Spaces:

harvesthealth
/

github-mcp-server

Build error

github-mcp-server / pkg /github /secret_scanning_test.go

Gemini

Initial commit

fce10de 3 months ago

7.95 kB

	package github

	import (
	"context"
	"encoding/json"
	"net/http"
	"testing"

	"github.com/github/github-mcp-server/pkg/translations"
	"github.com/google/go-github/v74/github"
	"github.com/migueleliasweb/go-github-mock/src/mock"
	"github.com/stretchr/testify/assert"
	"github.com/stretchr/testify/require"
	)

	func Test_GetSecretScanningAlert(t *testing.T) {
	mockClient := github.NewClient(nil)
	tool, _ := GetSecretScanningAlert(stubGetClientFn(mockClient), translations.NullTranslationHelper)

	assert.Equal(t, "get_secret_scanning_alert", tool.Name)
	assert.NotEmpty(t, tool.Description)
	assert.Contains(t, tool.InputSchema.Properties, "owner")
	assert.Contains(t, tool.InputSchema.Properties, "repo")
	assert.Contains(t, tool.InputSchema.Properties, "alertNumber")
	assert.ElementsMatch(t, tool.InputSchema.Required, []string{"owner", "repo", "alertNumber"})

	// Setup mock alert for success case
	mockAlert := &github.SecretScanningAlert{
	Number: github.Ptr(42),
	State: github.Ptr("open"),
	HTMLURL: github.Ptr("https://github.com/owner/private-repo/security/secret-scanning/42"),
	}

	tests := []struct {
	name string
	mockedClient *http.Client
	requestArgs map[string]interface{}
	expectError bool
	expectedAlert *github.SecretScanningAlert
	expectedErrMsg string
	}{
	{
	name: "successful alert fetch",
	mockedClient: mock.NewMockedHTTPClient(
	mock.WithRequestMatch(
	mock.GetReposSecretScanningAlertsByOwnerByRepoByAlertNumber,
	mockAlert,
	),
	),
	requestArgs: map[string]interface{}{
	"owner": "owner",
	"repo": "repo",
	"alertNumber": float64(42),
	},
	expectError: false,
	expectedAlert: mockAlert,
	},
	{
	name: "alert fetch fails",
	mockedClient: mock.NewMockedHTTPClient(
	mock.WithRequestMatchHandler(
	mock.GetReposSecretScanningAlertsByOwnerByRepoByAlertNumber,
	http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
	w.WriteHeader(http.StatusNotFound)
	_, _ = w.Write([]byte(`{"message": "Not Found"}`))
	}),
	),
	),
	requestArgs: map[string]interface{}{
	"owner": "owner",
	"repo": "repo",
	"alertNumber": float64(9999),
	},
	expectError: true,
	expectedErrMsg: "failed to get alert",
	},
	}

	for _, tc := range tests {
	t.Run(tc.name, func(t *testing.T) {
	// Setup client with mock
	client := github.NewClient(tc.mockedClient)
	_, handler := GetSecretScanningAlert(stubGetClientFn(client), translations.NullTranslationHelper)

	// Create call request
	request := createMCPRequest(tc.requestArgs)

	// Call handler
	result, err := handler(context.Background(), request)

	// Verify results
	if tc.expectError {
	require.NoError(t, err)
	require.True(t, result.IsError)
	errorContent := getErrorResult(t, result)
	assert.Contains(t, errorContent.Text, tc.expectedErrMsg)
	return
	}

	require.NoError(t, err)
	require.False(t, result.IsError)

	// Parse the result and get the text content if no error
	textContent := getTextResult(t, result)

	// Unmarshal and verify the result
	var returnedAlert github.Alert
	err = json.Unmarshal([]byte(textContent.Text), &returnedAlert)
	assert.NoError(t, err)
	assert.Equal(t, tc.expectedAlert.Number, returnedAlert.Number)
	assert.Equal(t, tc.expectedAlert.State, returnedAlert.State)
	assert.Equal(t, tc.expectedAlert.HTMLURL, returnedAlert.HTMLURL)

	})
	}
	}

	func Test_ListSecretScanningAlerts(t *testing.T) {
	// Verify tool definition once
	mockClient := github.NewClient(nil)
	tool, _ := ListSecretScanningAlerts(stubGetClientFn(mockClient), translations.NullTranslationHelper)

	assert.Equal(t, "list_secret_scanning_alerts", tool.Name)
	assert.NotEmpty(t, tool.Description)
	assert.Contains(t, tool.InputSchema.Properties, "owner")
	assert.Contains(t, tool.InputSchema.Properties, "repo")
	assert.Contains(t, tool.InputSchema.Properties, "state")
	assert.Contains(t, tool.InputSchema.Properties, "secret_type")
	assert.Contains(t, tool.InputSchema.Properties, "resolution")
	assert.ElementsMatch(t, tool.InputSchema.Required, []string{"owner", "repo"})

	// Setup mock alerts for success case
	resolvedAlert := github.SecretScanningAlert{
	Number: github.Ptr(2),
	HTMLURL: github.Ptr("https://github.com/owner/private-repo/security/secret-scanning/2"),
	State: github.Ptr("resolved"),
	Resolution: github.Ptr("false_positive"),
	SecretType: github.Ptr("adafruit_io_key"),
	}
	openAlert := github.SecretScanningAlert{
	Number: github.Ptr(2),
	HTMLURL: github.Ptr("https://github.com/owner/private-repo/security/secret-scanning/3"),
	State: github.Ptr("open"),
	Resolution: github.Ptr("false_positive"),
	SecretType: github.Ptr("adafruit_io_key"),
	}

	tests := []struct {
	name string
	mockedClient *http.Client
	requestArgs map[string]interface{}
	expectError bool
	expectedAlerts []*github.SecretScanningAlert
	expectedErrMsg string
	}{
	{
	name: "successful resolved alerts listing",
	mockedClient: mock.NewMockedHTTPClient(
	mock.WithRequestMatchHandler(
	mock.GetReposSecretScanningAlertsByOwnerByRepo,
	expectQueryParams(t, map[string]string{
	"state": "resolved",
	}).andThen(
	mockResponse(t, http.StatusOK, []*github.SecretScanningAlert{&resolvedAlert}),
	),
	),
	),
	requestArgs: map[string]interface{}{
	"owner": "owner",
	"repo": "repo",
	"state": "resolved",
	},
	expectError: false,
	expectedAlerts: []*github.SecretScanningAlert{&resolvedAlert},
	},
	{
	name: "successful alerts listing",
	mockedClient: mock.NewMockedHTTPClient(
	mock.WithRequestMatchHandler(
	mock.GetReposSecretScanningAlertsByOwnerByRepo,
	expectQueryParams(t, map[string]string{}).andThen(
	mockResponse(t, http.StatusOK, []*github.SecretScanningAlert{&resolvedAlert, &openAlert}),
	),
	),
	),
	requestArgs: map[string]interface{}{
	"owner": "owner",
	"repo": "repo",
	},
	expectError: false,
	expectedAlerts: []*github.SecretScanningAlert{&resolvedAlert, &openAlert},
	},
	{
	name: "alerts listing fails",
	mockedClient: mock.NewMockedHTTPClient(
	mock.WithRequestMatchHandler(
	mock.GetReposSecretScanningAlertsByOwnerByRepo,
	http.HandlerFunc(func(w http.ResponseWriter, _ *http.Request) {
	w.WriteHeader(http.StatusUnauthorized)
	_, _ = w.Write([]byte(`{"message": "Unauthorized access"}`))
	}),
	),
	),
	requestArgs: map[string]interface{}{
	"owner": "owner",
	"repo": "repo",
	},
	expectError: true,
	expectedErrMsg: "failed to list alerts",
	},
	}

	for _, tc := range tests {
	t.Run(tc.name, func(t *testing.T) {
	client := github.NewClient(tc.mockedClient)
	_, handler := ListSecretScanningAlerts(stubGetClientFn(client), translations.NullTranslationHelper)

	request := createMCPRequest(tc.requestArgs)

	result, err := handler(context.Background(), request)

	if tc.expectError {
	require.NoError(t, err)
	require.True(t, result.IsError)
	errorContent := getErrorResult(t, result)
	assert.Contains(t, errorContent.Text, tc.expectedErrMsg)
	return
	}

	require.NoError(t, err)
	require.False(t, result.IsError)

	textContent := getTextResult(t, result)

	// Unmarshal and verify the result
	var returnedAlerts []*github.SecretScanningAlert
	err = json.Unmarshal([]byte(textContent.Text), &returnedAlerts)
	assert.NoError(t, err)
	assert.Len(t, returnedAlerts, len(tc.expectedAlerts))
	for i, alert := range returnedAlerts {
	assert.Equal(t, tc.expectedAlerts[i].Number, alert.Number)
	assert.Equal(t, tc.expectedAlerts[i].HTMLURL, alert.HTMLURL)
	assert.Equal(t, tc.expectedAlerts[i].State, alert.State)
	assert.Equal(t, tc.expectedAlerts[i].Resolution, alert.Resolution)
	assert.Equal(t, tc.expectedAlerts[i].SecretType, alert.SecretType)
	}
	})
	}
	}