Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update AM to v1.13.3 #289

Open
wants to merge 2 commits into
base: dev
Choose a base branch
from
Open

Update AM to v1.13.3 #289

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
abf1918
Update AM to v1.13.3
attiasas Jan 16, 2025
c6127c8
remove unsupported flags
attiasas Jan 16, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
63 changes: 17 additions & 46 deletions audit_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -555,37 +555,16 @@ func addDummyPackageDescriptor(t *testing.T, hasPackageJson bool) {

func TestXrayAuditSastCppFlagSimpleJson(t *testing.T) {
integration.InitAuditJasTest(t, scangraph.GraphScanMinXrayVersion)
testCase := []struct {
name string
withFlag bool
expectedResults validations.ValidationParams
}{
{
name: "withFlag",
withFlag: true,
expectedResults: validations.ValidationParams{
Total: &validations.TotalCount{Vulnerabilities: 2},
Vulnerabilities: &validations.VulnerabilityCount{ValidateScan: &validations.ScanCount{Sast: 2}},
},
},
{
name: "withoutFlag",
withFlag: false,
expectedResults: validations.ValidationParams{ExactResultsMatch: true, Total: &validations.TotalCount{}},
},
}
for _, tc := range testCase {
t.Run(tc.name, func(t *testing.T) {
output := testXrayAuditJas(t, securityTests.PlatformCli, filepath.Join("package-managers", "c"), "3", false, tc.withFlag, false, "*out*")
validations.VerifySimpleJsonResults(t, output, tc.expectedResults)
})
}
output := testXrayAuditJas(t, securityTests.PlatformCli, filepath.Join("package-managers", "c"), "3", false, "*out*")
validations.VerifySimpleJsonResults(t, output, validations.ValidationParams{
Total: &validations.TotalCount{Vulnerabilities: 2},
Vulnerabilities: &validations.VulnerabilityCount{ValidateScan: &validations.ScanCount{Sast: 2}},
})
}
func TestXrayAuditSastCSharpFlagSimpleJson(t *testing.T) {
// Placeholder until C# Sast is implemented
t.Skip()
integration.InitAuditJasTest(t, scangraph.GraphScanMinXrayVersion)
output := testXrayAuditJas(t, securityTests.PlatformCli, filepath.Join("package-managers", "dotnet", "dotnet-single"), "3", false, false, true, "")
output := testXrayAuditJas(t, securityTests.PlatformCli, filepath.Join("package-managers", "dotnet", "dotnet-single"), "3", false, "")
validations.VerifySimpleJsonResults(t, output, validations.ValidationParams{
Total: &validations.TotalCount{Vulnerabilities: 1},
Vulnerabilities: &validations.VulnerabilityCount{ValidateScan: &validations.ScanCount{Sast: 1}},
Expand All @@ -594,7 +573,7 @@ func TestXrayAuditSastCSharpFlagSimpleJson(t *testing.T) {

func TestXrayAuditJasMissingContextSimpleJson(t *testing.T) {
integration.InitAuditJasTest(t, scangraph.GraphScanMinXrayVersion)
output := testXrayAuditJas(t, securityTests.PlatformCli, filepath.Join("package-managers", "maven", "missing-context"), "3", false, false, false, "")
output := testXrayAuditJas(t, securityTests.PlatformCli, filepath.Join("package-managers", "maven", "missing-context"), "3", false, "")
validations.VerifySimpleJsonResults(t, output, validations.ValidationParams{
Vulnerabilities: &validations.VulnerabilityCount{ValidateApplicabilityStatus: &validations.ApplicabilityStatusCount{MissingContext: 1}},
})
Expand All @@ -604,7 +583,7 @@ func TestXrayAuditNotEntitledForJas(t *testing.T) {
integration.InitAuditGeneralTests(t, scangraph.GraphScanMinXrayVersion)
cliToRun, cleanUp := integration.InitTestWithMockCommandOrParams(t, false, getNoJasAuditMockCommand)
defer cleanUp()
output := testXrayAuditJas(t, cliToRun, filepath.Join("jas", "jas"), "3", false, false, false, "")
output := testXrayAuditJas(t, cliToRun, filepath.Join("jas", "jas"), "3", false, "")
validations.VerifySimpleJsonResults(t, output, validations.ValidationParams{Total: &validations.TotalCount{Vulnerabilities: 8}})
}

