actions/gosec
1
0
Fork 0
mirror of https://github.com/securego/gosec.git synced 2024-11-05 19:45:51 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add tests for analyser test pacakge check

Browse source 
Signed-off-by: Cosmin Cojocar <cosmin.cojocar@gmx.ch>
This commit is contained in:
Cosmin Cojocar 2019-04-28 22:30:08 +02:00 committed by Cosmin Cojocar
parent 6e5135f6eb
commit f1ea7f6ee3
1 changed files with 62 additions and 28 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

90
analyzer_test.go
View file

@ -44,9 +44,9 @@ var _ = Describe("Analyzer", func() {
pkg := testutils.NewTestPackage() pkg := testutils.NewTestPackage()
defer pkg.Close() defer pkg.Close()
pkg.AddFile("wonky.go", `func main(){ println("forgot the package")}`) pkg.AddFile("wonky.go", `func main(){ println("forgot the package")}`)
pkg.Build() err := pkg.Build()
Expect(err).Should(HaveOccurred())
err := analyzer.Process(buildTags, pkg.Path) err = analyzer.Process(buildTags, pkg.Path)
Expect(err).Should(HaveOccurred()) Expect(err).Should(HaveOccurred())
Expect(err.Error()).Should(MatchRegexp(`expected 'package'`)) Expect(err.Error()).Should(MatchRegexp(`expected 'package'`))
@ -66,8 +66,9 @@ var _ = Describe("Analyzer", func() {
func bar(){ func bar(){
println("package has two files!") println("package has two files!")
}`) }`)
pkg.Build() err := pkg.Build()
err := analyzer.Process(buildTags, pkg.Path) Expect(err).ShouldNot(HaveOccurred())
err = analyzer.Process(buildTags, pkg.Path)
Expect(err).ShouldNot(HaveOccurred()) Expect(err).ShouldNot(HaveOccurred())
_, metrics, _ := analyzer.Report() _, metrics, _ := analyzer.Report()
Expect(metrics.NumFiles).To(Equal(2)) Expect(metrics.NumFiles).To(Equal(2))
@ -87,9 +88,11 @@ var _ = Describe("Analyzer", func() {
package main package main
func bar(){ func bar(){
}`) }`)
pkg1.Build() err := pkg1.Build()
pkg2.Build() Expect(err).ShouldNot(HaveOccurred())
err := analyzer.Process(buildTags, pkg1.Path, pkg2.Path) err = pkg2.Build()
Expect(err).ShouldNot(HaveOccurred())
err = analyzer.Process(buildTags, pkg1.Path, pkg2.Path)
Expect(err).ShouldNot(HaveOccurred()) Expect(err).ShouldNot(HaveOccurred())
_, metrics, _ := analyzer.Report() _, metrics, _ := analyzer.Report()
Expect(metrics.NumFiles).To(Equal(2)) Expect(metrics.NumFiles).To(Equal(2))
@ -105,8 +108,10 @@ var _ = Describe("Analyzer", func() {
controlPackage := testutils.NewTestPackage() controlPackage := testutils.NewTestPackage()
defer controlPackage.Close() defer controlPackage.Close()
controlPackage.AddFile("md5.go", source) controlPackage.AddFile("md5.go", source)
controlPackage.Build() err := controlPackage.Build()
analyzer.Process(buildTags, controlPackage.Path) Expect(err).ShouldNot(HaveOccurred())
err = analyzer.Process(buildTags, controlPackage.Path)
Expect(err).ShouldNot(HaveOccurred())
controlIssues, _, _ := analyzer.Report() controlIssues, _, _ := analyzer.Report()
Expect(controlIssues).Should(HaveLen(sample.Errors)) Expect(controlIssues).Should(HaveLen(sample.Errors))
@ -120,8 +125,9 @@ var _ = Describe("Analyzer", func() {
package main package main
func main() func main()
}`) }`)
pkg.Build() err := pkg.Build()
err := analyzer.Process(buildTags, pkg.Path) Expect(err).ShouldNot(HaveOccurred())
err = analyzer.Process(buildTags, pkg.Path)
Expect(err).ShouldNot(HaveOccurred()) Expect(err).ShouldNot(HaveOccurred())
_, _, golangErrors := analyzer.Report() _, _, golangErrors := analyzer.Report()
keys := make([]string, len(golangErrors)) keys := make([]string, len(golangErrors))
@ -147,9 +153,10 @@ var _ = Describe("Analyzer", func() {
defer nosecPackage.Close() defer nosecPackage.Close()
nosecSource := strings.Replace(source, "h := md5.New()", "h := md5.New() // #nosec", 1) nosecSource := strings.Replace(source, "h := md5.New()", "h := md5.New() // #nosec", 1)
nosecPackage.AddFile("md5.go", nosecSource) nosecPackage.AddFile("md5.go", nosecSource)
nosecPackage.Build() err := nosecPackage.Build()
Expect(err).ShouldNot(HaveOccurred())
analyzer.Process(buildTags, nosecPackage.Path) err = analyzer.Process(buildTags, nosecPackage.Path)
Expect(err).ShouldNot(HaveOccurred())
nosecIssues, _, _ := analyzer.Report() nosecIssues, _, _ := analyzer.Report()
Expect(nosecIssues).Should(BeEmpty()) Expect(nosecIssues).Should(BeEmpty())
}) })
@ -164,9 +171,10 @@ var _ = Describe("Analyzer", func() {
defer nosecPackage.Close() defer nosecPackage.Close()
nosecSource := strings.Replace(source, "h := md5.New()", "h := md5.New() // #nosec G401", 1) nosecSource := strings.Replace(source, "h := md5.New()", "h := md5.New() // #nosec G401", 1)
nosecPackage.AddFile("md5.go", nosecSource) nosecPackage.AddFile("md5.go", nosecSource)
nosecPackage.Build() err := nosecPackage.Build()
Expect(err).ShouldNot(HaveOccurred())
analyzer.Process(buildTags, nosecPackage.Path) err = analyzer.Process(buildTags, nosecPackage.Path)
Expect(err).ShouldNot(HaveOccurred())
nosecIssues, _, _ := analyzer.Report() nosecIssues, _, _ := analyzer.Report()
Expect(nosecIssues).Should(BeEmpty()) Expect(nosecIssues).Should(BeEmpty())
}) })
@ -181,9 +189,10 @@ var _ = Describe("Analyzer", func() {
defer nosecPackage.Close() defer nosecPackage.Close()
nosecSource := strings.Replace(source, "h := md5.New()", "h := md5.New() // #nosec G301", 1) nosecSource := strings.Replace(source, "h := md5.New()", "h := md5.New() // #nosec G301", 1)
nosecPackage.AddFile("md5.go", nosecSource) nosecPackage.AddFile("md5.go", nosecSource)
nosecPackage.Build() err := nosecPackage.Build()
Expect(err).ShouldNot(HaveOccurred())
analyzer.Process(buildTags, nosecPackage.Path) err = analyzer.Process(buildTags, nosecPackage.Path)
Expect(err).ShouldNot(HaveOccurred())
nosecIssues, _, _ := analyzer.Report() nosecIssues, _, _ := analyzer.Report()
Expect(nosecIssues).Should(HaveLen(sample.Errors)) Expect(nosecIssues).Should(HaveLen(sample.Errors))
}) })
@ -198,9 +207,12 @@ var _ = Describe("Analyzer", func() {
defer nosecPackage.Close() defer nosecPackage.Close()
nosecSource := strings.Replace(source, "h := md5.New()", "h := md5.New() // #nosec G301 G401", 1) nosecSource := strings.Replace(source, "h := md5.New()", "h := md5.New() // #nosec G301 G401", 1)
nosecPackage.AddFile("md5.go", nosecSource) nosecPackage.AddFile("md5.go", nosecSource)
nosecPackage.Build() err := nosecPackage.Build()
Expect(err).ShouldNot(HaveOccurred())
analyzer.Process(buildTags, nosecPackage.Path) err = analyzer.Process(buildTags, nosecPackage.Path)
Expect(err).ShouldNot(HaveOccurred())
err = analyzer.Process(buildTags, nosecPackage.Path)
Expect(err).ShouldNot(HaveOccurred())
nosecIssues, _, _ := analyzer.Report() nosecIssues, _, _ := analyzer.Report()
Expect(nosecIssues).Should(BeEmpty()) Expect(nosecIssues).Should(BeEmpty())
}) })
@ -212,7 +224,6 @@ var _ = Describe("Analyzer", func() {
pkg := testutils.NewTestPackage() pkg := testutils.NewTestPackage()
defer pkg.Close() defer pkg.Close()
pkg.AddFile("tags.go", source) pkg.AddFile("tags.go", source)
buildTags = append(buildTags, "test") buildTags = append(buildTags, "test")
err := analyzer.Process(buildTags, pkg.Path) err := analyzer.Process(buildTags, pkg.Path)
Expect(err).Should(HaveOccurred()) Expect(err).Should(HaveOccurred())
@ -234,11 +245,34 @@ var _ = Describe("Analyzer", func() {
defer nosecPackage.Close() defer nosecPackage.Close()
nosecSource := strings.Replace(source, "h := md5.New()", "h := md5.New() // #nosec", 1) nosecSource := strings.Replace(source, "h := md5.New()", "h := md5.New() // #nosec", 1)
nosecPackage.AddFile("md5.go", nosecSource) nosecPackage.AddFile("md5.go", nosecSource)
nosecPackage.Build() err := nosecPackage.Build()
Expect(err).ShouldNot(HaveOccurred())
customAnalyzer.Process(buildTags, nosecPackage.Path) err = customAnalyzer.Process(buildTags, nosecPackage.Path)
Expect(err).ShouldNot(HaveOccurred())
nosecIssues, _, _ := customAnalyzer.Report() nosecIssues, _, _ := customAnalyzer.Report()
Expect(nosecIssues).Should(HaveLen(sample.Errors)) Expect(nosecIssues).Should(HaveLen(sample.Errors))
}) })
It("should be able to analyze Go test package", func() {
customAnalyzer := gosec.NewAnalyzer(nil, true, logger)
customAnalyzer.LoadRules(rules.Generate().Builders())
pkg := testutils.NewTestPackage()
defer pkg.Close()
pkg.AddFile("foo.go", `
package foo
func foo(){
}`)
pkg.AddFile("foo_test.go", `
package foo_test
import "testing"
func TestFoo(t *testing.T){
}`)
err := pkg.Build()
Expect(err).ShouldNot(HaveOccurred())
err = customAnalyzer.Process(buildTags, pkg.Path)
Expect(err).ShouldNot(HaveOccurred())
_, metrics, _ := customAnalyzer.Report()
Expect(metrics.NumFiles).To(Equal(3))
})
}) })