github.com/quay/claircore@v1.5.28/alpine/parser_test.go

github.com/quay/claircore@v1.5.28/alpine/parser_test.go (about)

     1  package alpine
     2  
     3  import (
     4  	"context"
     5  	"fmt"
     6  	"os"
     7  	"sort"
     8  	"testing"
     9  
    10  	"github.com/google/go-cmp/cmp"
    11  	"github.com/quay/zlog"
    12  
    13  	"github.com/quay/claircore"
    14  )
    15  
    16  var dist310 = stableRelease{3, 10}.Distribution()
    17  
    18  var v3_10CommunityTruncatedVulns = []*claircore.Vulnerability{
    19  	{
    20  		Name:               "CVE-2018-20187",
    21  		Links:              "https://www.cve.org/CVERecord?id=CVE-2018-20187",
    22  		Updater:            "alpine-community-v3.10-updater",
    23  		FixedInVersion:     "2.9.0-r0",
    24  		NormalizedSeverity: claircore.Unknown,
    25  		Package: &claircore.Package{
    26  			Name: "botan",
    27  			Kind: claircore.SOURCE,
    28  		},
    29  		Dist: dist310,
    30  	},
    31  	{
    32  		Name:               "CVE-2018-12435",
    33  		Links:              "https://www.cve.org/CVERecord?id=CVE-2018-12435",
    34  		Updater:            "alpine-community-v3.10-updater",
    35  		FixedInVersion:     "2.7.0-r0",
    36  		NormalizedSeverity: claircore.Unknown,
    37  		Package: &claircore.Package{
    38  			Name: "botan",
    39  			Kind: claircore.SOURCE,
    40  		},
    41  		Dist: dist310,
    42  	},
    43  	{
    44  		Name:               "CVE-2018-9860",
    45  		Links:              "https://www.cve.org/CVERecord?id=CVE-2018-9860",
    46  		Updater:            "alpine-community-v3.10-updater",
    47  		FixedInVersion:     "2.6.0-r0",
    48  		NormalizedSeverity: claircore.Unknown,
    49  		Package: &claircore.Package{
    50  			Name: "botan",
    51  			Kind: claircore.SOURCE,
    52  		},
    53  		Dist: dist310,
    54  	},
    55  	{
    56  		Name:               "CVE-2018-9127",
    57  		Links:              "https://www.cve.org/CVERecord?id=CVE-2018-9127",
    58  		Updater:            "alpine-community-v3.10-updater",
    59  		FixedInVersion:     "2.5.0-r0",
    60  		NormalizedSeverity: claircore.Unknown,
    61  		Package: &claircore.Package{
    62  			Name: "botan",
    63  			Kind: claircore.SOURCE,
    64  		},
    65  		Dist: dist310,
    66  	},
    67  	{
    68  		Name:               "CVE-2019-9929",
    69  		Links:              "https://www.cve.org/CVERecord?id=CVE-2019-9929",
    70  		Updater:            "alpine-community-v3.10-updater",
    71  		FixedInVersion:     "3.12.2-r0",
    72  		NormalizedSeverity: claircore.Unknown,
    73  		Package: &claircore.Package{
    74  			Name: "cfengine",
    75  			Kind: claircore.SOURCE,
    76  		},
    77  		Dist: dist310,
    78  	},
    79  	{
    80  		Name:               "CVE-2017-6949",
    81  		Links:              "https://www.cve.org/CVERecord?id=CVE-2017-6949",
    82  		Updater:            "alpine-community-v3.10-updater",
    83  		FixedInVersion:     "4.12.0-r3",
    84  		NormalizedSeverity: claircore.Unknown,
    85  		Package: &claircore.Package{
    86  			Name: "chicken",
    87  			Kind: claircore.SOURCE,
    88  		},
    89  		Dist: dist310,
    90  	},
    91  	{
    92  		Name:               "CVE-2017-9334",
    93  		Links:              "https://www.cve.org/CVERecord?id=CVE-2017-9334",
    94  		Updater:            "alpine-community-v3.10-updater",
    95  		FixedInVersion:     "4.12.0-r2",
    96  		NormalizedSeverity: claircore.Unknown,
    97  		Package: &claircore.Package{
    98  			Name: "chicken",
    99  			Kind: claircore.SOURCE,
   100  		},
   101  		Dist: dist310,
   102  	},
   103  	{
   104  		Name:               "CVE-2016-6830",
   105  		Links:              "https://www.cve.org/CVERecord?id=CVE-2016-6830",
   106  		Updater:            "alpine-community-v3.10-updater",
   107  		FixedInVersion:     "4.11.1-r0",
   108  		NormalizedSeverity: claircore.Unknown,
   109  		Package: &claircore.Package{
   110  			Name: "chicken",
   111  			Kind: claircore.SOURCE,
   112  		},
   113  		Dist: dist310,
   114  	},
   115  	{
   116  		Name:               "CVE-2016-6831",
   117  		Links:              "https://www.cve.org/CVERecord?id=CVE-2016-6831",
   118  		Updater:            "alpine-community-v3.10-updater",
   119  		FixedInVersion:     "4.11.1-r0",
   120  		NormalizedSeverity: claircore.Unknown,
   121  		Package: &claircore.Package{
   122  			Name: "chicken",
   123  			Kind: claircore.SOURCE,
   124  		},
   125  		Dist: dist310,
   126  	},
   127  }
   128  
   129  func TestParser(t *testing.T) {
   130  	t.Parallel()
   131  	ctx := context.Background()
   132  	var table = []struct {
   133  		release  release
   134  		repo     string
   135  		testFile string
   136  		expected []*claircore.Vulnerability
   137  	}{
   138  		{
   139  			release:  stableRelease{3, 10},
   140  			repo:     "community",
   141  			testFile: "fetch/v3.10/community.json",
   142  			expected: v3_10CommunityTruncatedVulns,
   143  		},
   144  	}
   145  
   146  	for _, test := range table {
   147  		t.Run(test.testFile, func(t *testing.T) {
   148  			ctx := zlog.Test(ctx, t)
   149  
   150  			path := fmt.Sprintf("testdata/%s", test.testFile)
   151  			f, err := os.Open(path)
   152  			if err != nil {
   153  				t.Fatalf("failed to open test data: %v", path)
   154  			}
   155  
   156  			u := &updater{release: test.release, repo: test.repo}
   157  			vulns, err := u.Parse(ctx, f)
   158  			if err != nil {
   159  				t.Fatalf("failed to parse: %v", err)
   160  			}
   161  
   162  			sort.SliceStable(vulns,
   163  				func(i, j int) bool { return vulns[i].Name < vulns[j].Name })
   164  			sort.SliceStable(test.expected,
   165  				func(i, j int) bool { return test.expected[i].Name < test.expected[j].Name })
   166  
   167  			if !cmp.Equal(vulns, test.expected) {
   168  				diff := cmp.Diff(vulns, test.expected)
   169  				t.Fatalf("security databases were not equal: \n%v", diff)
   170  			}
   171  		})
   172  	}
   173  }