diff --git a/test/integration/data/console-help-text-log/cxHelpText.txt b/test/integration/data/console-help-text-log/cxHelpText.txt new file mode 100644 index 000000000..44de26515 --- /dev/null +++ b/test/integration/data/console-help-text-log/cxHelpText.txt @@ -0,0 +1,59 @@ +The Checkmarx One CLI is a fully functional Command Line Interface (CLI) that interacts with the Checkmarx One server + +USAGE + cx [flags] + +COMMANDS + auth: Validate authentication and create OAuth2 credentials + completion: Generate the autocompletion script for the specified shell + configure: Configure authentication and global properties + help: Help about any command + hooks: Manage Git hooks + project: Manage projects + results: Retrieve results + scan: Manage scans + telemetry: Telemetry user events + triage: Manage results + utils: Utility functions + version: Prints the version number + +FLAGS + --agent string Scan origin name (default "ASTCLI") + --apikey string The API Key to login to Checkmarx One + --base-auth-uri string The base system IAM URI + --base-uri string The base system URI + --client-id string The OAuth2 client ID + --client-secret string The OAuth2 client secret + --config-file-path string Path to the configuration file + --debug Debug mode with detailed logs + -h, --help help for cx + --ignore-proxy Ignore proxy configuration + --insecure Ignore TLS certificate validations + --log-file string Saves logs to the specified file path only + --log-file-console string Saves logs to the specified file path as well as to the console + --proxy string Proxy server to send communication through + --proxy-auth-type string Proxy authentication type (supported types: basic, ntlm, kerberos or kerberos-native) + --proxy-kerberos-ccache string Path to Kerberos credential cache (optional, default uses KRB5CCNAME env or OS default) + --proxy-kerberos-krb5-conf string Path to Kerberos configuration file(default: /etc/krb5.conf on linux and C:\Windows\krb5.ini on windows) + --proxy-kerberos-spn string Service Principal Name (SPN) for Kerberos proxy authentication + --proxy-ntlm-domain string Window domain when using NTLM proxy + --retry uint Retry requests to Checkmarx One on connection failure (default 3) + --retry-delay uint Time between retries in seconds, use with --retry (default 20) + --tenant string Checkmarx tenant + --timeout string Timeout for network activity, (default 5 seconds) + +EXAMPLES + $ cx configure + $ cx scan create -s . --project-name my_project_name + $ cx scan list + +DOCUMENTATION + https://checkmarx.com/resource/documents/en/34965-68620-checkmarx-one-cli-tool.html + +QUICK START GUIDE + https://checkmarx.com/resource/documents/en/34965-68621-checkmarx-one-cli-quick-start-guide.html + +LEARN MORE + Use 'cx --help' for more information about a command. + Read the manual at https://checkmarx.com/resource/documents/en/34965-68620-checkmarx-one-cli-tool.html + diff --git a/test/integration/data/console-help-text-log/projectCreateHelpText.txt b/test/integration/data/console-help-text-log/projectCreateHelpText.txt new file mode 100644 index 000000000..412eebf3e --- /dev/null +++ b/test/integration/data/console-help-text-log/projectCreateHelpText.txt @@ -0,0 +1,53 @@ +The project create command enables the ability to create a new project in Checkmarx One + +USAGE + cx project create [flags] + +FLAGS + --application-name string Name of the application to assign with the project + --branch string Main branch + --format string Format for the output. One of [json list table] (default "table") + --groups string List of groups, ex: (PowerUsers,etc) + -h, --help help for create + --project-name string Name of project + --repo-url string Repository URL + --ssh-key string Path to ssh private key + --tags string List of tags, ex: (tagA,tagB:val,etc) + +GLOBAL FLAGS + --agent string Scan origin name (default "ASTCLI") + --apikey string The API Key to login to Checkmarx One + --base-auth-uri string The base system IAM URI + --base-uri string The base system URI + --client-id string The OAuth2 client ID + --client-secret string The OAuth2 client secret + --config-file-path string Path to the configuration file + --debug Debug mode with detailed logs + --ignore-proxy Ignore proxy configuration + --insecure Ignore TLS certificate validations + --log-file string Saves logs to the specified file path only + --log-file-console string Saves logs to the specified file path as well as to the console + --proxy string Proxy server to send communication through + --proxy-auth-type string Proxy authentication type (supported types: basic, ntlm, kerberos or kerberos-native) + --proxy-kerberos-ccache