add Python 3.11 to SAST integration tests + WebGoat for Java

bridgecrewio · Oct 25, 2023 · fd05ae4 · fd05ae4
1 parent 0b9d9cd
commit fd05ae4
Show file tree

Hide file tree

Showing 3 changed files with 9 additions and 14 deletions.
diff --git a/.github/workflows/pr-test.yml b/.github/workflows/pr-test.yml
@@ -146,8 +146,8 @@ jobs:
     strategy:
       fail-fast: true
       matrix:
-        python: [ "3.8" ]
-        os: [ ubuntu-latest, macos-latest]
+        python: ["3.8", "3.11"]
+        os: [ubuntu-latest, macos-latest]
     runs-on: ${{ matrix.os }}
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11  # v3
@@ -170,8 +170,8 @@ jobs:
           bash -c 'pipenv run pip install dist/checkov-*.whl'
       - name: Clone flask - Python repo for SAST
         run: git clone https://github.com/pallets/flask
-      - name: Clone jenkins - Java repo for SAST
-        run: git clone https://github.com/jenkinsci/jenkins
+      - name: Clone WebGoat - Java repo for SAST
+        run: git clone https://github.com/WebGoat/WebGoat
       - name: Clone axios - JavaScript repo for SAST
         run: git clone https://github.com/axios/axios
       - name: Create checkov reports
@@ -192,8 +192,8 @@ jobs:
     strategy:
       fail-fast: true
       matrix:
-        python: [ "3.8" ]
-        os: [ ubuntu-latest, macos-latest]
+        python: ["3.8", "3.11"]
+        os: [ubuntu-latest, macos-latest]
     runs-on: ${{ matrix.os }}
     steps:
       - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11  # v3

diff --git a/sast_integration_tests/prepare_data.sh b/sast_integration_tests/prepare_data.sh
@@ -1,7 +1,5 @@
 #!/bin/bash
 
-pipenv run checkov -s --framework sast_python -d flask --repo-id cli/flask -o json > checkov_report_sast_python.json
-pipenv run checkov -s --framework sast_javascript -d axios --repo-id cli/axios -o json > checkov_report_sast_javascript.json
-
-# todo - find a smaller java repo and enable the java integration test
-# pipenv run checkov -s --framework sast_java -d jenkins --repo-id cli/jenkins -o json > checkov_report_sast_java.json
+pipenv run checkov -s --framework sast_python -d flask --repo-id cli/flask -o json --output-file-path checkov_report_sast_python.json,
+pipenv run checkov -s --framework sast_java -d WebGoat --repo-id cli/webgoat -o json --output-file-path checkov_report_sast_java.json,
+pipenv run checkov -s --framework sast_javascript -d axios --repo-id cli/axios -o json --output-file-path checkov_report_sast_javascript.json,
diff --git a/sast_integration_tests/test_checkov_sast_report.py b/sast_integration_tests/test_checkov_sast_report.py
@@ -1,8 +1,6 @@
 import json
 import os
 
-import pytest
-
 current_dir = os.path.dirname(os.path.realpath(__file__))
 
 
@@ -11,7 +9,6 @@ def test_sast_python() -> None:
     validate_report(os.path.abspath(report_path))
 
 
-@pytest.mark.skip(reason="Need to find a smaller java repo - jenkins is too heavy")
 def test_sast_java() -> None:
     report_path = os.path.join(current_dir, '..', 'checkov_report_sast_java.json')
     validate_report(os.path.abspath(report_path))