github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/integration/module_test.go (about) 1 //go:build module_integration 2 3 package integration 4 5 import ( 6 "path/filepath" 7 "testing" 8 9 "github.com/stretchr/testify/require" 10 11 "github.com/devseccon/trivy/pkg/fanal/analyzer" 12 "github.com/devseccon/trivy/pkg/scanner/post" 13 ) 14 15 func TestModule(t *testing.T) { 16 tests := []struct { 17 name string 18 input string 19 golden string 20 }{ 21 { 22 name: "spring4shell jre 8, severity update", 23 input: "testdata/fixtures/images/spring4shell-jre8.tar.gz", 24 golden: "testdata/spring4shell-jre8.json.golden", 25 }, 26 { 27 name: "spring4shell jre 11, no severity update", 28 input: "testdata/fixtures/images/spring4shell-jre11.tar.gz", 29 golden: "testdata/spring4shell-jre11.json.golden", 30 }, 31 } 32 33 // Set up testing DB 34 cacheDir := initDB(t) 35 36 for _, tt := range tests { 37 t.Run(tt.name, func(t *testing.T) { 38 osArgs := []string{ 39 "--cache-dir", 40 cacheDir, 41 "image", 42 "--ignore-unfixed", 43 "--format", 44 "json", 45 "--skip-db-update", 46 "--offline-scan", 47 "--quiet", 48 "--module-dir", 49 filepath.Join("../", "examples", "module", "spring4shell"), 50 "--input", 51 tt.input, 52 } 53 54 // Set up the output file 55 outputFile := filepath.Join(t.TempDir(), "output.json") 56 if *update { 57 outputFile = tt.golden 58 } 59 60 osArgs = append(osArgs, []string{ 61 "--output", 62 outputFile, 63 }...) 64 65 // Run Trivy 66 err := execute(osArgs) 67 require.NoError(t, err) 68 defer func() { 69 analyzer.DeregisterAnalyzer("spring4shell") 70 post.DeregisterPostScanner("spring4shell") 71 }() 72 73 // Compare want and got 74 compareReports(t, tt.golden, outputFile, nil) 75 }) 76 } 77 }