github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/fanal/analyzer/sbom/sbom_test.go (about) 1 package sbom 2 3 import ( 4 "context" 5 "os" 6 "testing" 7 8 "github.com/stretchr/testify/assert" 9 "github.com/stretchr/testify/require" 10 11 "github.com/devseccon/trivy/pkg/fanal/analyzer" 12 "github.com/devseccon/trivy/pkg/fanal/types" 13 ) 14 15 func Test_sbomAnalyzer_Analyze(t *testing.T) { 16 tests := []struct { 17 name string 18 file string 19 filePath string 20 want *analyzer.AnalysisResult 21 wantErr require.ErrorAssertionFunc 22 }{ 23 { 24 name: "valid elasticsearch spdx file", 25 file: "testdata/elasticsearch.spdx.json", 26 filePath: "opt/bitnami/elasticsearch/.spdx-elasticsearch.spdx", 27 want: &analyzer.AnalysisResult{ 28 Applications: []types.Application{ 29 { 30 Type: types.Jar, 31 Libraries: types.Packages{ 32 { 33 Name: "co.elastic.apm:apm-agent", 34 Version: "1.36.0", 35 Ref: "pkg:maven/co.elastic.apm/apm-agent@1.36.0", 36 FilePath: "opt/bitnami/elasticsearch", 37 }, 38 { 39 Name: "co.elastic.apm:apm-agent-cached-lookup-key", 40 Version: "1.36.0", 41 Ref: "pkg:maven/co.elastic.apm/apm-agent-cached-lookup-key@1.36.0", 42 FilePath: "opt/bitnami/elasticsearch", 43 }, 44 { 45 Name: "co.elastic.apm:apm-agent-common", 46 Version: "1.36.0", 47 Ref: "pkg:maven/co.elastic.apm/apm-agent-common@1.36.0", 48 FilePath: "opt/bitnami/elasticsearch", 49 }, 50 { 51 Name: "co.elastic.apm:apm-agent-core", 52 Version: "1.36.0", 53 Ref: "pkg:maven/co.elastic.apm/apm-agent-core@1.36.0", 54 FilePath: "opt/bitnami/elasticsearch", 55 }, 56 }, 57 }, 58 { 59 Type: types.Bitnami, 60 FilePath: "opt/bitnami/elasticsearch", 61 Libraries: types.Packages{ 62 { 63 Name: "elasticsearch", 64 Version: "8.9.1", 65 Ref: "pkg:bitnami/elasticsearch@8.9.1?arch=arm64", 66 Arch: "arm64", 67 Licenses: []string{"Elastic-2.0"}, 68 }, 69 }, 70 }, 71 }, 72 }, 73 wantErr: require.NoError, 74 }, 75 { 76 name: "valid elasticsearch cdx file", 77 file: "testdata/cdx.json", 78 filePath: "opt/bitnami/elasticsearch/.spdx-elasticsearch.cdx", 79 want: &analyzer.AnalysisResult{ 80 Applications: []types.Application{ 81 { 82 Type: types.Jar, 83 Libraries: types.Packages{ 84 { 85 FilePath: "opt/bitnami/elasticsearch/modules/apm/elastic-apm-agent-1.36.0.jar", 86 Name: "co.elastic.apm:apm-agent", 87 Version: "1.36.0", 88 Ref: "pkg:maven/co.elastic.apm/apm-agent@1.36.0", 89 }, 90 { 91 FilePath: "opt/bitnami/elasticsearch/modules/apm/elastic-apm-agent-1.36.0.jar", 92 Name: "co.elastic.apm:apm-agent-cached-lookup-key", 93 Version: "1.36.0", 94 Ref: "pkg:maven/co.elastic.apm/apm-agent-cached-lookup-key@1.36.0", 95 }, 96 }, 97 }, 98 }, 99 }, 100 wantErr: require.NoError, 101 }, 102 { 103 name: "valid postgresql spdx file", 104 file: "testdata/postgresql.spdx.json", 105 filePath: "opt/bitnami/postgresql/.spdx-postgresql.spdx", 106 want: &analyzer.AnalysisResult{ 107 Applications: []types.Application{ 108 { 109 Type: types.Bitnami, 110 FilePath: "opt/bitnami/postgresql", 111 Libraries: types.Packages{ 112 { 113 Name: "gdal", 114 Version: "3.7.1", 115 Ref: "pkg:bitnami/gdal@3.7.1", 116 Licenses: []string{"MIT"}, 117 }, 118 { 119 Name: "geos", 120 Version: "3.8.3", 121 Ref: "pkg:bitnami/geos@3.8.3", 122 Licenses: []string{"LGPL-2.1-only"}, 123 }, 124 { 125 Name: "postgresql", 126 Version: "15.3.0", 127 Ref: "pkg:bitnami/postgresql@15.3.0", 128 Licenses: []string{"PostgreSQL"}, 129 }, 130 { 131 Name: "proj", 132 Version: "6.3.2", 133 Ref: "pkg:bitnami/proj@6.3.2", 134 Licenses: []string{"MIT"}, 135 }, 136 }, 137 }, 138 }, 139 }, 140 wantErr: require.NoError, 141 }, 142 { 143 name: "invalid spdx file", 144 file: "testdata/invalid_spdx.json", 145 filePath: "opt/bitnami/elasticsearch/.spdx-elasticsearch.spdx", 146 want: nil, 147 wantErr: require.Error, 148 }, 149 } 150 for _, tt := range tests { 151 t.Run(tt.name, func(t *testing.T) { 152 f, err := os.Open(tt.file) 153 require.NoError(t, err) 154 defer f.Close() 155 156 a := sbomAnalyzer{} 157 got, err := a.Analyze(context.Background(), analyzer.AnalysisInput{ 158 FilePath: tt.filePath, 159 Content: f, 160 }) 161 tt.wantErr(t, err) 162 163 if got != nil { 164 got.Sort() 165 } 166 assert.Equal(t, tt.want, got) 167 }) 168 } 169 } 170 171 func Test_packagingAnalyzer_Required(t *testing.T) { 172 tests := []struct { 173 name string 174 filePath string 175 want bool 176 }{ 177 { 178 name: "cdx", 179 filePath: "/test/result.cdx", 180 want: true, 181 }, 182 { 183 name: "spdx", 184 filePath: "/test/result.spdx", 185 want: true, 186 }, 187 { 188 name: "cdx.json", 189 filePath: "/test/result.cdx.json", 190 want: true, 191 }, 192 { 193 name: "spdx.json", 194 filePath: "/test/result.spdx.json", 195 want: true, 196 }, 197 { 198 name: "json", 199 filePath: "/test/result.json", 200 want: false, 201 }, 202 } 203 for _, tt := range tests { 204 t.Run(tt.name, func(t *testing.T) { 205 a := sbomAnalyzer{} 206 got := a.Required(tt.filePath, nil) 207 assert.Equal(t, tt.want, got) 208 }) 209 } 210 }