string Path to Kerberos credential cache (optional, default uses KRB5CCNAME env or OS default) + --proxy-kerberos-krb5-conf string Path to Kerberos configuration file(default: /etc/krb5.conf on linux and C:\Windows\krb5.ini on windows) + --proxy-kerberos-spn string Service Principal Name (SPN) for Kerberos proxy authentication + --proxy-ntlm-domain string Window domain when using NTLM proxy + --retry uint Retry requests to Checkmarx One on connection failure (default 3) + --retry-delay uint Time between retries in seconds, use with --retry (default 20) + --tenant string Checkmarx tenant + --timeout string Timeout for network activity, (default 5 seconds) + +EXAMPLES + $ cx project create --project-name + +DOCUMENTATION + https://checkmarx.com/resource/documents/en/34965-68634-project.html#UUID-44ecd672-8f1f-32de-6c2e-838b680a0bf4 + +QUICK START GUIDE + https://checkmarx.com/resource/documents/en/34965-68621-checkmarx-one-cli-quick-start-guide.html + +LEARN MORE + Use 'cx --help' for more information about a command. + Read the manual at https://checkmarx.com/resource/documents/en/34965-68620-checkmarx-one-cli-tool.html + diff --git a/test/integration/data/console-help-text-log/resultsShowHelpLog.txt b/test/integration/data/console-help-text-log/resultsShowHelpLog.txt new file mode 100644 index 000000000..0d1d87657 --- /dev/null +++ b/test/integration/data/console-help-text-log/resultsShowHelpLog.txt @@ -0,0 +1,55 @@ +The show command enables the ability to show results about a requested scan in Checkmarx One + +USAGE + cx results show [flags] + +FLAGS + --filter strings Filter the list of results. Use ';' as the delimiter for arrays. Available filters are: scan-id,limit,offset,sort,include-nodes,node-ids,query,group,status,severity,state + -h, --help help for show + --ignore-policy Skip policy evaluation. Requires override-policy-management permission. + --output-name string Output file (default "cx_result") + --output-path string Output Path (default ".") + --policy-timeout int Cancel the policy evaluation and fail after the timeout in minutes (default 1) + --report-format string Format for the output. One of [json-v2 summaryHTML summaryConsole sarif summaryJSON sbom pdf markdown gl-sast gl-sca sonar json] (default "json") + --report-pdf-email string Send the PDF report to the specified email address. Use "," as the delimiter for multiple emails + --report-pdf-options string Sections to generate PDF report. Available options: Iac-Security,Sast,Sca,ScanSummary,ExecutiveSummary,ScanResults (default "ScanSummary,ExecutiveSummary,ScanResults") + --report-sbom-format string Sections to generate SBOM report. Available options: CycloneDxJson,CycloneDxXml,SpdxJson (default "CycloneDxJson") + --sast-redundancy Populate SAST results 'data.redundancy' with values 'fix' (to fix) or 'redundant' (no need to fix) + --sca-hide-dev-test-dependencies Filter SCA results to exclude dev and test dependencies + --scan-id string ID to report on + --wait-delay int Polling wait time in seconds (default 5) + +GLOBAL FLAGS + --agent string Scan origin name (default "ASTCLI") + --apikey string The API Key to login to Checkmarx One + --base-auth-uri string The base system IAM URI + --base-uri string The base system URI + --client-id string The OAuth2 client ID + --client-secret string The OAuth2 client secret + --config-file-path string Path to the configuration file + --debug Debug mode with detailed logs + --ignore-proxy Ignore proxy configuration + --insecure Ignore TLS certificate validations + --log-file string Saves logs to the specified file path only + --log-file-console string Saves logs to the specified file path as well as to the console + --proxy string Proxy server to send communication through + --proxy-auth-type string Proxy authentication type (supported types: basic, ntlm, kerberos or kerberos-native) + --proxy-kerberos-ccache string Path to Kerberos credential cache (optional, default uses KRB5CCNAME env or OS default) + --proxy-kerberos-krb5-conf string Path to Kerberos configuration file(default: /etc/krb5.conf on linux and C:\Windows\krb5.ini on windows) + --proxy-kerberos-spn string Service Principal Name (SPN) for Kerberos proxy authentication + --proxy-ntlm-domain string Window domain when using NTLM proxy + --retry uint Retry requests to Checkmarx One on connection failure (default 3) + --retry-delay uint Time between retries in seconds, use with --retry (default 20) + --tenant string Checkmarx tenant + --timeout string Timeout for network activity, (default 5 seconds) + +EXAMPLES + $ cx results show --scan-id + +QUICK START GUIDE + https://checkmarx.com/resource/documents/en/34965-68621-checkmarx-one-cli-quick-start-guide.html + +LEARN MORE + Use 'cx --help' for more information about a command. + Read the manual at https://checkmarx.com/resource/documents/en/34965-68620-checkmarx-one-cli-tool.html + diff --git a/test/integration/data/console-help-text-log/scanCreateHelpLog.txt b/test/integration/data/console-help-text-log/scanCreateHelpLog.txt new file mode 100644 index 000000000..2c3d7ed92 --- /dev/null +++ b/test/integration/data/console-help-text-log/scanCreateHelpLog.txt @@ -0,0 +1,102 @@ +The create command enables the ability to create and run a new scan in Checkmarx One + +USAGE + cx scan create [flags] + +FLAGS + --apisec-swagger-filter string Swagger folder/file filter for API-Security scan. Example: ./swagger.json + --application-name string Name of the application to assign with the project + --async Do not wait for scan completion + -b, --branch string Branch to scan + --branch-primary This flag sets the branch specified in --branch as the PRIMARY branch for the project + --container-images string List of container images to scan, ex: manuelbcd/vulnapp:latest,debian:10 + --containers-exclude-non-final-stages Scan only the final deployable image + --containers-file-folder-filter string Specify files and folders to be included or excluded from scans, ex: "!*.log" + --containers-image-tag-filter string Exclude images by image name and/or tag, ex: "*dev" + --containers-local-resolution Execute container resolver locally. + --containers-package-filter string Exclude packages by package name or file path using regex, ex: "^internal-.*" + -f, --file-filter string Source file filtering pattern + -i, --file-include string Only files scannable by AST are included by default. Add a comma separated list of extra inclusions, ex: *zip,file.txt + -s, --file-source string Sources like: directory, zip file or git URL + --filter strings Filter the list of results. Use ';' as the delimiter for arrays. Available filters are: scan-id,limit,offset,sort,include-nodes,node-ids,query,group,status,severity,state + -h, --help help for create + --iac-security-filter string IaC Security filter + --iac-security-platforms strings IaC Security Platform Flag + --iac-security-preset-id string The ID of the IaC Security Preset to use (must be a valid UUID) + --ignore-policy Skip policy evaluation. Requires override-policy-management permission. + --output-name string Output file (default "cx_result") + --output-path string Output Path (default ".") + --policy-timeout int Cancel the policy evaluation and fail after the timeout in minutes (default 4) + --project-groups string List of groups to associate to project + --project-name string Name of the project + --project-private-package string Enable or disable project private package. Available options: true,false + --project-tags string List of tags to associate to project + --report-format string Format for the output. One of [json json-v2 summaryHTML sarif sbom pdf markdown gl-sast gl-sca summaryConsole] (default "summaryConsole") + --report-pdf-email string Send the PDF report to the specified email address. Use "," as the delimiter for multiple emails + --report-pdf-options string Sections to generate PDF report. Available options: Iac-Security,Sast,Sca,ScanSummary,ExecutiveSummary,ScanResults (default "ScanSummary,ExecutiveSummary,ScanResults") + --report-sbom-format string Sections to generate SBOM report. Available options: CycloneDxJson,CycloneDxXml,SpdxJson (default "CycloneDxJson") + --resubmit Create a scan with the configurations used in the most recent scan in the project + --sast-fast-scan Enable SAST Fast Scan configuration + --sast-filter string SAST filter + --sast-incremental Incremental SAST scan should be performed. + --sast-light-queries Enable SAST scan using light query configuration + --sast-preset-name string The name of the Checkmarx preset to use. + --sast-recommended-exclusions Enable recommended exclusions configuration for SAST scan + --sast-redundancy Populate SAST results 'data.redundancy' with values 'fix' (to fix) or 'redundant' (no need to fix) + --sbom-only Scan only the specified SBOM file (supported formats xml or json) + --sca-exploitable-path string Enable or disable exploitable path in scan. Available options: true,false + --sca-filter string SCA filter + --sca-hide-dev-test-dependencies Filter SCA results to exclude dev and test dependencies + --sca-last-sast-scan-time string SCA last scan time. Available options: integer above 1 + --sca-private-package-version string SCA project private package version. Example: 0.1.1 + --sca-resolver