gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-22 07:10:41 -08:00
Code Issues Packages Projects Releases Wiki Activity

feat(cli): add mage command to update golden integration test files (#4380)

Browse Source
This commit is contained in:
DmitriyLewen
2023-05-16 16:58:50 +06:00
committed by GitHub
parent 1a56295ff8
commit d298415c09
20 changed files with 120 additions and 79 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
integration/client_server_test.go
View File

@@ -402,6 +402,9 @@ func TestClientServerWithFormat(t *testing.T) {
}
func TestClientServerWithCycloneDX(t *testing.T) {
if *update {
t.Skipf("This test doesn't use golden files")
}
tests := []struct {
name string
args csArgs

3
integration/docker_engine_test.go
View File

@@ -18,6 +18,9 @@ import (
)
func TestDockerEngine(t *testing.T) {
if *update {
t.Skipf("This test doesn't update golden files")
}
tests := []struct {
name string
imageTag string

16
integration/testdata/alpine-310-registry.json.golden vendored
View File

@@ -1,6 +1,6 @@
{
"SchemaVersion": 2,
"ArtifactName": "localhost:63577/alpine:3.10",
"ArtifactName": "localhost:32839/alpine:3.10",
"ArtifactType": "container_image",
"Metadata": {
"OS": {
@@ -13,10 +13,10 @@
"sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0"
],
"RepoTags": [
"localhost:63577/alpine:3.10"
"localhost:32839/alpine:3.10"
],
"RepoDigests": [
"localhost:63577/alpine@sha256:d9b1a0d4fab413443a22e550cb8720de487295cebca3f9b2fcbf8882192a9bf9"
"localhost:32839/alpine@sha256:b1c5a500182b21d0bfa5a584a8526b56d8be316f89e87d951be04abed2446e60"
],
"ImageConfig": {
"architecture": "amd64",
@@ -55,7 +55,7 @@
},
"Results": [
{
"Target": "localhost:63577/alpine:3.10 (alpine 3.10.2)",
"Target": "localhost:32839/alpine:3.10 (alpine 3.10.2)",
"Class": "os-pkgs",
"Type": "alpine",
"Vulnerabilities": [
@@ -66,7 +66,7 @@
"InstalledVersion": "1.1.1c-r0",
"FixedVersion": "1.1.1d-r0",
"Layer": {
"Digest": "sha256:3489774ebf88fb1f0b08e0abb45826a3cbd9d0eb6458d5fc54729197feddffb9",
"Digest": "sha256:9d48c3bd43c520dc2784e868a780e976b207cbf493eaff8c6596eb871cbd9609",
"DiffID": "sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0"
},
"SeveritySource": "nvd",
@@ -126,7 +126,7 @@
"InstalledVersion": "1.1.1c-r0",
"FixedVersion": "1.1.1d-r2",
"Layer": {
"Digest": "sha256:3489774ebf88fb1f0b08e0abb45826a3cbd9d0eb6458d5fc54729197feddffb9",
"Digest": "sha256:9d48c3bd43c520dc2784e868a780e976b207cbf493eaff8c6596eb871cbd9609",
"DiffID": "sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0"
},
"SeveritySource": "nvd",
@@ -196,7 +196,7 @@
"InstalledVersion": "1.1.1c-r0",
"FixedVersion": "1.1.1d-r0",
"Layer": {
"Digest": "sha256:3489774ebf88fb1f0b08e0abb45826a3cbd9d0eb6458d5fc54729197feddffb9",
"Digest": "sha256:9d48c3bd43c520dc2784e868a780e976b207cbf493eaff8c6596eb871cbd9609",
"DiffID": "sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0"
},
"SeveritySource": "nvd",
@@ -256,7 +256,7 @@
"InstalledVersion": "1.1.1c-r0",
"FixedVersion": "1.1.1d-r2",
"Layer": {
"Digest": "sha256:3489774ebf88fb1f0b08e0abb45826a3cbd9d0eb6458d5fc54729197feddffb9",
"Digest": "sha256:9d48c3bd43c520dc2784e868a780e976b207cbf493eaff8c6596eb871cbd9609",
"DiffID": "sha256:03901b4a2ea88eeaad62dbe59b072b28b6efa00491962b8741081c5df50c65e0"
},
"SeveritySource": "nvd",

4
integration/testdata/busybox-with-lockfile.json.golden vendored
View File

@@ -54,8 +54,8 @@
"Vulnerabilities": [
{
"VulnerabilityID": "CVE-2019-15542",
"PkgName": "ammonia",
"PkgID": "ammonia@1.9.0",
"PkgName": "ammonia",
"InstalledVersion": "1.9.0",
"FixedVersion": "\u003e= 2.1.0",
"Layer": {
@@ -92,8 +92,8 @@
},
{
"VulnerabilityID": "CVE-2021-38193",
"PkgName": "ammonia",
"PkgID": "ammonia@1.9.0",
"PkgName": "ammonia",
"InstalledVersion": "1.9.0",
"FixedVersion": "\u003e= 3.1.0, \u003e= 2.1.3, \u003c 3.0.0",
"Layer": {

2
integration/testdata/centos-7-cyclonedx.json.golden vendored
View File

@@ -3,7 +3,7 @@
"specVersion": "1.4",
"version": 1,
"metadata": {
"timestamp": "2022-08-14T12:39:11+00:00",
"timestamp": "2023-05-15T09:50:02+00:00",
"tools": [
{
"vendor": "aquasecurity",

15
integration/testdata/cocoapods.json.golden vendored
View File

@@ -27,7 +27,8 @@
"DependsOn": [
"AppCenter/Analytics/4.2.0",
"AppCenter/Crashes/4.2.0"
]
],
"Layer": {}
},
{
"ID": "AppCenter/Analytics/4.2.0",
@@ -35,12 +36,14 @@
"Version": "4.2.0",
"DependsOn": [
"AppCenter/Core/4.2.0"
]
],
"Layer": {}
},
{
"ID": "AppCenter/Core/4.2.0",
"Name": "AppCenter/Core",
"Version": "4.2.0"
"Version": "4.2.0",
"Layer": {}
},
{
"ID": "AppCenter/Crashes/4.2.0",
@@ -48,12 +51,14 @@
"Version": "4.2.0",
"DependsOn": [
"AppCenter/Core/4.2.0"
]
],
"Layer": {}
},
{
"ID": "KeychainAccess/4.2.1",
"Name": "KeychainAccess",
"Version": "4.2.1"
"Version": "4.2.1",
"Layer": {}
}
]
}

7
integration/testdata/composer.lock.json.golden vendored
View File

@@ -24,14 +24,13 @@
"ID": "guzzlehttp/guzzle@7.4.4",
"Name": "guzzlehttp/guzzle",
"Version": "7.4.4",
"Indirect": false,
"Layer": {},
"Licenses": [
"MIT"
],
"DependsOn": [
"guzzlehttp/psr7@1.8.3"
],
"Layer": {},
"Locations": [
{
"StartLine": 9,
@@ -43,11 +42,11 @@
"ID": "guzzlehttp/psr7@1.8.3",
"Name": "guzzlehttp/psr7",
"Version": "1.8.3",
"Indirect": true,
"Layer": {},
"Licenses": [
"MIT"
],
"Indirect": true,
"Layer": {},
"Locations": [
{
"StartLine": 130,

34
integration/testdata/conan.json.golden vendored
View File

@@ -2,6 +2,18 @@
"SchemaVersion": 2,
"ArtifactName": "testdata/fixtures/fs/conan",
"ArtifactType": "filesystem",
"Metadata": {
"ImageConfig": {
"architecture": "",
"created": "0001-01-01T00:00:00Z",
"os": "",
"rootfs": {
"type": "",
"diff_ids": null
},
"config": {}
}
},
"Results": [
{
"Target": "conan.lock",
@@ -12,19 +24,22 @@
"ID": "bzip2/1.0.8",
"Name": "bzip2",
"Version": "1.0.8",
"Indirect": true
"Indirect": true,
"Layer": {}
},
{
"ID": "expat/2.4.8",
"Name": "expat",
"Version": "2.4.8",
"Indirect": true
"Indirect": true,
"Layer": {}
},
{
"ID": "openssl/1.1.1q",
"Name": "openssl",
"Version": "1.1.1q",
"Indirect": true
"Indirect": true,
"Layer": {}
},
{
"ID": "pcre/8.43",
@@ -34,7 +49,8 @@
"DependsOn": [
"bzip2/1.0.8",
"zlib/1.2.12"
]
],
"Layer": {}
},
{
"ID": "poco/1.9.4",
@@ -46,19 +62,22 @@
"expat/2.4.8",
"sqlite3/3.39.2",
"openssl/1.1.1q"
]
],
"Layer": {}
},
{
"ID": "sqlite3/3.39.2",
"Name": "sqlite3",
"Version": "3.39.2",
"Indirect": true
"Indirect": true,
"Layer": {}
},
{
"ID": "zlib/1.2.12",
"Name": "zlib",
"Version": "1.2.12",
"Indirect": true
"Indirect": true,
"Layer": {}
}
],
"Vulnerabilities": [
@@ -68,6 +87,7 @@
"PkgName": "pcre",
"InstalledVersion": "8.43",
"FixedVersion": "8.45",
"Layer": {},
"Severity": "UNKNOWN"
}
]

8
integration/testdata/conda-cyclonedx.json.golden vendored
View File

@@ -1,10 +1,10 @@
{
"bomFormat": "CycloneDX",
"specVersion": "1.4",
"serialNumber": "urn:uuid:4dd4cf4a-d4de-4ea0-b75f-ad617f31b5a9",
"serialNumber": "urn:uuid:c283a9bb-93f1-49fb-9605-110b5f005a74",
"version": 1,
"metadata": {
"timestamp": "2023-01-08T23:57:37+00:00",
"timestamp": "2023-05-15T09:49:59+00:00",
"tools": [
{
"vendor": "aquasecurity",
@@ -13,7 +13,7 @@
}
],
"component": {
"bom-ref": "582a7c6f-b30e-4b65-a911-f3f5034aa003",
"bom-ref": "6497c0eb-7ca3-401e-b1f6-29234b2ec32c",
"type": "application",
"name": "testdata/fixtures/fs/conda",
"properties": [
@@ -72,7 +72,7 @@
],
"dependencies": [
{
"ref": "582a7c6f-b30e-4b65-a911-f3f5034aa003",
"ref": "6497c0eb-7ca3-401e-b1f6-29234b2ec32c",
"dependsOn": [
"pkg:conda/openssl@1.1.1q?file_path=miniconda3%2Fenvs%2Ftestenv%2Fconda-meta%2Fopenssl-1.1.1q-h7f8727e_0.json",
"pkg:conda/pip@22.2.2?file_path=miniconda3%2Fenvs%2Ftestenv%2Fconda-meta%2Fpip-22.2.2-py38h06a4308_0.json"

24
integration/testdata/conda-spdx.json.golden vendored
View File

@@ -3,26 +3,29 @@
"dataLicense": "CC0-1.0",
"SPDXID": "SPDXRef-DOCUMENT",
"name": "testdata/fixtures/fs/conda",
"documentNamespace": "http://aquasecurity.github.io/trivy/filesystem/testdata/fixtures/fs/conda-f50748fc-93cb-48c4-87c5-25a03e4ddb00",
"creationInfo": {
"licenseListVersion": "",
"creators": [
"Organization: aquasecurity",
"Tool: trivy-dev"
],
"created": "2023-04-16T11:00:02Z"
"created": "2023-05-16T05:26:41Z"
},
"packages": [
{
"name": "conda-pkg",
"SPDXID": "SPDXRef-Application-ee5ef1aa4ac89125",
"downloadLocation": "NONE",
"primaryPackagePurpose": "APPLICATION",
"sourceInfo": "Conda"
"sourceInfo": "Conda",
"copyrightText": "",
"primaryPackagePurpose": "APPLICATION"
},
{
"name": "openssl",
"SPDXID": "SPDXRef-Package-b1088cb4090e3a55",
"versionInfo": "1.1.1q",
"supplier": "NOASSERTION",
"downloadLocation": "NONE",
"licenseConcluded": "OpenSSL",
"licenseDeclared": "OpenSSL",
@@ -35,7 +38,6 @@
}
],
"primaryPackagePurpose": "LIBRARY",
"supplier": "NOASSERTION",
"files": [
{
"fileName": "miniconda3/envs/testenv/conda-meta/openssl-1.1.1q-h7f8727e_0.json",
@@ -45,7 +47,8 @@
"algorithm": "SHA1",
"checksumValue": "237db0da53131e4548cb1181337fa0f420299e1f"
}
]
],
"copyrightText": ""
}
]
},
@@ -53,9 +56,11 @@
"name": "pip",
"SPDXID": "SPDXRef-Package-6b677e82217fb5bd",
"versionInfo": "22.2.2",
"supplier": "NOASSERTION",
"downloadLocation": "NONE",
"licenseConcluded": "MIT",
"licenseDeclared": "MIT",
"copyrightText": "",
"externalRefs": [
{
"referenceCategory": "PACKAGE-MANAGER",
@@ -64,7 +69,6 @@
}
],
"primaryPackagePurpose": "LIBRARY",
"supplier": "NOASSERTION",
"files": [
{
"fileName": "miniconda3/envs/testenv/conda-meta/pip-22.2.2-py38h06a4308_0.json",
@@ -74,7 +78,8 @@
"algorithm": "SHA1",
"checksumValue": "a6a2db7668f1ad541d704369fc66c96a4415aa24"
}
]
],
"copyrightText": ""
}
]
},
@@ -82,10 +87,11 @@
"name": "testdata/fixtures/fs/conda",
"SPDXID": "SPDXRef-Filesystem-6e0ac6a0fab50ab4",
"downloadLocation": "NONE",
"primaryPackagePurpose": "SOURCE",
"copyrightText": "",
"attributionTexts": [
"SchemaVersion: 2"
]
],
"primaryPackagePurpose": "SOURCE"
}
],
"relationships": [

1
integration/testdata/dotnet.json.golden vendored
View File

@@ -23,6 +23,7 @@
{
"Name": "Newtonsoft.Json",
"Version": "9.0.1",
"Layer": {},
"Locations": [
{
"StartLine": 8,

2
integration/testdata/fluentd-multiple-lockfiles-cyclonedx.json.golden vendored
View File

@@ -3,7 +3,7 @@
"specVersion": "1.4",
"version": 1,
"metadata": {
"timestamp": "2022-08-14T12:39:11+00:00",
"timestamp": "2023-05-15T09:50:02+00:00",
"tools": [
{
"vendor": "aquasecurity",

2
integration/testdata/mix.lock.json.golden vendored
View File

@@ -144,8 +144,8 @@
"Vulnerabilities": [
{
"VulnerabilityID": "CVE-2022-42975",
"PkgName": "phoenix",
"PkgID": "phoenix@1.6.13",
"PkgName": "phoenix",
"InstalledVersion": "1.6.13",
"FixedVersion": "1.6.14",
"Layer": {},

