Added Unit Tests

cx-miguel-neiva · cx-miguel-neiva · commit d7fa170459a3 · 2025-04-17T12:18:07.000+01:00
diff --git a/lib/reporting/report_test.go b/lib/reporting/report_test.go
@@ -1,6 +1,7 @@
 package reporting
 
 import (
+	"bytes"
 	"encoding/json"
 	"os"
 	"path/filepath"
@@ -12,6 +13,7 @@ import (
 	"github.com/checkmarx/2ms/lib/config"
 	"github.com/checkmarx/2ms/lib/secrets"
 	"github.com/stretchr/testify/assert"
+	"gopkg.in/yaml.v3"
 )
 
 // test input results
@@ -334,3 +336,142 @@ func SortResults(results1, results2 []Results) {
 		return results2[i].Message.Text < results2[j].Message.Text
 	})
 }
+
+func TestGetOutputYAML(t *testing.T) {
+	testCases := []struct {
+		name   string
+		report Report
+	}{
+		{
+			name: "Single real secret in hardcodedPassword.go",
+			report: Report{
+				TotalItemsScanned: 1,
+				TotalSecretsFound: 1,
+				Results: map[string][]*secrets.Secret{
+					"c6490d749fd4670fde969011d99ea5c4c4b1c0d7": {
+						{
+							ID:               "c6490d749fd4670fde969011d99ea5c4c4b1c0d7",
+							Source:           "..\\2ms\\engine\\rules\\hardcodedPassword.go",
+							RuleID:           "generic-api-key",
+							StartLine:        45,
+							EndLine:          45,
+							LineContent:      "value",
+							StartColumn:      8,
+							EndColumn:        64,
+							Value:            "value",
+							ValidationStatus: "",
+							CvssScore:        8.2,
+							RuleDescription:  "Detected a Generic API Key, potentially exposing access to various services and sensitive operations.",
+						},
+					},
+				},
+			},
+		},
+		{
+			name: "Multiple real JWT secrets in jwt.txt",
+			report: Report{
+				TotalItemsScanned: 2,
+				TotalSecretsFound: 2,
+				Results: map[string][]*secrets.Secret{
+					"12fd8706491196cbfbdddd2fdcd650ed842dd963": {
+						{
+							ID:               "12fd8706491196cbfbdddd2fdcd650ed842dd963",
+							Source:           "..\\2ms\\pkg\\testData\\secrets\\jwt.txt",
+							RuleID:           "jwt",
+							StartLine:        1,
+							EndLine:          1,
+							LineContent:      "line content",
+							StartColumn:      129,
+							EndColumn:        232,
+							Value:            "value",
+							ValidationStatus: "",
+							CvssScore:        8.2,
+							RuleDescription:  "Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.",
+							ExtraDetails: map[string]interface{}{
+								"secretDetails": map[string]string{
+									"name": "mockName2",
+									"sub":  "mockSub2",
+								},
+							},
+						},
+						{
+							ID:               "12fd8706491196cbfbdddd2fdcd650ed842dd963",
+							Source:           "..\\2ms\\pkg\\testData\\secrets\\jwt.txt",
+							RuleID:           "jwt",
+							StartLine:        2,
+							EndLine:          2,
+							LineContent:      "line Content",
+							StartColumn:      64,
+							EndColumn:        166,
+							Value:            "value",
+							ValidationStatus: "",
+							CvssScore:        8.2,
+							RuleDescription:  "Uncovered a JSON Web Token, which may lead to unauthorized access to web applications and sensitive user data.",
+							ExtraDetails: map[string]interface{}{
+								"secretDetails": map[string]string{
+									"name": "mockName2",
+									"sub":  "mockSub2",
+								},
+							},
+						},
+					},
+				},
+			},
+		},
+	}
+
+	for _, tc := range testCases {
+		t.Run(tc.name, func(t *testing.T) {
+			output, err := tc.report.GetOutput("yaml", &config.Config{Name: "report", Version: "1"})
+			assert.NoError(t, err)
+
+			var report Report
+			err = yaml.Unmarshal([]byte(output), &report)
+			assert.NoError(t, err)
+
+			assert.Equal(t, tc.report.TotalItemsScanned, report.TotalItemsScanned)
+			assert.Equal(t, tc.report.TotalSecretsFound, report.TotalSecretsFound)
+
+			for key, expectedSecretsList := range tc.report.Results {
+				actualSecretsList, exists := report.Results[key]
+				if !exists {
+					t.Errorf("Key %s not found in actual report results", key)
+					continue
+				}
+
+				for i, expectedSecret := range expectedSecretsList {
+					actualSecret := actualSecretsList[i]
+
+					assert.Equal(t, expectedSecret.ID, actualSecret.ID, "Mismatch in ID for key %s at index %d", key, i)
+					assert.Equal(t, expectedSecret.Source, actualSecret.Source, "Mismatch in Source for key %s at index %d", key, i)
+					assert.Equal(t, expectedSecret.RuleID, actualSecret.RuleID, "Mismatch in RuleID for key %s at index %d", key, i)
+					assert.Equal(t, expectedSecret.StartLine, actualSecret.StartLine, "Mismatch in StartLine for key %s at index %d", key, i)
+					assert.Equal(t, expectedSecret.EndLine, actualSecret.EndLine, "Mismatch in EndLine for key %s at index %d", key, i)
+					assert.Equal(t, expectedSecret.LineContent, actualSecret.LineContent, "Mismatch in LineContent for key %s at index %d", key, i)
+					assert.Equal(t, expectedSecret.StartColumn, actualSecret.StartColumn, "Mismatch in StartColumn for key %s at index %d", key, i)
+					assert.Equal(t, expectedSecret.EndColumn, actualSecret.EndColumn, "Mismatch in EndColumn for key %s at index %d", key, i)
+					assert.Equal(t, expectedSecret.Value, actualSecret.Value, "Mismatch in Value for key %s at index %d", key, i)
+					assert.Equal(t, expectedSecret.ValidationStatus, actualSecret.ValidationStatus, "Mismatch in ValidationStatus for key %s at index %d", key, i)
+					assert.Equal(t, expectedSecret.RuleDescription, actualSecret.RuleDescription, "Mismatch in RuleDescription for key %s at index %d", key, i)
+					assert.Equal(t, expectedSecret.CvssScore, actualSecret.CvssScore, "Mismatch in CvssScore for key %s at index %d", key, i)
+
+					expectedYAML, err := yaml.Marshal(expectedSecret.ExtraDetails)
+					if err != nil {
+						t.Errorf("Error serializing %s at index %d: %v", key, i, err)
+						continue
+					}
+
+					actualYAML, err := yaml.Marshal(actualSecret.ExtraDetails)
+					if err != nil {
+						t.Errorf("Error %s at index %d: %v", key, i, err)
+						continue
+					}
+
+					if !bytes.Equal(expectedYAML, actualYAML) {
+						t.Errorf("Mismatch in ExtraDetails for key %s at index %d:\nExpected:\n%s\nGot:\n%s", key, i, expectedYAML, actualYAML)
+					}
+				}
+			}
+		})
+	}
+}
diff --git a/lib/reporting/yaml.go b/lib/reporting/yaml.go
@@ -2,10 +2,9 @@ package reporting
 
