Skip to content

Commit e7e7b48

Browse files
author
Trong Nhan Mai
committed
test: add integration test
1 parent 2bc6f25 commit e7e7b48

File tree

3 files changed

+248
-0
lines changed

3 files changed

+248
-0
lines changed

scripts/dev_scripts/integration_tests.sh

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -425,6 +425,17 @@ echo -e "\n=====================================================================
425425
echo "Run integration tests with local paths for apache/maven..."
426426
echo -e "==================================================================================\n"
427427

428+
echo -e "\n----------------------------------------------------------------------------------"
429+
echo "bitbucket.org/snakeyaml/snakeyaml: Analyzing a repository with un-supported git service as local repo without dependency resolution."
430+
echo -e "----------------------------------------------------------------------------------\n"
431+
git clone https://bitbucket.org/snakeyaml/snakeyaml $WORKSPACE/output/local_repos/snakeyaml || log_fail
432+
DEFAULTS_FILE=$WORKSPACE/tests/e2e/defaults/bitbucket_local_repo.ini
433+
JSON_EXPECTED=$WORKSPACE/tests/e2e/expected_results/snakeyaml/snakeyaml.json
434+
JSON_RESULT=$WORKSPACE/output/reports/bitbucket_org/snakeyaml/snakeyaml/snakeyaml.json
435+
$RUN_MACARON -dp $DEFAULTS_FILE -lr $WORKSPACE/output/local_repos analyze -rp snakeyaml -d a34989252e6f59e36a3aaf788a903b7a37a73d33 --skip-deps || log_fail
436+
437+
check_or_update_expected_output $COMPARE_JSON_OUT $JSON_RESULT $JSON_EXPECTED || log_fail
438+
428439
echo -e "\n----------------------------------------------------------------------------------"
429440
echo "apache/maven: Analyzing with the branch name, the commit digest and dependency resolution using cyclonedx maven plugin (default)."
430441
echo -e "----------------------------------------------------------------------------------\n"

tests/e2e/defaults/bitbucket_local_repo.ini

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
# Copyright (c) 2024 - 2024, Oracle and/or its affiliates. All rights reserved.
2+
# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
3+
4+
[git_service.local_repo]
5+
hostname = bitbucket.org

tests/e2e/expected_results/snakeyaml/snakeyaml.json

Lines changed: 232 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,232 @@
1+
{
2+
"metadata": {
3+
"timestamps": "2024-04-10 11:28:34",
4+
"has_passing_check": true,
5+
"run_checks": [
6+
"mcn_provenance_available_1",
7+
"mcn_version_control_system_1",
8+
"mcn_provenance_witness_level_one_1",
9+
"mcn_build_as_code_1",
10+
"mcn_infer_artifact_pipeline_1",
11+
"mcn_trusted_builder_level_three_1",
12+
"mcn_provenance_level_three_1",
13+
"mcn_build_script_1",
14+
"mcn_provenance_expectation_1",
15+
"mcn_build_service_1"
16+
],
17+
"check_tree": {
18+
"mcn_provenance_available_1": {
19+
"mcn_provenance_level_three_1": {},
20+
"mcn_provenance_expectation_1": {},
21+
"mcn_provenance_witness_level_one_1": {}
22+
},
23+
"mcn_version_control_system_1": {
24+
"mcn_trusted_builder_level_three_1": {
25+
"mcn_build_as_code_1": {
26+
"mcn_build_service_1": {},
27+
"mcn_infer_artifact_pipeline_1": {}
28+
}
29+
},
30+
"mcn_build_script_1": {}
31+
}
32+
}
33+
},
34+
"target": {
35+
"info": {
36+
"full_name": "pkg:bitbucket.org/snakeyaml/snakeyaml@a34989252e6f59e36a3aaf788a903b7a37a73d33",
37+
"local_cloned_path": "local_repos/snakeyaml",
38+
"remote_path": "https://bitbucket.org/snakeyaml/snakeyaml",
39+
"branch": null,
40+
"commit_hash": "a34989252e6f59e36a3aaf788a903b7a37a73d33",
41+
"commit_date": "2023-08-27T12:25:20+04:00"
42+
},
43+
"provenances": {
44+
"is_inferred": true,
45+
"content": {
46+
"Maven Central Registry": []
47+
}
48+
},
49+
"checks": {
50+
"summary": {
51+
"DISABLED": 0,
52+
"FAILED": 8,
53+
"PASSED": 2,
54+
"SKIPPED": 0,
55+
"UNKNOWN": 0
56+
},
57+
"results": [
58+
{
59+
"check_id": "mcn_build_script_1",
60+
"check_description": "Check if the target repo has a valid build script.",
61+
"slsa_requirements": [
62+
"Scripted Build - SLSA Level 1"
63+
],
64+
"justification": [
65+
"Not Available."
66+
],
67+
"result_type": "PASSED"
68+
},
69+
{
70+
"check_id": "mcn_version_control_system_1",
71+
"check_description": "Check whether the target repo uses a version control system.",
72+
"slsa_requirements": [
73+
"Version controlled - SLSA Level 2"
74+
],
75+
"justification": [
76+
{
77+
"git_repo": "https://bitbucket.org/snakeyaml/snakeyaml"
78+
}
79+
],
80+
"result_type": "PASSED"
81+
},
82+
{
83+
"check_id": "mcn_build_as_code_1",
84+
"check_description": "The build definition and configuration executed by the build service is verifiably derived from text file definitions stored in a version control system.",
85+
"slsa_requirements": [
86+
"Build as code - SLSA Level 3"
87+
],
88+
"justification": [
89+
"Not Available."
90+
],
91+
"result_type": "FAILED"
92+
},
93+
{
94+
"check_id": "mcn_build_service_1",
95+
"check_description": "Check if the target repo has a valid build service.",
96+
"slsa_requirements": [
97+
"Build service - SLSA Level 2"
98+
],
99+
"justification": [
100+
"Not Available."
101+
],
102+
"result_type": "FAILED"
103+
},
104+
{
105+
"check_id": "mcn_infer_artifact_pipeline_1",
106+
"check_description": "Detects potential pipelines from which an artifact is published.",
107+
"slsa_requirements": [
108+
"Build as code - SLSA Level 3"
109+
],
110+
"justification": [
111+
"Not Available."
112+
],
113+
"result_type": "FAILED"
114+
},
115+
{
116+
"check_id": "mcn_provenance_available_1",
117+
"check_description": "Check whether the target has intoto provenance.",
118+
"slsa_requirements": [
119+
"Provenance - Available - SLSA Level 1",
120+
"Provenance content - Identifies build instructions - SLSA Level 1",
121+
"Provenance content - Identifies artifacts - SLSA Level 1",
122+
"Provenance content - Identifies builder - SLSA Level 1"
123+
],
124+
"justification": [
125+
"Not Available."
126+
],
127+
"result_type": "FAILED"
128+
},
129+
{
130+
"check_id": "mcn_provenance_expectation_1",
131+
"check_description": "Check whether the SLSA provenance for the produced artifact conforms to the expected value.",
132+
"slsa_requirements": [
133+
"Provenance conforms with expectations - SLSA Level 3"
134+
],
135+
"justification": [
136+
"Not Available."
137+
],
138+
"result_type": "FAILED"
139+
},
140+
{
141+
"check_id": "mcn_provenance_level_three_1",
142+
"check_description": "Check whether the target has SLSA provenance level 3.",
143+
"slsa_requirements": [
144+
"Provenance - Non falsifiable - SLSA Level 3",
145+
"Provenance content - Includes all build parameters - SLSA Level 3",
146+
"Provenance content - Identifies entry point - SLSA Level 3",
147+
"Provenance content - Identifies source code - SLSA Level 2"
148+
],
149+
"justification": [
150+
"Not Available."
151+
],
152+
"result_type": "FAILED"
153+
},
154+
{
155+
"check_id": "mcn_provenance_witness_level_one_1",
156+
"check_description": "Check whether the target has a level-1 witness provenance.",
157+
"slsa_requirements": [
158+
"Provenance - Available - SLSA Level 1",
159+
"Provenance content - Identifies build instructions - SLSA Level 1",
160+
"Provenance content - Identifies artifacts - SLSA Level 1",
161+
"Provenance content - Identifies builder - SLSA Level 1"
162+
],
163+
"justification": [
164+
"Not Available."
165+
],
166+
"result_type": "FAILED"
167+
},
168+
{
169+
"check_id": "mcn_trusted_builder_level_three_1",
170+
"check_description": "Check whether the target uses a trusted SLSA level 3 builder.",
171+
"slsa_requirements": [
172+
"Hermetic - SLSA Level 4",
173+
"Isolated - SLSA Level 3",
174+
"Parameterless - SLSA Level 4",
175+
"Ephemeral environment - SLSA Level 3"
176+
],
177+
"justification": [
178+
"Not Available."
179+
],
180+
"result_type": "FAILED"
181+
}
182+
]
183+
}
184+
},
185+
"dependencies": {
186+
"analyzed_deps": 0,
187+
"unique_dep_repos": 0,
188+
"checks_summary": [
189+
{
190+
"check_id": "mcn_provenance_available_1",
191+
"num_deps_pass": 0
192+
},
193+
{
194+
"check_id": "mcn_version_control_system_1",
195+
"num_deps_pass": 0
196+
},
197+
{
198+
"check_id": "mcn_provenance_witness_level_one_1",
199+
"num_deps_pass": 0
200+
},
201+
{
202+
"check_id": "mcn_build_as_code_1",
203+
"num_deps_pass": 0
204+
},
205+
{
206+
"check_id": "mcn_infer_artifact_pipeline_1",
207+
"num_deps_pass": 0
208+
},
209+
{
210+
"check_id": "mcn_trusted_builder_level_three_1",
211+
"num_deps_pass": 0
212+
},
213+
{
214+
"check_id": "mcn_provenance_level_three_1",
215+
"num_deps_pass": 0
216+
},
217+
{
218+
"check_id": "mcn_build_script_1",
219+
"num_deps_pass": 0
220+
},
221+
{
222+
"check_id": "mcn_provenance_expectation_1",
223+
"num_deps_pass": 0
224+
},
225+
{
226+
"check_id": "mcn_build_service_1",
227+
"num_deps_pass": 0
228+
}
229+
],
230+
"dep_status": []
231+
}
232+
}

0 commit comments

Comments
 (0)