26
integration/testdata/npm.json.golden vendored
View File

@@ -37,11 +37,11 @@
"ID": "jquery@3.3.9",
"Name": "jquery",
"Version": "3.3.9",
"Indirect": true,
"Layer": {},
"Licenses": [
"MIT"
],
"Indirect": true,
"Layer": {},
"Locations": [
{
"StartLine": 11,
@@ -95,14 +95,14 @@
"ID": "promise@8.0.3",
"Name": "promise",
"Version": "8.0.3",
"Licenses": [
"MIT"
],
"Indirect": true,
"DependsOn": [
"asap@2.0.6"
],
"Layer": {},
"Licenses": [
"MIT"
],
"Locations": [
{
"StartLine": 34,
@@ -132,6 +132,9 @@
"ID": "react@16.8.6",
"Name": "react",
"Version": "16.8.6",
"Licenses": [
"MIT"
],
"Indirect": true,
"DependsOn": [
"loose-envify@1.4.0",
@@ -140,9 +143,6 @@
"scheduler@0.13.6"
],
"Layer": {},
"Licenses": [
"MIT"
],
"Locations": [
{
"StartLine": 52,
@@ -154,11 +154,11 @@
"ID": "react-is@16.8.6",
"Name": "react-is",
"Version": "16.8.6",
"Indirect": true,
"Layer": {},
"Licenses": [
"MIT"
],
"Indirect": true,
"Layer": {},
"Locations": [
{
"StartLine": 63,
@@ -170,15 +170,15 @@
"ID": "redux@4.0.1",
"Name": "redux",
"Version": "4.0.1",
"Licenses": [
"MIT"
],
"Indirect": true,
"DependsOn": [
"loose-envify@1.4.0",
"symbol-observable@1.2.0"
],
"Layer": {},
"Licenses": [
"MIT"
],
"Locations": [
{
"StartLine": 68,

4
integration/testdata/nuget.json.golden vendored
View File

@@ -36,10 +36,10 @@
"ID": "NuGet.Frameworks@5.7.0",
"Name": "NuGet.Frameworks",
"Version": "5.7.0",
"Layer": {},
"DependsOn": [
"Newtonsoft.Json@12.0.3"
],
"Layer": {},
"Locations": [
{
"StartLine": 11,
@@ -51,8 +51,8 @@
"Vulnerabilities": [
{
"VulnerabilityID": "GHSA-5crp-9r3c-p9vr",
"PkgName": "Newtonsoft.Json",
"PkgID": "Newtonsoft.Json@12.0.3",
"PkgName": "Newtonsoft.Json",
"InstalledVersion": "12.0.3",
"FixedVersion": "13.0.1",
"Layer": {},

8
integration/testdata/pubspec.lock.json.golden vendored
View File

@@ -23,20 +23,22 @@
{
"ID": "http@0.13.2",
"Name": "http",
"Version": "0.13.2"
"Version": "0.13.2",
"Layer": {}
},
{
"ID": "shelf@1.3.1",
"Name": "shelf",
"Version": "1.3.1",
"Indirect": true
"Indirect": true,
"Layer": {}
}
],
"Vulnerabilities": [
{
"VulnerabilityID": "CVE-2020-35669",
"PkgName": "http",
"PkgID": "http@0.13.2",
"PkgName": "http",
"InstalledVersion": "0.13.2",
"FixedVersion": "0.13.3",
"Layer": {},

2
integration/testdata/secrets.json.golden vendored
View File

@@ -69,7 +69,6 @@
]
},
"Match": "export AWS_ACCESS_KEY_ID=********************",
"Deleted": false,
"Layer": {}
},
{
@@ -113,7 +112,6 @@
]
},
"Match": "echo ********",
"Deleted": false,
"Layer": {}
}
]

2
integration/testdata/yarn.json.golden vendored
View File

@@ -36,7 +36,7 @@
"Vulnerabilities": [
{
"VulnerabilityID": "CVE-2019-11358",
"PkgId": "jquery@3.2.1",
"PkgID": "jquery@3.2.1",
"PkgName": "jquery",
"InstalledVersion": "3.2.1",
"FixedVersion": "3.4.0",

5
magefiles/magefile.go
View File

@@ -194,6 +194,11 @@ func (Test) GenerateExampleModules() error {
return nil
}
// UpdateGolden updates golden files for integration tests
func (Test) UpdateGolden() error {
return sh.RunWithV(ENV, "go", "test", "-tags=integration", "./integration/...", "./pkg/fanal/test/integration/...", "-update")
}
func compileWasmModules(pattern string) error {
goFiles, err := filepath.Glob(pattern)
if err != nil {

3
pkg/fanal/test/integration/library_test.go
View File

@@ -183,8 +183,7 @@ func TestFanal_Library_DockerMode(t *testing.T) {
// Disable updating golden files because local images don't have compressed layer digests,
// and updating golden files in this function results in incomplete files.
if *update {
*update = false
defer func() { *update = true }()
t.Skipf("This test creates wrong golden file")
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {