Skip to content

Commit 9b2dc7e

Browse files
author
elchananarb
committed
Add integration test for pre-commit flag (AST-89008)
1 parent bb88b71 commit 9b2dc7e

File tree

1 file changed

+189
-0
lines changed

1 file changed

+189
-0
lines changed

test/integration/pre_commit_test.go

Lines changed: 189 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,189 @@
1+
//go:build integration
2+
3+
package integration
4+
5+
import (
6+
"os"
7+
"os/exec"
8+
"path/filepath"
9+
"testing"
10+
11+
"github.com/stretchr/testify/assert"
12+
)
13+
14+
func TestPreCommitIntegration(t *testing.T) {
15+
t.Run("Install and Uninstall Local Hook", func(t *testing.T) {
16+
tmpDir, cleanup := setupTempDir(t)
17+
defer cleanup()
18+
19+
// Initialize Git repository
20+
cmdGitInit := exec.Command("git", "init")
21+
cmdGitInit.Dir = tmpDir
22+
if out, err := cmdGitInit.CombinedOutput(); err != nil {
23+
t.Fatalf("git init failed: %s: %s", err, string(out))
24+
}
25+
26+
// Install hook locally
27+
output := executeCmdNilAssertion(t, "pre-commit install should not fail",
28+
"hooks", "pre-commit", "secrets-install-git-hook")
29+
assert.Contains(t, output.String(), "pre-commit installed successfully")
30+
31+
// Verify hook installation
32+
hookPath := filepath.Join(tmpDir, ".git", "hooks", "pre-commit")
33+
_, err := os.Stat(hookPath)
34+
assert.NoError(t, err, "pre-commit hook should exist")
35+
36+
// Uninstall hook
37+
output = executeCmdNilAssertion(t, "pre-commit uninstall should not fail",
38+
"hooks", "pre-commit", "secrets-uninstall-git-hook")
39+
assert.Contains(t, output.String(), "pre-commit hook uninstalled successfully")
40+
41+
// Verify hook removal
42+
_, err = os.Stat(hookPath)
43+
assert.True(t, os.IsNotExist(err), "pre-commit hook should be removed")
44+
})
45+
46+
t.Run("Install and Uninstall Global Hook", func(t *testing.T) {
47+
tmpDir, cleanup := setupTempDir(t)
48+
defer cleanup()
49+
50+
// Initialize Git repository
51+
cmdGitInit := exec.Command("git", "init")
52+
cmdGitInit.Dir = tmpDir
53+
if out, err := cmdGitInit.CombinedOutput(); err != nil {
54+
t.Fatalf("git init failed: %s: %s", err, string(out))
55+
}
56+
57+
// Install hook globally
58+
output := executeCmdNilAssertion(t, "pre-commit global install should not fail",
59+
"hooks", "pre-commit", "secrets-install-git-hook", "--global")
60+
assert.Contains(t, output.String(), "pre-commit installed globally successfully")
61+
62+
// Verify global hook installation
63+
homeDir, err := os.UserHomeDir()
64+
assert.NoError(t, err)
65+
globalHookPath := filepath.Join(homeDir, ".git", "hooks", "pre-commit")
66+
_, err = os.Stat(globalHookPath)
67+
assert.NoError(t, err, "global pre-commit hook should exist")
68+
69+
// Uninstall global hook
70+
output = executeCmdNilAssertion(t, "pre-commit global uninstall should not fail",
71+
"hooks", "pre-commit", "secrets-uninstall-git-hook", "--global")
72+
assert.Contains(t, output.String(), "pre-commit hook uninstalled globally successfully")
73+
74+
// Verify global hook removal
75+
_, err = os.Stat(globalHookPath)
76+
assert.True(t, os.IsNotExist(err), "global pre-commit hook should be removed")
77+
})
78+
79+
t.Run("Scan for Secrets", func(t *testing.T) {
80+
tmpDir, cleanup := setupTempDir(t)
81+
defer cleanup()
82+
83+
// Initialize Git repository
84+
cmdGitInit := exec.Command("git", "init")
85+
cmdGitInit.Dir = tmpDir
86+
if out, err := cmdGitInit.CombinedOutput(); err != nil {
87+
t.Fatalf("git init failed: %s: %s", err, string(out))
88+
}
89+
90+
// Create a file with a secret
91+
secretContent := `MOCK CONTENT
92+
ghp_AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
93+
MOCK CONTENT`
94+
filePath := filepath.Join(tmpDir, "secret.txt")
95+
err := os.WriteFile(filePath, []byte(secretContent), 0644)
