package report_test import ( "bytes" "encoding/json" "testing" "github.com/stretchr/testify/assert" dbTypes "github.com/aquasecurity/trivy-db/pkg/types" "github.com/aquasecurity/trivy/pkg/report" "github.com/aquasecurity/trivy/pkg/types" ) func TestReportWriter_JSON(t *testing.T) { testCases := []struct { name string detectedVulns []types.DetectedVulnerability expectedJSON report.Results }{ { name: "happy path", detectedVulns: []types.DetectedVulnerability{ { VulnerabilityID: "CVE-2020-0001", PkgName: "foo", InstalledVersion: "1.2.3", FixedVersion: "3.4.5", PrimaryURL: "https://avd.aquasec.com/nvd/cve-2020-0001", Vulnerability: dbTypes.Vulnerability{ Title: "foobar", Description: "baz", Severity: "HIGH", }, }, }, expectedJSON: report.Results{ report.Result{ Target: "foojson", Vulnerabilities: []types.DetectedVulnerability{ { VulnerabilityID: "CVE-2020-0001", PkgName: "foo", InstalledVersion: "1.2.3", FixedVersion: "3.4.5", PrimaryURL: "https://avd.aquasec.com/nvd/cve-2020-0001", Vulnerability: dbTypes.Vulnerability{ Title: "foobar", Description: "baz", Severity: "HIGH", }, }, }, }, }, }, } for _, tc := range testCases { t.Run(tc.name, func(t *testing.T) { jw := report.JSONWriter{} jsonWritten := bytes.Buffer{} jw.Output = &jsonWritten inputResults := report.Report{ Results: report.Results{ { Target: "foojson", Vulnerabilities: tc.detectedVulns, }, }, } err := report.Write("json", &jsonWritten, nil, inputResults, "", false, false) assert.NoError(t, err) writtenResults := report.Results{} err = json.Unmarshal([]byte(jsonWritten.String()), &writtenResults) assert.NoError(t, err, "invalid json written", tc.name) assert.Equal(t, tc.expectedJSON, writtenResults, tc.name) }) } }