Refactor and update test projects, remove obsolete tests, and upgrade dependencies
- Deleted obsolete test files for SchedulerAuditService and SchedulerMongoSessionFactory. - Removed unused TestDataFactory class. - Updated project files for Mongo.Tests to remove references to deleted files. - Upgraded BouncyCastle.Cryptography package to version 2.6.2 across multiple projects. - Replaced Microsoft.Extensions.Http.Polly with Microsoft.Extensions.Http.Resilience in Zastava.Webhook project. - Updated NetEscapades.Configuration.Yaml package to version 3.1.0 in Configuration library. - Upgraded Pkcs11Interop package to version 5.1.2 in Cryptography libraries. - Refactored Argon2idPasswordHasher to use BouncyCastle for hashing instead of Konscious. - Updated JsonSchema.Net package to version 7.3.2 in Microservice project. - Updated global.json to use .NET SDK version 10.0.101.
This commit is contained in:
master
@@ -5,6 +5,7 @@ using Microsoft.AspNetCore.Mvc.Testing;
|
||||
using Microsoft.Extensions.Configuration;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.Extensions.DependencyInjection.Extensions;
|
||||
using StellaOps.Excititor.Core.Storage;
|
||||
using StellaOps.Excititor.WebService.Contracts;
|
||||
using StellaOps.Excititor.WebService.Services;
|
||||
using Xunit;
|
||||
|
||||
@@ -8,6 +8,7 @@ using System.Threading.Tasks;
|
||||
using Microsoft.Extensions.Configuration;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.Extensions.DependencyInjection.Extensions;
|
||||
using StellaOps.Excititor.Core.Storage;
|
||||
using StellaOps.Excititor.WebService.Contracts;
|
||||
using StellaOps.Excititor.WebService.Options;
|
||||
using Xunit;
|
||||
|
||||
@@ -0,0 +1,44 @@
|
||||
using Microsoft.Extensions.Caching.Memory;
|
||||
using Microsoft.Extensions.Options;
|
||||
using StellaOps.Excititor.WebService.Contracts;
|
||||
using StellaOps.Excititor.WebService.Options;
|
||||
using StellaOps.Excititor.WebService.Services;
|
||||
using Xunit;
|
||||
|
||||
namespace StellaOps.Excititor.WebService.Tests;
|
||||
|
||||
public sealed class GraphOverlayCacheTests
|
||||
{
|
||||
[Fact]
|
||||
public async Task SaveAndGet_RoundTripsOverlay()
|
||||
{
|
||||
var memoryCache = new MemoryCache(new MemoryCacheOptions());
|
||||
var options = Options.Create(new GraphOptions { OverlayTtlSeconds = 300 });
|
||||
var cache = new GraphOverlayCacheStore(memoryCache, options, TimeProvider.System);
|
||||
|
||||
var overlays = new[]
|
||||
{
|
||||
new GraphOverlayItem(
|
||||
SchemaVersion: "1.0.0",
|
||||
GeneratedAt: DateTimeOffset.UtcNow,
|
||||
Tenant: "tenant-a",
|
||||
Purl: "pkg:npm/example@1.0.0",
|
||||
AdvisoryId: "ADV-1",
|
||||
Source: "provider",
|
||||
Status: "not_affected",
|
||||
Summary: new GraphOverlaySummary(0, 1, 0, 0),
|
||||
Justifications: Array.Empty<GraphOverlayJustification>(),
|
||||
Conflicts: Array.Empty<GraphOverlayConflict>(),
|
||||
Observations: Array.Empty<GraphOverlayObservation>(),
|
||||
Provenance: new GraphOverlayProvenance("tenant-a", new[] { "provider" }, new[] { "CVE-1" }, new[] { "pkg:npm/example@1.0.0" }, Array.Empty<string>(), Array.Empty<string>()),
|
||||
Cache: null)
|
||||
};
|
||||
|
||||
await cache.SaveAsync("tenant-a", includeJustifications: false, overlays.Select(o => o.Purl).ToArray(), overlays, DateTimeOffset.UtcNow, CancellationToken.None);
