Merge pull request #23 from vulncheck-oss/tests-and-refactor

💚 table module and more test coverage

README.md

@@ -6,7 +6,8 @@
 
 > Bring VulnCheck into your CI/CD pipeline.
 
-This Github Action uses the VulnCheck CLI to integrte security-related tasks
+This Github Action uses the VulnCheck
+[CLI](https://github.com/vulncheck-oss/cli) to integrate security-related tasks
 into your CI/CD pipeline.
 
 ![CI](https://github.com/vulncheck-oss/action/actions/workflows/ci.yml/badge.svg)

__tests__/scan.test.ts

@@ -0,0 +1,109 @@
+import type { ScanThreshold, ScanResult } from '../src/types'
+import { processThresholds, scanDiff } from '../src/scan'
+import * as core from '@actions/core'
+
+jest.mock('@actions/core')
+
+describe('Scan', () => {
+  describe('processThresholds', () => {
+    it('should process thresholds correctly', () => {
+      const mockInput = jest.spyOn(core, 'getInput')
+      mockInput.mockImplementation(name => {
+        switch (name) {
+          case 'scan-cvss-base-threshold':
+            return '7.0'
+          case 'scan-cvss-temporal-threshold':
+            return '5.0'
+          default:
+            return ''
+        }
+      })
+
+      const result: ScanResult = {
+        vulnerabilities: [],
+        failed: '',
+        success: '',
+      }
+
+      const expected: ScanThreshold = {
+        base: '7.0',
+        temporal: '5.0',
+        baseMatches: [],
+        temporalMatches: [],
+        baseMatchesBelow: [],
+        temporalMatchesBelow: [],
+        total: 0,
+        totalBelow: 0,
+      }
+
+      expect(processThresholds(result)).toEqual(expected)
+    })
+  })
+
+  describe('scanDiff', () => {
+    it('should calculate differences correctly', () => {
+      const prevScan: ScanResult = {
+        vulnerabilities: [
+          {
+            name: 'vuln1',
+            version: '1.0.0',
+            cve: 'CVE-2021-1234',
+            in_kev: false,
+            cvss_base_score: '5.0',
+            cvss_temporal_score: '4.0',
+            fixed_versions: '1.0.1',
+          },
+          {
+            name: 'vuln2',
+            version: '2.0.0',
+            cve: 'CVE-2021-2345',
+            in_kev: false,
+            cvss_base_score: '7.0',
+            cvss_temporal_score: '6.0',
+            fixed_versions: '2.0.1',
+          },
+        ],
+        failed: '',
+        success: '',
+      }
+
+      const currentScan: ScanResult = {
+        vulnerabilities: [
+          {
+            name: 'vuln2',
+            version: '2.0.0',
+            cve: 'CVE-2021-2345',
+            in_kev: false,
+            cvss_base_score: '7.0',
+            cvss_temporal_score: '6.0',
+            fixed_versions: '2.0.1',
+          },
+          {
+            name: 'vuln3',
+            version: '3.0.0',
+            cve: 'CVE-2021-3456',
+            in_kev: false,
+            cvss_base_score: '8.0',
+            cvss_temporal_score: '7.0',
+            fixed_versions: '3.0.1',
+          },
+        ],
+        failed: '',
+        success: '',
+      }
+
+      const expectedDiff = [
+        {
+          cve: 'CVE-2021-1234',
+          added: true,
+        },
+        {
+          cve: 'CVE-2021-3456',
+          removed: true,
+        },
+      ]
+
+      expect(scanDiff(prevScan, currentScan)).toEqual(expectedDiff)
+    })
+  })
+})

__tests__/table.test.ts

@@ -0,0 +1,55 @@
+import { table, rows } from '../src/table'
+import type { ScanResultVuln, ScanResultVulnDiff, TableRow } from '../src/types'
+
+describe('table.ts tests', () => {
+  test('table function should generate a markdown table', () => {
+    const headers = ['Header1', 'Header2']
+    const tableRows: TableRow[] = [
+      {
+        added: false,
+        removed: false,
+        cells: [{ value: 'Cell1' }, { value: 'Cell2' }],
+      },
+    ]
+    const title = 'Test Title'
+
+    const result = table(headers, tableRows, title)
+
+    expect(result).toContain(title)
+    expect(result).toContain(headers.join(' | '))
+    expect(result).toContain(
+      tableRows[0].cells.map(cell => cell.value).join(' | '),
+    )
+  })
+
+  test('rows function should generate table rows', () => {
+    const vulns: ScanResultVuln[] = [
+      {
+        name: 'Test Vuln',
+        version: '1.0.0',
+        cve: 'CVE-2021-1234',
+        in_kev: true,
+        cvss_base_score: '5.0',
+        cvss_temporal_score: '4.0',
+        fixed_versions: '1.0.1',
+      },
+    ]
+    const diff: ScanResultVulnDiff[] = [
+      {
+        cve: 'CVE-2021-1234',
+        added: true,
+        removed: false,
+      },
+    ]
+
+    const result = rows(vulns, diff)
+
+    expect(result).toHaveLength(1)
+    expect(result[0].added).toBe(true)
+    expect(result[0].removed).toBe(false)
+    expect(result[0].cells[0].value).toBe(vulns[0].name)
+    expect(result[0].cells[2].link).toBe(
+      `https://vulncheck.com/browse/cve/${vulns[0].cve}`,
+    )
+  })
+})

action.yml

@@ -1,4 +1,4 @@
-name: 'VulnCheck Actions'
+name: 'VulnCheck Action'
 description: 'Integrate VulnCheck into your GitHub Actions workflow'
 author: 'Kevin Olson <[email protected]>'
 branding: