From f449065544f07109862005a68e82d769cf80e0b4 Mon Sep 17 00:00:00 2001 From: Eran Turgeman <81029514+eranturgeman@users.noreply.github.com> Date: Mon, 11 Sep 2023 09:36:34 +0300 Subject: [PATCH] Updating and Adding new tests for NuGet projects (#2187) --- .../{single => single4.0}/core/Multi1.cs | 0 .../core/Properties/AssemblyInfo.cs | 0 .../{single => single4.0}/core/core.csproj | 0 .../{single => single4.0}/core/core.nuspec | 0 .../core/packages.config | 0 .../nuget/{single => single4.0}/example.sln | 0 .../ClassLibrary1/ClassLibrary1.csproj | 22 ++++ .../xray/nuget/single5.0/TestSolution.sln | 29 +++++ xray_test.go | 113 +++++++++++++++--- 9 files changed, 148 insertions(+), 16 deletions(-) rename testdata/xray/nuget/{single => single4.0}/core/Multi1.cs (100%) rename testdata/xray/nuget/{single => single4.0}/core/Properties/AssemblyInfo.cs (100%) rename testdata/xray/nuget/{single => single4.0}/core/core.csproj (100%) rename testdata/xray/nuget/{single => single4.0}/core/core.nuspec (100%) rename testdata/xray/nuget/{single => single4.0}/core/packages.config (100%) rename testdata/xray/nuget/{single => single4.0}/example.sln (100%) create mode 100644 testdata/xray/nuget/single5.0/ClassLibrary1/ClassLibrary1.csproj create mode 100644 testdata/xray/nuget/single5.0/TestSolution.sln diff --git a/testdata/xray/nuget/single/core/Multi1.cs b/testdata/xray/nuget/single4.0/core/Multi1.cs similarity index 100% rename from testdata/xray/nuget/single/core/Multi1.cs rename to testdata/xray/nuget/single4.0/core/Multi1.cs diff --git a/testdata/xray/nuget/single/core/Properties/AssemblyInfo.cs b/testdata/xray/nuget/single4.0/core/Properties/AssemblyInfo.cs similarity index 100% rename from testdata/xray/nuget/single/core/Properties/AssemblyInfo.cs rename to testdata/xray/nuget/single4.0/core/Properties/AssemblyInfo.cs diff --git a/testdata/xray/nuget/single/core/core.csproj b/testdata/xray/nuget/single4.0/core/core.csproj similarity index 100% rename from testdata/xray/nuget/single/core/core.csproj rename to testdata/xray/nuget/single4.0/core/core.csproj diff --git a/testdata/xray/nuget/single/core/core.nuspec b/testdata/xray/nuget/single4.0/core/core.nuspec similarity index 100% rename from testdata/xray/nuget/single/core/core.nuspec rename to testdata/xray/nuget/single4.0/core/core.nuspec diff --git a/testdata/xray/nuget/single/core/packages.config b/testdata/xray/nuget/single4.0/core/packages.config similarity index 100% rename from testdata/xray/nuget/single/core/packages.config rename to testdata/xray/nuget/single4.0/core/packages.config diff --git a/testdata/xray/nuget/single/example.sln b/testdata/xray/nuget/single4.0/example.sln similarity index 100% rename from testdata/xray/nuget/single/example.sln rename to testdata/xray/nuget/single4.0/example.sln diff --git a/testdata/xray/nuget/single5.0/ClassLibrary1/ClassLibrary1.csproj b/testdata/xray/nuget/single5.0/ClassLibrary1/ClassLibrary1.csproj new file mode 100644 index 000000000..849a472aa --- /dev/null +++ b/testdata/xray/nuget/single5.0/ClassLibrary1/ClassLibrary1.csproj @@ -0,0 +1,22 @@ + + + + netstandard2.0 + AnyCPU;x64 + Some Compnay + Some product + Copyright © 2020 by Foobar. + 1.0.0 + + + + + + + + + + + + + diff --git a/testdata/xray/nuget/single5.0/TestSolution.sln b/testdata/xray/nuget/single5.0/TestSolution.sln new file mode 100644 index 000000000..28ab809cb --- /dev/null +++ b/testdata/xray/nuget/single5.0/TestSolution.sln @@ -0,0 +1,29 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio Version 16 +VisualStudioVersion = 16.0.32106.194 +MinimumVisualStudioVersion = 10.0.40219.1 +Project("{FAE04EC0-301F-11D3-BF4B-00C04F79EFBC}") = "ClassLibrary1", "ClassLibrary1\ClassLibrary1.csproj", "{D9C89660-69F8-46E2-B9C4-78E9B505E8B1}" +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|Any CPU = Debug|Any CPU + Release|Any CPU = Release|Any CPU + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {757C1D5A-BAA9-453F-B612-A0571390976B}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {757C1D5A-BAA9-453F-B612-A0571390976B}.Debug|Any CPU.Build.0 = Debug|Any CPU + {757C1D5A-BAA9-453F-B612-A0571390976B}.Release|Any CPU.ActiveCfg = Release|Any CPU + {757C1D5A-BAA9-453F-B612-A0571390976B}.Release|Any CPU.Build.0 = Release|Any CPU + {D9C89660-69F8-46E2-B9C4-78E9B505E8B1}.Debug|Any CPU.ActiveCfg = Debug|Any CPU + {D9C89660-69F8-46E2-B9C4-78E9B505E8B1}.Debug|Any CPU.Build.0 = Debug|Any CPU + {D9C89660-69F8-46E2-B9C4-78E9B505E8B1}.Release|Any CPU.ActiveCfg = Release|Any CPU + {D9C89660-69F8-46E2-B9C4-78E9B505E8B1}.Release|Any CPU.Build.0 = Release|Any CPU + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection + GlobalSection(ExtensibilityGlobals) = postSolution + SolutionGuid = {D8547989-C4F7-4FCC-95BB-F7478F7D2484} + EndGlobalSection +EndGlobal diff --git a/xray_test.go b/xray_test.go index 