Example 1 with Run
use of com.mercedesbenz.sechub.sarif.model.Run in project sechub by mercedes-benz.
the class SarifReportSupportTest method microsoft_sarif_tutorial_taxonomies_example__result_messages.
@Test
void microsoft_sarif_tutorial_taxonomies_example__result_messages() throws IOException {
/* prepare */
File codeFlowReportFile = new File(sarifTutorialSamplesFolder, "Taxonomies.sarif");
/* execute */
Report report = supportToTest.loadReport(codeFlowReportFile);
/* test */
List<Run> runs = report.getRuns();
assertEquals(1, runs.size(), "there must be ONE run!");
Run run = runs.iterator().next();
List<Result> results = run.getResults();
assertEquals(2, results.size(), "there must be two result!");
Iterator<Result> iterator = results.iterator();
// sort results by tree map, so we can fetch wanted ones
Map<String, Result> sortedMap = new TreeMap<>();
Result result = iterator.next();
sortedMap.put(result.getRuleId(), result);
result = iterator.next();
sortedMap.put(result.getRuleId(), result);
Result result1 = sortedMap.get("TUT1001");
assertNotNull(result1);
assertEquals("TUT1001", result1.getRuleId());
assertEquals("This result violates a rule that is classified as 'Required'.", result1.getMessage().getText());
Result result2 = sortedMap.get("TUT1002");
assertNotNull(result2);
assertEquals("TUT1002", result2.getRuleId());
assertEquals("This result violates a rule that is classified as 'Recommended'.", result2.getMessage().getText());
}Example 2 with Run
use of com.mercedesbenz.sechub.sarif.model.Run in project sechub by mercedes-benz.
the class SarifReportSupportTest method microsoft_sarif_tutorial_taxonomies_example_taxonomies_deserialized_correclty.
@Test
void microsoft_sarif_tutorial_taxonomies_example_taxonomies_deserialized_correclty() throws IOException {
/* prepare */
File codeFlowReportFile = new File(sarifTutorialSamplesFolder, "Taxonomies.sarif");
/* execute */
Report report = supportToTest.loadReport(codeFlowReportFile);
/* test */
List<Run> runs = report.getRuns();
assertEquals(1, runs.size(), "there must be ONE run!");
Run run = runs.iterator().next();
List<Taxonomy> taxonomies = run.getTaxonomies();
Map<String, Taxonomy> sortedTaxonomiesMap = new TreeMap<>();
for (Taxonomy taxonomy : taxonomies) {
sortedTaxonomiesMap.put(taxonomy.getGuid(), taxonomy);
}
Taxonomy taxonomy1 = sortedTaxonomiesMap.get("1A567403-868F-405E-92CF-771A9ECB03A1");
assertEquals("Requirement levels", taxonomy1.getName());
assertEquals(new Message("This taxonomy classifies rules according to whether their use is required or recommended by company policy."), taxonomy1.getShortDescription());
Map<String, Taxon> sortedTaxaMap = new TreeMap<>();
for (Taxon taxon : taxonomy1.getTaxa()) {
sortedTaxaMap.put(taxon.getId(), taxon);
}
Taxon taxon1 = sortedTaxaMap.get("RQL1001");
assertNotNull(taxon1);
assertEquals("Required", taxon1.getName());
assertEquals(new Message("Rules in this category are required by company policy. All violations must be fixed unless an exemption is granted."), taxon1.getShortDescription());
Taxon taxon2 = sortedTaxaMap.get("RQL1002");
assertNotNull(taxon2);
assertEquals("Recommended", taxon2.getName());
assertEquals(new Message("Rules in this category are recommended but not required by company policy. Violations should be fixed but an exemption is not required to suppress a result."), taxon2.getShortDescription());
}
Also used :
Message(com.mercedesbenz.sechub.sarif.model.Message)
Report(com.mercedesbenz.sechub.sarif.model.Report)
Taxonomy(com.mercedesbenz.sechub.sarif.model.Taxonomy)
Taxon(com.mercedesbenz.sechub.sarif.model.Taxon)
Run(com.mercedesbenz.sechub.sarif.model.Run)
TreeMap(java.util.TreeMap)
File(java.io.File)
Test(org.junit.jupiter.api.Test)
Example 3 with Run
use of com.mercedesbenz.sechub.sarif.model.Run in project sechub by mercedes-benz.
the class SarifReportSupportTest method microsoft_sarif_tutorial_codeflow_example.
