mirror of
https://github.com/aquasecurity/trivy.git
synced 2025-12-22 07:10:41 -08:00
74717b888e
* chore(app): change dir * feat(rpc): add a proto file and auto-generated files * chore(dep): add dependencies * fix(app): fix import path * fix(integration): fix import path * fix(protoc): use enum for severity * chore(Makefile): add fmt andd protoc * chore(clang): add .clang-format * refactor: split functions for client/server (#296) * refactor(db): split db.Download * refactor(standalone): create a different package * refactor(vulnerability): split FillAndFilter * fix(protoc): use enum for severity * chore(Makefile): add fmt andd protoc * chore(clang): add .clang-format * fix(db): remove an unused variable * fix(db): expose the github client as an argument of constructor * refactor(vulnerability): add the detail message * feat(rpc): add rpc client (#302) * fix(protoc): use enum for severity * chore(Makefile): add fmt andd protoc * chore(clang): add .clang-format * feat(rpc): convert types * feat(rpc): add rpc client * token: Refactor to handle bad headers being set Signed-off-by: Simarpreet Singh <simar@linux.com> * feat(rpc): add rpc server (#303) * feat(rpc): add rpc server * feat(utils): add CopyFile * feat(server/config): add config struct * feat(detector): add detector * feat(scanner): delegate procedures to detector * fix(scanner): fix the interface * test(mock): add mocks * test(rpc/server): add tests * test(rpc/ospkg/server): add tests * tets(os/detector): add tests * refactor(library): move directories * chore(dependency): add google/wire * refactor(library): introduce google/wire * refactor(ospkg/detector): move directory * feat(rpc): add eosl * refactor(ospkg): introduce google/wire * refactor(wire): bind an interface * refactor(client): use wire.Struct * chore(Makefile): fix wire * test(server): add AssertExpectations * test(server): add AssertExpectations * refactor(server): remove debug log * refactor(error): add more context messages * test(server): fix error message * refactor(test): create a constructor of mock * refactor(config): remove an unused variable * test(config): add an assertion to test the config struct * feat(client/server): add sub commands (#304) * feat(rpc): add rpc server * feat(utils): add CopyFile * feat(server/config): add config struct * feat(detector): add detector * feat(scanner): delegate procedures to detector * fix(scanner): fix the interface * feat(client/server): add sub commands * merge(server3) * test(scan): remove an unused mock * refactor(client): generate the constructor by wire * fix(cli): change the default port * fix(server): use auto-generated constructor * feat(ospkg): return eosl * test(integration): add integration tests for client/server (#306) * fix(server): remove unnecessary options * test(integration): add integration tests for client/server * fix(server): wrap an error * fix(server): change the update interval * fix(server): display the error detail * test(config): add an assertion to test the config struct * fix(client): returns an error when failing to initizlie a logger * test(ospkg/server): add eosl * Squashed commit of the following: * test(server): refactor and add tests (#307) * test(github): create a mock * test(db): create a mock * test(server): add tests for DB hot update * chore(db): add a log message * refactor(db): introduce google/wire * refactor(rpc): move directory * refactor(injector): fix import name * refactor(import): remove new lines * fix(server): display the error detail * fix(server): change the update interval * fix(server): wrap an error * test(integration): add integration tests for client/server * fix(server): remove unnecessary options * refactor(server): return an error when failing to initialize a logger * refactor(server): remove unused error * fix(client/server): fix default port * chore(README): add client/server * chore(README): update
136 lines
3.2 KiB
Go
136 lines
3.2 KiB
Go
package library
|
|
|
|
import (
|
|
"context"
|
|
"os"
|
|
"testing"
|
|
|
|
"github.com/aquasecurity/trivy/pkg/detector/library"
|
|
|
|
"github.com/aquasecurity/trivy/pkg/log"
|
|
|
|
"golang.org/x/xerrors"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
|
|
ptypes "github.com/aquasecurity/go-dep-parser/pkg/types"
|
|
dbTypes "github.com/aquasecurity/trivy-db/pkg/types"
|
|
"github.com/aquasecurity/trivy/pkg/types"
|
|
"github.com/aquasecurity/trivy/pkg/vulnerability"
|
|
proto "github.com/aquasecurity/trivy/rpc/detector"
|
|
)
|
|
|
|
func TestMain(m *testing.M) {
|
|
log.InitLogger(false, false)
|
|
code := m.Run()
|
|
os.Exit(code)
|
|
}
|
|
|
|
func TestServer_Detect(t *testing.T) {
|
|
type args struct {
|
|
req *proto.LibDetectRequest
|
|
}
|
|
tests := []struct {
|
|
name string
|
|
args args
|
|
detect library.DetectExpectation
|
|
wantRes *proto.DetectResponse
|
|
wantErr string
|
|
}{
|
|
{
|
|
name: "happy path",
|
|
args: args{
|
|
req: &proto.LibDetectRequest{
|
|
FilePath: "app/Pipfile.lock",
|
|
Libraries: []*proto.Library{
|
|
{Name: "django", Version: "3.0.0"},
|
|
},
|
|
},
|
|
},
|
|
detect: library.DetectExpectation{
|
|
Args: library.DetectInput{
|
|
FilePath: "app/Pipfile.lock",
|
|
Libs: []ptypes.Library{
|
|
{Name: "django", Version: "3.0.0"},
|
|
},
|
|
},
|
|
ReturnArgs: library.DetectOutput{
|
|
Vulns: []types.DetectedVulnerability{
|
|
{
|
|
VulnerabilityID: "CVE-2019-0001",
|
|
PkgName: "test",
|
|
InstalledVersion: "1",
|
|
FixedVersion: "2",
|
|
Vulnerability: dbTypes.Vulnerability{
|
|
Title: "title",
|
|
Description: "description",
|
|
Severity: "MEDIUM",
|
|
References: []string{"http://example.com"},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
wantRes: &proto.DetectResponse{
|
|
Vulnerabilities: []*proto.Vulnerability{
|
|
{
|
|
VulnerabilityId: "CVE-2019-0001",
|
|
PkgName: "test",
|
|
InstalledVersion: "1",
|
|
FixedVersion: "2",
|
|
Title: "title",
|
|
Description: "description",
|
|
Severity: proto.Severity_MEDIUM,
|
|
References: []string{"http://example.com"},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
name: "Detect returns an error",
|
|
args: args{
|
|
req: &proto.LibDetectRequest{
|
|
FilePath: "app/Pipfile.lock",
|
|
Libraries: []*proto.Library{
|
|
{Name: "django", Version: "3.0.0"},
|
|
},
|
|
},
|
|
},
|
|
detect: library.DetectExpectation{
|
|
Args: library.DetectInput{
|
|
FilePath: "app/Pipfile.lock",
|
|
Libs: []ptypes.Library{
|
|
{Name: "django", Version: "3.0.0"},
|
|
},
|
|
},
|
|
ReturnArgs: library.DetectOutput{
|
|
Err: xerrors.New("error"),
|
|
},
|
|
},
|
|
wantErr: "failed to detect library vulnerabilities",
|
|
},
|
|
}
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
mockDetector := library.NewMockDetector([]library.DetectExpectation{tt.detect})
|
|
mockVulnClient := vulnerability.NewMockVulnClient()
|
|
|
|
s := NewServer(mockDetector, mockVulnClient)
|
|
ctx := context.TODO()
|
|
gotRes, err := s.Detect(ctx, tt.args.req)
|
|
if tt.wantErr != "" {
|
|
require.NotNil(t, err, tt.name)
|
|
assert.Contains(t, err.Error(), tt.wantErr, tt.name)
|
|
return
|
|
} else {
|
|
assert.NoError(t, err, tt.name)
|
|
}
|
|
|
|
assert.Equal(t, tt.wantRes, gotRes, tt.name)
|
|
mockDetector.AssertExpectations(t)
|
|
mockVulnClient.AssertExpectations(t)
|
|
})
|
|
}
|
|
}
|