feat(test): add unit tests for scanner and config

GoogleCloudPlatform · Dec 4, 2024 · 2e647b2 · 2e647b2
1 parent 05ad649
commit 2e647b2
Show file tree

Hide file tree

Showing 15 changed files with 1,094 additions and 49 deletions.
diff --git a/.github/workflows/codehealth.yml b/.github/workflows/codehealth.yml
@@ -41,6 +41,10 @@ jobs:
         working-directory: cloudrun-malware-scanner/
         run: npm run typecheck
 
+      - name: NPM test
+        working-directory: cloudrun-malware-scanner/
+        run: npm test
+
       - name: NPM Audit
         working-directory: cloudrun-malware-scanner/
         run: npm audit

diff --git a/cloudrun-malware-scanner/.husky/pre-commit b/cloudrun-malware-scanner/.husky/pre-commit
@@ -1,8 +1,9 @@
 echo "Running cloudrun-malware-scanner/.husky/pre-commit checks. Use -n/--no-verify to skip"
 
-cd cloudrun-malware-scanner
+cd cloudrun-malware-scanner || exit 1
 npm run eslint
 npm run check-format
 npm run typecheck
 npm run terraform-validate
+npm test
 npm audit
diff --git a/cloudrun-malware-scanner/config.js b/cloudrun-malware-scanner/config.js
@@ -14,10 +14,11 @@
 * limitations under the License.
 */
 
-const {Storage} = require('@google-cloud/storage');
 const {logger} = require('./logger.js');
-const pkgJson = require('./package.json');
 const {readFileSync} = require('node:fs');
+
+/** @typedef {import('@google-cloud/storage').Storage} Storage */
+
 /**
  * @typedef {{
  *  unscanned: string,
@@ -41,23 +42,20 @@ const BUCKET_TYPES = ['unscanned', 'clean', 'quarantined'];
  *    fileExclusionPatterns?: Array<string | Array<string>>,
  *    fileExclusionRegexps: Array<RegExp>,
  *    ignoreZeroLengthFiles: boolean,
- *    comments?: string
+ *    comments?: string | string[]
  *  }} Config
  */
 
-const storage = new Storage({
-  userAgent: `cloud-solutions/${pkgJson.name}-usage-v${pkgJson.version}`,
-});
-
 /**
- * Read configuration from JSON configuration file, verify
+ * Read configuration from JSON configuration file, parse, verify
  * and return a Config object
  *
  * @async
  * @param {string} configFile
+ * @param {Storage} storage
  * @return {Promise<Config>}
  */
-async function readAndVerifyConfig(configFile) {
+async function readAndVerifyConfig(configFile, storage) {
   logger.info(`Using configuration file: ${configFile}`);
   let configText;
   try {
@@ -71,7 +69,7 @@ async function readAndVerifyConfig(configFile) {
     throw err;
   }
   try {
-    return verifyConfig(configText);
+    return validateConfig(parseConfig(configText), storage);
   } catch (e) {
     const err = /** @type {Error} */ (e);
     logger.fatal(
@@ -83,24 +81,31 @@ async function readAndVerifyConfig(configFile) {
 }
 
 /**
- * Read configuration from JSON configuration file, verify
- * and return a Config object
- *
- * @async
  * @param {string} configText
- * @return {Promise<Config>}
+ * @returns {Config}
  */
-async function verifyConfig(configText) {
+function parseConfig(configText) {
   /** @type {Config} */
   let config;
 
   try {
     config = JSON.parse(configText);
   } catch (e) {
-    const err = /** @type {Error} */ (e);
-    throw new Error(`Failed to parse configuration as JSON: ${err.message}`);
+    throw new Error(`Failed to parse configuration as JSON: ${e}`);
   }
+  return config;
+}
 
+/**
+ * Read configuration from JSON configuration file, verify
+ * and return a Config object
+ *
+ * @async
+ * @param {any} config
+ * @param {Storage} storage
+ * @return {Promise<Config>}
+ */
+async function validateConfig(config, storage) {
   delete config.comments;
 
   if (config.buckets.length === 0) {
@@ -119,6 +124,7 @@ async function verifyConfig(configText) {
         !(await checkBucketExists(
           bucketDefs[bucketType],
           `config.buckets[${x}].${bucketType}`,
+          storage,
         ))
       ) {
         success = false;
@@ -130,13 +136,14 @@ async function verifyConfig(configText) {
       bucketDefs.clean === bucketDefs.quarantined
     ) {
       logger.fatal(`Config Error: buckets[${x}]: bucket names are not unique`);
-      // success = false;
+      success = false;
     }
   }
   if (
     !(await checkBucketExists(
       config.ClamCvdMirrorBucket,
       'ClamCvdMirrorBucket',
+      storage,
     ))
   ) {
     success = false;
@@ -152,12 +159,9 @@ async function verifyConfig(configText) {
     success = false;
   }
 
-  // Validate fileExclusionPatterns
+  // Validate fileExclusionPatterns[] and convert to fileExclusionRegexps[]
   config.fileExclusionRegexps = [];
-  if (config.fileExclusionPatterns == null) {
-    // not specified.
-    config.fileExclusionPatterns = [];
-  } else {
+  if (config.fileExclusionPatterns != null) {
     if (!(config.fileExclusionPatterns instanceof Array)) {
       logger.fatal(
         `Config Error: fileExclusionPatterns must be an array of Strings`,
@@ -213,21 +217,23 @@ async function verifyConfig(configText) {
       }
     }
   }
+  delete config.fileExclusionPatterns;
 
   if (!success) {
     throw new Error('Invalid configuration');
   }
-  return config;
+  return Object.freeze(config);
 }
 
 /**
  * Check that given bucket exists. Returns true on success
  *
  * @param {string} bucketName
  * @param {string} configName
+ * @param {Storage} storage
  * @return {Promise<boolean>}
  */
-async function checkBucketExists(bucketName, configName) {
+async function checkBucketExists(bucketName, configName, storage) {
   if (!bucketName) {
     logger.fatal(`Config Error: no "${configName}" bucket defined`);
     return false;
@@ -253,6 +259,7 @@ async function checkBucketExists(bucketName, configName) {
 module.exports = {
   readAndVerifyConfig,
   TEST_ONLY: {
-    storage,
+    checkBucketExists,
+    validateConfig,
   },
 };
diff --git a/cloudrun-malware-scanner/eslint.config.mjs b/cloudrun-malware-scanner/eslint.config.mjs
@@ -2,7 +2,16 @@ import globals from "globals";
 import pluginJs from "@eslint/js";
 
 export default [
-  { files: ["**/*.js"], languageOptions: { sourceType: "commonjs" } },
-  { languageOptions: { globals: globals.browser } },
+  {
+    files: ["*.js"],
+    languageOptions: { sourceType: "commonjs", globals: globals.node },
+  },
+  {
+    files: ["spec/*.js"],
+    languageOptions: {
+      sourceType: "commonjs",
+      globals: [globals.jasmine, globals.node],
+    },
+  },
   pluginJs.configs.recommended,
 ];
diff --git a/cloudrun-malware-scanner/gcs-proxy-server.js b/cloudrun-malware-scanner/gcs-proxy-server.js
@@ -19,6 +19,8 @@ const {GoogleAuth} = require('google-auth-library');
 const {logger} = require('./logger.js');
 const {readAndVerifyConfig} = require('./config.js');
 const httpProxy = require('http-proxy');
+const {Storage} = require('@google-cloud/storage');
+const pkgJson = require('./package.json');
 
 /** @typedef {import('./config.js').Config} Config */
 /** @typedef {import('http').IncomingMessage} IncomingMessage */
@@ -159,8 +161,12 @@ async function run() {
     configFile = './config.json';
   }
 
+  const storage = new Storage({
+    userAgent: `cloud-solutions/${pkgJson.name}-usage-v${pkgJson.version}`,
+  });
+
   /** @type {Config} */
-  const config = await readAndVerifyConfig(configFile);
+  const config = await readAndVerifyConfig(configFile, storage);
 
   clamCvdMirrorBucket = config.ClamCvdMirrorBucket;
 

diff --git a/cloudrun-malware-scanner/jsconfig.json b/cloudrun-malware-scanner/jsconfig.json
@@ -8,5 +8,5 @@
     "strict": true,
     "resolveJsonModule": true
   },
-  "include": ["*.js"]
+  "include": ["*.js", "spec/*.js"]
 }