@Test
void microsoft_sarif_tutorial_codeflow_example() throws IOException {
/* prepare */
File codeFlowReportFile = new File(sarifTutorialSamplesFolder, "CodeFlows.sarif");
/* execute */
Report report = supportToTest.loadReport(codeFlowReportFile);
/* test */
List<Run> runs = report.getRuns();
assertEquals(1, runs.size(), "there must be ONE run!");
Run run = runs.iterator().next();
List<Result> results = run.getResults();
assertEquals(1, results.size(), "there must be ONE result!");
Result result = results.iterator().next();
assertEquals("TUT1001", result.getRuleId());
assertEquals("Use of uninitialized variable.", result.getMessage().getText());
List<CodeFlow> codeFlows = result.getCodeFlows();
assertEquals(2, codeFlows.size());
}Example 4 with Run
use of com.mercedesbenz.sechub.sarif.model.Run in project sechub by mercedes-benz.
the class SarifReportSupportTest method microsoft_sarif_tutorial_taxonomies_example__result_defaultocnfiguraiton_level.
@Test
void microsoft_sarif_tutorial_taxonomies_example__result_defaultocnfiguraiton_level() throws IOException {
/* prepare */
File codeFlowReportFile = new File(sarifTutorialSamplesFolder, "Taxonomies.sarif");
/* execute */
Report report = supportToTest.loadReport(codeFlowReportFile);
/* test */
List<Run> runs = report.getRuns();
assertEquals(1, runs.size(), "there must be ONE run!");
Run run = runs.iterator().next();
List<Rule> rules = run.getTool().getDriver().getRules();
Map<String, Rule> sortedMap = new TreeMap<>();
for (Rule rule : rules) {
sortedMap.put(rule.getId(), rule);
}
Rule rule1 = sortedMap.get("TUT0001");
assertNotNull(rule1);
ReportingConfiguration defaultConfig1 = rule1.getDefaultConfiguration();
assertNotNull(defaultConfig1);
assertEquals(Level.ERROR, defaultConfig1.getLevel());
Rule rule2 = sortedMap.get("TUT0002");
assertNotNull(rule2);
ReportingConfiguration defaultConfig2 = rule2.getDefaultConfiguration();
assertNotNull(defaultConfig2);
assertEquals(Level.WARNING, defaultConfig2.getLevel());
}
Also used :
Report(com.mercedesbenz.sechub.sarif.model.Report)
Run(com.mercedesbenz.sechub.sarif.model.Run)
Rule(com.mercedesbenz.sechub.sarif.model.Rule)
TreeMap(java.util.TreeMap)
File(java.io.File)
ReportingConfiguration(com.mercedesbenz.sechub.sarif.model.ReportingConfiguration)
Test(org.junit.jupiter.api.Test)
Example 5 with Run
use of com.mercedesbenz.sechub.sarif.model.Run in project sechub by mercedes-benz.
the class SarifReportSupportTest method brakeman_sarif_example_with_tags__tags_can_be_fetched.
@Test
void brakeman_sarif_example_with_tags__tags_can_be_fetched() throws IOException {
/* prepare */
File codeFlowReportFile = new File(sarifBrakemanFolder, "sarif_2_1_0__brakeman_testfile_with_tags.sarif.json");
/* execute */
Report report = supportToTest.loadReport(codeFlowReportFile);
/* test */
List<Run> runs = report.getRuns();
assertEquals(1, runs.size(), "there must be ONE run!");
Run run = runs.iterator().next();
List<Result> results = run.getResults();
assertEquals(32, results.size(), "there must be 32 results!");
Result result = results.iterator().next();
Rule rule = supportToTest.fetchRuleForResult(result, run);
Set<String> tags = rule.getProperties().fetchTags();
assertNotNull(tags);
Set<String> expected = new LinkedHashSet<>();
expected.add("ContentTag");
expected.add("Tag2");
expected.add("Tag3");
assertEquals(expected, tags);
}Aggregations
Report (com.mercedesbenz.sechub.sarif.model.Report)6
Run (com.mercedesbenz.sechub.sarif.model.Run)6
File (java.io.File)5
Test (org.junit.jupiter.api.Test)5
Result (com.mercedesbenz.sechub.sarif.model.Result)3
TreeMap (java.util.TreeMap)3
Rule (com.mercedesbenz.sechub.sarif.model.Rule)2
CodeFlow (com.mercedesbenz.sechub.sarif.model.CodeFlow)1
Message (com.mercedesbenz.sechub.sarif.model.Message)1
ReportingConfiguration (com.mercedesbenz.sechub.sarif.model.ReportingConfiguration)1
Taxon (com.mercedesbenz.sechub.sarif.model.Taxon)1
Taxonomy (com.mercedesbenz.sechub.sarif.model.Taxonomy)1
SerecoMetaData (com.mercedesbenz.sechub.sereco.metadata.SerecoMetaData)1
IOException (java.io.IOException)1
LinkedHashSet (java.util.LinkedHashSet)1
