tests: Unit tests refactor #718
Labels
good first issue
Good for newcomers
kind/improvement
This issue is not a Bug nor a Feature
kind/tests
This issue is related with tests
project/horusec-cli
This issue is related to the project https://github.com/ZupIT/horusec
Comments
iancardosozup
added
kind/improvement
|
I would like to understand how line and code works on tests. |
Hi @filipemelo. If your doubt is about the engine tests, the code and line are idenfied according to the regex type. An example, if the rule is of the This implementation is kept in another repository, and can be found here |
wiliansilvazup
changed the title
matheusalcantarazup
added a commit
that referenced
this issue
Nov 9, 2021
This commit add new tests to cover Sonarqube output type and add asserts to check if what was printed is correctly. The tests was changed to use table testings approach to make more easily to add a new testcase. The PrintResults implementation was improved too. Basically a new io.Writer field was added to customize where we will write outputs. The default constructor will always write to Stdout, but on tests we use a custom BufferString to write. This commit also make some improvements on code organization and private method names. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Nov 9, 2021
This commit add new tests to cover Sonarqube output type and add asserts to check if what was printed is correctly. The tests was changed to use table testings approach to make more easily to add a new testcase. The PrintResults implementation was improved too. Basically a new io.Writer field was added to customize where we will write outputs. The default constructor will always write to Stdout, but on tests we use a custom BufferString to write. This commit also make some improvements on code organization and private method names. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Nov 10, 2021
This commit add new tests to cover Sonarqube output type and add asserts to check if what was printed is correctly. The tests was changed to use table testings approach to make more easily to add a new testcase. The PrintResults implementation was improved too. Basically a new io.Writer field was added to customize where we will write outputs. The default constructor will always write to Stdout, but on tests we use a custom BufferString to write. This commit also make some improvements on code organization and private method names. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Nov 10, 2021
This commit add new tests to cover Sonarqube output type and add asserts to check if what was printed is correctly. The tests was changed to use table testings approach to make more easily to add a new testcase. The PrintResults implementation was improved too. Basically a new io.Writer field was added to customize where we will write outputs. The default constructor will always write to Stdout, but on tests we use a custom BufferString to write. This commit also make some improvements on code organization and private method names. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Nov 11, 2021
This commit add new tests to cover Sonarqube output type and add asserts to check if what was printed is correctly. The tests was changed to use table testings approach to make more easily to add a new testcase. The PrintResults implementation was improved too. Basically a new io.Writer field was added to customize where we will write outputs. The default constructor will always write to Stdout, but on tests we use a custom BufferString to write. This commit also make some improvements on code organization and private method names. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Nov 11, 2021
Previously the toolsconfig package does not have any unit tests and the
public functions and types was a bit confused, since two types was
exported to represents the same "thing".
This commit implements the tests to cover scenarios of toolsconfig
parsing.
This commit also rename ToolsConfigStruct to toolsConfig and also made
private, since this struct is only used as schema to parse the values
and only the Map type is used by other packages. The Map and Config
struct was also renamed to don't be repetitive on names.
The function ParseInterfaceToMapToolsConfig was also renamed to
MustParseToolsConfig to follow the Go standards of functions that can
cause errors that will be not returned. The signature was also changed
to avoid bugs when accepting an empty interface{}, since the viper will
always return a map[string]interface{} when we get the tools config from
config file, this function does not need to accept an empty interface.
Updates #718
Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Nov 11, 2021
Previously the toolsconfig package does not have any unit tests and the
public functions and types was a bit confused, since two types was
exported to represents the same "thing".
This commit implements the tests to cover scenarios of toolsconfig
parsing.
This commit also rename ToolsConfigStruct to toolsConfig and also made
private, since this struct is only used as schema to parse the values
and only the Map type is used by other packages. The Map and Config
struct was also renamed to don't be repetitive on names.
The function ParseInterfaceToMapToolsConfig was also renamed to
MustParseToolsConfig to follow the Go standards of functions that can
cause errors that will be not returned. The signature was also changed
to avoid bugs when accepting an empty interface{}, since the viper will
always return a map[string]interface{} when we get the tools config from
config file, this function does not need to accept an empty interface.
A new function Default was also created to return the default values
from tools config.
Updates #718
Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Nov 11, 2021
Previously the toolsconfig package does not have any unit tests and the
public functions and types was a bit confused, since two types was
exported to represents the same "thing".
This commit implements the tests to cover scenarios of toolsconfig
parsing.
This commit also rename ToolsConfigStruct to toolsConfig and also made
private, since this struct is only used as schema to parse the values
and only the Map type is used by other packages. The Map and Config
struct was also renamed to don't be repetitive on names.
