github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/report/table/secret_test.go (about) 1 package table_test 2 3 import ( 4 "strings" 5 "testing" 6 7 "github.com/stretchr/testify/assert" 8 9 dbTypes "github.com/aquasecurity/trivy-db/pkg/types" 10 ftypes "github.com/devseccon/trivy/pkg/fanal/types" 11 "github.com/devseccon/trivy/pkg/report/table" 12 ) 13 14 func TestSecretRenderer(t *testing.T) { 15 16 tests := []struct { 17 name string 18 input []ftypes.SecretFinding 19 want string 20 }{ 21 { 22 name: "single line", 23 input: []ftypes.SecretFinding{ 24 { 25 RuleID: "rule-id", 26 Category: ftypes.SecretRuleCategory("category"), 27 Title: "this is a title", 28 Severity: "HIGH", 29 Layer: ftypes.Layer{DiffID: "sha256:beee9f30bc1f711043e78d4a2be0668955d4b761d587d6f60c2c8dc081efb203"}, 30 StartLine: 1, 31 EndLine: 1, 32 Code: ftypes.Code{ 33 Lines: []ftypes.Line{ 34 { 35 Number: 1, 36 Content: "password=secret", 37 IsCause: true, 38 FirstCause: true, 39 LastCause: true, 40 }, 41 }, 42 }, 43 Match: "secret", 44 }, 45 }, 46 want: ` 47 my-file (secrets) 48 ================= 49 Total: 1 (MEDIUM: 0, HIGH: 1) 50 51 HIGH: category (rule-id) 52 ════════════════════════════════════════ 53 this is a title 54 ──────────────────────────────────────── 55 my-file:1 (added in layer 'beee9f30bc1f') 56 ──────────────────────────────────────── 57 1 [ password=secret 58 ──────────────────────────────────────── 59 60 61 `, 62 }, 63 { 64 name: "multiple line", 65 input: []ftypes.SecretFinding{ 66 { 67 RuleID: "rule-id", 68 Category: ftypes.SecretRuleCategory("category"), 69 Title: "this is a title", 70 Severity: "HIGH", 71 Layer: ftypes.Layer{ 72 DiffID: "sha256:beee9f30bc1f711043e78d4a2be0668955d4b761d587d6f60c2c8dc081efb203", 73 CreatedBy: "COPY my-file my-file", 74 }, 75 StartLine: 3, 76 EndLine: 4, 77 Code: ftypes.Code{ 78 Lines: []ftypes.Line{ 79 { 80 Number: 1, 81 Content: "#!/bin/bash", 82 }, 83 { 84 Number: 2, 85 Content: "", 86 }, 87 { 88 Number: 3, 89 Content: "password=this is a \\", 90 IsCause: true, 91 FirstCause: true, 92 }, 93 { 94 Number: 4, 95 Content: "secret password", 96 IsCause: true, 97 LastCause: true, 98 }, 99 { 100 Number: 5, 101 Content: "some-app --password $password", 102 }, 103 { 104 Number: 6, 105 Content: "echo all done", 106 }, 107 }, 108 }, 109 Match: "secret", 110 }, 111 }, 112 want: ` 113 my-file (secrets) 114 ================= 115 Total: 1 (MEDIUM: 0, HIGH: 1) 116 117 HIGH: category (rule-id) 118 ════════════════════════════════════════ 119 this is a title 120 ──────────────────────────────────────── 121 my-file:3-4 (added by 'COPY my-file my-file') 122 ──────────────────────────────────────── 123 1 #!/bin/bash 124 2 125 3 ┌ password=this is a \ 126 4 └ secret password 127 5 some-app --password $password 128 6 echo all done 129 ──────────────────────────────────────── 130 131 132 `, 133 }, 134 } 135 136 for _, test := range tests { 137 t.Run(test.name, func(t *testing.T) { 138 renderer := table.NewSecretRenderer("my-file", test.input, false, []dbTypes.Severity{dbTypes.SeverityHigh, dbTypes.SeverityMedium}) 139 assert.Equal(t, test.want, strings.ReplaceAll(renderer.Render(), "\r\n", "\n")) 140 }) 141 } 142 }