|
||||
|
||||
var hit = await cache.TryGetAsync("tenant-a", includeJustifications: false, overlays.Select(o => o.Purl).ToArray(), CancellationToken.None);
|
||||
Assert.NotNull(hit);
|
||||
Assert.Equal(overlays, hit!.Items);
|
||||
Assert.True(hit.AgeMilliseconds >= 0);
|
||||
}
|
||||
}
|
||||
@@ -11,7 +11,7 @@ namespace StellaOps.Excititor.WebService.Tests;
|
||||
public sealed class GraphOverlayFactoryTests
|
||||
{
|
||||
[Fact]
|
||||
public void Build_ComputesSummariesAndProvenancePerPurl()
|
||||
public void Build_EmitsOverlayPerStatementWithProvenance()
|
||||
{
|
||||
var now = DateTimeOffset.UtcNow;
|
||||
var observations = new[]
|
||||
@@ -55,20 +55,27 @@ public sealed class GraphOverlayFactoryTests
|
||||
};
|
||||
|
||||
var overlays = GraphOverlayFactory.Build(
|
||||
tenant: "tenant-a",
|
||||
generatedAt: now,
|
||||
orderedPurls: new[] { "pkg:rpm/redhat/openssl@1.1.1" },
|
||||
observations: observations,
|
||||
includeJustifications: true);
|
||||
|
||||
var overlay = Assert.Single(overlays);
|
||||
Assert.Equal("pkg:rpm/redhat/openssl@1.1.1", overlay.Purl);
|
||||
Assert.Equal(0, overlay.Summary.Open);
|
||||
Assert.Equal(1, overlay.Summary.NotAffected);
|
||||
Assert.Equal(1, overlay.Summary.UnderInvestigation);
|
||||
Assert.Equal(1, overlay.Summary.NoStatement);
|
||||
Assert.Equal(now, overlay.LatestModifiedAt);
|
||||
Assert.Equal(new[] { "ComponentNotPresent" }, overlay.Justifications);
|
||||
Assert.Equal("hash-new", overlay.Provenance.LastEvidenceHash);
|
||||
Assert.Equal(new[] { "oracle", "redhat", "ubuntu" }, overlay.Provenance.Sources);
|
||||
Assert.Equal(2, overlays.Count);
|
||||
|
||||
var notAffected = Assert.Single(overlays.Where(o => o.Status == "not_affected"));
|
||||
Assert.Equal("pkg:rpm/redhat/openssl@1.1.1", notAffected.Purl);
|
||||
Assert.Equal("CVE-2025-1000", notAffected.AdvisoryId);
|
||||
Assert.Equal("redhat", notAffected.Source);
|
||||
Assert.Single(notAffected.Justifications);
|
||||
Assert.Contains(notAffected.Observations, o => o.ContentHash == "hash-old");
|
||||
Assert.Contains("hash-old", notAffected.Provenance.ObservationHashes);
|
||||
|
||||
var underInvestigation = Assert.Single(overlays.Where(o => o.Status == "under_investigation"));
|
||||
Assert.Equal("CVE-2025-1001", underInvestigation.AdvisoryId);
|
||||
Assert.Equal("ubuntu", underInvestigation.Source);
|
||||
Assert.Empty(underInvestigation.Justifications);
|
||||
Assert.Contains("hash-new", underInvestigation.Provenance.ObservationHashes);
|
||||
}
|
||||
|
||||
private static VexObservation CreateObservation(
|
||||
|
||||
@@ -0,0 +1,51 @@
|
||||
using StellaOps.Excititor.WebService.Contracts;
|
||||
using StellaOps.Excititor.WebService.Services;
|
||||
using Xunit;
|
||||
|
||||
namespace StellaOps.Excititor.WebService.Tests;
|
||||
|
||||
public sealed class GraphOverlayStoreTests
|
||||
{
|
||||
[Fact]
|
||||
public async Task SaveAndFindByPurls_ReturnsLatestPerSourceAdvisory()
|
||||
{
|
||||
var store = new InMemoryGraphOverlayStore();
|
||||
var overlays = new[]
|
||||
{
|
||||
new GraphOverlayItem(
|
||||
SchemaVersion: "1.0.0",
|
||||
GeneratedAt: DateTimeOffset.UtcNow.AddMinutes(-1),
|
||||
Tenant: "tenant-a",
