def test_write_dracon_out(self):
with tempfile.NamedTemporaryFile() as fp:
args = shared.parse_flags(['-out', fp.name, '-in', 'foo'])
shared.write_dracon_out(args, "foo", [
issue_pb2.Issue(
target="/dracon/source/foobar",
title="/dracon/source/barfoo",
description="/dracon/source/example.yaml",
cve="123-321",
)
])
fp.flush()
res = fp.read()
pblaunch = engine_pb2.LaunchToolResponse()
pblaunch.ParseFromString(res)
self.assertEqual(engine_pb2.LaunchToolResponse(
tool_name="foo",
issues=[issue_pb2.Issue(
target="./foobar",
title="./barfoo",
description="./example.yaml",
source="unknown",
cve="123-321"
)]
), pblaunch)
def setUp(self):
self.config = {
'dry_run': True,
'es_index': 'dracon',
'es_url': 'https://some_test.url.somewhere.io:443',
'pvc_location': './'
}
# Create an scan results object and serialize it to a file
ts = Timestamp()
ts.FromJsonString("1991-01-01T00:00:00Z")
scan_results = engine_pb2.LaunchToolResponse(
scan_info=engine_pb2.ScanInfo(
scan_uuid='dd1794f2-544d-456b-a45a-a2bec53633b1',
scan_start_time=ts,
),
tool_name='bandit',
)
issue = issue_pb2.Issue()
issue.target = 'target.py:0'
scan_results.issues.extend([issue])
enriched_scan_results = engine_pb2.EnrichedLaunchToolResponse(
original_results=scan_results, )
f = open(self.config['pvc_location'] + "example_response.pb", "wb")
scan_proto_string = enriched_scan_results.SerializeToString()
f.write(scan_proto_string)
f.close()
def test_bandit_produce(self):
with tempfile.NamedTemporaryFile() as i_f, \
tempfile.NamedTemporaryFile() as o_f:
i_f.write(self.tool_out)
i_f.flush()
args = shared.parse_flags(['-out', o_f.name, '-in', i_f.name])
tool_results = shared.parse_in_file_json(args)
issues = parse_tool_results(tool_results)
shared.write_dracon_out(args, "bandit", issues)
res = o_f.read()
pblaunch = engine_pb2.LaunchToolResponse()
pblaunch.ParseFromString(res)
self.assertEqual(
engine_pb2.LaunchToolResponse(
tool_name="bandit",
issues=[
issue_pb2.Issue(
target="./foo/bar.py:[4, 5]",
type="hardcoded_tmp_directory",
title="hardcoded_tmp_directory",
severity="SEVERITY_MEDIUM",
cvss=0,
confidence="CONFIDENCE_MEDIUM",
description=
"Probable insecure usage of temp file/directory.",
source="unknown")
]), pblaunch)
def parse_issue(rec_issue: dict) -> issue_pb2.Issue:
return issue_pb2.Issue(
target=f"{rec_issue['filename']}:{rec_issue['line_range']}",
type=rec_issue['test_name'],
title=rec_issue['test_name'],
severity=f"SEVERITY_{rec_issue['issue_severity']}",
cvss=0,
confidence=f"CONFIDENCE_{rec_issue['issue_confidence']}",
description=rec_issue['issue_text'])
def setUp(self):
self.config = test_utils.ConsumerMockConfig()
scan_start_time = Timestamp()
scan_start_time.FromJsonString("1991-01-01T00:00:00Z")
scan_info = engine_pb2.ScanInfo(
scan_start_time=scan_start_time,
scan_uuid='dd1794f2-544d-456b-a45a-a2bec53633b1')
scan_results = engine_pb2.LaunchToolResponse(scan_info=scan_info)
scan_results.tool_name = 'unit_tests'
issue = issue_pb2.Issue()
issue.target = 'target.py:0'
issue.type = "test"
issue.title = "test title"
issue.cvss = 2.0
issue.description = "test.description"
issue.severity = issue_pb2.Severity.SEVERITY_LOW
issue.confidence = issue_pb2.Confidence.CONFIDENCE_LOW
scan_results.issues.extend([issue])
first_seen = Timestamp()
first_seen.FromJsonString("1992-02-02T00:00:00Z")
enriched_issue = issue_pb2.EnrichedIssue(first_seen=first_seen)
enriched_issue.raw_issue.CopyFrom(issue)
enriched_issue.count = 2
enriched_issue.false_positive = True
enriched_scan_results = engine_pb2.EnrichedLaunchToolResponse(
original_results=scan_results, )
enriched_scan_results.issues.extend([enriched_issue])
self.enriched_dtemp = tempfile.mkdtemp(prefix="enriched_",
dir=self.config.pvc_location)
self.enriched, _ = tempfile.mkstemp(prefix="enriched_",
dir=self.enriched_dtemp,
suffix=".pb")
self.raw_dtemp = tempfile.mkdtemp(prefix="raw_",
dir=self.config.pvc_location)
self.raw, _ = tempfile.mkstemp(prefix="raw_",
dir=self.raw_dtemp,
suffix=".pb")
f = open(self.enriched, "wb")
scan_proto_string = enriched_scan_results.SerializeToString()
f.write(scan_proto_string)
f.close()
f = open(self.raw, "wb")
scan_proto_string = scan_results.SerializeToString()
f.write(scan_proto_string)
f.close()