Skip to content

Commit

Permalink
Merge pull request #127 from snyk/develop
Browse files Browse the repository at this point in the history 
Merge develop into master for release
  • Loading branch information
@maxjeffos
maxjeffos authored Aug 5, 2021
2 parents f9ae783 + 31a7806 commit 2687514
Show file tree
Hide file tree
Showing 6 changed files with 67 additions and 157 deletions.
35 changes: 17 additions & 18 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,22 +19,21 @@ This extension requires that Node.js and npm be installed on the build agent. Th

## Task Parameters

| Parameter | Description | Required | Default | Type |
| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- | --------------- | --------------------------------------------------------------------------------- |
| serviceConnectionEndpoint | The Azure DevOps service connection endpoint where your Snyk API token is defined. Define this within your Azure DevOps project settings / S | no | none | String / Azure Service Connection Endpoint of type SnykAuth / Snyk Authentication |
| testType | Used by the task UI only | no | "application" | string: "app" or "container" |
| dockerImageName | The name of the container image to test. | yes, if container image test | none | string |
| dockerfilePath | The path to the Dockerfile corresponding to the `dockerImageName` | yes, if container image test | none | string |
| targetFile | Applicable to application type tests ony. The path to the manifest file to be used by Snyk. Should only be provided if non-standard. | no | none | string |
| severityThreshold | The severity-threshold to use when testing. By default, issues of all severity types will be found. | no | "low" | string: "low" or "medium" or "high" or "critical" |
| monitorOnBuild | Whether or not to capture the dependencies of the application / container image and monitor them within Snyk. | yes | true | boolean |
| monitorWhen | When to run `snyk monitor`. Valid options are `never`, `noIssuesFound` (default), and `always`. If set, this option overrides the value of `monitorOnBuild`. | no | 'noIssuesFound' | boolean |
| failOnIssues | This specifies if builds should be failed or continued based on issues found by Snyk. | yes | true | boolean |
| projectName | A custom name for the Snyk project to be created on snyk.io | no | none | string |
| organization | Name of the Snyk organisation name, under which this project should be tested and monitored | no | none | string |
| testDirectory | Alternate working directory. For example, if you want to test a manifest file in a directory other than the root of your repo, you would put in relative path to that directory. | no | none | string |
| ignoreUnknownCA | Use to ignore unknown or self-signed certificates. This might be useful in for self-hosted build agents with unusual network configurations or for Snyk on-prem installs configured with a self-signed certificate. | no | false | boolean |
| additionalArguments | Additional Snyk CLI arguments to be passed in. Refer to the Snyk CLI help page for information on additional arguments. | no | none | string |
| Parameter | Description | Required | Default | Type |
| ------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ---------------------------- | ------------- | --------------------------------------------------------------------------------- |
| serviceConnectionEndpoint | The Azure DevOps service connection endpoint where your Snyk API token is defined. Define this within your Azure DevOps project settings / S | no | none | String / Azure Service Connection Endpoint of type SnykAuth / Snyk Authentication |
| testType | Used by the task UI only | no | "application" | string: "app" or "container" |
| dockerImageName | The name of the container image to test. | yes, if container image test | none | string |
| dockerfilePath | The path to the Dockerfile corresponding to the `dockerImageName` | yes, if container image test | none | string |
| targetFile | Applicable to application type tests ony. The path to the manifest file to be used by Snyk. Should only be provided if non-standard. | no | none | string |
| severityThreshold | The severity-threshold to use when testing. By default, issues of all severity types will be found. | no | "low" | string: "low" or "medium" or "high" or "critical" |
| monitorWhen | When to run `snyk monitor`. Valid options are `always` (default), `noIssuesFound`, and `never`. If set, this option overrides the value of `monitorOnBuild`. | no | "always" | boolean |
| failOnIssues | This specifies if builds should be failed or continued based on issues found by Snyk. | yes | true | boolean |
| projectName | A custom name for the Snyk project to be created on snyk.io | no | none | string |
| organization | Name of the Snyk organisation name, under which this project should be tested and monitored | no | none | string |
| testDirectory | Alternate working directory. For example, if you want to test a manifest file in a directory other than the root of your repo, you would put in relative path to that directory. | no | none | string |
| ignoreUnknownCA | Use to ignore unknown or self-signed certificates. This might be useful in for self-hosted build agents with unusual network configurations or for Snyk on-prem installs configured with a self-signed certificate. | no | false | boolean |
| additionalArguments | Additional Snyk CLI arguments to be passed in. Refer to the Snyk CLI help page for information on additional arguments. | no | none | string |

