From 34e14f0a4fd42b2e31aec39e9bdb7dc38e9189b6 Mon Sep 17 00:00:00 2001 From: Lucas Mendes <82591370+cxlucas@users.noreply.github.com> Date: Tue, 1 Feb 2022 17:37:02 +0000 Subject: [PATCH] feat(e2e): Schema validation for ASFF Reports (#4748) --- e2e/cli_test.go | 4 + e2e/fixtures/schemas/result-asff.json | 158 ++++++++++++++++++ .../e2e-cli-031_scan_report-formats.go | 4 +- 3 files changed, 164 insertions(+), 2 deletions(-) create mode 100644 e2e/fixtures/schemas/result-asff.json diff --git a/e2e/cli_test.go b/e2e/cli_test.go index cafa3483460..56265ff9edc 100644 --- a/e2e/cli_test.go +++ b/e2e/cli_test.go @@ -126,6 +126,10 @@ func checkExpectedOutput(t *testing.T, tt *testcases.TestCase, argIndex int) { if utils.Contains(resultsFormats, "sonarqube") { utils.JSONSchemaValidationFromFile(t, "sonarqube-"+jsonFileName, "result-sonarqube.json") } + // Check result file (ASFF) + if utils.Contains(resultsFormats, "asff") { + utils.JSONSchemaValidationFromFile(t, "asff-"+jsonFileName, "result-asff.json") + } // Check result file (SARIF) if utils.Contains(resultsFormats, "sarif") { utils.JSONSchemaValidationFromFile(t, tt.Args.ExpectedResult[argIndex].ResultsFile+".sarif", "result-sarif.json") diff --git a/e2e/fixtures/schemas/result-asff.json b/e2e/fixtures/schemas/result-asff.json new file mode 100644 index 00000000000..81e6fc1a570 --- /dev/null +++ b/e2e/fixtures/schemas/result-asff.json @@ -0,0 +1,158 @@ +{ + "type": "array", + "minItems": 1, + "definitions": { + "aws_id_pattern": { + "type": "string", + "minLength": 1, + "pattern": "^AWS_REGION\/AWS_ACCOUNT_ID\/[A-Fa-f0-9]{64}$" + }, + "arn_pattern": { + "type": "string", + "minLength": 1, + "pattern": "^arn:aws:securityhub:\\w+:\\w+:product\/\\w+\/default$" + }, + "recommendation_text_pattern": { + "pattern": "^In line \\d+ of file (.)+, a result was found. (.)+, but (.)+$" + } + }, + "items": { + "type": "object", + "additionalProperties": false, + "required": [ + "AwsAccountId", + "Compliance", + "CreatedAt", + "Description", + "GeneratorId", + "Id", + "ProductArn", + "Remediation", + "Resources", + "SchemaVersion", + "Severity", + "Title", + "Types", + "UpdatedAt" + ], + "properties": { + "AwsAccountId": { + "type": "string", + "const": "AWS_ACCOUNT_ID" + }, + "Compliance": { + "type": "object", + "properties": { + "Status": { + "type": "string", + "const": "FAILED" + } + } + }, + "CreatedAt": { + "type": "string", + "format": "date-time", + "minLength": 1 + }, + "Description": { + "type": "string", + "minLength": 1 + }, + "GeneratorId": { + "type": "string", + "format": "uuid" + }, + "Id": { + "$ref": "#/definitions/aws_id_pattern" + }, + "ProductArn": { + "$ref": "#/definitions/arn_pattern" + }, + "Remediation": { + "type": "object", + "properties": { + "Recommendation": { + "type": "object", + "properties": { + "Text": { + "$ref": "#/definitions/recommendation_text_pattern" + } + } + } + } + }, + "Resources": { + "type": "array", + "minItems": 1, + "items": { + "type": "object", + "additionalProperties": false, + "required": [ + "Id", + "Type" + ], + "properties": { + "Id": { + "type": "string", + "format": "uuid" + }, + "Type": { + "type": "string", + "const": "Other" + } + } + } + }, + "SchemaVersion": { + "type": "string", + "format": "date", + "minLength": 1 + }, + "Severity": { + "type": "object", + "additionalProperties": false, + "required": [ + "Label", + "Original" + ], + "properties": { + "Label": { + "type": "string", + "enum": [ + "HIGH", + "MEDIUM", + "LOW", + "INFORMATIONAL" + ] + }, + "Original": { + "type": "string", + "enum": [ + "HIGH", + "MEDIUM", + "LOW", + "INFO" + ] + } + } + }, + "Title": { + "type": "string", + "minLength": 1 + }, + "Types": { + "type": "array", + "minItems": 1, + "items": { + "type": "string", + "const": "Software and Configuration Checks/Vulnerabilities/KICS" + } + }, + "UpdatedAt": { + "type": "string", + "format": "date-time", + "minLength": 1 + } + } + } +} diff --git a/e2e/testcases/e2e-cli-031_scan_report-formats.go b/e2e/testcases/e2e-cli-031_scan_report-formats.go index 3d2c70ae0ff..63ff8a5ea34 100644 --- a/e2e/testcases/e2e-cli-031_scan_report-formats.go +++ b/e2e/testcases/e2e-cli-031_scan_report-formats.go @@ -8,7 +8,7 @@ func init() { //nolint Args: args{ Args: []cmdArgs{ []string{"scan", "--output-path", "output", "--output-name", "E2E_CLI_031_RESULT", - "--report-formats", "json,SARIF,glsast,Html,SonarQUBE,Junit,cyclonedx", + "--report-formats", "json,SARIF,glsast,Html,SonarQUBE,Junit,cyclonedx,asff", "-q", "../assets/queries", "-p", "fixtures/samples/terraform.tf"}, []string{"scan", "--output-path", "output", "--output-name", "E2E_CLI_031_RESULT_CIS", @@ -18,7 +18,7 @@ func init() { //nolint ExpectedResult: []ResultsValidation{ { ResultsFile: "E2E_CLI_031_RESULT", - ResultsFormats: []string{"json", "sarif", "glsast", "html", "sonarqube", "junit", "cyclonedx"}, + ResultsFormats: []string{"json", "sarif", "glsast", "html", "sonarqube", "junit", "cyclonedx", "asff"}, }, { ResultsFile: "E2E_CLI_031_RESULT_CIS",