Expand All @@ -626,7 +605,7 @@ func getNoJasAuditMockCommand() components.Command {

func TestXrayAuditJasSimpleJson(t *testing.T) {
integration.InitAuditGeneralTests(t, scangraph.GraphScanMinXrayVersion)
output := testXrayAuditJas(t, securityTests.PlatformCli, filepath.Join("jas", "jas"), "3", false, false, false, "")
output := testXrayAuditJas(t, securityTests.PlatformCli, filepath.Join("jas", "jas"), "3", false, "")
validations.VerifySimpleJsonResults(t, output, validations.ValidationParams{
Total: &validations.TotalCount{Vulnerabilities: 23},
Vulnerabilities: &validations.VulnerabilityCount{
Expand All @@ -638,7 +617,7 @@ func TestXrayAuditJasSimpleJson(t *testing.T) {

func TestXrayAuditJasSimpleJsonWithTokenValidation(t *testing.T) {
integration.InitAuditGeneralTests(t, jasutils.DynamicTokenValidationMinXrayVersion)
output := testXrayAuditJas(t, securityTests.PlatformCli, filepath.Join("jas", "jas"), "3", true, false, false, "")
output := testXrayAuditJas(t, securityTests.PlatformCli, filepath.Join("jas", "jas"), "3", true, "")
validations.VerifySimpleJsonResults(t, output, validations.ValidationParams{
Vulnerabilities: &validations.VulnerabilityCount{
ValidateScan: &validations.ScanCount{Secrets: 5},
Expand All @@ -649,7 +628,7 @@ func TestXrayAuditJasSimpleJsonWithTokenValidation(t *testing.T) {

func TestXrayAuditJasSimpleJsonWithOneThread(t *testing.T) {
integration.InitAuditGeneralTests(t, scangraph.GraphScanMinXrayVersion)
output := testXrayAuditJas(t, securityTests.PlatformCli, filepath.Join("jas", "jas"), "1", false, false, false, "")
output := testXrayAuditJas(t, securityTests.PlatformCli, filepath.Join("jas", "jas"), "1", false, "")
validations.VerifySimpleJsonResults(t, output, validations.ValidationParams{
Total: &validations.TotalCount{Vulnerabilities: 23},
Vulnerabilities: &validations.VulnerabilityCount{
Expand All @@ -661,7 +640,7 @@ func TestXrayAuditJasSimpleJsonWithOneThread(t *testing.T) {

func TestXrayAuditJasSimpleJsonWithConfig(t *testing.T) {
integration.InitAuditGeneralTests(t, scangraph.GraphScanMinXrayVersion)
output := testXrayAuditJas(t, securityTests.PlatformCli, filepath.Join("jas", "jas-config"), "3", false, false, false, "")
output := testXrayAuditJas(t, securityTests.PlatformCli, filepath.Join("jas", "jas-config"), "3", false, "")
validations.VerifySimpleJsonResults(t, output, validations.ValidationParams{
Total: &validations.TotalCount{Vulnerabilities: 8},
Vulnerabilities: &validations.VulnerabilityCount{
Expand All @@ -673,14 +652,14 @@ func TestXrayAuditJasSimpleJsonWithConfig(t *testing.T) {

func TestXrayAuditJasNoViolationsSimpleJson(t *testing.T) {
integration.InitAuditGeneralTests(t, scangraph.GraphScanMinXrayVersion)
output := testXrayAuditJas(t, securityTests.PlatformCli, filepath.Join("package-managers", "npm", "npm"), "3", false, false, false, "")
output := testXrayAuditJas(t, securityTests.PlatformCli, filepath.Join("package-managers", "npm", "npm"), "3", false, "")
validations.VerifySimpleJsonResults(t, output, validations.ValidationParams{
Total: &validations.TotalCount{Vulnerabilities: 1},
Vulnerabilities: &validations.VulnerabilityCount{ValidateApplicabilityStatus: &validations.ApplicabilityStatusCount{NotApplicable: 1}},
})
}

