fix: make maven and pnpm tests immutable (#186)

* fix: make maven tests immutable

Signed-off-by: Ruben Romero Montes <[email protected]>

* fix: make pnpm tests immutable

Signed-off-by: Ruben Romero Montes <[email protected]>

---------

Signed-off-by: Ruben Romero Montes <[email protected]>

Author: ruromero

src/providers/java_maven.js

@@ -101,7 +101,7 @@ export default class Java_maven extends Base_java {
 			throw new Error(`failed creating maven dependency tree`, {cause: error})
 		}
 		// read dependency tree from temp file
-		let content = fs.readFileSync(`${tmpDepTree}`)
+		let content = fs.readFileSync(tmpDepTree)
 		if (process.env["EXHORT_DEBUG"] === "true") {
 			console.error("Dependency tree that will be used as input for creating the BOM =>" + EOL + EOL + content.toString())
 		}

test/it/test_manifests/pnpm/package.json

@@ -10,7 +10,7 @@
 	"keywords": [],
 	"license": "ISC",
 	"dependencies": {
-		"@hapi/joi": "^17.1.1",
-		"axios": "^0.19.0"
+		"axios": "^0.19.0",
+		"node-json-converter": "0.0.1-security"
 	}
 }

test/it/test_manifests/pnpm/pnpm-lock.yaml

@@ -2,19 +2,44 @@ import { expect } from 'chai'
 import fs from 'fs'
 import sinon from "sinon";
 import Java_maven from '../../src/providers/java_maven.js'
+import esmock from 'esmock';
+import path from 'path';
 
 let clock
 
-/** this function is parsing the outputfile path from the given command, and write that file the providerContent supplied.
- *
- * @param {Array<string>}args - the arguments to pass to the binary
- * @param {string}providerContent - the content of the mocked data to replace original content in intercepted temp file
- * @param {string}outputFileParameter - name of the parameter indicating the output file of the command invocation, including '='.
- * @private
- */
-function interceptAndOverwriteDataWithMock(args, providerContent, outputFileParameter) {
-	const interceptedFilePath = args.find(arg => arg.includes(outputFileParameter)).split("=")[1]
-	fs.writeFileSync(interceptedFilePath, providerContent)
+async function mockProvider(cwd) {
+
+	const mockInvokeCommand = () => {
+		return '';
+	};
+
+	const mockGitRootDir = (cwd) => {
+		return cwd;
+	}
+
+	const mockFs = {
+		mkdtempSync: (pathName) => pathName,
+		readFileSync: (filePath) => {
+			const output = path.join(cwd, path.basename(filePath));
+			return fs.readFileSync(output);
+		},
+		rmSync: () => {}
+	}
+
+	return esmock('../../src/providers/java_maven.js', {
+		fs: mockFs,
+		'../../src/providers/base_java.js': await esmock('../../src/providers/base_java.js', {
+			'../../src/tools.js': {
+				invokeCommand: mockInvokeCommand,
+				getGitRootDir: mockGitRootDir
+			}
+		})
+	});
+}
+
+async function createMockProvider(testPath) {
+	const Java_maven = await mockProvider(testPath);
+	return new Java_maven();
 }
 
 suite('testing the java-maven data provider', () => {
@@ -42,42 +67,16 @@ suite('testing the java-maven data provider', () => {
 		"pom_deps_with_no_ignore_common_paths"
 	].forEach(testCase => {
 		let scenario = testCase.replace('pom_deps_', '').replaceAll('_', ' ')
-		// test(`custom adhoc test`, async () => {
-		//
-		// 	// let options = {
-		// 	// 	'EXHORT_SNYK_TOKEN': 'insert-token'
-		// 	// }
-		// 	// let httpStatus = await exhort.validateToken(options);
-		// 	analysisReport = await exhort.stackAnalysis(`/tmp/pom-xml/pom.xml`,false);
-		// 	console.log(analysisReport)
-		// 	let pom = fs.readFileSync(`/tmp/pom-xml/pom.xml`,).toString().trim()
-		// 	let analysisReport = await exhort.componentAnalysis("pom.xml", pom);
-		// 	console.log(analysisReport)
-		// 	analysisReport = await exhort.stackAnalysis(`/tmp/pom-xml/pom.xml`,true);
-		// 	console.log(analysisReport)
-		//
-		// }).timeout(process.env.GITHUB_ACTIONS ? 30000 : 5000)
 
