Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(config-api): replacing testing framework to TestNG #10417

Open
wants to merge 66 commits into
base: main
Choose a base branch
from
Open

feat(config-api): replacing testing framework to TestNG #10417

wants to merge 66 commits into from

Conversation

pujavs
Copy link
Contributor

@pujavs pujavs commented Dec 13, 2024

Prepare

Description

9125: Replaced testing framework from Karate to TestNG

Target issue

closes #9125

Implementation Details

Test and Document the changes

  • Static code analysis has been run locally and issues have been fixed
  • Relevant unit and integration tests have been added/updated
  • Relevant documentation has been updated if any (i.e. user guides, installation and configuration guides, technical design docs etc)

Please check the below before submitting your PR. The PR will not be merged if there are no commits that start with docs: to indicate documentation changes or if the below checklist is not selected.

  • I confirm that there is no impact on the docs due to the code changes in this PR.

pujavs added 30 commits November 11, 2024 13:18
@pujavs
feat(config-api): testng framework
f6ce24e 
Signed-off-by: pujavs <[email protected]>
@pujavs
Merge branch 'main' of https://github.com/JanssenProject/jans into ja…
dead71c 
…ns-config-api-testng-9125_new
@pujavs
feat(config-api): testng framework wip
34307e6 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): testng framework wip
7e30b03 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): testng framework wip
ce816df 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): testng framework wip
49e1911 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): testng framework wip
14b5e55 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): testng framework wip
8de4972 
Signed-off-by: pujavs <[email protected]>
@pujavs
Merge branch 'main' of https://github.com/JanssenProject/jans into ja…
85fdb12 
…ns-config-api-testng-9125_new
@pujavs
feat(config-api): testng framework wip
86ffdee 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): testng framework wip
d19b381 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): testng framework
972d7c6 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): testng framework
a52cb1d 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): testng framework
1cdb436 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): testng framework
789106c 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): testng framework
ff9c60b 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): testng framework - wip
510937f 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): testng framework - wip
c336ee9 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): syn with main
5caa2e9 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): testing framework change wip
7403d1c 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): testing framework change wip
940b1f3 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): testmg framework change wip
4ced6c7 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): testmg framework change wip
b47a52f 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): testmg framework change wip
2609fbb 
Signed-off-by: pujavs <[email protected]>
@pujavs
feat(config-api): sync with main
16a41ae 
Signed-off-by: pujavs <[email protected]>
@pujavs
t status
3fa56f2 
:wq!
:wq!
:wqMerge branch 'main' of https://github.com/JanssenProject/jans into jans-config-api-testng-9125_new
@pujavs
feat(config-api): testng framework wip
3fed3dc 
Signed-off-by: pujavs <[email protected]>
@pujavs
Merge branch 'main' of https://github.com/JanssenProject/jans into ja…
ed3dc49 
…ns-config-api-testng-9125_new
@pujavs
feat(config-api): testng framework wip
9cf7758 
Signed-off-by: pujavs <[email protected]>
@pujavs
Merge branch 'main' of https://github.com/JanssenProject/jans into ja…
d21c77b 
…ns-config-api-testng-9125_new
@pujavs pujavs requested a review from yurem as a code owner December 13, 2024 12:40
@dryrunsecurity DryRunSecurity
Copy link

dryrunsecurity bot commented Dec 13, 2024
edited
Loading

DryRun Security Summary

The pull request focuses on updating the testing infrastructure for the Jans Config API project by replacing the Karate testing framework with TestNG, adding new test cases for various functionalities, and improving build and deployment configurations.

Expand for full summary

Summary:

The code changes in this pull request span across multiple files and modules of the Jans Config API project, with a focus on updating the testing infrastructure and configuration. The key changes include:

  1. Removal of Karate testing framework and adoption of TestNG as the new testing framework for the admin-ui-plugin and fido2-plugin modules.
  2. Addition of new test cases and test suites for various functionalities, such as OAuth2, audit logging, license management, and FIDO2 configuration.
  3. Updates to the test configuration files, including the expansion of OAuth2 scopes, addition of test environment settings, and inclusion of custom test listeners.
  4. Modifications to the build and deployment configuration, such as the addition of Swagger documentation generation and the distribution of the plugin JAR file.

From an application security perspective, the changes do not appear to introduce any immediate security vulnerabilities. However, it is important to review the actual implementation of the tested functionalities, as well as the test cases themselves, to ensure that proper security measures are in place, such as input validation, secure authentication and authorization, and proper handling of sensitive data.

Additionally, the expansion of the OAuth2 scopes and the inclusion of custom test listeners should be closely examined to ensure that they do not inadvertently expose sensitive configuration settings or introduce potential privilege escalation vulnerabilities.

Overall, the changes seem to be focused on improving the testing and deployment infrastructure of the Jans Config API project, which is a positive step towards ensuring the security and reliability of the application.

Files Changed:

  1. jans-config-api/common/pom.xml: Removed the configuration for the maven-surefire-plugin to ensure that all tests are run during the build process.
  2. jans-config-api/.gitignore: Added the test-output/ directory to the .gitignore file to exclude test-related artifacts from the Git repository.
  3. jans-config-api/plugins/admin-ui-plugin/src/test/java/io/jans/ca/plugin/adminui/AdminUIBaseTest.java: Added a new test class that extends the BaseTest class and implements the getAccessToken() method to obtain an access token for the tests.
  4. jans-config-api/plugins/admin-ui-plugin/pom.xml: Updated the dependency management and build configuration, including the addition of the swagger-maven-plugin-jakarta for generating Swagger documentation.
  5. jans-config-api/plugins/admin-ui-plugin/src/test/java/io/jans/ca/plugin/adminui/test/LicenseResourceTest.java: Added a new test case for the LicenseResource endpoint.
  6. jans-config-api/plugins/admin-ui-plugin/src/test/java/io/jans/ca/plugin/adminui/test/AuditLoggingResourceTest.java: Added a new test case for the audit logging functionality.
  7. jans-config-api/plugins/admin-ui-plugin/src/test/java/io/jans/ca/plugin/adminui/test/OAuth2ResourceTest.java: Added new test cases for the OAuth2 functionality.
  8. jans-config-api/plugins/admin-ui-plugin/src/test/resources/json/auth/license.feature: Added a new Cucumber feature test for the 'checkLicense' GET endpoint.
  9. jans-config-api/plugins/admin-ui-plugin/src/test/resources/json/auth/auditLogging.feature: Added a new Cucumber feature test for the 'auditLogging' POST endpoint.
  10. jans-config-api/plugins/admin-ui-plugin/src/test/resources/json/logging/logging-post.json: Added a new JSON file for testing the logging functionality.
  11. jans-config-api/plugins/admin-ui-plugin/src/test/resources/json/auth/oauth2.feature: Added new Karate test scenarios for the OAuth2 functionality.
  12. jans-config-api/plugins/admin-ui-plugin/src/test/resources/testng.xml: Added a new TestNG suite for the Config API, including test cases for OAuth2, Logging, and License.
  13. jans-config-api/plugins/fido2-plugin/pom.xml: Removed Karate testing dependencies

Code Analysis

We ran 9 analyzers against 30 files and 1 analyzer had findings. 8 analyzers had no findings.

Analyzer Findings
Sensitive Files Analyzer 3 findings

View PR in the DryRun Dashboard.

@mo-auto mo-auto added comp-agama Touching folder /agama comp-docs Touching folder /docs comp-jans-config-api Component affected by issue or PR kind-feature Issue or PR is a new feature request labels Dec 13, 2024
@pujavs
Copy link
Contributor Author

pujavs commented Dec 13, 2024

I am fixing Sonar reported issues

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Failed Quality Gate failed for 'jans-config-api-parent'

Failed conditions
1 Security Hotspot
111 New Code Smells (required ≤ 8)
1 New Bugs (required ≤ 0)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

pujavs and others added 8 commits December 13, 2024 22:11
@pujavs
feat(config-api): testNG framework changes
9195125 
Signed-off-by: pujavs <[email protected]>
@yurem
feat(jans-config-api): update surefire plugin
4a2913c 
Signed-off-by: Yuriy Movchan <[email protected]>
@yurem
feat(jans-config-api): update surefire plugin
39955b1 
Signed-off-by: Yuriy Movchan <[email protected]>
@yurem
feat(jans-config-api): remote test data
e24e5bd 
Signed-off-by: Yuriy Movchan <[email protected]>
@yurem
Merge branch 'jans-config-api-testng-9125_new' of https://github.com/…
301c626 
…JanssenProject/jans into jans-config-api-testng-9125_new
@yurem
feat(jans-config-api): udpate exclude
03209f5 
Signed-off-by: Yuriy Movchan <[email protected]>
@pujavs
Merge branch 'main' of https://github.com/JanssenProject/jans into ja…
14556f9 
…ns-config-api-testng-9125_new
@pujavs
Merge branch 'jans-config-api-testng-9125_new' of https://github.com/…
9578236 
…JanssenProject/jans into jans-config-api-testng-9125_new
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'agama parent'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'jans-linux-setup'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'Jans-Keycloak-Link'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed for 'SCIM API'

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

yuriyz
yuriyz previously approved these changes Dec 17, 2024
View reviewed changes
@yuriyz yuriyz enabled auto-merge (squash) December 17, 2024 09:56
yuriyzz
yuriyzz previously approved these changes Dec 17, 2024
View reviewed changes
@pujavs pujavs dismissed stale reviews from yuriyzz and yuriyz via 7d95b3a December 17, 2024 16:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@yuriyzz yuriyzz yuriyzz left review comments

@yuriyz yuriyz yuriyz left review comments

@yurem yurem Awaiting requested review from yurem yurem is a code owner

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
comp-agama Touching folder /agama comp-docs Touching folder /docs comp-jans-config-api Component affected by issue or PR kind-feature Issue or PR is a new feature request
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

feat(config-api): replace testing framework
5 participants
@pujavs @yuriyz @yuriyzz @mo-auto @yurem