The function ParseInterfaceToMapToolsConfig was also renamed to
MustParseToolsConfig to follow the Go standards of functions that can
cause errors that will be not returned. The signature was also changed
to avoid bugs when accepting an empty interface{}, since the viper will
always return a map[string]interface{} when we get the tools config from
config file, this function does not need to accept an empty interface.
A new function Default was also created to return the default values
from tools config.
Updates #718
Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Nov 11, 2021
Previously the toolsconfig package does not have any unit tests and the
public functions and types was a bit confused, since two types was
exported to represents the same "thing".
This commit implements the tests to cover scenarios of toolsconfig
parsing.
This commit also rename ToolsConfigStruct to toolsConfig and also made
private, since this struct is only used as schema to parse the values
and only the Map type is used by other packages. The Map and Config
struct was also renamed to don't be repetitive on names.
The function ParseInterfaceToMapToolsConfig was also renamed to
MustParseToolsConfig to follow the Go standards of functions that can
cause errors that will be not returned. The signature was also changed
to avoid bugs when accepting an empty interface{}, since the viper will
always return a map[string]interface{} when we get the tools config from
config file, this function does not need to accept an empty interface.
A new function Default was also created to return the default values
from tools config.
Updates #718
Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Nov 12, 2021
Previously the toolsconfig package does not have any unit tests and the
public functions and types was a bit confused, since two types was
exported to represents the same "thing".
This commit implements the tests to cover scenarios of toolsconfig
parsing.
This commit also rename ToolsConfigStruct to toolsConfig and also made
private, since this struct is only used as schema to parse the values
and only the Map type is used by other packages. The Map and Config
struct was also renamed to don't be repetitive on names.
The function ParseInterfaceToMapToolsConfig was also renamed to
MustParseToolsConfig to follow the Go standards of functions that can
cause errors that will be not returned. The signature was also changed
to avoid bugs when accepting an empty interface{}, since the viper will
always return a map[string]interface{} when we get the tools config from
config file, this function does not need to accept an empty interface.
A new function Default was also created to return the default values
from tools config.
Updates #718
Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Nov 12, 2021
Previously the implementation of CustomImages map was a bit redundant. Basically a map[string]string was created using the string representation of each languages.language as key, and when were we going to access this map we always receive a languages.Language and need to get the string representation of this language, which make an unnecessary type casting. This commit change the type of CustomImages to store a languages.Language as key and avoid these type casting. The function `NewCustomImages` was renamed to `Default` to make more clear and a new function `MustParseCustomImages` was created to parse the input taken from Viper. This commit also add some new tests to assert the default values and test the parsing. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Nov 12, 2021
Previously the implementation of CustomImages map was a bit redundant. Basically a map[string]string was created using the string representation of each languages.language as key, and when were we going to access this map we always receive a languages.Language and need to get the string representation of this language, which make an unnecessary type casting. This commit change the type of CustomImages to store a languages.Language as key and avoid these type casting. The function `NewCustomImages` was renamed to `Default` to make more clear and a new function `MustParseCustomImages` was created to parse the input taken from Viper. This commit also add some new tests to assert the default values and test the parsing. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Nov 16, 2021
Update #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Nov 16, 2021
Previously the testcases of vulnhash package does not assert the generated hash using all the fields used to generate the hash. This commit change the testcases to assert the generated hash with all fields filled. The testcase also was change to assert the valid and invalid generated hash Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Nov 17, 2021
Previously the implementation of CustomImages map was a bit redundant. Basically a map[string]string was created using the string representation of each languages.language as key, and when were we going to access this map we always receive a languages.Language and need to get the string representation of this language, which make an unnecessary type casting. This commit change the type of CustomImages to store a languages.Language as key and avoid these type casting. The function `NewCustomImages` was renamed to `Default` to make more clear and a new function `MustParseCustomImages` was created to parse the input taken from Viper. This commit also add some new tests to assert the default values and test the parsing. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
nathanmartinszup
pushed a commit
that referenced
this issue
Nov 17, 2021
) Update #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Nov 17, 2021
Previously the testcases of vulnhash package does not assert the generated hash using all the fields used to generate the hash. This commit change the testcases to assert the generated hash with all fields filled. The testcase also was change to assert the valid and invalid generated hash Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Nov 17, 2021