96+
assert.NoError(t, err)
97+
98+
// Stage the file
99+
cmdGitAdd := exec.Command("git", "add", "secret.txt")
100+
cmdGitAdd.Dir = tmpDir
101+
if out, err := cmdGitAdd.CombinedOutput(); err != nil {
102+
t.Fatalf("git add failed: %s: %s", err, string(out))
103+
}
104+
105+
// Run scan - should detect secret
106+
err, output := executeCommand(t, "hooks", "pre-commit", "secrets-scan")
107+
assert.Error(t, err)
108+
assert.Contains(t, output.String(), "Secret detected")
109+
110+
// Ignore the secret
111+
output = executeCmdNilAssertion(t, "pre-commit ignore should not fail",
112+
"hooks", "pre-commit", "secrets-ignore", "--all")
113+
assert.Contains(t, output.String(), "Added new IDs to .checkmarx_ignore")
114+
115+
// Run scan again - should pass
116+
output = executeCmdNilAssertion(t, "pre-commit scan should pass after ignoring",
117+
"hooks", "pre-commit", "secrets-scan")
118+
assert.Contains(t, output.String(), "No secrets detected")
119+
})
120+
121+
t.Run("Update Hook", func(t *testing.T) {
122+
tmpDir, cleanup := setupTempDir(t)
123+
defer cleanup()
124+
125+
// Initialize Git repository
126+
cmdGitInit := exec.Command("git", "init")
127+
cmdGitInit.Dir = tmpDir
128+
if out, err := cmdGitInit.CombinedOutput(); err != nil {
129+
t.Fatalf("git init failed: %s: %s", err, string(out))
130+
}
131+
132+
// Install hook
133+
output := executeCmdNilAssertion(t, "pre-commit install should not fail",
134+
"hooks", "pre-commit", "secrets-install-git-hook")
135+
assert.Contains(t, output.String(), "pre-commit installed successfully")
136+
137+
// Update hook
138+
output = executeCmdNilAssertion(t, "pre-commit update should not fail",
139+
"hooks", "pre-commit", "secrets-update-git-hook")
140+
assert.Contains(t, output.String(), "pre-commit hook updated successfully")
141+
})
142+
143+
t.Run("Ignore Specific Secrets", func(t *testing.T) {
144+
tmpDir, cleanup := setupTempDir(t)
145+
defer cleanup()
146+
147+
// Initialize Git repository
148+
cmdGitInit := exec.Command("git", "init")
149+
cmdGitInit.Dir = tmpDir
150+
if out, err := cmdGitInit.CombinedOutput(); err != nil {
151+
t.Fatalf("git init failed: %s: %s", err, string(out))
152+
}
153+
154+
// Create a file with multiple secrets
155+
secretContent := `MOCK CONTENT
156+
ghp_AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
157+
ghp_BBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBBB
158+
MOCK CONTENT`
159+
filePath := filepath.Join(tmpDir, "secrets.txt")
160+
err := os.WriteFile(filePath, []byte(secretContent), 0644)
161+
assert.NoError(t, err)
162+
163+
// Stage the file
164+
cmdGitAdd := exec.Command("git", "add", "secrets.txt")
165+
cmdGitAdd.Dir = tmpDir
166+
if out, err := cmdGitAdd.CombinedOutput(); err != nil {
167+
t.Fatalf("git add failed: %s: %s", err, string(out))
168+
}
169+
170+
// Run scan - should detect secrets
171+
err, output := executeCommand(t, "hooks", "pre-commit", "secrets-scan")
172+
assert.Error(t, err)
173+
assert.Contains(t, output.String(), "Secrets detected")
174+
175+
// Get the result IDs from the output
176+
// Note: In a real test, you would need to parse the actual result IDs from the scan output
177+
resultIds := "mock-id-1,mock-id-2"
178+
179+
// Ignore specific secrets
180+
output = executeCmdNilAssertion(t, "pre-commit ignore specific secrets should not fail",
181+
"hooks", "pre-commit", "secrets-ignore", "--resultIds", resultIds)
182+
assert.Contains(t, output.String(), "Added new IDs to .checkmarx_ignore")
183+
184+
// Run scan again - should pass
185+
output = executeCmdNilAssertion(t, "pre-commit scan should pass after ignoring specific secrets",
186+
"hooks", "pre-commit", "secrets-scan")
187+
assert.Contains(t, output.String(), "No secrets detected")
188+
})
189+
}

0 commit comments

Comments
 (0)