Skip to content

Improve error handling for Defender functional tests that call Get-EXOMailbox and Get-UnifiedGroup commandlets #1693

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
1 task done
mitchelbaker-cisa opened this issue May 9, 2025 · 1 comment
Open
1 task done

Improve error handling for Defender functional tests that call Get-EXOMailbox and Get-UnifiedGroup commandlets #1693

mitchelbaker-cisa opened this issue May 9, 2025 · 1 comment
Labels
bug This issue or pull request addresses broken functionality
Milestone
Backlog

Comments

@mitchelbaker-cisa
Copy link
Collaborator

mitchelbaker-cisa commented May 9, 2025
edited
Loading

Prerequisites

  • This issue has an informative and human-readable title.

ScubaGear Version

1.6.0 (running latest from main branch)

Operating System

windows-latest

PowerShell Version

5.1

M365 Environment and License(s)

GCC High

🐛 Summary

Some of the Defender functional tests assume that at least one user/group exists when calling Get-EXOMailbox and Get-UnifiedGroup commandlets.

defender.testplan.yaml:

  • TestDescription: MS.DEFENDER.1.2v1 Non-compliant - std&strict SentTo Non-null, SentToMemberOf Non-null, RecipientDomainIs Non-null
  • TestDescription: MS.DEFENDER.1.2v1 Compliant - Std Non-null Strict Null
  • TestDescription: MS.DEFENDER.1.2v1 Compliant - Std Null Strict Non-null
  • TestDescription: MS.DEFENDER.1.4v1 Non-compliant Mismatched Recipient Domains
  • TestDescription: MS.DEFENDER.1.4v1 Non-compliant Mismatched User
  • TestDescription: MS.DEFENDER.1.4v1 Non-compliant Mismatched Group

defender.g5.testplan.yaml:

  • TestDescription: MS.DEFENDER.1.3v1 Non-compliant -- std&strict SentTo Non-null, SentToMemberOf Non-null, RecipientDomainIs Non-null
  • TestDescription: MS.DEFENDER.1.5v1 Non-compliant Mismatched Recipient Domains

Example usage:

Image

Attempting to access the result from these commandlets results in a "Cannot index into a null array." error:

Image

Steps to reproduce

  1. See functional test failures here: https://github.com/cisagov/ScubaGear/actions/workflows/test_production_function.yaml

Expected behavior

  1. If no users/groups exist when calling Get-EXOMailbox or Get-UnifiedGroup, the Defender functional tests should set $User/$Group only if the commandlet returns an array with at least one entry.

  2. It should also include/exclude the -SentTo "$User" or -SentToMemberOf $Group commandlet parameters accordingly.

Output from Initialize-SCuBA (optional)

No response
@mitchelbaker-cisa mitchelbaker-cisa added the bug This issue or pull request addresses broken functionality label May 9, 2025
@mitchelbaker-cisa
Copy link
Collaborator Author

mitchelbaker-cisa commented May 9, 2025
edited
Loading

The short term fix is to create a group in our GCC High test environment. (this is resolved, Defender functional tests are passing). The long term fix is to correctly handle the response from these commandlets as described in this issue.

@mitchelbaker-cisa mitchelbaker-cisa added this to the Backlog milestone May 9, 2025
@mitchelbaker-cisa mitchelbaker-cisa mentioned this issue May 9, 2025
Open
21 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug This issue or pull request addresses broken functionality
Projects
None yet
Milestone
Backlog
Development

No branches or pull requests
1 participant
@mitchelbaker-cisa