Previously if some symlink exists on project path during the copy we was creating a directory instead evaluating the sysmlink. Evaluating the symlink makes us need to deal with several scenarios, such as, how should we copy a file to the .horuse folder when it is not in the project path? Another scenario would be how do we handle symlinks from files that don't exist on the user's machine? With that in mind, this commit changes the behavior of the `Copy` function to ignore symlinks by default and only copy directories and files. Since previously we were no longer analyzing sysmlinks, this change will not be noticed by the user. This commit also change the assertiveness of tests to check if all files and directories was copied correctly. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Nov 17, 2021
Previously if some symlink exists on project path during the copy we was creating a directory instead evaluating the sysmlink. Evaluating the symlink makes us need to deal with several scenarios, such as, how should we copy a file to the .horuse folder when it is not in the project path? Another scenario would be how do we handle symlinks from files that don't exist on the user's machine? With that in mind, this commit changes the behavior of the `Copy` function to ignore symlinks by default and only copy directories and files. Since previously we were no longer analyzing sysmlinks, this change will not be noticed by the user. This commit also change the assertiveness of tests to check if all files and directories was copied correctly. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Dec 23, 2021
This commit add some new asserts on successful parsing Trivy results, to verify that all fields of Vulnerability was filled. Some code organization was also made, and the entities packages was removed and the Trivy schema output was moved to trivy package. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Dec 23, 2021
This commit add some new asserts on successful parsing Checkov results to verify that all fields of Vulnerability was filled. Some code organization was also made, and the entities packages was removed and the Checkov schema output was moved to checkov package. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Dec 23, 2021
This commit add some new asserts on successful parsing Checkov results to verify that all fields of Vulnerability was filled. Some code organization was also made, and the entities packages was removed and the Checkov schema output was moved to checkov package. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Dec 23, 2021
This commit add some new asserts on successful parsing tfsec results to verify that all fields of Vulnerability was filled. Some code organization was also made, and the entities packages was removed and the tfsec schema output was moved to tfsec package. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Dec 23, 2021
This commit add some new asserts on successful parsing npm results to verify that all fields of Vulnerability was filled. Note that the test cases from `TestParseOutputNpm` was moved to `TestNpmAuditParseOutput` to centralize all tests as it is done in the other tests of the other formatters. Some code organization was also made, and the entities packages was removed and the npm schema output was moved to npmaudit package. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
wiliansilvazup
pushed a commit
that referenced
this issue
Dec 27, 2021
This commit add some new asserts on successful parsing dependency check results, to verify that all fields of Vulnerability was filled. Some code organization was also made, and the entities packages was removed and the dependency check schema output was moved to dependencycheck package. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
wiliansilvazup
pushed a commit
that referenced
this issue
Dec 27, 2021
This commit add some new asserts on successful parsing Mix Audit results, to verify that all fields of Vulnerability was filled. Some code organization was also made, and the entities packages was removed and the mix audit schema output was moved to mixaudit package. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
wiliansilvazup
pushed a commit
that referenced
this issue
Dec 27, 2021
This commit add some new asserts on successful parsing Sobelow results, to verify that all fields of Vulnerability was filled. Some code organization was also made, and the entities packages was removed and the Sobelow schema output was moved to sobelow package. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
wiliansilvazup
pushed a commit
that referenced
this issue
Dec 27, 2021
This commit add some new asserts on successful parsing Trivy results, to verify that all fields of Vulnerability was filled. Some code organization was also made, and the entities packages was removed and the Trivy schema output was moved to trivy package. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
wiliansilvazup
pushed a commit
that referenced
this issue
Dec 27, 2021
This commit add some new asserts on successful parsing Checkov results to verify that all fields of Vulnerability was filled. Some code organization was also made, and the entities packages was removed and the Checkov schema output was moved to checkov package. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
wiliansilvazup
pushed a commit
that referenced
this issue
Dec 27, 2021
This commit add some new asserts on successful parsing tfsec results to verify that all fields of Vulnerability was filled. Some code organization was also made, and the entities packages was removed and the tfsec schema output was moved to tfsec package. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
wiliansilvazup
pushed a commit
that referenced
this issue
Dec 27, 2021
This commit add some new asserts on successful parsing npm results to verify that all fields of Vulnerability was filled. Note that the test cases from `TestParseOutputNpm` was moved to `TestNpmAuditParseOutput` to centralize all tests as it is done in the other tests of the other formatters. Some code organization was also made, and the entities packages was removed and the npm schema output was moved to npmaudit package. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Jan 3, 2022
This commit add some new asserts on successful parsing yarn results to verify that all fields of Vulnerability was filled. Note that the test cases from `TestParseOutputNpm`(yes, it was misspelled) was moved to `TestYarnAuditParseOutput` to centralize all tests as it is done in the other tests of the other formatters. Some code organization was also made, and the entities packages was removed and the yarn schema output was moved to yarnaudit package. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Jan 3, 2022
