def test_write_dracon_out(self): with tempfile.NamedTemporaryFile() as fp: args = shared.parse_flags(['-out', fp.name, '-in', 'foo']) shared.write_dracon_out(args, "foo", [ issue_pb2.Issue( target="/dracon/source/foobar", title="/dracon/source/barfoo", description="/dracon/source/example.yaml", cve="123-321", ) ]) fp.flush() res = fp.read() pblaunch = engine_pb2.LaunchToolResponse() pblaunch.ParseFromString(res) self.assertEqual(engine_pb2.LaunchToolResponse( tool_name="foo", issues=[issue_pb2.Issue( target="./foobar", title="./barfoo", description="./example.yaml", source="unknown", cve="123-321" )] ), pblaunch)
def setUp(self): self.config = { 'dry_run': True, 'es_index': 'dracon', 'es_url': 'https://some_test.url.somewhere.io:443', 'pvc_location': './' } # Create an scan results object and serialize it to a file ts = Timestamp() ts.FromJsonString("1991-01-01T00:00:00Z") scan_results = engine_pb2.LaunchToolResponse( scan_info=engine_pb2.ScanInfo( scan_uuid='dd1794f2-544d-456b-a45a-a2bec53633b1', scan_start_time=ts, ), tool_name='bandit', ) issue = issue_pb2.Issue() issue.target = 'target.py:0' scan_results.issues.extend([issue]) enriched_scan_results = engine_pb2.EnrichedLaunchToolResponse( original_results=scan_results, ) f = open(self.config['pvc_location'] + "example_response.pb", "wb") scan_proto_string = enriched_scan_results.SerializeToString() f.write(scan_proto_string) f.close()
def test_bandit_produce(self): with tempfile.NamedTemporaryFile() as i_f, \ tempfile.NamedTemporaryFile() as o_f: i_f.write(self.tool_out) i_f.flush() args = shared.parse_flags(['-out', o_f.name, '-in', i_f.name]) tool_results = shared.parse_in_file_json(args) issues = parse_tool_results(tool_results) shared.write_dracon_out(args, "bandit", issues) res = o_f.read() pblaunch = engine_pb2.LaunchToolResponse() pblaunch.ParseFromString(res) self.assertEqual( engine_pb2.LaunchToolResponse( tool_name="bandit", issues=[ issue_pb2.Issue( target="./foo/bar.py:[4, 5]", type="hardcoded_tmp_directory", title="hardcoded_tmp_directory", severity="SEVERITY_MEDIUM", cvss=0, confidence="CONFIDENCE_MEDIUM", description= "Probable insecure usage of temp file/directory.", source="unknown") ]), pblaunch)
def parse_issue(rec_issue: dict) -> issue_pb2.Issue: return issue_pb2.Issue( target=f"{rec_issue['filename']}:{rec_issue['line_range']}", type=rec_issue['test_name'], title=rec_issue['test_name'], severity=f"SEVERITY_{rec_issue['issue_severity']}", cvss=0, confidence=f"CONFIDENCE_{rec_issue['issue_confidence']}", description=rec_issue['issue_text'])
def setUp(self): self.config = test_utils.ConsumerMockConfig() scan_start_time = Timestamp() scan_start_time.FromJsonString("1991-01-01T00:00:00Z") scan_info = engine_pb2.ScanInfo( scan_start_time=scan_start_time, scan_uuid='dd1794f2-544d-456b-a45a-a2bec53633b1') scan_results = engine_pb2.LaunchToolResponse(scan_info=scan_info) scan_results.tool_name = 'unit_tests' issue = issue_pb2.Issue() issue.target = 'target.py:0' issue.type = "test" issue.title = "test title" issue.cvss = 2.0 issue.description = "test.description" issue.severity = issue_pb2.Severity.SEVERITY_LOW issue.confidence = issue_pb2.Confidence.CONFIDENCE_LOW scan_results.issues.extend([issue]) first_seen = Timestamp() first_seen.FromJsonString("1992-02-02T00:00:00Z") enriched_issue = issue_pb2.EnrichedIssue(first_seen=first_seen) enriched_issue.raw_issue.CopyFrom(issue) enriched_issue.count = 2 enriched_issue.false_positive = True enriched_scan_results = engine_pb2.EnrichedLaunchToolResponse( original_results=scan_results, ) enriched_scan_results.issues.extend([enriched_issue]) self.enriched_dtemp = tempfile.mkdtemp(prefix="enriched_", dir=self.config.pvc_location) self.enriched, _ = tempfile.mkstemp(prefix="enriched_", dir=self.enriched_dtemp, suffix=".pb") self.raw_dtemp = tempfile.mkdtemp(prefix="raw_", dir=self.config.pvc_location) self.raw, _ = tempfile.mkstemp(prefix="raw_", dir=self.raw_dtemp, suffix=".pb") f = open(self.enriched, "wb") scan_proto_string = enriched_scan_results.SerializeToString() f.write(scan_proto_string) f.close() f = open(self.raw, "wb") scan_proto_string = scan_results.SerializeToString() f.write(scan_proto_string) f.close()