mirror of
https://github.com/aquasecurity/trivy.git
synced 2025-12-22 07:10:41 -08:00
74717b888e
* chore(app): change dir * feat(rpc): add a proto file and auto-generated files * chore(dep): add dependencies * fix(app): fix import path * fix(integration): fix import path * fix(protoc): use enum for severity * chore(Makefile): add fmt andd protoc * chore(clang): add .clang-format * refactor: split functions for client/server (#296) * refactor(db): split db.Download * refactor(standalone): create a different package * refactor(vulnerability): split FillAndFilter * fix(protoc): use enum for severity * chore(Makefile): add fmt andd protoc * chore(clang): add .clang-format * fix(db): remove an unused variable * fix(db): expose the github client as an argument of constructor * refactor(vulnerability): add the detail message * feat(rpc): add rpc client (#302) * fix(protoc): use enum for severity * chore(Makefile): add fmt andd protoc * chore(clang): add .clang-format * feat(rpc): convert types * feat(rpc): add rpc client * token: Refactor to handle bad headers being set Signed-off-by: Simarpreet Singh <simar@linux.com> * feat(rpc): add rpc server (#303) * feat(rpc): add rpc server * feat(utils): add CopyFile * feat(server/config): add config struct * feat(detector): add detector * feat(scanner): delegate procedures to detector * fix(scanner): fix the interface * test(mock): add mocks * test(rpc/server): add tests * test(rpc/ospkg/server): add tests * tets(os/detector): add tests * refactor(library): move directories * chore(dependency): add google/wire * refactor(library): introduce google/wire * refactor(ospkg/detector): move directory * feat(rpc): add eosl * refactor(ospkg): introduce google/wire * refactor(wire): bind an interface * refactor(client): use wire.Struct * chore(Makefile): fix wire * test(server): add AssertExpectations * test(server): add AssertExpectations * refactor(server): remove debug log * refactor(error): add more context messages * test(server): fix error message * refactor(test): create a constructor of mock * refactor(config): remove an unused variable * test(config): add an assertion to test the config struct * feat(client/server): add sub commands (#304) * feat(rpc): add rpc server * feat(utils): add CopyFile * feat(server/config): add config struct * feat(detector): add detector * feat(scanner): delegate procedures to detector * fix(scanner): fix the interface * feat(client/server): add sub commands * merge(server3) * test(scan): remove an unused mock * refactor(client): generate the constructor by wire * fix(cli): change the default port * fix(server): use auto-generated constructor * feat(ospkg): return eosl * test(integration): add integration tests for client/server (#306) * fix(server): remove unnecessary options * test(integration): add integration tests for client/server * fix(server): wrap an error * fix(server): change the update interval * fix(server): display the error detail * test(config): add an assertion to test the config struct * fix(client): returns an error when failing to initizlie a logger * test(ospkg/server): add eosl * Squashed commit of the following: * test(server): refactor and add tests (#307) * test(github): create a mock * test(db): create a mock * test(server): add tests for DB hot update * chore(db): add a log message * refactor(db): introduce google/wire * refactor(rpc): move directory * refactor(injector): fix import name * refactor(import): remove new lines * fix(server): display the error detail * fix(server): change the update interval * fix(server): wrap an error * test(integration): add integration tests for client/server * fix(server): remove unnecessary options * refactor(server): return an error when failing to initialize a logger * refactor(server): remove unused error * fix(client/server): fix default port * chore(README): add client/server * chore(README): update
158 lines
3.5 KiB
Go
158 lines
3.5 KiB
Go
package library
|
|
|
|
import (
|
|
"context"
|
|
"testing"
|
|
|
|
"golang.org/x/xerrors"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
ptypes "github.com/aquasecurity/go-dep-parser/pkg/types"
|
|
dbTypes "github.com/aquasecurity/trivy-db/pkg/types"
|
|
"github.com/aquasecurity/trivy/pkg/types"
|
|
"github.com/aquasecurity/trivy/rpc/detector"
|
|
"github.com/stretchr/testify/mock"
|
|
)
|
|
|
|
type mockDetector struct {
|
|
mock.Mock
|
|
}
|
|
|
|
func (_m *mockDetector) Detect(a context.Context, b *detector.LibDetectRequest) (*detector.DetectResponse, error) {
|
|
ret := _m.Called(a, b)
|
|
ret0 := ret.Get(0)
|
|
if ret0 == nil {
|
|
return nil, ret.Error(1)
|
|
}
|
|
res, ok := ret0.(*detector.DetectResponse)
|
|
if !ok {
|
|
return nil, ret.Error(1)
|
|
}
|
|
return res, ret.Error(1)
|
|
}
|
|
|
|
func TestDetectClient_Detect(t *testing.T) {
|
|
type detectInput struct {
|
|
req *detector.LibDetectRequest
|
|
}
|
|
type detectOutput struct {
|
|
res *detector.DetectResponse
|
|
err error
|
|
}
|
|
type detect struct {
|
|
input detectInput
|
|
output detectOutput
|
|
}
|
|
|
|
type fields struct {
|
|
token Token
|
|
}
|
|
type args struct {
|
|
filePath string
|
|
libs []ptypes.Library
|
|
}
|
|
tests := []struct {
|
|
name string
|
|
fields fields
|
|
args args
|
|
detect detect
|
|
want []types.DetectedVulnerability
|
|
wantErr string
|
|
}{
|
|
{
|
|
name: "happy path",
|
|
fields: fields{
|
|
token: "token",
|
|
},
|
|
args: args{
|
|
filePath: "app/Pipfile.lock",
|
|
libs: []ptypes.Library{
|
|
{Name: "django", Version: "3.0.0"},
|
|
},
|
|
},
|
|
detect: detect{
|
|
input: detectInput{req: &detector.LibDetectRequest{
|
|
FilePath: "app/Pipfile.lock",
|
|
Libraries: []*detector.Library{
|
|
{Name: "django", Version: "3.0.0"},
|
|
},
|
|
},
|
|
},
|
|
output: detectOutput{
|
|
res: &detector.DetectResponse{
|
|
Vulnerabilities: []*detector.Vulnerability{
|
|
{
|
|
VulnerabilityId: "CVE-2019-0001",
|
|
PkgName: "django",
|
|
InstalledVersion: "3.0.0",
|
|
FixedVersion: "3.0.1",
|
|
Title: "RCE",
|
|
Description: "Remote Code Execution",
|
|
Severity: detector.Severity_CRITICAL,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
want: []types.DetectedVulnerability{
|
|
{
|
|
VulnerabilityID: "CVE-2019-0001",
|
|
PkgName: "django",
|
|
InstalledVersion: "3.0.0",
|
|
FixedVersion: "3.0.1",
|
|
Vulnerability: dbTypes.Vulnerability{
|
|
Title: "RCE",
|
|
Description: "Remote Code Execution",
|
|
Severity: "CRITICAL",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "Detect returns an error",
|
|
fields: fields{},
|
|
args: args{
|
|
filePath: "app/Pipfile.lock",
|
|
libs: []ptypes.Library{
|
|
{Name: "django", Version: "3.0.0"},
|
|
},
|
|
},
|
|
detect: detect{
|
|
input: detectInput{req: &detector.LibDetectRequest{
|
|
FilePath: "app/Pipfile.lock",
|
|
Libraries: []*detector.Library{
|
|
{Name: "django", Version: "3.0.0"},
|
|
},
|
|
},
|
|
},
|
|
output: detectOutput{
|
|
err: xerrors.New("error"),
|
|
},
|
|
},
|
|
wantErr: "failed to detect vulnerabilities via RPC",
|
|
},
|
|
}
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
mockDetector := new(mockDetector)
|
|
mockDetector.On("Detect", mock.Anything, tt.detect.input.req).Return(
|
|
tt.detect.output.res, tt.detect.output.err)
|
|
|
|
d := NewDetector(tt.fields.token, mockDetector)
|
|
got, err := d.Detect(tt.args.filePath, tt.args.libs)
|
|
if tt.wantErr != "" {
|
|
require.NotNil(t, err, tt.name)
|
|
assert.Contains(t, err.Error(), tt.wantErr, tt.name)
|
|
return
|
|
} else {
|
|
assert.NoError(t, err, tt.name)
|
|
}
|
|
assert.Equal(t, tt.want, got, tt.name)
|
|
mockDetector.AssertExpectations(t)
|
|
})
|
|
}
|
|
}
|