up
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Export Center CI / export-ci (push) Has been cancelled
Notify Smoke Test / Notify Unit Tests (push) Has been cancelled
Notify Smoke Test / Notifier Service Tests (push) Has been cancelled
Notify Smoke Test / Notification Smoke Test (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
Signals CI & Image / signals-ci (push) Has been cancelled
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
Some checks failed
Docs CI / lint-and-preview (push) Has been cancelled
AOC Guard CI / aoc-guard (push) Has been cancelled
AOC Guard CI / aoc-verify (push) Has been cancelled
Concelier Attestation Tests / attestation-tests (push) Has been cancelled
Export Center CI / export-ci (push) Has been cancelled
Notify Smoke Test / Notify Unit Tests (push) Has been cancelled
Notify Smoke Test / Notifier Service Tests (push) Has been cancelled
Notify Smoke Test / Notification Smoke Test (push) Has been cancelled
Policy Lint & Smoke / policy-lint (push) Has been cancelled
Scanner Analyzers / Discover Analyzers (push) Has been cancelled
Scanner Analyzers / Build Analyzers (push) Has been cancelled
Scanner Analyzers / Test Language Analyzers (push) Has been cancelled
Scanner Analyzers / Validate Test Fixtures (push) Has been cancelled
Scanner Analyzers / Verify Deterministic Output (push) Has been cancelled
Signals CI & Image / signals-ci (push) Has been cancelled
Signals Reachability Scoring & Events / reachability-smoke (push) Has been cancelled
Signals Reachability Scoring & Events / sign-and-upload (push) Has been cancelled
This commit is contained in:
StellaOps Bot
@@ -1,94 +1,94 @@
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using StellaOps.Concelier.Models;
|
||||
using StellaOps.Concelier.Connector.Ics.Cisa;
|
||||
using StellaOps.Concelier.Connector.Ics.Cisa.Internal;
|
||||
using Xunit;
|
||||
|
||||
namespace StellaOps.Concelier.Connector.Ics.Cisa.Tests.IcsCisa;
|
||||
|
||||
public class IcsCisaConnectorMappingTests
|
||||
{
|
||||
private static readonly DateTimeOffset RecordedAt = new(2025, 10, 14, 12, 0, 0, TimeSpan.Zero);
|
||||
|
||||
[Fact]
|
||||
public void BuildReferences_MergesFeedAndDetailAttachments()
|
||||
{
|
||||
var dto = new IcsCisaAdvisoryDto
|
||||
{
|
||||
AdvisoryId = "ICSA-25-123-01",
|
||||
Title = "Sample Advisory",
|
||||
Link = "https://www.cisa.gov/news-events/ics-advisories/icsa-25-123-01",
|
||||
Summary = "Summary",
|
||||
DescriptionHtml = "<p>Summary</p>",
|
||||
Published = RecordedAt,
|
||||
Updated = RecordedAt,
|
||||
IsMedical = false,
|
||||
References = new[]
|
||||
{
|
||||
"https://example.org/advisory",
|
||||
"https://www.cisa.gov/news-events/ics-advisories/icsa-25-123-01"
|
||||
},
|
||||
Attachments = new List<IcsCisaAttachmentDto>
|
||||
{
|
||||
new() { Title = "PDF Attachment", Url = "https://files.cisa.gov/docs/icsa-25-123-01.pdf" },
|
||||
}
|
||||
};
|
||||
|
||||
var references = IcsCisaConnector.BuildReferences(dto, RecordedAt);
|
||||
|
||||
Assert.Equal(3, references.Count);
|
||||
Assert.Contains(references, reference => reference.Kind == "attachment" && reference.Url == "https://files.cisa.gov/docs/icsa-25-123-01.pdf");
|
||||
Assert.Contains(references, reference => reference.Url == "https://example.org/advisory");
|
||||
Assert.Contains(references, reference => reference.Url == "https://www.cisa.gov/news-events/ics-advisories/icsa-25-123-01");
|
||||
}
|
||||
|
||||
|
||||
[Fact]
|
||||
public void BuildMitigationReferences_ProducesReferences()
|
||||
{
|
||||
var dto = new IcsCisaAdvisoryDto
|
||||
{
|
||||
AdvisoryId = "ICSA-25-999-01",
|
||||
Title = "Mitigation Test",
|
||||
Link = "https://www.cisa.gov/news-events/ics-advisories/icsa-25-999-01",
|
||||
Mitigations = new[] { "Apply firmware 9.9.1", "Limit network access" },
|
||||
Published = RecordedAt,
|
||||
Updated = RecordedAt,
|
||||
IsMedical = false,
|
||||
};
|
||||
|
||||
var references = IcsCisaConnector.BuildMitigationReferences(dto, RecordedAt);
|
||||
|
||||
Assert.Equal(2, references.Count);
|
||||
