migrate test framework

.github/workflows/test-install.yml

@@ -40,8 +40,7 @@ jobs:
       - name: Running in GitHub actions requires testing puppeteer pdf creation separately
         if: ${{ env.RUNNING_ON_GITHUB_ACTIONS }} == 'true'
         run: |
-          cd /home/runner/work/firewall-orchestrator/firewall-orchestrator/roles/tests-unit/files/FWO.Test
+          cd /home/runner/work/firewall-orchestrator/firewall-orchestrator/roles/tests/files/FWO.Test
           dotnet restore
           dotnet build
           dotnet test --filter "Name=HtmlToPdfTest"
-

fwo.code-workspace

@@ -3,7 +3,7 @@
 		{
 			"path": "."
 		},
-        { "path": "roles/tests-unit/files/FWO.Test" },
+        { "path": "roles/tests/files/FWO.Test" },
 		{
 			"path": "roles"
 		}

roles/FWO.sln

@@ -7,7 +7,7 @@ Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Lib", "Lib", "{CE55F125-0CD
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "FWO.Middleware.Client", "lib\files\FWO.Middleware.Client\FWO.Middleware.Client.csproj", "{ECB165CE-BE81-4C5C-B27A-D73177D73E28}"
 EndProject
-Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "FWO.Test", "tests-unit\files\FWO.Test\FWO.Test.csproj", "{9C66B86B-FFB2-44A9-A944-54B33D31D413}"
+Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "FWO.Test", "tests\files\FWO.Test\FWO.Test.csproj", "{9C66B86B-FFB2-44A9-A944-54B33D31D413}"
 EndProject
 Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "FWO.Report", "lib\files\FWO.Report\FWO.Report.csproj", "{84CA4892-7C35-4F1F-AF25-2A379112DFCA}"
 EndProject

roles/lib/files/FWO.Report/ReportRules.cs

@@ -13,6 +13,7 @@
 using System.Text;
 using System.Text.Json;
 using Microsoft.Extensions.DependencyInjection;
+using System.Linq;
 
 namespace FWO.Report
 {
@@ -242,71 +243,48 @@ private static void AdditionalFilter(ManagementReport mgt, List<long> relevantOb
 
         public static Rule[] GetRulesByRulebaseId(int rulebaseId, ManagementReport managementReport)
         {
-            Rule[]? rules = managementReport.Rulebases.FirstOrDefault(rb => rb.Id == rulebaseId)?.Rules;
-            if (rules != null)
-            {
-                return rules;
-            }
-            return [];
+            return managementReport.Rulebases
+                .FirstOrDefault(rb => rb.Id == rulebaseId)?
+                .Rules ?? Array.Empty<Rule>();
         }
 
         public static Rule[] GetInitialRulesOfGateway(DeviceReportController deviceReport, ManagementReport managementReport)
         {
-            int? initialRulebaseId = deviceReport.GetInitialRulebaseId(managementReport);
-            if (initialRulebaseId != null)
-            {
-                Rule[]? rules = GetRulesByRulebaseId((int)initialRulebaseId, managementReport);
-                if (rules != null)
-                {
-                    return rules;
-                }
-            }
-            return [];
+            return deviceReport.GetInitialRulebaseId(managementReport) is int rulebaseId
+                ? GetRulesByRulebaseId(rulebaseId, managementReport)
+                : Array.Empty<Rule>();
         }
 
         public static Rule[] GetAllRulesOfGateway(DeviceReportController deviceReport, ManagementReport managementReport)
         {
-            if (_rulesCache.TryGetValue((deviceReport.Id, managementReport.Id), out Rule[]? allRules))
+            return _rulesCache.TryGetValue((deviceReport.Id, managementReport.Id), out Rule[]? allRules)
+                ? allRules
+                : Array.Empty<Rule>();
+        }
+
+        public static int GetRuleCount(ManagementReport mgmReport, RulebaseLink? currentRbLink, RulebaseLink[] rulebaseLinks)
+        {
+            if (currentRbLink == null)
             {
-                return allRules;
+                return 0;
             }
-            else
+
+            RulebaseReport? nextRulebase = mgmReport.Rulebases.FirstOrDefault(rb => rb.Id == currentRbLink.NextRulebaseId);
+            if (nextRulebase == null)
             {
-                return Array.Empty<Rule>();
+                return 0;
             }
-        }
 
-        public static int GetRuleCount(ManagementReport mgmReport, RulebaseLink? currentRbLink, RulebaseLink[] rulebaseLinks)
-        {
-            if (currentRbLink != null)
+            int ruleCount = 0;
+            RulebaseLink[] links = rulebaseLinks ?? Array.Empty<RulebaseLink>();
+
+            foreach (var rule in nextRulebase.Rules.Where(rule => string.IsNullOrEmpty(rule.SectionHeader)))
             {
-                int ruleCount = 0;
-                if (currentRbLink != null)
-                {
-                    int nextRulebaseId = currentRbLink.NextRulebaseId;
-                    RulebaseReport? nextRulebase = mgmReport.Rulebases.FirstOrDefault(_ => _.Id == nextRulebaseId);
-                    if (nextRulebase != null)
-                    {
-                        foreach (var rule in nextRulebase.Rules)
-                        {
-                            if (string.IsNullOrEmpty(rule.SectionHeader))
-                            {
-                                RulebaseLink? nextRbLink = rulebaseLinks.FirstOrDefault(_ => _.FromRuleId == rule.Id);
-                                if (nextRbLink != null)
-                                {
-                                    ruleCount += 1 + GetRuleCount(mgmReport, nextRbLink, rulebaseLinks);
-                                }
-                                else
-                                {
-                                    ruleCount++;
-                                }
-                            }
-                        }
-                        return ruleCount;
-                    }
-                }
+                RulebaseLink? nextRbLink = links.FirstOrDefault(link => link.FromRuleId == rule.Id);
+                ruleCount += 1 + (nextRbLink != null ? GetRuleCount(mgmReport, nextRbLink, links) : 0);
             }
-            return 0;
+
+            return ruleCount;
         }
 
         public override string SetDescription()

roles/tests/defaults/main.yml

@@ -0,0 +1,2 @@
+run_unit_tests: true
+run_integration_tests: true

roles/tests/files/FWO.Test/ReportRulesTest.cs

@@ -0,0 +1,141 @@
+using System.Collections.Generic;
+using System.Linq;
+using System.Reflection;
+using NUnit.Framework;
+using FWO.Report;
+using FWO.Data;
+using FWO.Data.Report;
+
+namespace FWO.Test
+{
+    [TestFixture]
+    internal class ReportRulesTest
+    {
+        [SetUp]
+        public void SetUp()
+        {
+            SetRulesCache(new Dictionary<(int deviceId, int managementId), Rule[]>());
+        }
+
+        [Test]
+        public void GetRulesByRulebaseId_ReturnsMatchingRules()
+        {
+            Rule expectedRule = new() { Id = 20 };
+            ManagementReport managementReport = CreateManagementReport(
+                new RulebaseReport { Id = 1, Rules = new[] { new Rule { Id = 10 } } },
+                new RulebaseReport { Id = 2, Rules = new[] { expectedRule } });
+
+            Rule[] rules = ReportRules.GetRulesByRulebaseId(2, managementReport);
+
+            Assert.That(rules, Has.Length.EqualTo(1));
+            Assert.That(rules[0].Id, Is.EqualTo(expectedRule.Id));
+        }
+
+        [Test]
+        public void GetRulesByRulebaseId_ReturnsEmptyWhenIdUnknown()
+        {
+            ManagementReport managementReport = CreateManagementReport(
+                new RulebaseReport { Id = 1, Rules = new[] { new Rule { Id = 10 } } });
+
+            Rule[] rules = ReportRules.GetRulesByRulebaseId(42, managementReport);
+
+            Assert.That(rules, Is.Empty);
+        }
+
+        [Test]
+        public void GetInitialRulesOfGateway_ReturnsInitialRulebaseRules()
+        {
+            Rule expectedRule = new() { Id = 100 };
+            ManagementReport managementReport = CreateManagementReport(
+                new RulebaseReport { Id = 5, Rules = new[] { expectedRule } });
+            DeviceReportController device = CreateDevice(1, new RulebaseLink { IsInitial = true, NextRulebaseId = 5 });
+
+            Rule[] rules = ReportRules.GetInitialRulesOfGateway(device, managementReport);
+
+            Assert.That(rules.Select(r => r.Id), Is.EqualTo(new[] { expectedRule.Id }));
+        }
+
+        [Test]
+        public void GetAllRulesOfGateway_ReturnsCachedRules()
+        {
+            var cacheContent = new Dictionary<(int, int), Rule[]>
+            {
+                { (7, 11), new[] { new Rule { Id = 1 }, new Rule { Id = 2 } } }
+            };
+            SetRulesCache(cacheContent);
+            DeviceReportController device = CreateDevice(7);
+            ManagementReport managementReport = new() { Id = 11 };
+
+            Rule[] rules = ReportRules.GetAllRulesOfGateway(device, managementReport);
+
+            Assert.That(rules, Is.EqualTo(cacheContent[(7, 11)]));
+        }
+
+        [Test]
+        public void GetAllRulesOfGateway_ReturnsEmptyWhenCacheEntryMissing()
+        {
+            DeviceReportController device = CreateDevice(3);
+            ManagementReport managementReport = new() { Id = 4 };
+
+            Rule[] rules = ReportRules.GetAllRulesOfGateway(device, managementReport);
+
+            Assert.That(rules, Is.Empty);
+        }
+
+        [Test]
+        public void GetRuleCount_CountsNestedRulebases()
+        {
+            Rule parentRule = new() { Id = 101 };
+            Rule sectionRule = new() { Id = 102, SectionHeader = "header" };
+            Rule childRule = new() { Id = 201 };
+            ManagementReport managementReport = CreateManagementReport(
+                new RulebaseReport { Id = 1, Rules = new[] { parentRule, sectionRule } },
+                new RulebaseReport { Id = 2, Rules = new[] { childRule } });
+            RulebaseLink[] links =
+            {
+                new RulebaseLink { IsInitial = true, NextRulebaseId = 1 },
+                new RulebaseLink { FromRuleId = (int)parentRule.Id, NextRulebaseId = 2 }
+            };
+
+            int ruleCount = ReportRules.GetRuleCount(managementReport, links[0], links);
+
+            Assert.That(ruleCount, Is.EqualTo(2));
+        }
+
+        [Test]
+        public void GetRuleCount_ReturnsZeroWhenRulebaseMissing()
+        {
+            ManagementReport managementReport = CreateManagementReport();
+            RulebaseLink missingLink = new() { IsInitial = true, NextRulebaseId = 99 };
+
+            int ruleCount = ReportRules.GetRuleCount(managementReport, missingLink, Array.Empty<RulebaseLink>());
+
+            Assert.That(ruleCount, Is.Zero);
+        }
+
+        private static void SetRulesCache(Dictionary<(int deviceId, int managementId), Rule[]> cache)
+        {
+            FieldInfo? cacheField = typeof(ReportRules).GetField("_rulesCache", BindingFlags.Static | BindingFlags.NonPublic);
+            Assert.That(cacheField, Is.Not.Null, "Unable to access rules cache via reflection.");
+            cacheField!.SetValue(null, cache);
+        }
+
+        private static ManagementReport CreateManagementReport(params RulebaseReport[] rulebases)
+        {
+            return new ManagementReport
+            {
+                Id = 1,
+                Rulebases = rulebases.Length > 0 ? rulebases : Array.Empty<RulebaseReport>()
+            };
+        }
+
+        private static DeviceReportController CreateDevice(int id, params RulebaseLink[] links)
+        {
+            return new DeviceReportController
+            {
+                Id = id,
+                RulebaseLinks = links.Length > 0 ? links : Array.Empty<RulebaseLink>()
+            };
+        }
+    }
+}

