diff --git a/audit_test.go b/audit_test.go index b96b28ec..44c66873 100644 --- a/audit_test.go +++ b/audit_test.go @@ -326,7 +326,7 @@ func TestXrayAuditMultiProjects(t *testing.T) { defer securityTestUtils.CleanTestsHomeEnv() output := securityTests.PlatformCli.WithoutCredentials().RunCliCmdWithOutput(t, "audit", "--format="+string(format.SimpleJson), workingDirsFlag) securityTestUtils.VerifySimpleJsonScanResults(t, output, 35, 0) - securityTestUtils.VerifySimpleJsonJasResults(t, output, 1, 9, 7, 6, 25) + securityTestUtils.VerifySimpleJsonJasResults(t, output, 1, 9, 7, 6, 0, 25, 1) } func TestXrayAuditPipJson(t *testing.T) { @@ -430,18 +430,18 @@ func addDummyPackageDescriptor(t *testing.T, hasPackageJson bool) { func TestXrayAuditJasSimpleJson(t *testing.T) { output := testXrayAuditJas(t, string(format.SimpleJson), filepath.Join("jas", "jas-test")) - securityTestUtils.VerifySimpleJsonJasResults(t, output, 1, 9, 7, 3, 3) + securityTestUtils.VerifySimpleJsonJasResults(t, output, 1, 9, 7, 3, 0, 3, 1) } func TestXrayAuditJasSimpleJsonWithConfig(t *testing.T) { output := testXrayAuditJas(t, string(format.SimpleJson), filepath.Join("jas", "jas-config")) - securityTestUtils.VerifySimpleJsonJasResults(t, output, 0, 0, 1, 3, 3) + securityTestUtils.VerifySimpleJsonJasResults(t, output, 0, 0, 1, 3, 0, 3, 1) } func TestXrayAuditJasNoViolationsSimpleJson(t *testing.T) { output := testXrayAuditJas(t, string(format.SimpleJson), filepath.Join("package-managers", "npm", "npm")) securityTestUtils.VerifySimpleJsonScanResults(t, output, 1, 0) - securityTestUtils.VerifySimpleJsonJasResults(t, output, 0, 0, 0, 0, 0) + securityTestUtils.VerifySimpleJsonJasResults(t, output, 0, 0, 0, 0, 0, 0, 1) } func testXrayAuditJas(t *testing.T, format string, project string) string { diff --git a/tests/utils/test_validation.go b/tests/utils/test_validation.go index 5e3a911c..f320c9b2 100644 --- a/tests/utils/test_validation.go +++ b/tests/utils/test_validation.go @@ -53,14 +53,15 @@ func VerifySimpleJsonScanResults(t *testing.T, content string, minVulnerabilitie } } -func VerifySimpleJsonJasResults(t *testing.T, content string, minSastViolations, minIacViolations, minSecrets, minApplicable, minNotCovered int) { +func VerifySimpleJsonJasResults(t *testing.T, content string, minSastViolations, minIacViolations, minSecrets, + minApplicable, minUndetermined, minNotCovered, minNotApplicable int) { var results formats.SimpleJsonResults err := json.Unmarshal([]byte(content), &results) if assert.NoError(t, err) { assert.GreaterOrEqual(t, len(results.Sast), minSastViolations, "Found less sast then expected") assert.GreaterOrEqual(t, len(results.Secrets), minSecrets, "Found less secrets then expected") assert.GreaterOrEqual(t, len(results.Iacs), minIacViolations, "Found less IaC then expected") - var applicableResults, notApplicableResults, notCoveredResults int + var applicableResults, undeterminedResults, notCoveredResults, notApplicableResults int for _, vuln := range results.Vulnerabilities { switch vuln.Applicable { case string(utils.NotApplicable): @@ -69,10 +70,13 @@ func VerifySimpleJsonJasResults(t *testing.T, content string, minSastViolations, applicableResults++ case string(utils.NotCovered): notCoveredResults++ + case string(utils.ApplicabilityUndetermined): + undeterminedResults++ } } assert.GreaterOrEqual(t, applicableResults, minApplicable, "Found less applicableResults then expected") - assert.GreaterOrEqual(t, notApplicableResults, 1, "Found less notApplicableResults then expected") + assert.GreaterOrEqual(t, undeterminedResults, minUndetermined, "Found less undeterminedResults then expected") assert.GreaterOrEqual(t, notCoveredResults, minNotCovered, "Found less notCoveredResults then expected") + assert.GreaterOrEqual(t, notApplicableResults, minNotApplicable, "Found less notApplicableResults then expected") } }