## Usage Examples

Expand All @@ -45,7 +44,7 @@ This extension requires that Node.js and npm be installed on the build agent. Th
inputs:
serviceConnectionEndpoint: 'mySnykToken'
testType: 'app'
monitorOnBuild: true
monitorWhen: 'always'
failOnIssues: true
```

Expand All @@ -58,7 +57,7 @@ This extension requires that Node.js and npm be installed on the build agent. Th
testType: 'container'
dockerImageName: 'my-container-image-name'
dockerfilePath: 'Dockerfile'
monitorOnBuild: true
monitorWhen: 'always'
failOnIssues: true
```

Expand Down
3 changes: 0 additions & 3 deletions snykTask/src/__tests__/task-lib.test.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,6 @@ afterAll(() => {

test('getOptionsToExecuteSnyk builds IExecOptions like we need it', () => {
const taskArgs: TaskArgs = new TaskArgs({
monitorOnBuild: true,
failOnIssues: true,
});
taskArgs.testDirectory = '/some/path';
Expand All @@ -51,7 +50,6 @@ test('getOptionsToExecuteSnykCLICommand builds IExecOptions like we need it', ()
const version = '1.2.3';

const taskArgs: TaskArgs = new TaskArgs({
monitorOnBuild: true,
failOnIssues: true,
});
taskArgs.testDirectory = '/some/path';
Expand All @@ -74,7 +72,6 @@ test('getOptionsToExecuteSnykCLICommand builds IExecOptions like we need it', ()
describe('getOptionsForSnykToHtml', () => {
it('builds IExecOptions for running snyk-to-html', async () => {
const taskArgs: TaskArgs = new TaskArgs({
monitorOnBuild: true,
failOnIssues: true,
});
taskArgs.testDirectory = '/some/path';
Expand Down
141 changes: 31 additions & 110 deletions snykTask/src/__tests__/test-task-args.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,7 +7,6 @@ import { TaskArgs } from '../task-args';

function defaultTaskArgs(): TaskArgs {
return new TaskArgs({
monitorOnBuild: true,
failOnIssues: true,
});
}
Expand Down Expand Up @@ -83,13 +82,13 @@ describe('TaskArgs.setMonitorWhen', () => {

it('defaults to `noIssuesFound` when undefined, empty string, or invalid value', () => {
args.setMonitorWhen(undefined);
expect(args.monitorWhen).toBeUndefined();
expect(args.monitorWhen).toBe('always');

args.setMonitorWhen('');
expect(args.monitorWhen).toBeUndefined();
expect(args.monitorWhen).toBe('always');

args.setMonitorWhen('invalid-option');
expect(args.monitorWhen).toBeUndefined();
expect(args.monitorWhen).toBe('always');
});

it('works for valid inputs', () => {
Expand All @@ -107,12 +106,8 @@ describe('TaskArgs.setMonitorWhen', () => {
const SNYK_TEST_SUCCESS_TRUE = true;
const SNYK_TEST_SUCCESS_FALSE = false;

function argsFrom(params: {
monitorOnBuild: boolean;
monitorWhen?: string;
}): TaskArgs {
function argsFrom(params: { monitorWhen: string }): TaskArgs {
const args = new TaskArgs({
monitorOnBuild: params.monitorOnBuild,
failOnIssues: true,
});
if (params.monitorWhen) {
Expand All @@ -122,113 +117,39 @@ function argsFrom(params: {
}

describe('TaskArgs.shouldRunMonitor', () => {
describe('when `monitorWhen` is not set', () => {
describe('and `monitorOnBuild` is false', () => {
const args = argsFrom({
monitorOnBuild: false,
});
it('return false when snykTestSuccess is false', () => {
expect(args.shouldRunMonitor(false)).toBe(false);
});
it('return false when snykTestSuccess is true', () => {
expect(args.shouldRunMonitor(true)).toBe(false);
});
describe('when `monitorWhen` is `always`', () => {
const args = argsFrom({
monitorWhen: 'always',
});

describe('and `monitorOnBuild` is true', () => {
const args = argsFrom({
monitorOnBuild: true,
});
it('return false when snykTestSuccess is false', () => {
expect(args.shouldRunMonitor(false)).toBe(false);
});
it('return true when snykTestSuccess is true', () => {
expect(args.shouldRunMonitor(true)).toBe(true);
});
it('returns true when snykTestSuccess is false', () => {
expect(args.shouldRunMonitor(SNYK_TEST_SUCCESS_FALSE)).toBe(true);
});
it('returns true when snykTestSuccess is true', () => {
expect(args.shouldRunMonitor(SNYK_TEST_SUCCESS_TRUE)).toBe(true);
});
});