This commit add some new asserts on successful parsing yarn results to verify that all fields of Vulnerability was filled. Note that the test cases from `TestParseOutputNpm`(yes, it was misspelled) was moved to `TestYarnAuditParseOutput` to centralize all tests as it is done in the other tests of the other formatters. Some code organization was also made, and the entities packages was removed and the yarn schema output was moved to yarnaudit package. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Jan 14, 2022
This commit add some new asserts on successful parsing bundler results to verify that all fields of Vulnerability was filled. Some code organization was also made, and the entities and enum packages was removed and the bundler schema output was moved to bundler package. This commit also fix a bug when parsing invalid output from Bundler. The `strings.Split(output, "Name:")` on `parseOutput` return a list with one element when the split fails, so when Bundler return an output that is not expected we still try to parse this invalid output which results invalid vulnerabilities. To fix this a validation was added before the split to check if output contains the `Name:` field. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Jan 14, 2022
This commit add some new asserts on successful parsing bundler results to verify that all fields of Vulnerability was filled. Some code organization was also made, and the entities and enum packages was removed and the bundler schema output was moved to bundler package. This commit also fix a bug when parsing invalid output from Bundler. The `strings.Split(output, "Name:")` on `parseOutput` return a list with one element when the split fails, so when Bundler return an output that is not expected we still try to parse this invalid output which results invalid vulnerabilities. To fix this a validation was added before the split to check if output contains the `Name:` field. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Jan 14, 2022
This commit add some new asserts on successful parsing bundler results to verify that all fields of Vulnerability was filled. Some code organization was also made, and the entities and enum packages was removed and the bundler schema output was moved to bundler package. This commit also fix a bug when parsing invalid output from Bundler. The `strings.Split(output, "Name:")` on `parseOutput` return a list with one element when the split fails, so when Bundler return an output that is not expected we still try to parse this invalid output which results invalid vulnerabilities. To fix this a validation was added before the split to check if output contains the `Name:` field. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Jan 19, 2022
This commit add some new asserts on successful parsing bundler results to verify that all fields of Vulnerability was filled. Some code organization was also made, and the entities and enum packages was removed and the bundler schema output was moved to bundler package. This commit also fix a bug when parsing invalid output from Bundler. The `strings.Split(output, "Name:")` on `parseOutput` return a list with one element when the split fails, so when Bundler return an output that is not expected we still try to parse this invalid output which results invalid vulnerabilities. To fix this a validation was added before the split to check if output contains the `Name:` field. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]>
matheusalcantarazup
added a commit
that referenced
this issue
Jan 21, 2022
This commit add some new asserts on successful parsing bundler results to verify that all fields of Vulnerability was filled. Some code organization was also made, and the entities and enum packages was removed and the bundler schema output was moved to bundler package. This commit also fix a bug when parsing invalid output from Bundler. The `strings.Split(output, "Name:")` on `parseOutput` return a list with one element when the split fails, so when Bundler return an output that is not expected we still try to parse this invalid output which results invalid vulnerabilities. To fix this a validation was added before the split to check if output contains the `Name:` field. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]> (cherry picked from commit 112e82e)
matheusalcantarazup
added
the
project/horusec-cli
nathanmartinszup
pushed a commit
that referenced
this issue
Feb 10, 2022
This commit add some new asserts on successful parsing yarn results to verify that all fields of Vulnerability was filled. Note that the test cases from `TestParseOutputNpm`(yes, it was misspelled) was moved to `TestYarnAuditParseOutput` to centralize all tests as it is done in the other tests of the other formatters. Some code organization was also made, and the entities packages was removed and the yarn schema output was moved to yarnaudit package. Updates #718 Signed-off-by: Matheus Alcantara <[email protected]> (cherry picked from commit f2c500d)
|
Hi, I was thinking of taking the I know I need to write tests or refactor them, I need to know what the endgoal/outcome is. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We currently refactoring unit test in every package of horusec, and we have a lot of code to cover. I'm opening this issue as a report and invite to community to contribute and improve our application. Currently i'm in start package refactor and we have some cases to cover and you can base on #701 to write your code
Update: Since #731 we moved flags constants to package testutil you should use them instead of the old way to write your code
Tests to be implemented of the start command:
"--analysis-timeout""--authorization"--certificate-path""--container-bind-project-path""--disable-docker""--enable-commit-author""--enable-git-history""--enable-owasp-dependency-check""--enable-shellcheck""--false-positive""--headers""--horusec-url""--ignore""--ignore-severity""--information-severity""--insecure-skip-verify""--json-output-file""--monitor-retry-count""--output-format""--project-path""--repository-name""--request-timeout""--return-error""--risk-accept""--show-vulnerabilities-types"Tests of the packages
The text was updated successfully, but these errors were encountered: