test: 敏感信息告警Linter test

Author: yini-chen

src/extension.ts

@@ -18,7 +18,7 @@ import { updateDiagnostics } from "./provider/linter";
 
 export async function activate(context: vscode.ExtensionContext) {
   // 插件诊断器
-  const collection = vscode.languages.createDiagnosticCollection("test");
+  const collection = vscode.languages.createDiagnosticCollection("alicloud-linter");
   if (vscode.window.activeTextEditor) {
     updateDiagnostics(vscode.window.activeTextEditor.document, collection);
   }

src/provider/linter.ts

@@ -16,38 +16,33 @@ class Rule {
   }>;
 }
 export const LintRules: Array<Rule> = [
-  {
-    LintName: "AccessKey-KeyValue",
-    source: "Alicloud AccessKey Lint",
-    pattern:
-      '(?<keyword>access|key|secret|scret|ak|sk)[^\\w\\n]*(?:\\n)?(?<separator>["\'\\s]*[:=@,]\\s*(?:"|\')?|\\w*"\\s*?,\\s*?")[\\s"\']*(?<key>[0-9A-Za-z]{14,40})(?<suffix>["\'\\s]*)',
-    message: "工程代码泄露可能会导致 AccessKey 泄露，并威胁账号下所有资源的安全性。",
-    information: "在此处透露了 AccessKey。",
-    methods: [{ title: "凭据的安全使用方案", command: "alicloud.api.akSecurityHelper" }],
-  },
   {
     LintName: "AccessKey-NewAK",
     source: "Alicloud AccessKey Lint",
     information: "在此处透露了 AccessKey。",
-    pattern:
-      "^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{12}$|^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{16}$|^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{18}$|^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{20}$|^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{22}$",
+    pattern: `^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{12}$|^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{16}$|^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{18}$|^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{20}$|^LTAI(?=.*[A-Z])(?=.*[a-z])(?=.*\\d)[A-Za-z\\d]{22}$`,
     message: "工程代码泄露可能会导致 AccessKey 泄露，并威胁账号下所有资源的安全性。",
     methods: [{ title: "凭据的安全使用方案", command: "alicloud.api.akSecurityHelper" }],
   },
 ];
 
-function searchCode(
+export function searchCode(
   diagnosticCollection: vscode.Diagnostic[],
   rule: Rule,
   text: string,
   document: vscode.TextDocument,
 ) {
   const regex = new RegExp(rule.pattern, "gi");
-  let match;
-  while ((match = regex.exec(text)) !== null) {
-    const range = new vscode.Range(document.positionAt(match.index), document.positionAt(regex.lastIndex));
+  const strRegex = new RegExp(`[\'\"\`](.*?)[\'\"\`]`, "gi");
+  let strMatch;
+  let matchTexts = [];
+  while ((strMatch = strRegex.exec(text)) !== null) {
+    const range = new vscode.Range(document.positionAt(strMatch.index), document.positionAt(strRegex.lastIndex));
     const matchText = document.getText(range);
-    if (!diagnosticCollection?.find((item) => item.code === matchText)) {
+    const pureString = matchText.substring(1, matchText.length - 1);
+    const isMatch = regex.test(pureString);
+    if (isMatch) {
+      matchTexts.push(pureString);
       diagnosticCollection.push({
         code: "",
         message: rule.message,
@@ -60,6 +55,7 @@ function searchCode(
       });
     }
   }
+  return matchTexts;
 }
 
 export async function updateDiagnostics(

src/test/suite/extension.test.ts

@@ -25,9 +25,4 @@ suite("Extension Test Suite", () => {
     console.log("alicloud.api.restart successfully executed");
     assert.strictEqual("ok", result);
   });
-
-  test("Sample test", () => {
-    assert.strictEqual(-1, [1, 2, 3].indexOf(5));
-    assert.strictEqual(-1, [1, 2, 3].indexOf(0));
-  });
 });

src/test/suite/linter.test.ts

@@ -0,0 +1,70 @@
+import * as assert from "assert";
+import { after, before } from "mocha";
+import path from "path";
+import * as vscode from "vscode";
+import { LintRules, searchCode } from "../../provider/linter";
+
+suite("Alicloud linter Test Suite", function () {
+  let document;
+
+  // 运行前的初始化
+  setup(async function () {
+    const text = `String[] tests = {
+                "LTAIAbcd1234abcd",         // Length 16, should match
+                "LTAIAbcd1234abcdefgh",     // Length 20, should match
+                "LTAIAbcd1234abcdefghij",   // Length 22, should match
+                "LTAIAbcd1234abcdefghijkl", // Length 24, should match
+                "LTAIAbcd1234abcdefghijklmn", // Length 26, should match
+                "LTAIabc",                  // Too short, should not match
+                "LTAIabcdefghijklm",        // Too short, should not match
+                "LTAIAbcd1234abcdefghijklmnop", // Too long, should not match
+                "LTAIabcd1234abcdefghij",   // Length 22, missing uppercase letter, should not match
+                "LTAIABCD1234ABCDEFGHIJ",   // Length 22, missing lowercase letter, should not match
+                "LTAIAbcdabcdabcdefghij",   // Length 22, missing digit, should not match
+                "LTAIAbcd1234abcdefghiJ",   // Length 22, should match
+                "ltaiAbcd1234abcdefghij",   // Length 22, does not start with "LTAI", should not match
+                "LTAIAbcd1234abcdefghi",    // Length 21, should not match
+        };`;
+
+    const uri = vscode.Uri.file(path.join(__dirname, "testDocument.txt"));
+
+    // 写入自定义文本到文件
+    await vscode.workspace.fs.writeFile(uri, Buffer.from(text, "utf8"));
+
+    // 打开文件作为 TextDocument
+    document = await vscode.workspace.openTextDocument(uri);
+  });
+
+  // 测试指定单词是否存在于文档中
+  test("Check if document contains the AK", async function () {
+    // 指定要查找的单词
+    const wordToFind = "sample";
+    const text = document.getText();
+
+    let diagnosticCollection: vscode.Diagnostic[] = [];
+
+    let matches = [];
+
+    LintRules.forEach((rule) => {
+      matches = matches.concat(matches, searchCode(diagnosticCollection, rule, text, document));
+    });
+
+    console.log(diagnosticCollection);
+
+    const mock = [
+      "LTAIAbcd1234abcd",
+      "LTAIAbcd1234abcdefghij",
+      "LTAIAbcd1234abcdefghijklmn",
+      "LTAIabcd1234abcdefghij",
+      "LTAIAbcd1234abcdefghiJ",
+    ];
+    assert.equal(matches.toString(), mock.toString());
+    // assert.ok(matches, `test failed`);
+  });
+
+  // 清理工作
+  teardown(async function () {
+    const uri = vscode.Uri.file(path.join(__dirname, "testDocument.txt"));
+    await vscode.workspace.fs.delete(uri, { useTrash: true });
+  });
+});