describe('when `monitorWhen` is set', () => {
describe('and `monitorOnBuild` is false', () => {
describe('and `monitorWhen` is `always`', () => {
const args = argsFrom({
monitorOnBuild: false,
monitorWhen: 'always',
});
it('returns true when snykTestSuccess is false', () => {
expect(args.shouldRunMonitor(SNYK_TEST_SUCCESS_FALSE)).toBe(true);
});
it('returns true when snykTestSuccess is true', () => {
expect(args.shouldRunMonitor(SNYK_TEST_SUCCESS_TRUE)).toBe(true);
});
});

describe('and `monitorWhen` is `never`', () => {
const args = argsFrom({
monitorOnBuild: false,
monitorWhen: 'never',
});
it('returns false when snykTestSuccess is false', () => {
expect(args.shouldRunMonitor(SNYK_TEST_SUCCESS_FALSE)).toBe(false);
});
it('returns false when snykTestSuccess is true', () => {
expect(args.shouldRunMonitor(SNYK_TEST_SUCCESS_TRUE)).toBe(false);
});
});

describe('and `monitorWhen` is `noIssuesFound`', () => {
const args = argsFrom({
monitorOnBuild: false,
monitorWhen: 'noIssuesFound',
});
it('returns false when snykTestSuccess is false', () => {
expect(args.shouldRunMonitor(SNYK_TEST_SUCCESS_FALSE)).toBe(false);
});
it('returns true when snykTestSuccess is true', () => {
expect(args.shouldRunMonitor(SNYK_TEST_SUCCESS_TRUE)).toBe(true);
});
});
describe('and `monitorWhen` is `never`', () => {
const args = argsFrom({
monitorWhen: 'never',
});
it('returns false when snykTestSuccess is false', () => {
expect(args.shouldRunMonitor(SNYK_TEST_SUCCESS_FALSE)).toBe(false);
});
it('returns false when snykTestSuccess is true', () => {
expect(args.shouldRunMonitor(SNYK_TEST_SUCCESS_TRUE)).toBe(false);
});
});

describe('and `monitorOnBuild` is true', () => {
describe('and `monitorWhen` is `always`', () => {
const args = argsFrom({
monitorOnBuild: true,
monitorWhen: 'always',
});
it('returns true when snykTestSuccess is false', () => {
expect(args.shouldRunMonitor(SNYK_TEST_SUCCESS_FALSE)).toBe(true);
});
it('returns true when snykTestSuccess is true', () => {
expect(args.shouldRunMonitor(SNYK_TEST_SUCCESS_TRUE)).toBe(true);
});
});

describe('and `monitorWhen` is `never`', () => {
const args = argsFrom({
monitorOnBuild: true,
monitorWhen: 'never',
});
it('returns false when snykTestSuccess is false', () => {
expect(args.shouldRunMonitor(SNYK_TEST_SUCCESS_FALSE)).toBe(false);
});
it('returns false when snykTestSuccess is true', () => {
expect(args.shouldRunMonitor(SNYK_TEST_SUCCESS_TRUE)).toBe(false);
});
});

describe('and `monitorWhen` is `noIssuesFound`', () => {
const args = argsFrom({
monitorOnBuild: true,
monitorWhen: 'noIssuesFound',
});
it('returns false when snykTestSuccess is false', () => {
expect(args.shouldRunMonitor(SNYK_TEST_SUCCESS_FALSE)).toBe(false);
});
it('returns true when snykTestSuccess is true', () => {
expect(args.shouldRunMonitor(SNYK_TEST_SUCCESS_TRUE)).toBe(true);
});
});
describe('and `monitorWhen` is `noIssuesFound`', () => {
const args = argsFrom({
monitorWhen: 'noIssuesFound',
});
it('returns false when snykTestSuccess is false', () => {
expect(args.shouldRunMonitor(SNYK_TEST_SUCCESS_FALSE)).toBe(false);
});
it('returns true when snykTestSuccess is true', () => {
expect(args.shouldRunMonitor(SNYK_TEST_SUCCESS_TRUE)).toBe(true);
});
});
});
Loading

0 comments on commit 2687514

Please sign in to comment.