roles/tests-integration/files/importer/CP-R8x/iso_cp_r8x_api_generate_testdata.py → roles/tests/files/importer/CP-R8x/iso_cp_r8x_api_generate_testdata.py

@@ -1,6 +1,8 @@
 import requests
 import json
 import argparse
+import urllib3
+from urllib3.exceptions import InsecureRequestWarning
 
 
 parser = argparse.ArgumentParser(description='Create configuration from Check Point R8x management via API calls')
@@ -24,10 +26,12 @@
 limit = 100
 details_level = "full"  # 'standard'
 ssl_verification = False
+urllib3.disable_warnings(InsecureRequestWarning)
 use_object_dictionary = 'false'
 name_prefix = 'fworch_test_'
 obj_types = ['hosts', 'networks', 'services-tcp']
 base_ip = '10.88.99.'
+UNDEFINED_OPERATION = "error, not defined"
 
 
 def api_call(ip_addr, port, command, json_payload, sid_a):
@@ -36,7 +40,7 @@ def api_call(ip_addr, port, command, json_payload, sid_a):
         request_headers = {'Content-Type': 'application/json'}
     else:
         request_headers = {'Content-Type': 'application/json', 'X-chkp-sid': sid_a}
-    r = requests.post(url, data=json.dumps(json_payload), headers=request_headers, verify=ssl_verification)
+    r = requests.post(url, data=json.dumps(json_payload), headers=request_headers, verify=ssl_verification)  # NOSONAR - test script intentionally skips cert validation
     return r.json()
 
 
@@ -52,8 +56,8 @@ def login(user, password, api_host_a, api_port):
     for obj_type in obj_types:
         current = 0
         while current < args.number_of_test_objs:
-            del_cmd = "error, not defined"
-            del_req = "error, not defined"
+            del_cmd = UNDEFINED_OPERATION
+            del_req = UNDEFINED_OPERATION
             if obj_type == 'networks':
                 del_cmd = 'delete-network'
                 del_req = {'name': name_prefix + 'net_' + str(current)}
@@ -77,8 +81,8 @@ def login(user, password, api_host_a, api_port):
     for obj_type in obj_types:
         current = 0
         while current < args.number_of_test_objs:
-            create_cmd = "error, not defined"
-            create_req = "error, not defined"
+            create_cmd = UNDEFINED_OPERATION
+            create_req = UNDEFINED_OPERATION
             if obj_type == 'networks':
                 create_cmd = 'add-network'
                 create_req = {'name': name_prefix + 'net_' + str(current),