File: code_scanning_spec.rb

package info (click to toggle)
ruby-octokit 10.0.0-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid
  • size: 24,092 kB
  • sloc: ruby: 13,339; sh: 99; makefile: 7; javascript: 3
file content (131 lines) | stat: -rw-r--r-- 6,304 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
 
# frozen_string_literal: true

describe Octokit::Client::CodeScanning do
  before do
    @client = oauth_client
    @sarif_id = 'fb31fa2c-095d-11ee-98fe-c609abca1772'
    @code_scanning_test_repo = 'Caja-de-Dano/active-wrapper'
  end

  describe '.list_code_scanning_alerts_for_org', :vcr do
    it 'lists code scanning alerts for an organization' do
      scanning_alerts = @client.list_code_scanning_alerts_for_org('caja-de-dano')
      expect(scanning_alerts).to be_kind_of Array
      expect(scanning_alerts.first.state).to eq('open')
      assert_requested :get, github_url('/orgs/caja-de-dano/code-scanning/alerts')
    end
  end

  describe '.list_code_scanning_alerts_for_repository', :vcr do
    it 'lists code scanning alerts for a repository' do
      scanning_alerts = @client.list_code_scanning_alerts_for_repo(@code_scanning_test_repo)
      expect(scanning_alerts).to be_kind_of Array
      assert_requested :get, github_url("/repos/#{@code_scanning_test_repo}/code-scanning/alerts")
    end
  end

  describe '.get_code_scanning_alert', :vcr do
    it 'gets a code scanning alert by alert number' do
      alert = @client.get_code_scanning_alert(@code_scanning_test_repo, 1)
      expect(alert.rule.id).to eq('py/clear-text-logging-sensitive-data')
      assert_requested :get, github_url("/repos/#{@code_scanning_test_repo}/code-scanning/alerts/1")
    end
  end

  describe '.update_code_scanning_alert', :vcr do
    it 'updates a status of a single code scanning alert' do
      alert = @client.update_code_scanning_alert(@code_scanning_test_repo, 1, 'dismissed', "won't fix", 'Test comment')
      expect(alert.state).to eq('dismissed')
      assert_requested :patch, github_url("/repos/#{@code_scanning_test_repo}/code-scanning/alerts/1")
    end
  end

  describe '.list_instances_of_code_scanning_alert', :vcr do
    it 'lists all instances of the specified code scanning alert' do
      instances = @client.list_instances_of_code_scanning_alert(@code_scanning_test_repo, 1)
      expect(instances).to be_kind_of Array
      expect(instances.first.state).to eq('open')
      assert_requested :get, github_url("/repos/#{@code_scanning_test_repo}/code-scanning/alerts/1/instances")
    end
  end

  describe '.list_code_scanning_analysis', :vcr do
    it 'lists code scanning analyses for a repository' do
      analyses = @client.list_code_scanning_analysis(@code_scanning_test_repo)
      expect(analyses).to be_kind_of Array
      assert_requested :get, github_url("/repos/#{@code_scanning_test_repo}/code-scanning/analyses")
    end
  end

  describe '.get_code_scanning_analysis', :vcr do
    it 'gets a specific code scanning analysis for a repo' do
      analysis = @client.get_code_scanning_analysis(@code_scanning_test_repo, 225_379_147)
      expect(analysis.tool.name).to eq('CodeQL')
      expect(analysis.id).to eq(225_379_147)
      assert_requested :get, github_url("/repos/#{@code_scanning_test_repo}/code-scanning/analyses/225379147")
    end
  end

  describe '.delete_code_scanning_analysis', :vcr do
    it 'deletes a code scanning analysis' do
      analysis = @client.delete_code_scanning_analysis(@code_scanning_test_repo, 225_379_147)
      expect(analysis.confirm_delete_url).to eq("#{analysis.next_analysis_url}?confirm_delete")
      assert_requested :delete, github_url("/repos/#{@code_scanning_test_repo}/code-scanning/analyses/225379147")
    end
  end

  describe '.list_codeql_database_for_repo', :vcr do
    it 'lists the codeql databases that are available in a repo' do
      databases = @client.list_codeql_database_for_repo(@code_scanning_test_repo)
      expect(databases).to be_kind_of Array
      expect(databases.first.language).to eq('python')
      assert_requested :get, github_url("/repos/#{@code_scanning_test_repo}/code-scanning/codeql/databases")
    end
  end

  describe '.get_codeql_database_for_repo', :vcr do
    it 'gets a CodeQL database for a language in a repository' do
      database = @client.get_codeql_database_for_repo(@code_scanning_test_repo, 'python')
      expect(database.language).to eq('python')
      assert_requested :get, github_url("/repos/#{@code_scanning_test_repo}/code-scanning/codeql/databases/python")
    end
  end

  describe '.get_code_scanning_default_config', :vcr do
    it 'gets the default code scanning configuration for a repository' do
      default_config = @client.get_code_scanning_default_config(@code_scanning_test_repo)
      expect(default_config.state).to eq('configured')
      expect(default_config.query_suite).to eq('default')
      expect(default_config.languages).to eq(['python'])
      assert_requested :get, github_url("/repos/#{@code_scanning_test_repo}/code-scanning/default-setup")
    end
  end

  describe '.update_code_scanning_default_config', :vcr do
    it 'updates the default code scanning configuration for a repository' do
      default_config = @client.update_code_scanning_default_config(@code_scanning_test_repo, 'configured')
      expect(default_config.run_id).to be_kind_of Integer
      expect(default_config.run_url).to eq("https://api.github.com/repos/#{@code_scanning_test_repo}/actions/runs/#{default_config.run_id}")
      assert_requested :patch, github_url("/repos/#{@code_scanning_test_repo}/code-scanning/default-setup")
    end
  end

  describe '.upload_sarif_data', :vcr do
    it 'uploads a SARIF file' do
      commit_sha = @client.commits(@test_repo).first.sha
      sarif_upload = @client.upload_sarif_data(@test_repo, 'spec/fixtures/rubocop.sarif', commit_sha, 'refs/heads/main')
      expect(sarif_upload.id).to eq(@sarif_id)
      expect(sarif_upload.url).to eq("https://api.github.com/repos/#{@test_repo}/code-scanning/sarifs/#{@sarif_id}")
      assert_requested :post, github_url("/repos/#{@test_repo}/code-scanning/sarifs")
    end
  end

  describe '.get_sarif_upload_information', :vcr do
    it 'gets a SARIF upload information' do
      sarif_upload = @client.get_sarif_upload_information(@test_repo, @sarif_id)
      expect(sarif_upload.processing_status).to eq('complete')
      expect(sarif_upload.analyses_url).to eq("https://api.github.com/repos/#{@test_repo}/code-scanning/analyses?sarif_id=#{@sarif_id}")
      assert_requested :get, github_url("/repos/#{@test_repo}/code-scanning/sarifs/#{@sarif_id}")
    end
  end
end