var first = references.First();
|
||||
Assert.Equal("mitigation", first.Kind);
|
||||
Assert.Equal("icscisa-mitigation", first.SourceTag);
|
||||
Assert.EndsWith("#mitigation-1", first.Url, StringComparison.Ordinal);
|
||||
Assert.Contains("Apply firmware", first.Summary);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
using System;
|
||||
using System.Collections.Generic;
|
||||
using System.Linq;
|
||||
using StellaOps.Concelier.Models;
|
||||
using StellaOps.Concelier.Connector.Ics.Cisa;
|
||||
using StellaOps.Concelier.Connector.Ics.Cisa.Internal;
|
||||
using Xunit;
|
||||
|
||||
namespace StellaOps.Concelier.Connector.Ics.Cisa.Tests.IcsCisa;
|
||||
|
||||
public class IcsCisaConnectorMappingTests
|
||||
{
|
||||
private static readonly DateTimeOffset RecordedAt = new(2025, 10, 14, 12, 0, 0, TimeSpan.Zero);
|
||||
|
||||
[Fact]
|
||||
public void BuildReferences_MergesFeedAndDetailAttachments()
|
||||
{
|
||||
var dto = new IcsCisaAdvisoryDto
|
||||
{
|
||||
AdvisoryId = "ICSA-25-123-01",
|
||||
Title = "Sample Advisory",
|
||||
Link = "https://www.cisa.gov/news-events/ics-advisories/icsa-25-123-01",
|
||||
Summary = "Summary",
|
||||
DescriptionHtml = "<p>Summary</p>",
|
||||
Published = RecordedAt,
|
||||
Updated = RecordedAt,
|
||||
IsMedical = false,
|
||||
References = new[]
|
||||
{
|
||||
"https://example.org/advisory",
|
||||
"https://www.cisa.gov/news-events/ics-advisories/icsa-25-123-01"
|
||||
},
|
||||
Attachments = new List<IcsCisaAttachmentDto>
|
||||
{
|
||||
new() { Title = "PDF Attachment", Url = "https://files.cisa.gov/docs/icsa-25-123-01.pdf" },
|
||||
}
|
||||
};
|
||||
|
||||
var references = IcsCisaConnector.BuildReferences(dto, RecordedAt);
|
||||
|
||||
Assert.Equal(3, references.Count);
|
||||
Assert.Contains(references, reference => reference.Kind == "attachment" && reference.Url == "https://files.cisa.gov/docs/icsa-25-123-01.pdf");
|
||||
Assert.Contains(references, reference => reference.Url == "https://example.org/advisory");
|
||||
Assert.Contains(references, reference => reference.Url == "https://www.cisa.gov/news-events/ics-advisories/icsa-25-123-01");
|
||||
}
|
||||
|
||||
|
||||
[Fact]
|
||||
public void BuildMitigationReferences_ProducesReferences()
|
||||
{
|
||||
var dto = new IcsCisaAdvisoryDto
|
||||
{
|
||||
AdvisoryId = "ICSA-25-999-01",
|
||||
Title = "Mitigation Test",
|
||||
Link = "https://www.cisa.gov/news-events/ics-advisories/icsa-25-999-01",
|
||||
Mitigations = new[] { "Apply firmware 9.9.1", "Limit network access" },
|
||||
Published = RecordedAt,
|
||||
Updated = RecordedAt,
|
||||
IsMedical = false,
|
||||
};
|
||||
|
||||
var references = IcsCisaConnector.BuildMitigationReferences(dto, RecordedAt);
|
||||
|
||||
Assert.Equal(2, references.Count);
|
||||
var first = references.First();
|
||||
Assert.Equal("mitigation", first.Kind);
|
||||
Assert.Equal("icscisa-mitigation", first.SourceTag);
|
||||
Assert.EndsWith("#mitigation-1", first.Url, StringComparison.Ordinal);
|
||||
Assert.Contains("Apply firmware", first.Summary);
|
||||
}
|
||||
|
||||
[Fact]
|
||||
public void BuildAffectedPackages_EmitsProductRangesWithSemVer()
|
||||
{
|
||||
var dto = new IcsCisaAdvisoryDto
|
||||
{
|
||||
AdvisoryId = "ICSA-25-456-02",
|
||||
Title = "Vendor Advisory",
|
||||
Link = "https://www.cisa.gov/news-events/ics-advisories/icsa-25-456-02",
|
||||
DescriptionHtml = "",
|
||||
Summary = null,
|
||||
Published = RecordedAt,
|
||||
Vendors = new[] { "Example Corp" },
|
||||
Products = new[] { "ControlSuite 4.2" }
|
||||
};
|
||||
|
||||
var packages = IcsCisaConnector.BuildAffectedPackages(dto, RecordedAt);
|
||||
|
||||
var productPackage = Assert.Single(packages);
|
||||
Assert.Equal(AffectedPackageTypes.IcsVendor, productPackage.Type);
|
||||
Assert.Equal("ControlSuite", productPackage.Identifier);
|
||||
Title = "Vendor Advisory",
|
||||
Link = "https://www.cisa.gov/news-events/ics-advisories/icsa-25-456-02",
|
||||
DescriptionHtml = "",
|
||||
Summary = null,
|
||||
Published = RecordedAt,
|
||||
Vendors = new[] { "Example Corp" },
