165 lines
4.7 KiB
TypeScript
165 lines
4.7 KiB
TypeScript
import * as fs from 'fs'
|
|
import * as path from 'path'
|
|
import { Audit } from '../src/audit'
|
|
import { run } from '../src/main'
|
|
import * as issue from '../src/issue'
|
|
import * as pr from '../src/pr'
|
|
import { fileURLToPath } from 'url'
|
|
import { dirname } from 'path'
|
|
|
|
const __filename = fileURLToPath(import.meta.url)
|
|
const __dirname = dirname(__filename)
|
|
|
|
vi.mock('../src/audit')
|
|
vi.mock('../src/issue')
|
|
vi.mock('../src/pr')
|
|
vi.mock('@octokit/rest', () => {
|
|
return {
|
|
Octokit: vi.fn().mockImplementation(() => {
|
|
return {
|
|
issues: {
|
|
listForRepo: vi.fn(),
|
|
createComment: vi.fn(),
|
|
create: vi.fn()
|
|
}
|
|
}
|
|
})
|
|
}
|
|
})
|
|
|
|
describe('run: pr', () => {
|
|
beforeEach(() => {
|
|
// initialize mock
|
|
vi.mocked(Audit).mockClear()
|
|
vi.mocked(pr).createComment.mockClear()
|
|
|
|
process.env.INPUT_AUDIT_LEVEL = 'low'
|
|
process.env.INPUT_PRODUCTION_FLAG = 'false'
|
|
process.env.INPUT_JSON_FLAG = 'false'
|
|
process.env.INPUT_GITHUB_CONTEXT =
|
|
'{ "event_name": "pull_request", "event": { "number": 100} }'
|
|
process.env.INPUT_GITHUB_TOKEN = '***'
|
|
process.env.GITHUB_REPOSITORY = 'alice/example'
|
|
process.env.INPUT_CREATE_PR_COMMENTS = 'true'
|
|
})
|
|
|
|
test('does not call pr.createComment if vulnerabilities are not found', () => {
|
|
vi.mocked(Audit).mockImplementation((): any => {
|
|
return {
|
|
stdout: fs.readFileSync(
|
|
path.join(__dirname, 'testdata/audit/success.txt')
|
|
),
|
|
status: 0,
|
|
run: (auditLevel: string): Promise<void> => {
|
|
return Promise.resolve(void 0)
|
|
},
|
|
foundVulnerability: (): boolean => {
|
|
return false
|
|
},
|
|
strippedStdout: (): string => {
|
|
return path.join(__dirname, 'testdata/audit/success.txt')
|
|
}
|
|
}
|
|
})
|
|
|
|
vi.mocked(pr).createComment.mockResolvedValue()
|
|
|
|
expect(run).not.toThrowError()
|
|
expect(pr.createComment).not.toHaveBeenCalled()
|
|
})
|
|
|
|
test('calls pr.createComment if vulnerabilities are found in PR', () => {
|
|
vi.mocked(Audit).mockImplementation((): any => {
|
|
return {
|
|
stdout: fs.readFileSync(
|
|
path.join(__dirname, 'testdata/audit/error.txt')
|
|
),
|
|
status: 1,
|
|
run: (auditLevel: string): Promise<void> => {
|
|
return Promise.resolve(void 0)
|
|
},
|
|
foundVulnerability: (): boolean => {
|
|
return true
|
|
},
|
|
strippedStdout: (): string => {
|
|
return path.join(__dirname, 'testdata/audit/error.txt')
|
|
}
|
|
}
|
|
})
|
|
|
|
vi.mocked(pr).createComment.mockResolvedValue()
|
|
|
|
expect(run).not.toThrowError()
|
|
expect(pr.createComment).toHaveBeenCalled()
|
|
})
|
|
|
|
test('does not call pr.createComment if create_pr_comments is set to false', () => {
|
|
process.env.INPUT_CREATE_PR_COMMENTS = 'false'
|
|
|
|
vi.mocked(Audit).mockImplementation((): any => {
|
|
return {
|
|
stdout: fs.readFileSync(
|
|
path.join(__dirname, 'testdata/audit/error.txt')
|
|
),
|
|
status: 1,
|
|
run: (auditLevel: string): Promise<void> => {
|
|
return Promise.resolve(void 0)
|
|
},
|
|
foundVulnerability: (): boolean => {
|
|
return true
|
|
},
|
|
strippedStdout: (): string => {
|
|
return path.join(__dirname, 'testdata/audit/error.txt')
|
|
}
|
|
}
|
|
})
|
|
|
|
expect(run).not.toThrowError()
|
|
expect(pr.createComment).not.toHaveBeenCalled()
|
|
})
|
|
})
|
|
|
|
describe('run: issue', () => {
|
|
beforeEach(() => {
|
|
// initialize mock
|
|
vi.mocked(Audit).mockClear()
|
|
vi.mocked(issue).getExistingIssueNumber.mockClear()
|
|
|
|
process.env.INPUT_AUDIT_LEVEL = 'low'
|
|
process.env.INPUT_PRODUCTION_FLAG = 'false'
|
|
process.env.INPUT_JSON_FLAG = 'false'
|
|
process.env.INPUT_GITHUB_CONTEXT = '{ "event_name": "push" }'
|
|
process.env.INPUT_GITHUB_TOKEN = '***'
|
|
process.env.GITHUB_REPOSITORY = 'alice/example'
|
|
process.env.INPUT_CREATE_ISSUES = 'true'
|
|
process.env.INPUT_DEDUPE_ISSUES = 'true'
|
|
})
|
|
|
|
test('does not call octokit.rest.issues.create if create_issues is set to false', () => {
|
|
process.env.INPUT_CREATE_ISSUES = 'false'
|
|
|
|
vi.mocked(Audit).mockImplementation((): any => {
|
|
return {
|
|
stdout: fs.readFileSync(
|
|
path.join(__dirname, 'testdata/audit/error.txt')
|
|
),
|
|
status: 1,
|
|
run: (auditLevel: string): Promise<void> => {
|
|
return Promise.resolve(void 0)
|
|
},
|
|
foundVulnerability: (): boolean => {
|
|
return true
|
|
},
|
|
strippedStdout: (): string => {
|
|
return path.join(__dirname, 'testdata/audit/error.txt')
|
|
}
|
|
}
|
|
})
|
|
|
|
vi.mocked(issue).getExistingIssueNumber.mockResolvedValue(null)
|
|
|
|
expect(run).not.toThrowError()
|
|
expect(issue.getExistingIssueNumber).not.toHaveBeenCalled()
|
|
})
|
|
})
|