github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/fanal/image/daemon/podman_test.go

github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/fanal/image/daemon/podman_test.go (about)

     1  package daemon
     2  
     3  import (
     4  	"net/http/httptest"
     5  	"os"
     6  	"path/filepath"
     7  	"runtime"
     8  	"testing"
     9  
    10  	"github.com/docker/docker/api/types"
    11  	"github.com/google/go-containerregistry/pkg/name"
    12  	v1 "github.com/google/go-containerregistry/pkg/v1"
    13  	"github.com/stretchr/testify/assert"
    14  	"github.com/stretchr/testify/require"
    15  
    16  	"github.com/aquasecurity/testdocker/engine"
    17  )
    18  
    19  func setupPodmanSock(t *testing.T) *httptest.Server {
    20  	t.Helper()
    21  
    22  	runtimeDir, err := os.MkdirTemp("", "daemon")
    23  	require.NoError(t, err)
    24  
    25  	os.Setenv("XDG_RUNTIME_DIR", runtimeDir)
    26  
    27  	dir := filepath.Join(runtimeDir, "podman")
    28  	err = os.MkdirAll(dir, os.ModePerm)
    29  	require.NoError(t, err)
    30  
    31  	sockPath := filepath.Join(dir, "podman.sock")
    32  
    33  	opt := engine.Option{
    34  		APIVersion: "1.40",
    35  		ImagePaths: map[string]string{
    36  			"index.docker.io/library/alpine:3.11": "../../test/testdata/alpine-311.tar.gz",
    37  		},
    38  		UnixDomainSocket: sockPath,
    39  	}
    40  	te := engine.NewDockerEngine(opt)
    41  	return te
    42  }
    43  
    44  func TestPodmanImage(t *testing.T) {
    45  	if runtime.GOOS == "windows" {
    46  		t.Skip("podman.sock is not available for Windows CI")
    47  	}
    48  
    49  	type fields struct {
    50  		Image   v1.Image
    51  		opener  opener
    52  		inspect types.ImageInspect
    53  	}
    54  	tests := []struct {
    55  		name           string
    56  		imageName      string
    57  		fields         fields
    58  		wantConfigName string
    59  		wantCreateBy   []string
    60  		wantErr        bool
    61  	}{
    62  		{
    63  			name:           "happy path",
    64  			imageName:      "alpine:3.11",
    65  			wantConfigName: "sha256:a187dde48cd289ac374ad8539930628314bc581a481cdb41409c9289419ddb72",
    66  			wantCreateBy: []string{
    67  				"/bin/sh -c #(nop)  CMD [\"/bin/sh\"]",
    68  				"/bin/sh -c #(nop) ADD file:0c4555f363c2672e350001f1293e689875a3760afe7b3f9146886afe67121cba in / ",
    69  			},
    70  			wantErr: false,
    71  		},
    72  		{
    73  			name:      "unknown image",
    74  			imageName: "alpine:unknown",
    75  			wantErr:   true,
    76  		},
    77  	}
    78  
    79  	te := setupPodmanSock(t)
    80  	defer te.Close()
    81  
    82  	for _, tt := range tests {
    83  		t.Run(tt.name, func(t *testing.T) {
    84  			ref, err := name.ParseReference(tt.imageName)
    85  			require.NoError(t, err)
    86  
    87  			img, cleanup, err := PodmanImage(ref.Name())
    88  			defer cleanup()
    89  
    90  			if tt.wantErr {
    91  				assert.NotNil(t, err)
    92  				return
    93  			}
    94  			assert.NoError(t, err)
    95  
    96  			confName, err := img.ConfigName()
    97  			require.NoError(t, err)
    98  			assert.Equal(t, tt.wantConfigName, confName.String())
    99  
   100  			confFile, err := img.ConfigFile()
   101  			require.NoError(t, err)
   102  
   103  			assert.Equal(t, len(confFile.History), len(tt.wantCreateBy))
   104  			for _, h := range confFile.History {
   105  				assert.Contains(t, tt.wantCreateBy, h.CreatedBy)
   106  			}
   107  		})
   108  	}
   109  }