mirror of
https://github.com/aquasecurity/trivy.git
synced 2025-12-22 07:10:41 -08:00
fix(integration-test): use a snapshot database for Docker mode (#352)
* fix(integration): add a binary name The first argument is used for the program name. --skip-update was ignored. * fix(integration): use a snapshot database After a new vulnerability is found, this test fails * chore(integration): add t.Run
This commit is contained in:
Teppei Fukuda
@@ -38,70 +38,71 @@ func TestRun_WithDockerEngine(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
for _, tc := range testCases {
|
for _, tc := range testCases {
|
||||||
ctx := context.Background()
|
t.Run(tc.name, func(t *testing.T) {
|
||||||
defer ctx.Done()
|
// Copy DB file
|
||||||
|
cacheDir := gunzipDB()
|
||||||
|
defer os.RemoveAll(cacheDir)
|
||||||
|
|
||||||
cli, err := client.NewClientWithOpts(client.FromEnv)
|
ctx := context.Background()
|
||||||
require.NoError(t, err, tc.name)
|
defer ctx.Done()
|
||||||
|
|
||||||
if !tc.invalidImage {
|
cli, err := client.NewClientWithOpts(client.FromEnv)
|
||||||
testfile, err := os.Open(tc.testfile)
|
|
||||||
require.NoError(t, err, tc.name)
|
require.NoError(t, err, tc.name)
|
||||||
|
|
||||||
// ensure image doesnt already exists
|
if !tc.invalidImage {
|
||||||
_, _ = cli.ImageRemove(ctx, tc.testfile, types.ImageRemoveOptions{
|
testfile, err := os.Open(tc.testfile)
|
||||||
Force: true,
|
require.NoError(t, err, tc.name)
|
||||||
PruneChildren: true,
|
|
||||||
})
|
|
||||||
|
|
||||||
// load image into docker engine
|
// ensure image doesnt already exists
|
||||||
_, err = cli.ImageLoad(ctx, testfile, true)
|
_, _ = cli.ImageRemove(ctx, tc.testfile, types.ImageRemoveOptions{
|
||||||
|
Force: true,
|
||||||
|
PruneChildren: true,
|
||||||
|
})
|
||||||
|
|
||||||
|
// load image into docker engine
|
||||||
|
_, err = cli.ImageLoad(ctx, testfile, true)
|
||||||
|
require.NoError(t, err, tc.name)
|
||||||
|
|
||||||
|
// tag our image to something unique
|
||||||
|
err = cli.ImageTag(ctx, "alpine:3.10", tc.testfile)
|
||||||
|
require.NoError(t, err, tc.name)
|
||||||
|
}
|
||||||
|
|
||||||
|
of, err := ioutil.TempFile("", "integration-docker-engine-output-file-*")
|
||||||
require.NoError(t, err, tc.name)
|
require.NoError(t, err, tc.name)
|
||||||
|
defer os.Remove(of.Name())
|
||||||
|
|
||||||
// tag our image to something unique
|
// run trivy
|
||||||
err = cli.ImageTag(ctx, "alpine:3.10", tc.testfile)
|
app := internal.NewApp("dev")
|
||||||
require.NoError(t, err, tc.name)
|
trivyArgs := []string{"trivy", "--skip-update", "--cache-dir", cacheDir, "--format=json"}
|
||||||
}
|
if !tc.invalidImage {
|
||||||
|
trivyArgs = append(trivyArgs, "--output", of.Name())
|
||||||
|
}
|
||||||
|
trivyArgs = append(trivyArgs, tc.testfile)
|
||||||
|
|
||||||
// run trivy
|
err = app.Run(trivyArgs)
|
||||||
tmpDir, err := ioutil.TempDir("", "integration-docker-engine-*")
|
switch {
|
||||||
require.NoError(t, err)
|
case tc.expectedError != "":
|
||||||
defer func() {
|
assert.Equal(t, tc.expectedError, err.Error(), tc.name)
|
||||||
os.RemoveAll(tmpDir)
|
default:
|
||||||
}()
|
assert.NoError(t, err, tc.name)
|
||||||
|
}
|
||||||
|
|
||||||
of, err := ioutil.TempFile(tmpDir, "integration-docker-engine-output-file-*")
|
if !tc.invalidImage {
|
||||||
require.NoError(t, err, tc.name)
|
// check for vulnerability output info
|
||||||
app := internal.NewApp("dev")
|
got, err := ioutil.ReadAll(of)
|
||||||
|
assert.NoError(t, err, tc.name)
|
||||||
|
want, err := ioutil.ReadFile(tc.expectedOutputFile)
|
||||||
|
assert.NoError(t, err, tc.name)
|
||||||
|
assert.JSONEq(t, string(want), string(got), tc.name)
|
||||||
|
|
||||||
trivyArgs := []string{"--skip-update", "--quiet", "--cache-dir", tmpDir, "--format=json"}
|
// cleanup
|
||||||
if !tc.invalidImage {
|
_, err = cli.ImageRemove(ctx, tc.testfile, types.ImageRemoveOptions{
|
||||||
trivyArgs = append(trivyArgs, "--output", of.Name())
|
Force: true,
|
||||||
}
|
PruneChildren: true,
|
||||||
trivyArgs = append(trivyArgs, tc.testfile)
|
})
|
||||||
|
assert.NoError(t, err, tc.name)
|
||||||
err = app.Run(trivyArgs)
|
}
|
||||||
switch {
|
})
|
||||||
case tc.expectedError != "":
|
|
||||||
assert.Equal(t, tc.expectedError, err.Error(), tc.name)
|
|
||||||
default:
|
|
||||||
assert.NoError(t, err, tc.name)
|
|
||||||
}
|
|
||||||
|
|
||||||
if !tc.invalidImage {
|
|
||||||
// check for vulnerability output info
|
|
||||||
got, err := ioutil.ReadAll(of)
|
|
||||||
assert.NoError(t, err, tc.name)
|
|
||||||
want, err := ioutil.ReadFile(tc.expectedOutputFile)
|
|
||||||
assert.NoError(t, err, tc.name)
|
|
||||||
assert.JSONEq(t, string(want), string(got), tc.name)
|
|
||||||
|
|
||||||
// cleanup
|
|
||||||
_, err = cli.ImageRemove(ctx, tc.testfile, types.ImageRemoveOptions{
|
|
||||||
Force: true,
|
|
||||||
PruneChildren: true,
|
|
||||||
})
|
|
||||||
assert.NoError(t, err, tc.name)
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user