSource"), tags);
}
Also used :
Report(com.mercedesbenz.sechub.sarif.model.Report)
PropertyBag(com.mercedesbenz.sechub.sarif.model.PropertyBag)
File(java.io.File)
Result(com.mercedesbenz.sechub.sarif.model.Result)
Test(org.junit.jupiter.api.Test)
Example 2 with Report
use of com.mercedesbenz.sechub.sarif.model.Report in project sechub by mercedes-benz.
the class SarifReportSupportTest method microsoft_sarif_tutorial_taxonomies_example__result_messages.
@Test
void microsoft_sarif_tutorial_taxonomies_example__result_messages() throws IOException {
/* prepare */
File codeFlowReportFile = new File(sarifTutorialSamplesFolder, "Taxonomies.sarif");
/* execute */
Report report = supportToTest.loadReport(codeFlowReportFile);
/* test */
List<Run> runs = report.getRuns();
assertEquals(1, runs.size(), "there must be ONE run!");
Run run = runs.iterator().next();
List<Result> results = run.getResults();
assertEquals(2, results.size(), "there must be two result!");
Iterator<Result> iterator = results.iterator();
// sort results by tree map, so we can fetch wanted ones
Map<String, Result> sortedMap = new TreeMap<>();
Result result = iterator.next();
sortedMap.put(result.getRuleId(), result);
result = iterator.next();
sortedMap.put(result.getRuleId(), result);
Result result1 = sortedMap.get("TUT1001");
assertNotNull(result1);
assertEquals("TUT1001", result1.getRuleId());
assertEquals("This result violates a rule that is classified as 'Required'.", result1.getMessage().getText());
Result result2 = sortedMap.get("TUT1002");
assertNotNull(result2);
assertEquals("TUT1002", result2.getRuleId());
assertEquals("This result violates a rule that is classified as 'Recommended'.", result2.getMessage().getText());
}Example 3 with Report
use of com.mercedesbenz.sechub.sarif.model.Report in project sechub by mercedes-benz.
the class SarifReportSupportTest method microsoft_sarif_tutorial_taxonomies_example_taxonomies_deserialized_correclty.
@Test
void microsoft_sarif_tutorial_taxonomies_example_taxonomies_deserialized_correclty() throws IOException {
/* prepare */
File codeFlowReportFile = new File(sarifTutorialSamplesFolder, "Taxonomies.sarif");
/* execute */
Report report = supportToTest.loadReport(codeFlowReportFile);
/* test */
List<Run> runs = report.getRuns();
assertEquals(1, runs.size(), "there must be ONE run!");
Run run = runs.iterator().next();
List<Taxonomy> taxonomies = run.getTaxonomies();
Map<String, Taxonomy> sortedTaxonomiesMap = new TreeMap<>();
for (Taxonomy taxonomy : taxonomies) {
sortedTaxonomiesMap.put(taxonomy.getGuid(), taxonomy);
}
Taxonomy taxonomy1 = sortedTaxonomiesMap.get("1A567403-868F-405E-92CF-771A9ECB03A1");
assertEquals("Requirement levels", taxonomy1.getName());
assertEquals(new Message("This taxonomy classifies rules according to whether their use is required or recommended by company policy."), taxonomy1.getShortDescription());
Map<String, Taxon> sortedTaxaMap = new TreeMap<>();
for (Taxon taxon : taxonomy1.getTaxa()) {
sortedTaxaMap.put(taxon.getId(), taxon);
}
Taxon taxon1 = sortedTaxaMap.get("RQL1001");
assertNotNull(taxon1);
assertEquals("Required", taxon1.getName());
assertEquals(new Message("Rules in this category are required by company policy. All violations must be fixed unless an exemption is granted."), taxon1.getShortDescription());
Taxon taxon2 = sortedTaxaMap.get("RQL1002");
assertNotNull(taxon2);
assertEquals("Recommended", taxon2.getName());
assertEquals(new Message("Rules in this category are recommended but not required by company policy. Violations should be fixed but an exemption is not required to suppress a result."), taxon2.getShortDescription());
}
Also used :
Message(com.mercedesbenz.sechub.sarif.model.Message)
Report(com.mercedesbenz.sechub.sarif.model.Report)
Taxonomy(com.mercedesbenz.sechub.sarif.model.Taxonomy)
Taxon(com.mercedesbenz.sechub.sarif.model.Taxon)
Run(com.mercedesbenz.sechub.sarif.model.Run)
TreeMap(java.util.TreeMap)
File(java.io.File)
Test(org.junit.jupiter.api.Test)
Example 4 with Report
use of com.mercedesbenz.sechub.sarif.model.Report in project sechub by mercedes-benz.
the class SarifReportSupportTest method testReports.
private void testReports(File folder, int expectedCount, String expectedSarifVersion) throws IOException {
int count = 0;
for (File file : folder.listFiles(sarifFileEndingFilter)) {
/* prepare */
LOG.info("Reading sarif report:{}", file);
count++;
String sarifJson = TestFileReader.loadTextFile(file);
assertNotNull(sarifJson);
/* execute */
Report report = supportToTest.loadReport(sarifJson);
/* test */
assertNotNull(report);
assertEquals(expectedSarifVersion, report.getVersion());
}
/* sanity check */
assertEquals(expectedCount, count, "Not amount of expected files were read as sarif report!");
}Example 5 with Report
use of com.mercedesbenz.sechub.sarif.model.Report in project sechub by mercedes-benz.
the class SarifReportSupportTest method microsoft_sarif_tutorial_codeflow_example.
@Test
void microsoft_sarif_tutorial_codeflow_example() throws IOException {
/* prepare */
File codeFlowReportFile = new File(sarifTutorialSamplesFolder, "CodeFlows.sarif");
/* execute */
Report report = supportToTest.loadReport(codeFlowReportFile);
/* test */
List<Run> runs = report.getRuns();
assertEquals(1, runs.size(), "there must be ONE run!");
Run run = runs.iterator().next();
List<Result> results = run.getResults();
assertEquals(1, results.size(), "there must be ONE result!");
Result result = results.iterator().next();
assertEquals("TUT1001", result.getRuleId());
assertEquals("Use of uninitialized variable.", result.getMessage().getText());
List<CodeFlow> codeFlows = result.getCodeFlows();
assertEquals(2, codeFlows.size());
}Aggregations
Report (com.mercedesbenz.sechub.sarif.model.Report)11
File (java.io.File)9
Test (org.junit.jupiter.api.Test)8
Result (com.mercedesbenz.sechub.sarif.model.Result)6
Run (com.mercedesbenz.sechub.sarif.model.Run)6
TreeMap (java.util.TreeMap)5
PropertyBag (com.mercedesbenz.sechub.sarif.model.PropertyBag)3
Rule (com.mercedesbenz.sechub.sarif.model.Rule)2
Map (java.util.Map)2
CodeFlow (com.mercedesbenz.sechub.sarif.model.CodeFlow)1
Message (com.mercedesbenz.sechub.sarif.model.Message)1
ReportingConfiguration (com.mercedesbenz.sechub.sarif.model.ReportingConfiguration)1
Taxon (com.mercedesbenz.sechub.sarif.model.Taxon)1
Taxonomy (com.mercedesbenz.sechub.sarif.model.Taxonomy)1
SerecoMetaData (com.mercedesbenz.sechub.sereco.metadata.SerecoMetaData)1
IOException (java.io.IOException)1
LinkedHashSet (java.util.LinkedHashSet)1