|
||||
Purl: "pkg:npm/example@1.0.0",
|
||||
AdvisoryId: "ADV-1",
|
||||
Source: "provider-a",
|
||||
Status: "not_affected",
|
||||
Summary: new GraphOverlaySummary(0, 1, 0, 0),
|
||||
Justifications: Array.Empty<GraphOverlayJustification>(),
|
||||
Conflicts: Array.Empty<GraphOverlayConflict>(),
|
||||
Observations: Array.Empty<GraphOverlayObservation>(),
|
||||
Provenance: new GraphOverlayProvenance("tenant-a", new[] { "provider-a" }, new[] { "ADV-1" }, new[] { "pkg:npm/example@1.0.0" }, Array.Empty<string>(), Array.Empty<string>()),
|
||||
Cache: null),
|
||||
new GraphOverlayItem(
|
||||
SchemaVersion: "1.0.0",
|
||||
GeneratedAt: DateTimeOffset.UtcNow,
|
||||
Tenant: "tenant-a",
|
||||
Purl: "pkg:npm/example@1.0.0",
|
||||
AdvisoryId: "ADV-1",
|
||||
Source: "provider-a",
|
||||
Status: "under_investigation",
|
||||
Summary: new GraphOverlaySummary(0, 0, 1, 0),
|
||||
Justifications: Array.Empty<GraphOverlayJustification>(),
|
||||
Conflicts: Array.Empty<GraphOverlayConflict>(),
|
||||
Observations: Array.Empty<GraphOverlayObservation>(),
|
||||
Provenance: new GraphOverlayProvenance("tenant-a", new[] { "provider-a" }, new[] { "ADV-1" }, new[] { "pkg:npm/example@1.0.0" }, Array.Empty<string>(), Array.Empty<string>()),
|
||||
Cache: null)
|
||||
};
|
||||
|
||||
await store.SaveAsync("tenant-a", overlays, CancellationToken.None);
|
||||
var results = await store.FindByPurlsAsync("tenant-a", new[] { "pkg:npm/example@1.0.0" }, CancellationToken.None);
|
||||
|
||||
var single = Assert.Single(results);
|
||||
Assert.Equal("under_investigation", single.Status);
|
||||
}
|
||||
}
|
||||
@@ -10,7 +10,7 @@ namespace StellaOps.Excititor.WebService.Tests;
|
||||
public sealed class GraphStatusFactoryTests
|
||||
{
|
||||
[Fact]
|
||||
public void Build_ProjectsOverlaySummariesAndProvenance()
|
||||
public void Build_ProjectsStatusCountsPerPurl()
|
||||
{
|
||||
var now = DateTimeOffset.UtcNow;
|
||||
var observations = new[]
|
||||
@@ -39,6 +39,8 @@ public sealed class GraphStatusFactoryTests
|
||||
};
|
||||
|
||||
var items = GraphStatusFactory.Build(
|
||||
tenant: "tenant-a",
|
||||
generatedAt: now,
|
||||
orderedPurls: new[] { "pkg:rpm/redhat/openssl@1.1.1" },
|
||||
observations: observations);
|
||||
|
||||
@@ -47,10 +49,10 @@ public sealed class GraphStatusFactoryTests
|
||||
Assert.Equal(0, item.Summary.Open);
|
||||
Assert.Equal(1, item.Summary.NotAffected);
|
||||
Assert.Equal(0, item.Summary.UnderInvestigation);
|
||||
Assert.Equal(1, item.Summary.NoStatement);
|
||||
Assert.Equal(0, item.Summary.NoStatement);
|
||||
Assert.Equal(now, item.LatestModifiedAt);
|
||||
Assert.Equal("hash-new", item.LastEvidenceHash);
|
||||
Assert.Equal(new[] { "oracle", "ubuntu" }, item.Sources);
|
||||
Assert.Equal(new[] { "ubuntu" }, item.Sources);
|
||||
}
|
||||
|
||||
private static VexObservation CreateObservation(
|
||||
|
||||
@@ -2,6 +2,7 @@ using System.Net.Http.Json;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.Extensions.DependencyInjection.Extensions;
|
||||
using StellaOps.Excititor.Core;
|
||||
using StellaOps.Excititor.Core.Storage;
|
||||
using StellaOps.Excititor.WebService.Contracts;
|
||||
|
||||
namespace StellaOps.Excititor.WebService.Tests;
|
||||
|
||||
Reference in New Issue
Block a user