Merge pull request #248 from ccojocar/code-samples-multiple-files

Refactor the test code sample to support multiple files per sample

Author: Cosmin Cojocar

analyzer_test.go

@@ -98,7 +98,7 @@ var _ = Describe("Analyzer", func() {
 
 			// Rule for MD5 weak crypto usage
 			sample := testutils.SampleCodeG401[0]
-			source := sample.Code
+			source := sample.Code[0]
 			analyzer.LoadRules(rules.Generate(rules.NewRuleFilter(false, "G401")).Builders())
 
 			controlPackage := testutils.NewTestPackage()
@@ -114,7 +114,7 @@ var _ = Describe("Analyzer", func() {
 		It("should not report errors when a nosec comment is present", func() {
 			// Rule for MD5 weak crypto usage
 			sample := testutils.SampleCodeG401[0]
-			source := sample.Code
+			source := sample.Code[0]
 			analyzer.LoadRules(rules.Generate(rules.NewRuleFilter(false, "G401")).Builders())
 
 			nosecPackage := testutils.NewTestPackage()
@@ -131,7 +131,7 @@ var _ = Describe("Analyzer", func() {
 		It("should not report errors when an exclude comment is present for the correct rule", func() {
 			// Rule for MD5 weak crypto usage
 			sample := testutils.SampleCodeG401[0]
-			source := sample.Code
+			source := sample.Code[0]
 			analyzer.LoadRules(rules.Generate(rules.NewRuleFilter(false, "G401")).Builders())
 
 			nosecPackage := testutils.NewTestPackage()
@@ -148,7 +148,7 @@ var _ = Describe("Analyzer", func() {
 		It("should report errors when an exclude comment is present for a different rule", func() {
 			// Rule for MD5 weak crypto usage
 			sample := testutils.SampleCodeG401[0]
-			source := sample.Code
+			source := sample.Code[0]
 			analyzer.LoadRules(rules.Generate(rules.NewRuleFilter(false, "G401")).Builders())
 
 			nosecPackage := testutils.NewTestPackage()
@@ -165,7 +165,7 @@ var _ = Describe("Analyzer", func() {
 		It("should not report errors when an exclude comment is present for multiple rules, including the correct rule", func() {
 			// Rule for MD5 weak crypto usage
 			sample := testutils.SampleCodeG401[0]
-			source := sample.Code
+			source := sample.Code[0]
 			analyzer.LoadRules(rules.Generate(rules.NewRuleFilter(false, "G401")).Builders())
 
 			nosecPackage := testutils.NewTestPackage()
@@ -181,7 +181,7 @@ var _ = Describe("Analyzer", func() {
 
 		It("should pass the build tags", func() {
 			sample := testutils.SampleCode601[0]
-			source := sample.Code
+			source := sample.Code[0]
 			analyzer.LoadRules(rules.Generate().Builders())
 			pkg := testutils.NewTestPackage()
 			defer pkg.Close()
@@ -197,7 +197,7 @@ var _ = Describe("Analyzer", func() {
 
 		// Rule for MD5 weak crypto usage
 		sample := testutils.SampleCodeG401[0]
-		source := sample.Code
+		source := sample.Code[0]
 
 		// overwrite nosec option
 		nosecIgnoreConfig := gosec.NewConfig()

call_list_test.go

@@ -61,7 +61,7 @@ var _ = Describe("call list", func() {
 		// Create file to be scanned
 		pkg := testutils.NewTestPackage()
 		defer pkg.Close()
-		pkg.AddFile("md5.go", testutils.SampleCodeG401[0].Code)
+		pkg.AddFile("md5.go", testutils.SampleCodeG401[0].Code[0])
 
 		ctx := pkg.CreateContext("md5.go")
 

rules/rules_test.go

@@ -28,25 +28,13 @@ var _ = Describe("gosec rules", func() {
 		analyzer = gosec.NewAnalyzer(config, logger)
 		runner = func(rule string, samples []testutils.CodeSample) {
 			analyzer.LoadRules(rules.Generate(rules.NewRuleFilter(false, rule)).Builders())
-
-			supportingFiles := []string{}
-			for _, sample := range samples {
-				if sample.SupportingCode {
-					supportingFiles = append(supportingFiles, sample.Code)
-				}
-			}
-
 			for n, sample := range samples {
-				if sample.SupportingCode {
-					continue
-				}
 				analyzer.Reset()
 				pkg := testutils.NewTestPackage()
 				defer pkg.Close()
-				for n, supportingCode := range supportingFiles {
-					pkg.AddFile(fmt.Sprintf("supporting_sample_%d.go", n), supportingCode)
+				for i, code := range sample.Code {
+					pkg.AddFile(fmt.Sprintf("sample_%d_%d.go", n, i), code)
 				}
-				pkg.AddFile(fmt.Sprintf("sample_%d.go", n), sample.Code)
 				err := pkg.Build()
 				Expect(err).ShouldNot(HaveOccurred())
 				err = analyzer.Process(buildTags, pkg.Path)