 		test(`verify maven data provided for stack analysis with scenario ${scenario}`, async () => {
 			// load the expected graph for the scenario
 			let expectedSbom = fs.readFileSync(`test/providers/tst_manifests/maven/${testCase}/stack_analysis_expected_sbom.json`,).toString().trim()
-			let dependencyTreeTextContent = fs.readFileSync(`test/providers/tst_manifests/maven/${testCase}/dep-tree.txt`,).toString()
+			// let dependencyTreeTextContent = fs.readFileSync(`test/providers/tst_manifests/maven/${testCase}/dep-tree.txt`,).toString()
 			expectedSbom = JSON.stringify(JSON.parse(expectedSbom),null, 4)
-			let mockedExecFunction = function(bin, args){
-				if (args.find(arg => arg.includes(":tree"))) {
-					interceptAndOverwriteDataWithMock(args, dependencyTreeTextContent, "DoutputFile=")
-				}
-			}
-			let javaMvnProvider = new Java_maven()
-			Object.getPrototypeOf(Object.getPrototypeOf(javaMvnProvider))._invokeCommand = mockedExecFunction
+			let javaMvnProvider = await createMockProvider(`test/providers/tst_manifests/maven/${testCase}`);
 			// invoke sut stack analysis for scenario manifest
 			let providedDataForStack =  javaMvnProvider.provideStack(`test/providers/tst_manifests/maven/${testCase}/pom.xml`)
 			// verify returned data matches expectation
-			// expect(providedDataForStack).to.deep.equal({
-			// 	ecosystem: 'maven',
-			// 	contentType: 'application/vnd.cyclonedx+json',
-			// 	content: expectedSbom
-			//		})
 			let beautifiedOutput = JSON.stringify(JSON.parse(providedDataForStack.content),null, 4);
 			expect(beautifiedOutput).to.deep.equal(expectedSbom)
 
@@ -89,14 +88,7 @@ suite('testing the java-maven data provider', () => {
 			let expectedSbom = fs.readFileSync(`test/providers/tst_manifests/maven/${testCase}/component_analysis_expected_sbom.json`,).toString().trim()
 			// read target manifest file
 			expectedSbom = JSON.stringify(JSON.parse(expectedSbom))
-			let effectivePomContent = fs.readFileSync(`test/providers/tst_manifests/maven/${testCase}/effective-pom.xml`,).toString()
-			let mockedExecFunction = function(bin, args){
-				if (args.find(arg => arg.includes(":effective-pom"))){
-					interceptAndOverwriteDataWithMock(args, effectivePomContent, "Doutput=");
-				}
-			}
-			let javaMvnProvider = new Java_maven()
-			Object.getPrototypeOf(Object.getPrototypeOf(javaMvnProvider))._invokeCommand = mockedExecFunction
+			let javaMvnProvider = await createMockProvider(`test/providers/tst_manifests/maven/${testCase}`);
 			// invoke sut component analysis for scenario manifest
 			let providedDataForStack = javaMvnProvider.provideComponent(`test/providers/tst_manifests/maven/${testCase}/pom.xml`)
 			// verify returned data matches expectation
@@ -124,14 +116,7 @@ suite('testing the java-maven data provider with modules', () => {
 			let expectedSbom = fs.readFileSync(`test/providers/tst_manifests/maven/${testCase}/component_analysis_expected_sbom.json`,).toString().trim()
 			// read target manifest file
 			expectedSbom = JSON.stringify(JSON.parse(expectedSbom))
-			let effectivePomContent = fs.readFileSync(`test/providers/tst_manifests/maven/${testCase}/effectivePom.xml`,).toString()
-			let mockedExecFunction = function(command, args){
-				if (args.find(arg => arg.includes(":effective-pom"))){
-					interceptAndOverwriteDataWithMock(args, effectivePomContent, "Doutput=");
-				}
-			}
-			let javaMvnProvider = new Java_maven()
-			Object.getPrototypeOf(Object.getPrototypeOf(javaMvnProvider))._invokeCommand = mockedExecFunction
+			let javaMvnProvider = await createMockProvider(`test/providers/tst_manifests/maven/${testCase}`);
 			// invoke sut component analysis for scenario manifest
 			let provideDataForComponent = javaMvnProvider.provideComponent(`test/providers/tst_manifests/maven/${testCase}/pom.xml`, {})
 			// verify returned data matches expectation
@@ -140,12 +125,9 @@ suite('testing the java-maven data provider with modules', () => {
 				contentType: 'application/vnd.cyclonedx+json',
 				content: expectedSbom
 			})
-			// expect(beautifiedOutput).to.deep.equal(expectedSbom)
-
 			// these test cases takes ~2500-2700 ms each pr >10000 in CI (for the first test-case)
 		}).timeout(process.env.GITHUB_ACTIONS ? 40000 : 10000)
 
-
 		// these test cases takes ~1400-2000 ms each pr >10000 in CI (for the first test-case)
 
 	})