 import (
 	"fmt"
-	"sort"
 	"strings"
 
-	"github.com/checkmarx/2ms/lib/secrets"
+	"gopkg.in/yaml.v3"
 )
 
 func writeYaml(report *Report) (string, error) {
@@ -15,39 +14,35 @@ func writeYaml(report *Report) (string, error) {
 	builder.WriteString(fmt.Sprintf("totalsecretsfound: %d\n", report.TotalSecretsFound))
 	builder.WriteString("results:\n")
 
-	groupedByID := make(map[string][]*secrets.Secret)
-	for _, secretList := range report.Results {
-		for _, s := range secretList {
-			groupedByID[s.ID] = append(groupedByID[s.ID], s)
+	for _, secretsList := range report.Results {
+		if len(secretsList) > 0 {
+			builder.WriteString(fmt.Sprintf("  %s:\n", secretsList[0].ID))
 		}
-	}
-
-	ids := make([]string, 0, len(groupedByID))
-	for id := range groupedByID {
-		ids = append(ids, id)
-	}
-	sort.Strings(ids)
-
-	for _, id := range ids {
-		builder.WriteString(fmt.Sprintf("  %s:\n", id))
-		for _, s := range groupedByID[id] {
+		for _, s := range secretsList {
 			builder.WriteString("    - id: " + s.ID + "\n")
 			builder.WriteString("      source: " + s.Source + "\n")
 			builder.WriteString("      ruleid: " + s.RuleID + "\n")
 			builder.WriteString(fmt.Sprintf("      startline: %d\n", s.StartLine))
 			builder.WriteString(fmt.Sprintf("      endline: %d\n", s.EndLine))
-
 			builder.WriteString(fmt.Sprintf("      linecontent: %q\n", s.LineContent))
 			builder.WriteString(fmt.Sprintf("      startcolumn: %d\n", s.StartColumn))
 			builder.WriteString(fmt.Sprintf("      endcolumn: %d\n", s.EndColumn))
 			builder.WriteString("      value: " + s.Value + "\n")
-
 			builder.WriteString(fmt.Sprintf("      validationstatus: %q\n", fmt.Sprintf("%v", s.ValidationStatus)))
 			builder.WriteString("      ruledescription: " + s.RuleDescription + "\n")
-			if len(s.ExtraDetails) == 0 {
-				builder.WriteString("      extradetails: {}\n")
-			} else {
-				builder.WriteString(fmt.Sprintf("      extradetails: %v\n", s.ExtraDetails))
+			if len(s.ExtraDetails) > 0 {
+				builder.WriteString("      extradetails:\n")
+				marshaled, err := yaml.Marshal(s.ExtraDetails)
+				if err != nil {
+					builder.WriteString(fmt.Sprintf("        error: %v\n", err))
+				} else {
+					lines := strings.Split(string(marshaled), "\n")
+					for _, line := range lines {
+						if line != "" {
+							builder.WriteString("        " + line + "\n")
+						}
+					}
+				}
 			}
 			builder.WriteString(fmt.Sprintf("      cvssscore: %.1f\n", s.CvssScore))
 		}