func testXrayAuditJas(t *testing.T, testCli *coreTests.JfrogCli, project string, threads string, validateSecrets bool, validateSastCpp bool, validateSastCSharp bool, customExclusion string) string {
func testXrayAuditJas(t *testing.T, testCli *coreTests.JfrogCli, project string, threads string, validateSecrets bool, customExclusion string) string {
_, cleanUp := securityTestUtils.CreateTestProjectEnvAndChdir(t, filepath.Join(filepath.FromSlash(securityTests.GetTestResourcesPath()), filepath.Join("projects", project)))
defer cleanUp()
// Configure a new server named "default"
Expand All @@ -690,14 +669,6 @@ func testXrayAuditJas(t *testing.T, testCli *coreTests.JfrogCli, project string,
if validateSecrets {
args = append(args, "--secrets", "--validate-secrets")
}
if validateSastCpp {
unsetEnv := clientTests.SetEnvWithCallbackAndAssert(t, "JFROG_SAST_ENABLE_CPP", "1")
defer unsetEnv()
}
if validateSastCSharp {
unsetEnv := clientTests.SetEnvWithCallbackAndAssert(t, "JFROG_SAST_ENABLE_CS", "1")
defer unsetEnv()
}
if len(customExclusion) != 0 {
args = append(args, "--exclusions", customExclusion)
}
Expand Down Expand Up @@ -761,7 +732,7 @@ func TestXrayAuditNotEntitledForJasWithXrayUrl(t *testing.T) {
integration.InitAuditGeneralTests(t, scangraph.GraphScanMinXrayVersion)
cliToRun, cleanUp := integration.InitTestWithMockCommandOrParams(t, true, getNoJasAuditMockCommand)
defer cleanUp()
output := testXrayAuditJas(t, cliToRun, filepath.Join("jas", "jas"), "3", false, false, false, "")
output := testXrayAuditJas(t, cliToRun, filepath.Join("jas", "jas"), "3", false, "")
// Verify that scan results are printed
validations.VerifySimpleJsonResults(t, output, validations.ValidationParams{Total: &validations.TotalCount{Vulnerabilities: 8}})
// Verify that JAS results are not printed
Expand All @@ -771,7 +742,7 @@ func TestXrayAuditNotEntitledForJasWithXrayUrl(t *testing.T) {
func TestXrayAuditJasSimpleJsonWithXrayUrl(t *testing.T) {
integration.InitAuditGeneralTests(t, scangraph.GraphScanMinXrayVersion)
cliToRun := integration.GetTestCli(cli.GetJfrogCliSecurityApp(), true)
output := testXrayAuditJas(t, cliToRun, filepath.Join("jas", "jas"), "3", false, false, false, "")
output := testXrayAuditJas(t, cliToRun, filepath.Join("jas", "jas"), "3", false, "")
validations.VerifySimpleJsonResults(t, output, validations.ValidationParams{
Total: &validations.TotalCount{Vulnerabilities: 24},
Vulnerabilities: &validations.VulnerabilityCount{
Expand All @@ -785,7 +756,7 @@ func TestXrayAuditJasSimpleJsonWithXrayUrl(t *testing.T) {

func TestXrayAuditJasSimpleJsonWithCustomExclusions(t *testing.T) {
integration.InitAuditJasTest(t, scangraph.GraphScanMinXrayVersion)
output := testXrayAuditJas(t, securityTests.PlatformCli, filepath.Join("jas", "jas"), "3", false, false, false, "non_existing_folder")
output := testXrayAuditJas(t, securityTests.PlatformCli, filepath.Join("jas", "jas"), "3", false, "non_existing_folder")
validations.VerifySimpleJsonResults(t, output, validations.ValidationParams{
Total: &validations.TotalCount{Vulnerabilities: 24},
Vulnerabilities: &validations.VulnerabilityCount{
Expand Down
4 changes: 2 additions & 2 deletions commands/audit/audit_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -340,7 +340,7 @@ func TestAuditWithConfigProfile(t *testing.T) {
}},
IsDefault: false,
},
expectedSastIssues: 1,
expectedSastIssues: 3,
},
{
name: "Enable only IaC scanner",
Expand Down Expand Up @@ -394,7 +394,7 @@ func TestAuditWithConfigProfile(t *testing.T) {
}},
IsDefault: false,
},
expectedSastIssues: 1,
expectedSastIssues: 3,
expectedSecretsIssues: 16,
expectedIacIssues: 9,
expectedCaApplicable: 3,
Expand Down
2 changes: 1 addition & 1 deletion jas/analyzermanager.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ import (
const (
ApplicabilityFeatureId = "contextual_analysis"
AnalyzerManagerZipName = "analyzerManager.zip"
defaultAnalyzerManagerVersion = "1.13.2"
defaultAnalyzerManagerVersion = "1.13.3"
analyzerManagerDownloadPath = "xsc-gen-exe-analyzer-manager-local/v1"
analyzerManagerDirName = "analyzerManager"
analyzerManagerExecutableName = "analyzerManager"
Expand Down
Loading