From 20595e44b91a72dc39f72090bf9aed3b7db2a1bc Mon Sep 17 00:00:00 2001
From: mo khan <mo.khan@gmail.com>
Date: Wed, 16 Sep 2020 17:19:55 -0600
Subject: test: add spec to validate the dependency_scanning report schema

---
 .gitmodules                              |  3 +++
 Gemfile                                  |  6 +++---
 Gemfile.lock                             |  6 ++++++
 lib/e2e/dependency_scanning_report.rb    |  1 +
 lib/e2e/x509.rb                          |  2 ++
 spec/integration/gemnasium_maven_spec.rb |  1 -
 spec/schemas                             |  1 +
 spec/spec_helper.rb                      |  1 +
 spec/support/matchers/match_schema.rb    | 19 +++++++++++++++++++
 spec/support/shared/with_expected.rb     |  8 +++++---
 10 files changed, 41 insertions(+), 7 deletions(-)
 create mode 160000 spec/schemas
 create mode 100644 spec/support/matchers/match_schema.rb

diff --git a/.gitmodules b/.gitmodules
index d1d249e..49db3e0 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -4,3 +4,6 @@
 [submodule "src/spotbugs"]
 	path = src/spotbugs
 	url = https://gitlab.com/gitlab-org/security-products/analyzers/spotbugs.git
+[submodule "spec/schemas"]
+	path = spec/schemas
+	url = https://gitlab.com/gitlab-org/security-products/security-report-schemas.git
diff --git a/Gemfile b/Gemfile
index 07a73fa..6a32a7b 100644
--- a/Gemfile
+++ b/Gemfile
@@ -1,10 +1,10 @@
 # frozen_string_literal: true
 source "https://rubygems.org"
 
-gem "rspec", "~> 3.9"
-
 group :test do
+  gem "rspec", "~> 3.9"
+  gem "gitlab-styles", "~> 4.3"
+  gem "json-schema", "~> 2.8"
   gem "rubocop", "~> 0.82"
   gem "rubocop-rspec", "~> 1.41"
-  gem 'gitlab-styles', '~> 4.3'
 end
diff --git a/Gemfile.lock b/Gemfile.lock
index bb83217..8f7a251 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -7,6 +7,8 @@ GEM
       minitest (~> 5.1)
       tzinfo (~> 1.1)
       zeitwerk (~> 2.2, >= 2.2.2)
+    addressable (2.7.0)
+      public_suffix (>= 2.0.2, < 5.0)
     ast (2.4.1)
     concurrent-ruby (1.1.7)
     diff-lcs (1.4.4)
@@ -19,10 +21,13 @@ GEM
     i18n (1.8.5)
       concurrent-ruby (~> 1.0)
     jaro_winkler (1.5.4)
+    json-schema (2.8.1)
+      addressable (>= 2.4)
     minitest (5.14.2)
     parallel (1.19.2)
     parser (2.7.1.4)
       ast (~> 2.4.1)
+    public_suffix (4.0.6)
     rack (2.2.3)
     rainbow (3.0.0)
     rexml (3.2.4)
@@ -69,6 +74,7 @@ PLATFORMS
 
 DEPENDENCIES
   gitlab-styles (~> 4.3)
+  json-schema (~> 2.8)
   rspec (~> 3.9)
   rubocop (~> 0.82)
   rubocop-rspec (~> 1.41)
diff --git a/lib/e2e/dependency_scanning_report.rb b/lib/e2e/dependency_scanning_report.rb
index 51c35d0..a9c6445 100644
--- a/lib/e2e/dependency_scanning_report.rb
+++ b/lib/e2e/dependency_scanning_report.rb
@@ -1,4 +1,5 @@
 # frozen_string_literal: true
+
 class DependencyScanningReport
   def initialize(project_path:)
     report_path = project_path.join('gl-dependency-scanning-report.json')
diff --git a/lib/e2e/x509.rb b/lib/e2e/x509.rb
index 820c468..e581416 100644
--- a/lib/e2e/x509.rb
+++ b/lib/e2e/x509.rb
@@ -1,4 +1,6 @@
 # frozen_string_literal: true
+require 'openssl'
+
 class X509
   def self.self_signed(key: OpenSSL::PKey::RSA.new(4096))
     certificate = OpenSSL::X509::Certificate.new
diff --git a/spec/integration/gemnasium_maven_spec.rb b/spec/integration/gemnasium_maven_spec.rb
index 46cef08..4372110 100644
--- a/spec/integration/gemnasium_maven_spec.rb
+++ b/spec/integration/gemnasium_maven_spec.rb
@@ -1,5 +1,4 @@
 # frozen_string_literal: true
-require 'openssl'
 
 RSpec.describe 'gemnasium-maven' do
   let(:scanner) { 'gemnasium-maven' }
diff --git a/spec/schemas b/spec/schemas
new file mode 160000
index 0000000..cdeadc1
--- /dev/null
+++ b/spec/schemas
@@ -0,0 +1 @@
+Subproject commit cdeadc11c700e0daddd2206095eeee6402a50cf9
diff --git a/spec/spec_helper.rb b/spec/spec_helper.rb
index 303f328..5487c1a 100644
--- a/spec/spec_helper.rb
+++ b/spec/spec_helper.rb
@@ -16,6 +16,7 @@
 # See http://rubydoc.info/gems/rspec-core/RSpec/Core/Configuration
 $LOAD_PATH.unshift(Pathname.pwd.join('lib'))
 require 'e2e'
+require 'json-schema'
 Dir["./spec/support/**/*.rb"].sort.each { |f| require f }
 
 RSpec.configure do |config|
diff --git a/spec/support/matchers/match_schema.rb b/spec/support/matchers/match_schema.rb
new file mode 100644
index 0000000..eef6106
--- /dev/null
+++ b/spec/support/matchers/match_schema.rb
@@ -0,0 +1,19 @@
+# frozen_string_literal: true
+
+RSpec::Matchers.define :match_schema do |report_type|
+  def schema_for(type)
+    relative_path = "spec/schemas/dist/#{type.gsub('_', '-')}-report-format.json"
+    json = JSON.parse(Pathname.pwd.join(relative_path).read)
+    json.delete('$schema')
+    json
+  end
+
+  match do |actual|
+    !actual.nil? && (@errors = JSON::Validator.fully_validate(schema_for(report_type.to_s), actual.to_h)).empty?
+  end
+
+  failure_message do |response|
+    "didn't match the schema for #{report_type}" \
+    " The validation errors were:\n#{@errors.join("\n")}"
+  end
+end
diff --git a/spec/support/shared/with_expected.rb b/spec/support/shared/with_expected.rb
index be4d7cc..00fc420 100644
--- a/spec/support/shared/with_expected.rb
+++ b/spec/support/shared/with_expected.rb
@@ -6,11 +6,13 @@ RSpec.shared_examples "with expected" do |language, package_manager, version, br
     let(:git_branch) { branch }
     let(:expected_content) { JSON.parse(fixture_file_content("expected/#{language}/#{package_manager}/#{branch}/v#{version}.json")) }
 
+    pending { expect(subject).to match_schema(report_type) }
+
     pending do
-      actual_pretty = JSON.pretty_generate(subject.to_h)
-      expected_pretty = JSON.pretty_generate(expected_content)
+      actual = JSON.pretty_generate(subject.to_h)
+      expected = JSON.pretty_generate(expected_content)
 
-      expect(actual_pretty).to eq(expected_pretty)
+      expect(actual).to eq(expected)
     end
   end
 end
-- 
cgit v1.2.3