mirror of
https://github.com/aquasecurity/trivy.git
synced 2025-12-22 23:26:39 -08:00
116 lines
3.0 KiB
Go
116 lines
3.0 KiB
Go
package predicate_test
|
|
|
|
import (
|
|
"bytes"
|
|
"encoding/json"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
|
|
dbTypes "github.com/aquasecurity/trivy-db/pkg/types"
|
|
"github.com/aquasecurity/trivy-db/pkg/vulnsrc/vulnerability"
|
|
"github.com/aquasecurity/trivy/pkg/clock"
|
|
ftypes "github.com/aquasecurity/trivy/pkg/fanal/types"
|
|
"github.com/aquasecurity/trivy/pkg/report/predicate"
|
|
"github.com/aquasecurity/trivy/pkg/types"
|
|
)
|
|
|
|
func TestWriter_Write(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
detectedVulns []types.DetectedVulnerability
|
|
want predicate.CosignVulnPredicate
|
|
}{
|
|
{
|
|
name: "happy path",
|
|
detectedVulns: []types.DetectedVulnerability{
|
|
{
|
|
VulnerabilityID: "CVE-2020-0001",
|
|
PkgName: "foo",
|
|
InstalledVersion: "1.2.3",
|
|
FixedVersion: "3.4.5",
|
|
PrimaryURL: "https://avd.aquasec.com/nvd/cve-2020-0001",
|
|
Vulnerability: dbTypes.Vulnerability{
|
|
Title: "foobar",
|
|
Description: "baz",
|
|
Severity: "HIGH",
|
|
VendorSeverity: map[dbTypes.SourceID]dbTypes.Severity{
|
|
vulnerability.NVD: dbTypes.SeverityHigh,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
want: predicate.CosignVulnPredicate{
|
|
Scanner: predicate.Scanner{
|
|
URI: "pkg:github/aquasecurity/trivy@dev",
|
|
Version: "dev",
|
|
Result: types.Report{
|
|
SchemaVersion: 2,
|
|
ArtifactName: "alpine:3.14",
|
|
ArtifactType: ftypes.ArtifactType(""),
|
|
Metadata: types.Metadata{},
|
|
Results: types.Results{
|
|
{
|
|
Target: "foojson",
|
|
Vulnerabilities: []types.DetectedVulnerability{
|
|
{
|
|
VulnerabilityID: "CVE-2020-0001",
|
|
PkgName: "foo",
|
|
InstalledVersion: "1.2.3",
|
|
FixedVersion: "3.4.5",
|
|
PrimaryURL: "https://avd.aquasec.com/nvd/cve-2020-0001",
|
|
Vulnerability: dbTypes.Vulnerability{
|
|
Title: "foobar",
|
|
Description: "baz",
|
|
Severity: "HIGH",
|
|
VendorSeverity: map[dbTypes.SourceID]dbTypes.Severity{
|
|
vulnerability.NVD: dbTypes.SeverityHigh,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
Metadata: predicate.Metadata{
|
|
ScanStartedOn: time.Date(2022, time.July, 22, 12, 20, 30, 5, time.UTC),
|
|
ScanFinishedOn: time.Date(2022, time.July, 22, 12, 20, 30, 5, time.UTC),
|
|
},
|
|
},
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
|
|
inputResults := types.Report{
|
|
SchemaVersion: 2,
|
|
ArtifactName: "alpine:3.14",
|
|
Results: types.Results{
|
|
{
|
|
Target: "foojson",
|
|
Vulnerabilities: tt.detectedVulns,
|
|
},
|
|
},
|
|
}
|
|
|
|
output := bytes.NewBuffer(nil)
|
|
|
|
clock.SetFakeTime(t, time.Date(2022, 7, 22, 12, 20, 30, 5, time.UTC))
|
|
writer := predicate.NewVulnWriter(output, "dev")
|
|
|
|
err := writer.Write(inputResults)
|
|
require.NoError(t, err)
|
|
|
|
var got predicate.CosignVulnPredicate
|
|
err = json.Unmarshal(output.Bytes(), &got)
|
|
require.NoError(t, err, "invalid json written")
|
|
|
|
require.Equal(t, tt.want, got, tt.name)
|
|
|
|
})
|
|
}
|
|
}
|