Skip to content

Commit 4be18a8

Browse files
valentijnscholtenvalentijnscholten
committed
fixes
1 parent 4f0030e commit 4be18a8

47 files changed

Lines changed: 174256 additions & 1399 deletions

File tree

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

dojo/jira_link/helper.py

Lines changed: 1 addition & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -1793,8 +1793,4 @@ def get_finding_group_findings_above_threshold(finding_group):
17931793
if System_Settings.objects.get().jira_minimum_severity:
17941794
jira_minimum_threshold = Finding.get_numerical_severity(System_Settings.objects.get().jira_minimum_severity)
17951795

1796-
findings = finding_group.findings.filter(numerical_severity__lte=jira_minimum_threshold)
1797-
# TODO: JIRA REMOVE
1798-
logger.error(findings.query)
1799-
logger.error(f"count: {findings.count()}")
1800-
return findings
1796+
return finding_group.findings.filter(numerical_severity__lte=jira_minimum_threshold)

run-unittest.sh

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,4 @@
11
#!/usr/bin/env bash
2-
set -x
3-
42
unset TEST_CASE
53

64
bash ./docker/docker-compose-check.sh
@@ -55,4 +53,4 @@ echo "Running docker compose unit tests with test case $TEST_CASE ..."
5553
# Compose V2 integrates compose functions into the Docker platform, continuing to support
5654
# most of the previous docker-compose features and flags. You can run Compose V2 by
5755
# replacing the hyphen (-) with a space, using docker compose, instead of docker-compose.
58-
docker compose exec -e JIRA_PAT_DD=$JIRA_PAT_DD=$JIRA_PAT_DD=$JIRA_PAT_DD uwsgi bash -c "python manage.py test $TEST_CASE -v2 --keepdb --failfast"
56+
docker compose exec uwsgi bash -c "python manage.py test $TEST_CASE -v2 --keepdb"

unittests/test_jira_import_and_pushing_api.py

Lines changed: 19 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -76,6 +76,8 @@ def setUp(self):
7676
self.client.credentials(HTTP_AUTHORIZATION="Token " + token.key)
7777
self.zap_sample5_filename = get_unit_tests_scans_path("zap") / "5_zap_sample_one.xml"
7878
self.npm_groups_sample_filename = get_unit_tests_scans_path("npm_audit") / "many_vuln_with_groups.json"
79+
self.npm_groups_sample_filename2 = get_unit_tests_scans_path("npm_audit") / "many_vuln_with_groups_different_titles.json"
80+
self.clair_few_findings = get_unit_tests_scans_path("clair") / "clair_few_vuln.json"
7981
self.client.force_login(self.get_test_admin())
8082

8183
def test_import_no_push_to_jira(self):
@@ -649,51 +651,58 @@ def test_import_with_push_to_jira_update_tags(self):
649651

650652
@toggle_system_setting_boolean("enforce_verified_status", True) # noqa: FBT003
651653
@toggle_system_setting_boolean("enforce_verified_status_jira", True) # noqa: FBT003
654+
@with_system_setting("jira_minimum_severity", "Low")
652655
def test_import_with_push_to_jira_not_verified_enforced_verified_globally_true_enforced_verified_jira_true(self):
653656
import0 = self.import_scan_with_params(self.zap_sample5_filename, push_to_jira=True, verified=False)
654657
test_id = import0["test"]
655658
# This scan file has two active findings, so we should not push either of them
656-
self.assert_jira_group_issue_count_in_test(test_id, 0)
659+
self.assert_jira_issue_count_in_test(test_id, 0)
657660

658-
import0 = self.import_scan_with_params(self.zap_sample5_filename, push_to_jira=True, verified=True)
661+
# Verfied findings should be pushed, different scan to avoid dedupe interference
662+
import0 = self.import_scan_with_params(self.clair_few_findings, scan_type="Clair Scan", push_to_jira=True, verified=True)
659663
test_id = import0["test"]
660-
self.assert_jira_group_issue_count_in_test(test_id, 2)
664+
self.assert_jira_issue_count_in_test(test_id, 4)
661665

662666
# by asserting full cassette is played we know all calls to JIRA have been made as expected
663667
self.assert_cassette_played()
664668

665669
@toggle_system_setting_boolean("enforce_verified_status", True) # noqa: FBT003
666670
@toggle_system_setting_boolean("enforce_verified_status_jira", False) # noqa: FBT003
671+
@with_system_setting("jira_minimum_severity", "Low")
667672
def test_import_with_push_to_jira_not_verified_enforced_verified_globally_true_enforced_verified_jira_false(self):
668673
import0 = self.import_scan_with_params(self.zap_sample5_filename, push_to_jira=True, verified=False)
669674
test_id = import0["test"]
670675
# This scan file has two active findings, so we should not push either of them
671676
self.assert_jira_issue_count_in_test(test_id, 0)
672677

