github.com/khulnasoft-lab/tunnel-db@v0.0.0-20231117205118-74e1113bd007/pkg/db/advisory_test.go (about) 1 package db_test 2 3 import ( 4 "encoding/json" 5 "testing" 6 7 "github.com/stretchr/testify/assert" 8 "github.com/stretchr/testify/require" 9 10 "github.com/khulnasoft-lab/tunnel-db/pkg/db" 11 "github.com/khulnasoft-lab/tunnel-db/pkg/dbtest" 12 "github.com/khulnasoft-lab/tunnel-db/pkg/types" 13 ) 14 15 func TestConfig_ForEachAdvisory(t *testing.T) { 16 type args struct { 17 source string 18 pkgName string 19 } 20 tests := []struct { 21 name string 22 args args 23 fixtures []string 24 want map[string]types.Advisory 25 wantErr string 26 }{ 27 { 28 name: "single bucket", 29 args: args{ 30 source: "GitHub Security Advisory Composer", 31 pkgName: "symfony/symfony", 32 }, 33 fixtures: []string{"testdata/fixtures/single-bucket.yaml"}, 34 want: map[string]types.Advisory{ 35 "CVE-2019-10909": { 36 PatchedVersions: []string{"4.2.7", "3.4.26"}, 37 VulnerableVersions: []string{">= 4.2.0, < 4.2.7", ">= 3.0.0, < 3.4.26"}, 38 }, 39 "CVE-2019-18889": { 40 PatchedVersions: []string{"4.3.8", "3.4.35"}, 41 VulnerableVersions: []string{">= 4.3.0, < 4.3.8", ">= 3.1.0, < 3.4.35"}, 42 }, 43 }, 44 }, 45 { 46 name: "prefix scan", 47 args: args{ 48 source: "composer::", 49 pkgName: "symfony/symfony", 50 }, 51 fixtures: []string{"testdata/fixtures/multiple-buckets.yaml"}, 52 want: map[string]types.Advisory{ 53 "CVE-2019-10909": { 54 PatchedVersions: []string{"4.2.7"}, 55 VulnerableVersions: []string{">= 4.2.0, < 4.2.7"}, 56 }, 57 "CVE-2020-5275": { 58 VulnerableVersions: []string{">= 4.4.0, < 4.4.7"}, 59 }, 60 }, 61 }, 62 { 63 name: "non-existent bucket", 64 args: args{ 65 source: "non-existent", 66 pkgName: "symfony/symfony", 67 }, 68 fixtures: []string{"testdata/fixtures/single-bucket.yaml"}, 69 want: map[string]types.Advisory{}, 70 }, 71 { 72 name: "non-existent package", 73 args: args{ 74 source: "GitHub Security Advisory Composer", 75 pkgName: "non-existent", 76 }, 77 fixtures: []string{"testdata/fixtures/single-bucket.yaml"}, 78 want: map[string]types.Advisory{}, 79 }, 80 } 81 for _, tt := range tests { 82 t.Run(tt.name, func(t *testing.T) { 83 // Initialize DB 84 dbtest.InitDB(t, tt.fixtures) 85 defer db.Close() 86 87 dbc := db.Config{} 88 got, err := dbc.ForEachAdvisory([]string{tt.args.source}, tt.args.pkgName) 89 90 if tt.wantErr != "" { 91 require.NotNil(t, err) 92 assert.Contains(t, err.Error(), tt.wantErr) 93 return 94 } 95 96 assert.NoError(t, err) 97 98 // Compare 99 assert.Equal(t, len(tt.want), len(got)) 100 for cveID, g := range got { 101 wantAdvisory, ok := tt.want[cveID] 102 if !ok { 103 assert.Fail(t, "no such key", "CVE-ID", cveID) 104 } 105 106 var gotAdvisory types.Advisory 107 err = json.Unmarshal(g.Content, &gotAdvisory) 108 require.NoError(t, err) 109 110 assert.Equal(t, wantAdvisory, gotAdvisory) 111 } 112 }) 113 } 114 } 115 116 func TestConfig_GetAdvisories(t *testing.T) { 117 type args struct { 118 source string 119 pkgName string 120 } 121 tests := []struct { 122 name string 123 args args 124 fixtures []string 125 want []types.Advisory 126 wantErr string 127 }{ 128 { 129 name: "os package advisories", 130 args: args{ 131 source: "Red Hat Enterprise Linux 8", 132 pkgName: "bind", 133 }, 134 fixtures: []string{"testdata/fixtures/ospkg.yaml"}, 135 want: []types.Advisory{ 136 { 137 VulnerabilityID: "CVE-2018-5745", 138 FixedVersion: "32:9.11.4-26.P2.el8", 139 }, 140 { 141 VulnerabilityID: "CVE-2020-8617", 142 FixedVersion: "32:9.11.13-5.el8_2", 143 }, 144 }, 145 }, 146 { 147 name: "library advisories", 148 args: args{ 149 source: "GitHub Security Advisory Composer", 150 pkgName: "symfony/symfony", 151 }, 152 fixtures: []string{"testdata/fixtures/single-bucket.yaml"}, 153 want: []types.Advisory{ 154 { 155 VulnerabilityID: "CVE-2019-10909", 156 PatchedVersions: []string{"4.2.7", "3.4.26"}, 157 VulnerableVersions: []string{">= 4.2.0, < 4.2.7", ">= 3.0.0, < 3.4.26"}, 158 }, 159 { 160 VulnerabilityID: "CVE-2019-18889", 161 PatchedVersions: []string{"4.3.8", "3.4.35"}, 162 VulnerableVersions: []string{">= 4.3.0, < 4.3.8", ">= 3.1.0, < 3.4.35"}, 163 }, 164 }, 165 }, 166 { 167 name: "prefix scan", 168 args: args{ 169 source: "composer::", 170 pkgName: "symfony/symfony", 171 }, 172 fixtures: []string{"testdata/fixtures/multiple-buckets.yaml"}, 173 want: []types.Advisory{ 174 { 175 VulnerabilityID: "CVE-2019-10909", 176 PatchedVersions: []string{"4.2.7"}, 177 VulnerableVersions: []string{">= 4.2.0, < 4.2.7"}, 178 }, 179 { 180 VulnerabilityID: "CVE-2020-5275", 181 VulnerableVersions: []string{">= 4.4.0, < 4.4.7"}, 182 }, 183 }, 184 }, 185 { 186 name: "non-existent bucket", 187 args: args{ 188 source: "non-existent", 189 pkgName: "symfony/symfony", 190 }, 191 fixtures: []string{"testdata/fixtures/single-bucket.yaml"}, 192 }, 193 { 194 name: "non-existent package", 195 args: args{ 196 source: "GitHub Security Advisory Composer", 197 pkgName: "non-existent", 198 }, 199 fixtures: []string{"testdata/fixtures/single-bucket.yaml"}, 200 }, 201 } 202 for _, tt := range tests { 203 t.Run(tt.name, func(t *testing.T) { 204 // Initialize DB 205 dbtest.InitDB(t, tt.fixtures) 206 defer db.Close() 207 208 dbc := db.Config{} 209 got, err := dbc.GetAdvisories(tt.args.source, tt.args.pkgName) 210 211 switch { 212 case tt.wantErr != "": 213 require.NotNil(t, err) 214 assert.Contains(t, err.Error(), tt.wantErr) 215 default: 216 assert.NoError(t, err) 217 } 218 219 // Compare 220 assert.ElementsMatch(t, tt.want, got) 221 }) 222 } 223 }