如何在Jenkins中发布用于安全性的粗略审计工具(RATS)xml结果

时间:2013-01-29 14:28:37

标签: xml junit jenkins xsd report

我有junit-4.xsd

<?xml version="1.0" encoding="UTF-8" ?>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema">

    <xs:element name="failure">
        <xs:complexType mixed="true">
            <xs:attribute name="type" type="xs:string" use="optional"/>
            <xs:attribute name="message" type="xs:string" use="optional"/>
        </xs:complexType>
    </xs:element>

    <xs:element name="error">
        <xs:complexType mixed="true">
            <xs:attribute name="type" type="xs:string" use="optional"/>
            <xs:attribute name="message" type="xs:string" use="optional"/>
        </xs:complexType>
    </xs:element>

    <xs:element name="properties">
        <xs:complexType>
            <xs:sequence>
                <xs:element ref="property" maxOccurs="unbounded"/>
            </xs:sequence>
        </xs:complexType>
    </xs:element>

    <xs:element name="property">
        <xs:complexType>
            <xs:attribute name="name" type="xs:string" use="required"/>
            <xs:attribute name="value" type="xs:string" use="required"/>
        </xs:complexType>
    </xs:element>

    <xs:element name="skipped" type="xs:string"/>
    <xs:element name="system-err" type="xs:string"/>
    <xs:element name="system-out" type="xs:string"/>

    <xs:element name="testcase">
        <xs:complexType>
            <xs:sequence>
                <xs:element ref="skipped" minOccurs="0" maxOccurs="1"/>
                <xs:element ref="error" minOccurs="0" maxOccurs="unbounded"/>
                <xs:element ref="failure" minOccurs="0" maxOccurs="unbounded"/>
                <xs:element ref="system-out" minOccurs="0" maxOccurs="unbounded"/>
                <xs:element ref="system-err" minOccurs="0" maxOccurs="unbounded"/>
            </xs:sequence>
            <xs:attribute name="name" type="xs:string" use="required"/>
            <xs:attribute name="assertions" type="xs:string" use="optional"/>
            <xs:attribute name="time" type="xs:string" use="optional"/>
            <xs:attribute name="classname" type="xs:string" use="optional"/>
            <xs:attribute name="status" type="xs:string" use="optional"/>
        </xs:complexType>
    </xs:element>

    <xs:element name="testsuite">
        <xs:complexType>
            <xs:sequence>
                <xs:element ref="properties" minOccurs="0" maxOccurs="1"/>
                <xs:element ref="testcase" minOccurs="0" maxOccurs="unbounded"/>
                <xs:element ref="system-out" minOccurs="0" maxOccurs="1"/>
                <xs:element ref="system-err" minOccurs="0" maxOccurs="1"/>
            </xs:sequence>
            <xs:attribute name="name" type="xs:string" use="required"/>
            <xs:attribute name="tests" type="xs:string" use="required"/>
            <xs:attribute name="failures" type="xs:string" use="optional"/>
            <xs:attribute name="errors" type="xs:string" use="optional"/>
            <xs:attribute name="time" type="xs:string" use="optional"/>
            <xs:attribute name="disabled" type="xs:string" use="optional"/>
            <xs:attribute name="skipped" type="xs:string" use="optional"/>
            <xs:attribute name="timestamp" type="xs:string" use="optional"/>
            <xs:attribute name="hostname" type="xs:string" use="optional"/>
            <xs:attribute name="id" type="xs:string" use="optional"/>
            <xs:attribute name="package" type="xs:string" use="optional"/>
        </xs:complexType>
    </xs:element>

    <xs:element name="testsuites">
        <xs:complexType>
            <xs:sequence>
                <xs:element ref="testsuite" minOccurs="0" maxOccurs="unbounded"/>
            </xs:sequence>
            <xs:attribute name="name" type="xs:string" use="optional"/>
            <xs:attribute name="time" type="xs:string" use="optional"/>
            <xs:attribute name="tests" type="xs:string" use="optional"/>
            <xs:attribute name="failures" type="xs:string" use="optional"/>
            <xs:attribute name="disabled" type="xs:string" use="optional"/>
            <xs:attribute name="errors" type="xs:string" use="optional"/>
        </xs:complexType>
    </xs:element>


</xs:schema>

vul.xml --RESULT FILE

<?xml version="1.0"?><rats_output>
<stats>
<dbcount lang="perl">33</dbcount>
<dbcount lang="ruby">46</dbcount>
<dbcount lang="python">62</dbcount>
<dbcount lang="c">334</dbcount>
<dbcount lang="php">55</dbcount>
</stats>
<analyzed>filename</analyzed>
.....
</vulnerability>
<timing>
<total_lines>112547</total_lines>
<total_time>0.088372</total_time>
<lines_per_second>1273559</lines_per_second>
</timing>
</rats_output>

和vul.xsd架构为:

vul.xsd

<?xml version="1.0" encoding="UTF-8"?>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified">
  <xs:element name="rats_output">
    <xs:complexType>
      <xs:sequence>
        <xs:element ref="stats"/>
        <xs:element maxOccurs="unbounded" ref="analyzed"/>
        <xs:element maxOccurs="unbounded" ref="vulnerability"/>
        <xs:element ref="timing"/>
      </xs:sequence>
    </xs:complexType>
  </xs:element>
  <xs:element name="stats">
    <xs:complexType>
      <xs:sequence>
        <xs:element maxOccurs="unbounded" ref="dbcount"/>
      </xs:sequence>
    </xs:complexType>
  </xs:element>
  <xs:element name="dbcount">
    <xs:complexType>
      <xs:simpleContent>
        <xs:extension base="xs:integer">
          <xs:attribute name="lang" use="required" type="xs:NCName"/>
        </xs:extension>
      </xs:simpleContent>
    </xs:complexType>
  </xs:element>
  <xs:element name="analyzed" type="xs:string"/>
  <xs:element name="vulnerability">
    <xs:complexType>
      <xs:sequence>
        <xs:element ref="severity"/>
        <xs:element ref="type"/>
        <xs:element ref="message"/>
        <xs:element maxOccurs="unbounded" ref="file"/>
      </xs:sequence>
    </xs:complexType>
  </xs:element>
  <xs:element name="severity" type="xs:NCName"/>
  <xs:element name="type" type="xs:NCName"/>
  <xs:element name="message" type="xs:string"/>
  <xs:element name="file">
    <xs:complexType>
      <xs:sequence>
        <xs:element ref="name"/>
        <xs:element maxOccurs="unbounded" ref="line"/>
      </xs:sequence>
    </xs:complexType>
  </xs:element>
  <xs:element name="name" type="xs:string"/>
  <xs:element name="line" type="xs:integer"/>
  <xs:element name="timing">
    <xs:complexType>
      <xs:sequence>
        <xs:element ref="total_lines"/>
        <xs:element ref="total_time"/>
        <xs:element ref="lines_per_second"/>
      </xs:sequence>
    </xs:complexType>
  </xs:element>
  <xs:element name="total_lines" type="xs:integer"/>
  <xs:element name="total_time" type="xs:decimal"/>
  <xs:element name="lines_per_second" type="xs:integer"/>
</xs:schema>

现在,我如何在Jenkins中将结果呈现为JUNIT插件输出

1 个答案:

答案 0 :(得分:1)

使用XSLT样式表将RATS测试结果转换为类似JUnit的输出。以下是类似问题的示例:

然后通过执行以下操作配置Jenkins以应用它:

  • Custom Tool
  • 下选择Publish xUnit test result report
  • 指定RATS文件的路径和要应用的样式表

<强>参考