github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/detector/ospkg/photon/photon_test.go (about) 1 package photon_test 2 3 import ( 4 "testing" 5 "time" 6 7 "github.com/stretchr/testify/assert" 8 "github.com/stretchr/testify/require" 9 fake "k8s.io/utils/clock/testing" 10 11 "github.com/aquasecurity/trivy-db/pkg/db" 12 dbTypes "github.com/aquasecurity/trivy-db/pkg/types" 13 "github.com/aquasecurity/trivy-db/pkg/vulnsrc/vulnerability" 14 "github.com/devseccon/trivy/pkg/dbtest" 15 "github.com/devseccon/trivy/pkg/detector/ospkg/photon" 16 ftypes "github.com/devseccon/trivy/pkg/fanal/types" 17 "github.com/devseccon/trivy/pkg/types" 18 ) 19 20 func TestScanner_Detect(t *testing.T) { 21 type args struct { 22 osVer string 23 pkgs []ftypes.Package 24 } 25 tests := []struct { 26 name string 27 args args 28 fixtures []string 29 want []types.DetectedVulnerability 30 wantErr string 31 }{ 32 { 33 name: "happy path", 34 fixtures: []string{ 35 "testdata/fixtures/photon.yaml", 36 "testdata/fixtures/data-source.yaml", 37 }, 38 args: args{ 39 osVer: "1.0", 40 pkgs: []ftypes.Package{ 41 { 42 Name: "PyYAML", 43 Version: "3.12", 44 Release: "4.ph1", 45 SrcName: "PyYAML", 46 SrcVersion: "3.12", 47 SrcRelease: "4.ph1", 48 Layer: ftypes.Layer{ 49 DiffID: "sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02", 50 }, 51 }, 52 }, 53 }, 54 want: []types.DetectedVulnerability{ 55 { 56 PkgName: "PyYAML", 57 VulnerabilityID: "CVE-2020-1747", 58 InstalledVersion: "3.12-4.ph1", 59 FixedVersion: "3.12-5.ph1", 60 Layer: ftypes.Layer{ 61 DiffID: "sha256:932da51564135c98a49a34a193d6cd363d8fa4184d957fde16c9d8527b3f3b02", 62 }, 63 DataSource: &dbTypes.DataSource{ 64 ID: vulnerability.Photon, 65 Name: "Photon OS CVE metadata", 66 URL: "https://packages.vmware.com/photon/photon_cve_metadata/", 67 }, 68 }, 69 }, 70 }, 71 { 72 name: "invalid bucket", 73 fixtures: []string{ 74 "testdata/fixtures/invalid.yaml", 75 "testdata/fixtures/data-source.yaml", 76 }, 77 args: args{ 78 osVer: "1.0", 79 pkgs: []ftypes.Package{ 80 { 81 Name: "PyYAML", 82 Version: "3.12", 83 SrcName: "PyYAML", 84 SrcVersion: "3.12", 85 }, 86 }, 87 }, 88 wantErr: "failed to get Photon advisories", 89 }, 90 } 91 for _, tt := range tests { 92 t.Run(tt.name, func(t *testing.T) { 93 _ = dbtest.InitDB(t, tt.fixtures) 94 defer db.Close() 95 96 s := photon.NewScanner() 97 got, err := s.Detect(tt.args.osVer, nil, tt.args.pkgs) 98 if tt.wantErr != "" { 99 require.Error(t, err) 100 assert.Contains(t, err.Error(), tt.wantErr) 101 return 102 } 103 assert.NoError(t, err) 104 assert.Equal(t, tt.want, got) 105 }) 106 } 107 } 108 109 func TestScanner_IsSupportedVersion(t *testing.T) { 110 type args struct { 111 osFamily ftypes.OSType 112 osVer string 113 } 114 tests := []struct { 115 name string 116 now time.Time 117 args args 118 want bool 119 }{ 120 { 121 name: "photon 1.0", 122 now: time.Date(2022, 1, 31, 23, 59, 59, 0, time.UTC), 123 args: args{ 124 osFamily: "photon", 125 osVer: "1.0", 126 }, 127 want: true, 128 }, 129 { 130 name: "photon 1.0 EOL", 131 now: time.Date(2022, 3, 31, 23, 59, 59, 0, time.UTC), 132 args: args{ 133 osFamily: "photon", 134 osVer: "1.0", 135 }, 136 want: false, 137 }, 138 { 139 name: "latest", 140 now: time.Date(2022, 1, 31, 23, 59, 59, 0, time.UTC), 141 args: args{ 142 osFamily: "photon", 143 osVer: "999.0", 144 }, 145 want: true, 146 }, 147 } 148 for _, tt := range tests { 149 t.Run(tt.name, func(t *testing.T) { 150 s := photon.NewScanner(photon.WithClock(fake.NewFakeClock(tt.now))) 151 got := s.IsSupportedVersion(tt.args.osFamily, tt.args.osVer) 152 assert.Equal(t, tt.want, got) 153 }) 154 } 155 }