673-
import0 = self.import_scan_with_params(self.zap_sample5_filename, push_to_jira=True, verified=True)
678+
# Verfied findings should be pushed, different scan to avoid dedupe interference
679+
import0 = self.import_scan_with_params(self.clair_few_findings, scan_type="Clair Scan", push_to_jira=True, verified=True)
674680
test_id = import0["test"]
675-
self.assert_jira_issue_count_in_test(test_id, 2)
681+
self.assert_jira_issue_count_in_test(test_id, 4)
676682
# by asserting full cassette is played we know all calls to JIRA have been made as expected
677683

678684
self.assert_cassette_played()
679685

680686
@toggle_system_setting_boolean("enforce_verified_status", False) # noqa: FBT003
681687
@toggle_system_setting_boolean("enforce_verified_status_jira", True) # noqa: FBT003
688+
@with_system_setting("jira_minimum_severity", "Low")
682689
def test_import_with_push_to_jira_not_verified_enforced_verified_globally_false_enforced_verified_jira_true(self):
683690
import0 = self.import_scan_with_params(self.zap_sample5_filename, push_to_jira=True, verified=False)
684691
test_id = import0["test"]
685692
# This scan file has two active findings, so we should not push either of them
686693
self.assert_jira_issue_count_in_test(test_id, 0)
687694

688-
import0 = self.import_scan_with_params(self.zap_sample5_filename, push_to_jira=True, verified=True)
695+
# Verfied findings should be pushed, different scan to avoid dedupe interference
696+
import0 = self.import_scan_with_params(self.clair_few_findings, scan_type="Clair Scan", push_to_jira=True, verified=True)
689697
test_id = import0["test"]
690-
self.assert_jira_issue_count_in_test(test_id, 2)
698+
self.assert_jira_issue_count_in_test(test_id, 4)
691699

692700
# by asserting full cassette is played we know all calls to JIRA have been made as expected
693701
self.assert_cassette_played()
694702

695703
@toggle_system_setting_boolean("enforce_verified_status", False) # noqa: FBT003
696704
@toggle_system_setting_boolean("enforce_verified_status_jira", False) # noqa: FBT003
705+
@with_system_setting("jira_minimum_severity", "Low")
697706
def test_import_with_push_to_jira_not_verified_enforced_verified_globally_false_enforced_verified_jira_false(self):
698707
import0 = self.import_scan_with_params(self.zap_sample5_filename, push_to_jira=True, verified=False)
699708
test_id = import0["test"]
@@ -710,7 +719,7 @@ def test_groups_import_with_push_to_jira_not_verified_enforced_verified_globally
710719
# No verified findings, means no groups pushed to JIRA
711720
self.assert_jira_group_issue_count_in_test(test_id, 0)
712721

713-
import0 = self.import_scan_with_params(self.npm_groups_sample_filename, scan_type="NPM Audit Scan", group_by="component_name+component_version", push_to_jira=True, verified=True)
722+
import0 = self.import_scan_with_params(self.npm_groups_sample_filename2, scan_type="NPM Audit Scan", group_by="component_name+component_version", push_to_jira=True, verified=True)
714723
test_id = import0["test"]
715724
self.assert_jira_group_issue_count_in_test(test_id, 3)
716725

@@ -725,7 +734,7 @@ def test_groups_import_with_push_to_jira_not_verified_enforced_verified_globally
725734
# No verified findings, means no groups pushed to JIRA
726735
self.assert_jira_group_issue_count_in_test(test_id, 0)
727736

728-
import0 = self.import_scan_with_params(self.npm_groups_sample_filename, scan_type="NPM Audit Scan", group_by="component_name+component_version", push_to_jira=True, verified=True)
737+
import0 = self.import_scan_with_params(self.npm_groups_sample_filename2, scan_type="NPM Audit Scan", group_by="component_name+component_version", push_to_jira=True, verified=True)
729738
test_id = import0["test"]
730739
self.assert_jira_group_issue_count_in_test(test_id, 3)
731740
# by asserting full cassette is played we know all calls to JIRA have been made as expected
@@ -740,7 +749,7 @@ def test_groups_import_with_push_to_jira_not_verified_enforced_verified_globally
740749
# No verified findings, means no groups pushed to JIRA
741750
self.assert_jira_group_issue_count_in_test(test_id, 0)
742751

743-
import0 = self.import_scan_with_params(self.npm_groups_sample_filename, scan_type="NPM Audit Scan", group_by="component_name+component_version", push_to_jira=True, verified=True)
752+
import0 = self.import_scan_with_params(self.npm_groups_sample_filename2, scan_type="NPM Audit Scan", group_by="component_name+component_version", push_to_jira=True, verified=True)
744753
test_id = import0["test"]
745754
self.assert_jira_group_issue_count_in_test(test_id, 3)
746755

0 commit comments

Comments
 (0)