string Resolve SCA project dependencies (path to SCA Resolver executable) + --sca-resolver-params string Parameters to use in SCA resolver (requires --sca-resolver) + --scan-info-format string Format for the output. One of [table json list] (default "list") + --scan-timeout int Cancel the scan and fail after the timeout in minutes + --scan-types string Scan types, ex: (sast,iac-security,sca,api-security) + --scs-engines string Specify which scs engines will run (default: all licensed engines) + --scs-repo-token string Provide a token with read permission for the repo that you are scanning (for scorecard scans) + --scs-repo-url string The URL of the repo that you are scanning with scs (for scorecard scans) + --ssh-key string Path to ssh private key + --tags string List of tags, ex: (tagA,tagB:val,etc) + --threshold string Local build threshold. Format -=. Example: scan --threshold "sast-high=10;sca-high=5;iac-security-low=10" + --use-gitignore Exclude files and directories from the scan based on the patterns defined in the directory's .gitignore file + --wait-delay int Polling wait time in seconds (default 5) + +GLOBAL FLAGS + --agent string Scan origin name (default "ASTCLI") + --apikey string The API Key to login to Checkmarx One + --base-auth-uri string The base system IAM URI + --base-uri string The base system URI + --client-id string The OAuth2 client ID + --client-secret string The OAuth2 client secret + --config-file-path string Path to the configuration file + --debug Debug mode with detailed logs + --ignore-proxy Ignore proxy configuration + --insecure Ignore TLS certificate validations + --log-file string Saves logs to the specified file path only + --log-file-console string Saves logs to the specified file path as well as to the console + --proxy string Proxy server to send communication through + --proxy-auth-type string Proxy authentication type (supported types: basic, ntlm, kerberos or kerberos-native) + --proxy-kerberos-ccache string Path to Kerberos credential cache (optional, default uses KRB5CCNAME env or OS default) + --proxy-kerberos-krb5-conf string Path to Kerberos configuration file(default: /etc/krb5.conf on linux and C:\Windows\krb5.ini on windows) + --proxy-kerberos-spn string Service Principal Name (SPN) for Kerberos proxy authentication + --proxy-ntlm-domain string Window domain when using NTLM proxy + --retry uint Retry requests to Checkmarx One on connection failure (default 3) + --retry-delay uint Time between retries in seconds, use with --retry (default 20) + --tenant string Checkmarx tenant + --timeout string Timeout for network activity, (default 5 seconds) + +EXAMPLES + $ cx scan create --project-name -s + +DOCUMENTATION + https://checkmarx.com/resource/documents/en/34965-68643-scan.html#UUID-a0bb20d5-5182-3fb4-3da0-0e263344ffe7 + +QUICK START GUIDE + https://checkmarx.com/resource/documents/en/34965-68621-checkmarx-one-cli-quick-start-guide.html + +LEARN MORE + Use 'cx --help' for more information about a command. + Read the manual at https://checkmarx.com/resource/documents/en/34965-68620-checkmarx-one-cli-tool.html + diff --git a/test/integration/data/console-help-text-log/triageUpdateHelpLog.txt b/test/integration/data/console-help-text-log/triageUpdateHelpLog.txt new file mode 100644 index 000000000..8a658b5e9 --- /dev/null +++ b/test/integration/data/console-help-text-log/triageUpdateHelpLog.txt @@ -0,0 +1,56 @@ +The update command enables the ability to triage the results in Checkmarx One + +USAGE + cx triage update [flags] + +FLAGS + --comment string Optional comment + -h, --help help for update + --project-id string Project ID + --scan-type string Scan Type + --severity string Severity + --similarity-id string Similarity ID + --state string Specify the state that you would like to apply. Can be a pre-configured state (e.g., not_exploitable) or a custom state created in your account + --state-id int Specify the ID of the states that you would like to apply to this result (default -1) + +GLOBAL FLAGS + --agent string Scan origin name (default "ASTCLI") + --apikey string The API Key to login to Checkmarx One + --base-auth-uri string The base system IAM URI + --base-uri string The base system URI + --client-id string The OAuth2 client ID + --client-secret string The OAuth2 client secret + --config-file-path string Path to the configuration file + --debug Debug mode with detailed logs + --ignore-proxy Ignore proxy configuration + --insecure Ignore TLS certificate validations + --log-file string Saves logs to the specified file path only + --log-file-console string Saves logs to the specified file path as well as