|
||||
Products = new[] { "ControlSuite 4.2" }
|
||||
};
|
||||
|
||||
var packages = IcsCisaConnector.BuildAffectedPackages(dto, RecordedAt);
|
||||
|
||||
var productPackage = Assert.Single(packages);
|
||||
Assert.Equal(AffectedPackageTypes.IcsVendor, productPackage.Type);
|
||||
Assert.Equal("ControlSuite", productPackage.Identifier);
|
||||
var range = Assert.Single(productPackage.VersionRanges);
|
||||
Assert.Equal("product", range.RangeKind);
|
||||
Assert.Equal("4.2", range.RangeExpression);
|
||||
|
||||
@@ -1,38 +1,38 @@
|
||||
using System;
|
||||
using System.IO;
|
||||
using System.Linq;
|
||||
using System.Threading.Tasks;
|
||||
using StellaOps.Concelier.Connector.Ics.Cisa.Internal;
|
||||
using Xunit;
|
||||
|
||||
namespace StellaOps.Concelier.Connector.Ics.Cisa.Tests.IcsCisa;
|
||||
|
||||
public class IcsCisaFeedParserTests
|
||||
{
|
||||
[Fact]
|
||||
public void Parse_ReturnsAdvisories()
|
||||
{
|
||||
var parser = new IcsCisaFeedParser();
|
||||
using var stream = File.OpenRead(Path.Combine("IcsCisa", "Fixtures", "sample-feed.xml"));
|
||||
|
||||
var advisories = parser.Parse(stream, isMedicalTopic: false, topicUri: new Uri("https://content.govdelivery.com/accounts/USDHSCISA/topics.rss"));
|
||||
|
||||
Assert.Equal(2, advisories.Count);
|
||||
|
||||
var first = advisories.First();
|
||||
Console.WriteLine("Description:" + first.DescriptionHtml);
|
||||
Console.WriteLine("Attachments:" + string.Join(",", first.Attachments.Select(a => a.Url)));
|
||||
Console.WriteLine("References:" + string.Join(",", first.References));
|
||||
Assert.Equal("ICSA-25-123-01", first.AdvisoryId);
|
||||
Assert.Contains("CVE-2024-12345", first.CveIds);
|
||||
Assert.Contains("Example Corp", first.Vendors);
|
||||
Assert.Contains("ControlSuite 4.2", first.Products);
|
||||
Assert.Contains(first.Attachments, attachment => attachment.Url == "https://example.com/security/icsa-25-123-01.pdf");
|
||||
Assert.Contains(first.References, reference => reference == "https://www.cisa.gov/news-events/ics-advisories/icsa-25-123-01");
|
||||
|
||||
var second = advisories.Last();
|
||||
Assert.True(second.IsMedical);
|
||||
Assert.Contains("CVE-2025-11111", second.CveIds);
|
||||
Assert.Contains("HealthTech", second.Vendors);
|
||||
}
|
||||
}
|
||||
using System;
|
||||
using System.IO;
|
||||
using System.Linq;
|
||||
using System.Threading.Tasks;
|
||||
using StellaOps.Concelier.Connector.Ics.Cisa.Internal;
|
||||
using Xunit;
|
||||
|
||||
namespace StellaOps.Concelier.Connector.Ics.Cisa.Tests.IcsCisa;
|
||||
|
||||
public class IcsCisaFeedParserTests
|
||||
{
|
||||
[Fact]
|
||||
public void Parse_ReturnsAdvisories()
|
||||
{
|
||||
var parser = new IcsCisaFeedParser();
|
||||
using var stream = File.OpenRead(Path.Combine("IcsCisa", "Fixtures", "sample-feed.xml"));
|
||||
|
||||
var advisories = parser.Parse(stream, isMedicalTopic: false, topicUri: new Uri("https://content.govdelivery.com/accounts/USDHSCISA/topics.rss"));
|
||||
|
||||
Assert.Equal(2, advisories.Count);
|
||||
|
||||
var first = advisories.First();
|
||||
Console.WriteLine("Description:" + first.DescriptionHtml);
|
||||
Console.WriteLine("Attachments:" + string.Join(",", first.Attachments.Select(a => a.Url)));
|
||||
Console.WriteLine("References:" + string.Join(",", first.References));
|
||||
Assert.Equal("ICSA-25-123-01", first.AdvisoryId);
|
||||
Assert.Contains("CVE-2024-12345", first.CveIds);
|
||||
Assert.Contains("Example Corp", first.Vendors);
|
||||
Assert.Contains("ControlSuite 4.2", first.Products);
|
||||
Assert.Contains(first.Attachments, attachment => attachment.Url == "https://example.com/security/icsa-25-123-01.pdf");
|
||||
Assert.Contains(first.References, reference => reference == "https://www.cisa.gov/news-events/ics-advisories/icsa-25-123-01");
|
||||
|
||||
var second = advisories.Last();
|
||||
Assert.True(second.IsMedical);
|
||||
Assert.Contains("CVE-2025-11111", second.CveIds);
|
||||
Assert.Contains("HealthTech", second.Vendors);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user