Welcome to mirror list, hosted at ThFree Co, Russian Federation.

gitlab.com/gitlab-org/gitlab-foss.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
path: root/spec/lib/gitlab/ci/parsers/security/validators/schema_validator_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/lib/gitlab/ci/parsers/security/validators/schema_validator_spec.rb')
-rw-r--r--spec/lib/gitlab/ci/parsers/security/validators/schema_validator_spec.rb273
1 files changed, 117 insertions, 156 deletions
diff --git a/spec/lib/gitlab/ci/parsers/security/validators/schema_validator_spec.rb b/spec/lib/gitlab/ci/parsers/security/validators/schema_validator_spec.rb
index 7828aa99f6a..e730afc72b5 100644
--- a/spec/lib/gitlab/ci/parsers/security/validators/schema_validator_spec.rb
+++ b/spec/lib/gitlab/ci/parsers/security/validators/schema_validator_spec.rb
@@ -19,8 +19,72 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Validators::SchemaValidator do
}
end
+ let(:report_data) do
+ {
+ 'scan' => {
+ 'analyzer' => {
+ 'id' => 'my-dast-analyzer',
+ 'name' => 'My DAST analyzer',
+ 'version' => '0.1.0',
+ 'vendor' => { 'name' => 'A DAST analyzer' }
+ },
+ 'end_time' => '2020-01-28T03:26:02',
+ 'scanned_resources' => [],
+ 'scanner' => {
+ 'id' => 'my-dast-scanner',
+ 'name' => 'My DAST scanner',
+ 'version' => '0.2.0',
+ 'vendor' => { 'name' => 'A DAST scanner' }
+ },
+ 'start_time' => '2020-01-28T03:26:01',
+ 'status' => 'success',
+ 'type' => 'dast'
+ },
+ 'version' => report_version,
+ 'vulnerabilities' => []
+ }
+ end
+
let(:validator) { described_class.new(report_type, report_data, report_version, project: project, scanner: scanner) }
+ shared_examples 'report is valid' do
+ context 'and the report is valid' do
+ it { is_expected.to be_truthy }
+ end
+ end
+
+ shared_examples 'logs related information' do
+ it 'logs related information' do
+ expect(Gitlab::AppLogger).to receive(:info).with(
+ message: "security report schema validation problem",
+ security_report_type: report_type,
+ security_report_version: report_version,
+ project_id: project.id,
+ security_report_failure: security_report_failure,
+ security_report_scanner_id: 'gemnasium',
+ security_report_scanner_version: '2.1.0'
+ )
+
+ subject
+ end
+ end
+
+ shared_examples 'report is invalid' do
+ context 'and the report is invalid' do
+ let(:report_data) do
+ {
+ 'version' => report_version
+ }
+ end
+
+ let(:security_report_failure) { 'schema_validation_fails' }
+
+ it { is_expected.to be_falsey }
+
+ it_behaves_like 'logs related information'
+ end
+ end
+
describe 'SUPPORTED_VERSIONS' do
schema_path = Rails.root.join("lib", "gitlab", "ci", "parsers", "security", "validators", "schemas")
@@ -75,80 +139,16 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Validators::SchemaValidator do
(latest_vendored_version[0...2] << "34").join(".")
end
- context 'and the report is valid' do
- let(:report_data) do
- {
- 'version' => report_version,
- 'vulnerabilities' => []
- }
- end
-
- it { is_expected.to be_truthy }
- end
-
- context 'and the report is invalid' do
- let(:report_data) do
- {
- 'version' => report_version
- }
- end
-
- it { is_expected.to be_falsey }
-
- it 'logs related information' do
- expect(Gitlab::AppLogger).to receive(:info).with(
- message: "security report schema validation problem",
- security_report_type: report_type,
- security_report_version: report_version,
- project_id: project.id,
- security_report_failure: 'schema_validation_fails',
- security_report_scanner_id: 'gemnasium',
- security_report_scanner_version: '2.1.0'
- )
-
- subject
- end
- end
+ it_behaves_like 'report is valid'
+ it_behaves_like 'report is invalid'
end
context 'when given a supported schema version' do
let(:report_type) { :dast }
let(:report_version) { described_class::SUPPORTED_VERSIONS[report_type].last }
- context 'and the report is valid' do
- let(:report_data) do
- {
- 'version' => report_version,
- 'vulnerabilities' => []
- }
- end
-
- it { is_expected.to be_truthy }
- end
-
- context 'and the report is invalid' do
- let(:report_data) do
- {
- 'version' => report_version
- }
- end
-
- it { is_expected.to be_falsey }
-
- it 'logs related information' do
- expect(Gitlab::AppLogger).to receive(:info).with(
- message: "security report schema validation problem",
- security_report_type: report_type,
- security_report_version: report_version,
- project_id: project.id,
- security_report_failure: 'schema_validation_fails',
- security_report_scanner_id: 'gemnasium',
- security_report_scanner_version: '2.1.0'
- )
-
- subject
- end
- end
+ it_behaves_like 'report is valid'
+ it_behaves_like 'report is invalid'
end
context 'when given a deprecated schema version' do
@@ -173,21 +173,11 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Validators::SchemaValidator do
}
end
+ let(:security_report_failure) { 'using_deprecated_schema_version' }
+
it { is_expected.to be_truthy }
- it 'logs related information' do
- expect(Gitlab::AppLogger).to receive(:info).with(
- message: "security report schema validation problem",
- security_report_type: report_type,
- security_report_version: report_version,
- project_id: project.id,
- security_report_failure: 'using_deprecated_schema_version',
- security_report_scanner_id: 'gemnasium',
- security_report_scanner_version: '2.1.0'
- )
-
- subject
- end
+ it_behaves_like 'logs related information'
end
context 'and the report does not pass schema validation' do
@@ -213,21 +203,11 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Validators::SchemaValidator do
}
end
+ let(:security_report_failure) { 'using_unsupported_schema_version' }
+
it { is_expected.to be_falsey }
- it 'logs related information' do
- expect(Gitlab::AppLogger).to receive(:info).with(
- message: "security report schema validation problem",
- security_report_type: report_type,
- security_report_version: report_version,
- project_id: project.id,
- security_report_failure: 'using_unsupported_schema_version',
- security_report_scanner_id: 'gemnasium',
- security_report_scanner_version: '2.1.0'
- )
-
- subject
- end
+ it_behaves_like 'logs related information'
end
context 'and the report is invalid' do
@@ -282,6 +262,16 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Validators::SchemaValidator do
end
end
+ shared_examples 'report is valid with no error' do
+ context 'and the report is valid' do
+ it { is_expected.to be_empty }
+ end
+ end
+
+ shared_examples 'report with expected errors' do
+ it { is_expected.to match_array(expected_errors) }
+ end
+
describe '#errors' do
subject { validator.errors }
@@ -289,16 +279,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Validators::SchemaValidator do
let(:report_type) { :dast }
let(:report_version) { described_class::SUPPORTED_VERSIONS[report_type].last }
- context 'and the report is valid' do
- let(:report_data) do
- {
- 'version' => report_version,
- 'vulnerabilities' => []
- }
- end
-
- it { is_expected.to be_empty }
- end
+ it_behaves_like 'report is valid with no error'
context 'and the report is invalid' do
let(:report_data) do
@@ -309,11 +290,11 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Validators::SchemaValidator do
let(:expected_errors) do
[
- 'root is missing required keys: vulnerabilities'
+ 'root is missing required keys: scan, vulnerabilities'
]
end
- it { is_expected.to match_array(expected_errors) }
+ it_behaves_like 'report with expected errors'
end
end
@@ -331,16 +312,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Validators::SchemaValidator do
stub_const("#{described_class}::DEPRECATED_VERSIONS", deprecations_hash)
end
- context 'and the report passes schema validation' do
- let(:report_data) do
- {
- 'version' => '10.0.0',
- 'vulnerabilities' => []
- }
- end
-
- it { is_expected.to be_empty }
- end
+ it_behaves_like 'report is valid with no error'
context 'and the report does not pass schema validation' do
let(:report_data) do
@@ -356,7 +328,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Validators::SchemaValidator do
]
end
- it { is_expected.to match_array(expected_errors) }
+ it_behaves_like 'report with expected errors'
end
end
@@ -383,7 +355,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Validators::SchemaValidator do
]
end
- it { is_expected.to match_array(expected_errors) }
+ it_behaves_like 'report with expected errors'
end
context 'and the report is invalid' do
@@ -400,7 +372,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Validators::SchemaValidator do
]
end
- it { is_expected.to match_array(expected_errors) }
+ it_behaves_like 'report with expected errors'
end
end
@@ -426,10 +398,27 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Validators::SchemaValidator do
]
end
- it { is_expected.to match_array(expected_errors) }
+ it_behaves_like 'report with expected errors'
end
end
+ shared_examples 'report is valid with no warning' do
+ context 'and the report is valid' do
+ let(:report_data) do
+ {
+ 'version' => report_version,
+ 'vulnerabilities' => []
+ }
+ end
+
+ it { is_expected.to be_empty }
+ end
+ end
+
+ shared_examples 'report with expected warnings' do
+ it { is_expected.to match_array(expected_deprecation_warnings) }
+ end
+
describe '#deprecation_warnings' do
subject { validator.deprecation_warnings }
@@ -491,7 +480,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Validators::SchemaValidator do
}
end
- it { is_expected.to match_array(expected_deprecation_warnings) }
+ it_behaves_like 'report with expected warnings'
end
context 'and the report does not pass schema validation' do
@@ -501,7 +490,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Validators::SchemaValidator do
}
end
- it { is_expected.to match_array(expected_deprecation_warnings) }
+ it_behaves_like 'report with expected warnings'
end
end
@@ -516,7 +505,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Validators::SchemaValidator do
}
end
- it { is_expected.to match_array(expected_deprecation_warnings) }
+ it_behaves_like 'report with expected warnings'
end
end
@@ -561,21 +550,11 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Validators::SchemaValidator do
}
end
+ let(:security_report_failure) { 'schema_validation_fails' }
+
it { is_expected.to match_array([message]) }
- it 'logs related information' do
- expect(Gitlab::AppLogger).to receive(:info).with(
- message: "security report schema validation problem",
- security_report_type: report_type,
- security_report_version: report_version,
- project_id: project.id,
- security_report_failure: 'schema_validation_fails',
- security_report_scanner_id: 'gemnasium',
- security_report_scanner_version: '2.1.0'
- )
-
- subject
- end
+ it_behaves_like 'logs related information'
end
end
@@ -583,16 +562,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Validators::SchemaValidator do
let(:report_type) { :dast }
let(:report_version) { described_class::SUPPORTED_VERSIONS[report_type].last }
- context 'and the report is valid' do
- let(:report_data) do
- {
- 'version' => report_version,
- 'vulnerabilities' => []
- }
- end
-
- it { is_expected.to be_empty }
- end
+ it_behaves_like 'report is valid with no warning'
context 'and the report is invalid' do
let(:report_data) do
@@ -644,16 +614,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Validators::SchemaValidator do
let(:report_type) { :dast }
let(:report_version) { "12.37.0" }
- context 'and the report is valid' do
- let(:report_data) do
- {
- 'version' => report_version,
- 'vulnerabilities' => []
- }
- end
-
- it { is_expected.to be_empty }
- end
+ it_behaves_like 'report is valid with no warning'
context 'and the report is invalid' do
let(:report_data) do
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-20 03:16:41 +0300