to the console + --proxy string Proxy server to send communication through + --proxy-auth-type string Proxy authentication type (supported types: basic, ntlm, kerberos or kerberos-native) + --proxy-kerberos-ccache string Path to Kerberos credential cache (optional, default uses KRB5CCNAME env or OS default) + --proxy-kerberos-krb5-conf string Path to Kerberos configuration file(default: /etc/krb5.conf on linux and C:\Windows\krb5.ini on windows) + --proxy-kerberos-spn string Service Principal Name (SPN) for Kerberos proxy authentication + --proxy-ntlm-domain string Window domain when using NTLM proxy + --retry uint Retry requests to Checkmarx One on connection failure (default 3) + --retry-delay uint Time between retries in seconds, use with --retry (default 20) + --tenant string Checkmarx tenant + --timeout string Timeout for network activity, (default 5 seconds) + +EXAMPLES + $ cx triage update + --similarity-id + --project-id + --state + --state-id + --severity + --comment + --scan-type + +QUICK START GUIDE + https://checkmarx.com/resource/documents/en/34965-68621-checkmarx-one-cli-quick-start-guide.html + +LEARN MORE + Use 'cx --help' for more information about a command. + Read the manual at https://checkmarx.com/resource/documents/en/34965-68620-checkmarx-one-cli-tool.html + diff --git a/test/integration/help_test.go b/test/integration/help_test.go new file mode 100644 index 000000000..e5728cb5d --- /dev/null +++ b/test/integration/help_test.go @@ -0,0 +1,534 @@ +//go:build integration + +package integration + +import ( + "strings" + "testing" + + "gotest.tools/assert" +) + +// Help +/* +This function helps to validate all the cx --help command content. +Expected help content value is stored in the "integration/data/cxHelpText.txt" +We compare the command output with the above txt file, if there is any new flag introduced +or content is changed then user this testcase will help to capture it +*/ +func TestHelpFlag_Validate_CxHelpOutput(t *testing.T) { + referenceFile := "data/console-help-text-log/cxHelpText.txt" + + _, outputText := executeCommand(t, "help") + + ValidateCompleteConsoleLog(t, outputText, referenceFile) +} + +// Auth +// Validate cx auth register --help command +func TestHelpFlag_Validate_AuthRegisterHelpMessage(t *testing.T) { + + args := []string{ + "auth", + "register", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Register new OAuth2 client and outputs its generated credentials in the format =", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx auth validate --help command +func TestHelpFlag_Validate_AuthValidateHelpMessage(t *testing.T) { + + args := []string{ + "auth", + "validate", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Validates if CLI is able to communicate with Checkmarx One", textCapturedForValidation, "Incorrect help text found") +} + +// Configure + +// Validate cx configure --help command +func TestHelpFlag_Validate_ConfigureHelpMessage(t *testing.T) { + + args := []string{ + "configure", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The configure command is the fastest way to set up your AST CLI", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx configure set --help command +func TestHelpFlag_Validate_ConfigureSetHelpMessage(t *testing.T) { + + args := []string{ + "configure", + "set", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Set configuration properties", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx configure show --help command +func TestHelpFlag_Validate_ConfigureShowHelpMessage(t *testing.T) { + + args := []string{ + "configure", + "show", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Shows effective profile configuration", textCapturedForValidation, "Incorrect help text found") +} + +// Hooks + +// Validate cx configure show --help command +func TestHelpFlag_Validate_HooksPreCommitHelpMessage(t *testing.T) { + + args := []string{ + "hooks", + "pre-commit", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The pre-commit command enables the ability to manage Git pre-commit hooks for secret detection.", textCapturedForValidation, "Incorrect help text found") +} + +// Project Help Validation + +// Validate cx project list --help command +func TestHelpFlag_ValidateProjectListHelpMessage(t *testing.T) { + + args := []string{ + "project", + "list", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "List all projects in the system", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx project create --help +func TestHelpFlag_ValidateProjectCreateHelpMessage(t *testing.T) { + + referenceFile := "data/console-help-text-log/projectCreateHelpText.txt" + + args := []string{ + "project", + "create", + "--help", + } + + _, outputText := executeCommand(t, args...) + + ValidateCompleteConsoleLog(t, outputText, referenceFile) +} + +// Validate cx project delete --help command +func TestHelpFlag_ValidateProjectDeleteHelpMessage(t *testing.T) { + + args := []string{ + "project", + "delete", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Delete a project", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx project show --help command +func TestHelpFlag_ValidateProjectShowHelpMessage(t *testing.T) { + + args := []string{ + "project", + "show", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Show information about a project", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx project tags --help command +func TestHelpFlag_ValidateProjectTagsHelpMessage(t *testing.T) { + + args := []string{ + "project", + "tags", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Get a list of all available tags", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx project branch --help command +func TestHelpFlag_ValidateProjectBranchHelpMessage(t *testing.T) { + + args := []string{ + "project", + "branches", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Show list of branches from a project", textCapturedForValidation, "Incorrect help text found") +} + +// Results + +// Validate cx results --help command +func TestHelpFlag_Validate_ResultsHelpMessage(t *testing.T) { + + args := []string{ + "results", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Retrieve results", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx results show --help command +func TestHelpFlag_Validate_ResultsShowHelpOutput(t *testing.T) { + referenceFile := "data/console-help-text-log/resultsShowHelpLog.txt" + + args := []string{ + "results", + "show", + "--help", + } + _, outputText := executeCommand(t, args...) + + ValidateCompleteConsoleLog(t, outputText, referenceFile) +} + +// Validate cx results codebashing --help command +func TestHelpFlag_Validate_ResultsCodeBashingHelpMessage(t *testing.T) { + + args := []string{ + "results", + "codebashing", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The codebashing command enables the ability to retrieve the link about a specific vulnerability", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx results exit-code --help command +func TestHelpFlag_Validate_ResultsExitCodeHelpMessage(t *testing.T) { + + args := []string{ + "results", + "exit-code", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The exit-code command enables you to get the exit code and failure details of a requested scan in Checkmarx One", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx triage --help command +func TestHelpFlag_Validate_TriageHelpMessage(t *testing.T) { + + args := []string{ + "triage", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The 'triage' command enables the ability to manage results in Checkmarx One", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx triage get-states --help command +func TestHelpFlag_Validate_TriageGetStatesHelpMessage(t *testing.T) { + + args := []string{ + "triage", + "get-states", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The get-states command shows information about each of the custom states that have been configured in your tenant account", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx triage update --help command +func TestHelpFlag_Validate_TriageUpdateHelpMessage(t *testing.T) { + + args := []string{ + "triage", + "update", + "--help", + } + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The update command enables the ability to triage the results in Checkmarx One", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx triage show --help command +func TestHelpFlag_Validate_TriageShowHelpMessage(t *testing.T) { + + args := []string{ + "triage", + "show", + "--help", + } + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The show command provides a list of all the predicates in the issue", textCapturedForValidation, "Incorrect help text found") +} + +// Scan Help Validation + +// Validate cx scan cancel --help command +func TestHelpFlag_Validate_ScanCancelHelpMessage(t *testing.T) { + + args := []string{ + "scan", + "cancel", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The cancel command enables the ability to cancel one or more running scans in Checkmarx One", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx scan create --help command +func TestHelpFlag_Validate_CxScanCreateHelpOutput(t *testing.T) { + referenceFile := "data/console-help-text-log/scanCreateHelpLog.txt" + + args := []string{ + "scan", + "create", + "--help", + } + _, outputText := executeCommand(t, args...) + + ValidateCompleteConsoleLog(t, outputText, referenceFile) +} + +// Validate cx scan delete --help command +func TestHelpFlag_Validate_ScanDeleteHelpMessage(t *testing.T) { + + args := []string{ + "scan", + "delete", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Deletes one or more scans", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx scan list --help command +func TestHelpFlag_Validate_ScanListHelpMessage(t *testing.T) { + + args := []string{ + "scan", + "list", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The list command provides a list of all the scans in Checkmarx One", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx tags show --help command +func TestHelpFlag_Validate_ScanShowHelpMessage(t *testing.T) { + + args := []string{ + "scan", + "show", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The show command enables the ability to show information about a requested scan in Checkmarx One", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx scan tags --help command +func TestHelpFlag_Validate_ScanTagsHelpMessage(t *testing.T) { + + args := []string{ + "scan", + "tags", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The tags command enables the ability to provide a list of all the available tags in Checkmarx One", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx scan workflow --help command +func TestHelpFlag_Validate_ScanWorkflowHelpMessage(t *testing.T) { + + args := []string{ + "scan", + "workflow", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The workflow command enables the ability to provide information about a requested scan workflow in Checkmarx One", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx scan logs --help command +func TestHelpFlag_Validate_ScanLogsHelpMessage(t *testing.T) { + + args := []string{ + "scan", + "logs", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "Accepts a scan-id and scan type (sast, iac-security) and downloads the related scan log", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx scan sca-realtime --help command +func TestHelpFlag_Validate_ScanScaRealtimeHelpMessage(t *testing.T) { + + args := []string{ + "scan", + "sca-realtime", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The sca-realtime command enables the ability to create, run and retrieve results from a sca scan using sca resolver", textCapturedForValidation, "Incorrect help text found") +} + +// Validate cx scan kics-realtime --help command +func TestHelpFlag_Validate_ScanKicsRealtimeHelpMessage(t *testing.T) { + + args := []string{ + "scan", + "kics-realtime", + "--help", + } + + _, outputText := executeCommand(t, args...) + + normalizedOut := StripAnsi(strings.ReplaceAll(outputText.String(), "\r\n", "\n")) + textCapturedForValidation := GetFlagHelpText(normalizedOut) + + assert.Equal(t, "The kics-realtime command enables the ability to create, run and retrieve results from a kics scan using a docker image", textCapturedForValidation, "Incorrect help text found") +} diff --git a/test/integration/test_helperFunctions.go b/test/integration/test_helperFunctions.go new file mode 100644 index 000000000..f3b63774a --- /dev/null +++ b/test/integration/test_helperFunctions.go @@ -0,0 +1,46 @@ +package integration + +import ( + "bytes" + "log" + "os" + "regexp" + "strings" + "testing" + + "gotest.tools/assert" +) + +/* +When cli logs the output in console it prints some texts in the special format +e.g. COMMANDS this methos helps to strip this special format from the output +*/ +func StripAnsi(s string) string { + ansi := regexp.MustCompile(`\x1b\[[0-9;]*m`) + + return ansi.ReplaceAllString(s, "") +} + +// Returns the first line of information when --help flag is passed along a command +func GetFlagHelpText(s string) string { + lineNumber := 2 + linesSepration := strings.SplitN(s, "\n", lineNumber) + textCapturedForValidation := strings.TrimSpace(linesSepration[0]) + + return textCapturedForValidation +} + +// Compares the complete console log output against the given text file data +func ValidateCompleteConsoleLog(t *testing.T, consoleLog *bytes.Buffer, filePath string) { + // Read the reference file data + referenceData, err := os.ReadFile(filePath) + + if err != nil { + log.Fatalf("Error reading help text: %s", err) + } + // formats console output and reference file data + normalizedRef := StripAnsi(strings.ReplaceAll(string(referenceData), "\r\n", "\n")) + normalizedOut := StripAnsi(strings.ReplaceAll(consoleLog.String(), "\r\n", "\n")) + + assert.Equal(t, normalizedRef, normalizedOut, "Command output doesn't match with given file") +}