diff options
Diffstat (limited to 'spec/lib/gitlab/ci/parsers')
5 files changed, 149 insertions, 30 deletions
diff --git a/spec/lib/gitlab/ci/parsers/codequality/code_climate_spec.rb b/spec/lib/gitlab/ci/parsers/codequality/code_climate_spec.rb index 6a08e8f0b7f..1ef341ff863 100644 --- a/spec/lib/gitlab/ci/parsers/codequality/code_climate_spec.rb +++ b/spec/lib/gitlab/ci/parsers/codequality/code_climate_spec.rb @@ -4,7 +4,7 @@ require 'spec_helper' RSpec.describe Gitlab::Ci::Parsers::Codequality::CodeClimate do describe '#parse!' do - subject(:parse) { described_class.new.parse!(code_climate, codequality_report) } + subject(:parse) { described_class.new.parse!(code_climate, codequality_report, metadata) } let(:codequality_report) { Gitlab::Ci::Reports::CodequalityReports.new } let(:code_climate) do @@ -35,6 +35,15 @@ RSpec.describe Gitlab::Ci::Parsers::Codequality::CodeClimate do ].to_json end + let_it_be(:group) { create(:group, name: 'test-group') } + let_it_be(:project) { create(:project, path: 'test-project', group: group) } + let(:metadata) do + { + project: project, + commit_sha: 'f0cc5229e2aa5e9429f1b17a3b3b102f21d7fe31' + } + end + context "when data is code_climate style JSON" do context "when there are no degradations" do let(:code_climate) { [].to_json } @@ -133,5 +142,56 @@ RSpec.describe Gitlab::Ci::Parsers::Codequality::CodeClimate do expect(codequality_report.degradations_count).to eq(0) end end + + context 'for web_url' do + let(:code_climate) do + [ + { + "categories": [ + "Complexity" + ], + "check_name": "argument_count", + "content": { + "body": "" + }, + "description": "Method `new_array` has 12 arguments (exceeds 4 allowed). Consider refactoring.", + "fingerprint": "15cdb5c53afd42bc22f8ca366a08d547", + "location": { + "path": "foo.rb", + "lines": { + "begin": 10, + "end": 10 + } + }, + "other_locations": [], + "remediation_points": 900000, + "severity": "major", + "type": "issue", + "engine_name": "structure" + } + ].to_json + end + + context 'when metadata has project and commit_sha' do + it 'adds a non nil url' do + want = 'http://localhost/test-group/test-project/-/blob/f0cc5229e2aa5e9429f1b17a3b3b102f21d7fe31/foo.rb#L10' + expect { parse }.not_to raise_error + + expect(codequality_report.degradations_count).to eq(1) + expect(codequality_report.all_degradations[0]['web_url']).to eq(want) + end + end + + context 'when metadata does not have project and commit_sha' do + let(:metadata) { {} } + + it 'adds a nil url' do + expect { parse }.not_to raise_error + + expect(codequality_report.degradations_count).to eq(1) + expect(codequality_report.all_degradations[0]['web_url']).to be_nil + end + end + end end end diff --git a/spec/lib/gitlab/ci/parsers/coverage/sax_document_spec.rb b/spec/lib/gitlab/ci/parsers/coverage/sax_document_spec.rb index a9851d78f48..e4ae6b25362 100644 --- a/spec/lib/gitlab/ci/parsers/coverage/sax_document_spec.rb +++ b/spec/lib/gitlab/ci/parsers/coverage/sax_document_spec.rb @@ -8,6 +8,7 @@ RSpec.describe Gitlab::Ci::Parsers::Coverage::SaxDocument do describe '#parse!' do let(:coverage_report) { Gitlab::Ci::Reports::CoverageReport.new } let(:project_path) { 'foo/bar' } + let(:windows_path) { 'foo\bar' } let(:paths) { ['app/user.rb'] } let(:cobertura) do @@ -269,6 +270,36 @@ RSpec.describe Gitlab::Ci::Parsers::Coverage::SaxDocument do it_behaves_like 'ignoring sources, project_path, and worktree_paths' end + context 'and has Windows-style paths' do + let(:sources_xml) do + <<~EOF_WIN + <sources> + <source>D:\\builds\\#{windows_path}\\app</source> + </sources> + EOF_WIN + end + + context 'when there is a single <class>' do + context 'with a single line' do + let(:classes_xml) do + <<~EOF + <packages><package name="app"><classes> + <class filename="user.rb"><lines> + <line number="1" hits="2"/> + </lines></class> + </classes></package></packages> + EOF + end + + it 'parses XML and returns a single file with the filename relative to project root' do + expect { parse_report }.not_to raise_error + + expect(coverage_report.files).to eq({ 'app/user.rb' => { 1 => 2 } }) + end + end + end + end + context 'and has multiple sources with a pattern for Go projects' do let(:project_path) { 'local/go' } # Make sure we're not making false positives let(:sources_xml) do diff --git a/spec/lib/gitlab/ci/parsers/sbom/cyclonedx_properties_spec.rb b/spec/lib/gitlab/ci/parsers/sbom/cyclonedx_properties_spec.rb index 38b229e0dd8..f09b85aa2c7 100644 --- a/spec/lib/gitlab/ci/parsers/sbom/cyclonedx_properties_spec.rb +++ b/spec/lib/gitlab/ci/parsers/sbom/cyclonedx_properties_spec.rb @@ -3,7 +3,7 @@ require 'fast_spec_helper' RSpec.describe Gitlab::Ci::Parsers::Sbom::CyclonedxProperties do - subject(:parse_source) { described_class.parse_source(properties) } + subject(:parse_source_from_properties) { described_class.parse_source(properties) } context 'when properties are nil' do let(:properties) { nil } @@ -50,9 +50,9 @@ RSpec.describe Gitlab::Ci::Parsers::Sbom::CyclonedxProperties do end it 'does not call dependency_scanning parser' do - expect(Gitlab::Ci::Parsers::Sbom::Source::DependencyScanning).not_to receive(:parse_source) + expect(Gitlab::Ci::Parsers::Sbom::Source::DependencyScanning).not_to receive(:source) - parse_source + parse_source_from_properties end end @@ -82,7 +82,7 @@ RSpec.describe Gitlab::Ci::Parsers::Sbom::CyclonedxProperties do it 'passes only supported properties to the dependency scanning parser' do expect(Gitlab::Ci::Parsers::Sbom::Source::DependencyScanning).to receive(:source).with(expected_input) - parse_source + parse_source_from_properties end end end diff --git a/spec/lib/gitlab/ci/parsers/sbom/cyclonedx_spec.rb b/spec/lib/gitlab/ci/parsers/sbom/cyclonedx_spec.rb index f3636106b98..0b094880f69 100644 --- a/spec/lib/gitlab/ci/parsers/sbom/cyclonedx_spec.rb +++ b/spec/lib/gitlab/ci/parsers/sbom/cyclonedx_spec.rb @@ -100,16 +100,53 @@ RSpec.describe Gitlab::Ci::Parsers::Sbom::Cyclonedx do ] end + before do + allow(report).to receive(:add_component) + end + it 'adds each component, ignoring unused attributes' do expect(report).to receive(:add_component) - .with(an_object_having_attributes(name: "activesupport", version: "5.1.4", component_type: "library")) + .with( + an_object_having_attributes( + name: "activesupport", + version: "5.1.4", + component_type: "library", + purl: an_object_having_attributes(type: "gem") + ) + ) expect(report).to receive(:add_component) - .with(an_object_having_attributes(name: "byebug", version: "10.0.0", component_type: "library")) + .with( + an_object_having_attributes( + name: "byebug", + version: "10.0.0", + component_type: "library", + purl: an_object_having_attributes(type: "gem") + ) + ) expect(report).to receive(:add_component) .with(an_object_having_attributes(name: "minimal-component", version: nil, component_type: "library")) parse! end + + context 'when a component has an invalid purl' do + before do + components.push( + { + "name" => "invalid-component", + "version" => "v0.0.1", + "purl" => "pkg:nil", + "type" => "library" + } + ) + end + + it 'adds an error to the report' do + expect(report).to receive(:add_error).with("/components/#{components.size - 1}/purl is invalid") + + parse! + end + end end context 'when report has metadata properties' do diff --git a/spec/lib/gitlab/ci/parsers/security/common_spec.rb b/spec/lib/gitlab/ci/parsers/security/common_spec.rb index 7dbad354e4c..03cab021c17 100644 --- a/spec/lib/gitlab/ci/parsers/security/common_spec.rb +++ b/spec/lib/gitlab/ci/parsers/security/common_spec.rb @@ -400,26 +400,7 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Common do end describe 'parsing tracking' do - let(:tracking_data) do - { - 'type' => 'source', - 'items' => [ - 'signatures' => [ - { 'algorithm' => 'hash', 'value' => 'hash_value' }, - { 'algorithm' => 'location', 'value' => 'location_value' }, - { 'algorithm' => 'scope_offset', 'value' => 'scope_offset_value' } - ] - ] - } - end - - context 'with valid tracking information' do - it 'creates signatures for each algorithm' do - finding = report.findings.first - expect(finding.signatures.size).to eq(3) - expect(finding.signatures.map(&:algorithm_type).to_set).to eq(Set['hash', 'location', 'scope_offset']) - end - end + let(:finding) { report.findings.first } context 'with invalid tracking information' do let(:tracking_data) do @@ -436,15 +417,26 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Common do end it 'ignores invalid algorithm types' do - finding = report.findings.first expect(finding.signatures.size).to eq(2) expect(finding.signatures.map(&:algorithm_type).to_set).to eq(Set['hash', 'location']) end end context 'with valid tracking information' do + let(:tracking_data) do + { + 'type' => 'source', + 'items' => [ + 'signatures' => [ + { 'algorithm' => 'hash', 'value' => 'hash_value' }, + { 'algorithm' => 'location', 'value' => 'location_value' }, + { 'algorithm' => 'scope_offset', 'value' => 'scope_offset_value' } + ] + ] + } + end + it 'creates signatures for each signature algorithm' do - finding = report.findings.first expect(finding.signatures.size).to eq(3) expect(finding.signatures.map(&:algorithm_type)).to eq(%w[hash location scope_offset]) @@ -456,7 +448,6 @@ RSpec.describe Gitlab::Ci::Parsers::Security::Common do end it 'sets the uuid according to the higest priority signature' do - finding = report.findings.first highest_signature = finding.signatures.max_by(&:priority) identifiers = if signatures_enabled |