6825ec193..8137e826f 100644 --- a/xray_test.go +++ b/xray_test.go @@ -210,24 +210,102 @@ func runXrayAuditYarnWithOutput(t *testing.T, format string) string { return xrayCli.RunCliCmdWithOutput(t, "audit", "--yarn", "--licenses", "--format="+format) } -// Tests NuGet audit by providing simple NuGet project and asserts any error. +// Tests NuGet audit by providing simple NuGet project + multi-project NuGet project and asserts any error. func TestXrayAuditNugetJson(t *testing.T) { - output := testXrayAuditNuget(t, "single", string(utils.Json)) - verifyJsonScanResults(t, output, 0, 2, 0) + var testdata = []struct { + projectName string + format string + restoreTech string + minVulnerabilities int + minLicences int + }{ + { + projectName: "single4.0", + format: string(utils.Json), + restoreTech: "nuget", + minVulnerabilities: 2, + minLicences: 0, + }, + { + projectName: "single5.0", + format: string(utils.Json), + restoreTech: "dotnet", + minVulnerabilities: 3, + minLicences: 2, + }, + { + projectName: "single5.0", + format: string(utils.Json), + restoreTech: "", + minVulnerabilities: 3, + minLicences: 2, + }, + { + projectName: "multi", + format: string(utils.Json), + restoreTech: "dotnet", + minVulnerabilities: 5, + minLicences: 3, + }, + { + projectName: "multi", + format: string(utils.Json), + restoreTech: "", + minVulnerabilities: 5, + minLicences: 3, + }, + } + for _, test := range testdata { + runInstallCommand := test.restoreTech != "" + t.Run(fmt.Sprintf("projectName:%s,runInstallCommand:%t", test.projectName, runInstallCommand), + func(t *testing.T) { + output := testXrayAuditNuget(t, test.projectName, test.format, test.restoreTech) + verifyJsonScanResults(t, output, 0, test.minVulnerabilities, test.minLicences) + }) + } } func TestXrayAuditNugetSimpleJson(t *testing.T) { - output := testXrayAuditNuget(t, "single", string(utils.SimpleJson)) - verifySimpleJsonScanResults(t, output, 2, 0) -} - -// Tests NuGet audit by providing a multi-project NuGet project and asserts any error. -func TestXrayAuditNugetMultiProject(t *testing.T) { - output := testXrayAuditNuget(t, "multi", string(utils.Json)) - verifyJsonScanResults(t, output, 0, 5, 0) + var testdata = []struct { + projectName string + format string + restoreTech string + minVulnerabilities int + minLicences int + }{ + { + projectName: "single4.0", + format: string(utils.SimpleJson), + restoreTech: "nuget", + minVulnerabilities: 2, + minLicences: 0, + }, + { + projectName: "single5.0", + format: string(utils.SimpleJson), + restoreTech: "dotnet", + minVulnerabilities: 3, + minLicences: 2, + }, + { + projectName: "single5.0", + format: string(utils.SimpleJson), + restoreTech: "", + minVulnerabilities: 3, + minLicences: 2, + }, + } + for _, test := range testdata { + runInstallCommand := test.restoreTech != "" + t.Run(fmt.Sprintf("projectName:%s,runInstallCommand:%t", test.projectName, runInstallCommand), + func(t *testing.T) { + output := testXrayAuditNuget(t, test.projectName, test.format, test.restoreTech) + verifySimpleJsonScanResults(t, output, test.minVulnerabilities, test.minLicences) + }) + } } -func testXrayAuditNuget(t *testing.T, projectName, format string) string { +func testXrayAuditNuget(t *testing.T, projectName, format string, restoreTech string) string { initXrayTest(t, scangraph.GraphScanMinXrayVersion) tempDirPath, createTempDirCallback := coretests.CreateTempDirWithCallbackAndAssert(t) defer createTempDirCallback() @@ -238,9 +316,12 @@ func testXrayAuditNuget(t *testing.T, projectName, format string) string { defer clientTestUtils.ChangeDirAndAssert(t, prevWd) // Add dummy descriptor file to check that we run only specific audit addDummyPackageDescriptor(t, false) - // Run NuGet restore before executing jfrog xr audit (NuGet) - assert.NoError(t, exec.Command("nuget", "restore").Run()) - return xrayCli.RunCliCmdWithOutput(t, "audit", "--nuget", "--format="+format) + // Run NuGet/Dotnet restore before executing jfrog xr audit (NuGet) + if restoreTech != "" { + _, err := exec.Command(restoreTech, "restore").CombinedOutput() + assert.NoError(t, err) + } + return xrayCli.RunCliCmdWithOutput(t, "audit", "--nuget", "--format="+format, "--licenses") } func TestXrayAuditGradleJson(t *testing.T) { @@ -328,7 +409,7 @@ func TestXrayAuditMultiProjects(t *testing.T) { // Copy the multi project from the testdata to a temp dir assert.NoError(t, biutils.CopyDir(multiProject, tempDirPath, true, nil)) workingDirsFlag := fmt.Sprintf("--working-dirs=%s, %s ,%s, %s", - filepath.Join(tempDirPath, "maven"), filepath.Join(tempDirPath, "nuget", "single"), + filepath.Join(tempDirPath, "maven"), filepath.Join(tempDirPath, "nuget", "single4.0"), filepath.Join(tempDirPath, "python", "pip"), filepath.Join(tempDirPath, "jas-test")) // Configure a new server named "default" createJfrogHomeConfig(t, true)