github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/detector/ospkg/mariner/mariner_test.go (about) 1 package mariner_test 2 3 import ( 4 "testing" 5 6 "github.com/stretchr/testify/assert" 7 "github.com/stretchr/testify/require" 8 9 "github.com/aquasecurity/trivy-db/pkg/db" 10 dbTypes "github.com/aquasecurity/trivy-db/pkg/types" 11 "github.com/aquasecurity/trivy-db/pkg/vulnsrc/vulnerability" 12 "github.com/devseccon/trivy/pkg/dbtest" 13 "github.com/devseccon/trivy/pkg/detector/ospkg/mariner" 14 ftypes "github.com/devseccon/trivy/pkg/fanal/types" 15 "github.com/devseccon/trivy/pkg/types" 16 ) 17 18 func TestScanner_Detect(t *testing.T) { 19 type args struct { 20 osVer string 21 pkgs []ftypes.Package 22 } 23 tests := []struct { 24 name string 25 args args 26 fixtures []string 27 want []types.DetectedVulnerability 28 wantErr string 29 }{ 30 { 31 name: "happy path 1.0 SrcName and Name are different", 32 fixtures: []string{ 33 "testdata/fixtures/mariner.yaml", 34 "testdata/fixtures/data-source.yaml", 35 }, 36 args: args{ 37 osVer: "1.0", 38 pkgs: []ftypes.Package{ 39 { 40 Name: "bind-utils", 41 Epoch: 0, 42 Version: "9.16.14", 43 Release: "1.cm1", 44 Arch: "aarch64", 45 SrcName: "bind", 46 SrcEpoch: 0, 47 SrcVersion: "9.16.14", 48 SrcRelease: "1.cm1", 49 Licenses: []string{"ISC"}, 50 Layer: ftypes.Layer{}, 51 }, 52 }, 53 }, 54 want: []types.DetectedVulnerability{ 55 { 56 PkgName: "bind-utils", 57 VulnerabilityID: "CVE-2019-6470", 58 InstalledVersion: "9.16.14-1.cm1", 59 FixedVersion: "9.16.15-1.cm1", 60 Layer: ftypes.Layer{}, 61 DataSource: &dbTypes.DataSource{ 62 ID: vulnerability.CBLMariner, 63 Name: "CBL-Mariner Vulnerability Data", 64 URL: "https://github.com/microsoft/CBL-MarinerVulnerabilityData", 65 }, 66 }, 67 }, 68 }, 69 { 70 name: "happy path 2.0", 71 fixtures: []string{ 72 "testdata/fixtures/mariner.yaml", 73 "testdata/fixtures/data-source.yaml", 74 }, 75 args: args{ 76 osVer: "2.0", 77 pkgs: []ftypes.Package{ 78 { 79 Name: "vim", 80 Epoch: 0, 81 Version: "8.2.4081", 82 Release: "1.cm1", 83 Arch: "aarch64", 84 SrcName: "vim", 85 SrcEpoch: 0, 86 SrcVersion: "8.2.4081", 87 SrcRelease: "1.cm1", 88 Licenses: []string{"Vim"}, 89 Layer: ftypes.Layer{}, 90 }, 91 }, 92 }, 93 want: []types.DetectedVulnerability{ 94 { 95 PkgName: "vim", 96 VulnerabilityID: "CVE-2022-0261", 97 InstalledVersion: "8.2.4081-1.cm1", 98 Layer: ftypes.Layer{}, 99 DataSource: &dbTypes.DataSource{ 100 ID: vulnerability.CBLMariner, 101 Name: "CBL-Mariner Vulnerability Data", 102 URL: "https://github.com/microsoft/CBL-MarinerVulnerabilityData", 103 }, 104 }, 105 }, 106 }, 107 { 108 name: "broken advisory", 109 fixtures: []string{"testdata/fixtures/invalid.yaml", "testdata/fixtures/data-source.yaml"}, 110 args: args{ 111 osVer: "1.0", 112 pkgs: []ftypes.Package{ 113 { 114 Name: "bind-utils", 115 Epoch: 0, 116 Version: "9.16.14", 117 Release: "1.cm1", 118 Arch: "aarch64", 119 SrcName: "bind", 120 SrcEpoch: 0, 121 SrcVersion: "9.16.14", 122 SrcRelease: "1.cm1", 123 Licenses: []string{"ISC"}, 124 Layer: ftypes.Layer{}, 125 }, 126 }, 127 }, 128 wantErr: "failed to get CBL-Mariner advisories", 129 }, 130 } 131 for _, tt := range tests { 132 t.Run(tt.name, func(t *testing.T) { 133 _ = dbtest.InitDB(t, tt.fixtures) 134 defer db.Close() 135 136 s := mariner.NewScanner() 137 got, err := s.Detect(tt.args.osVer, nil, tt.args.pkgs) 138 if tt.wantErr != "" { 139 require.Error(t, err) 140 assert.Contains(t, err.Error(), tt.wantErr) 141 return 142 } 143 assert.NoError(t, err) 144 assert.Equal(t, tt.want, got) 145 }) 146 } 147 }