github.com/wolfi-dev/wolfictl@v0.16.11/pkg/advisory/create_test.go (about) 1 package advisory 2 3 import ( 4 "context" 5 "os" 6 "testing" 7 "time" 8 9 "github.com/google/go-cmp/cmp" 10 "github.com/stretchr/testify/require" 11 v2 "github.com/wolfi-dev/wolfictl/pkg/configs/advisory/v2" 12 "github.com/wolfi-dev/wolfictl/pkg/configs/rwfs/os/memfs" 13 ) 14 15 func TestCreate(t *testing.T) { 16 testTime := v2.Timestamp(time.Date(2022, 9, 26, 0, 0, 0, 0, time.UTC)) 17 brotliExistingEventTime := v2.Timestamp(time.Date(2022, 9, 15, 2, 40, 18, 0, time.UTC)) 18 19 tests := []struct { 20 name string 21 req Request 22 wantErr bool 23 expectedDoc v2.Document 24 }{ 25 { 26 name: "first advisory for package", 27 req: Request{ 28 Package: "crane", 29 VulnerabilityID: "CVE-2023-1234", 30 Event: v2.Event{ 31 Timestamp: testTime, 32 Type: v2.EventTypeDetection, 33 Data: v2.Detection{ 34 Type: v2.DetectionTypeManual, 35 }, 36 }, 37 }, 38 wantErr: false, 39 expectedDoc: v2.Document{ 40 SchemaVersion: v2.SchemaVersion, 41 Package: v2.Package{Name: "crane"}, 42 Advisories: v2.Advisories{ 43 { 44 ID: "CVE-2023-1234", 45 Events: []v2.Event{ 46 { 47 Timestamp: testTime, 48 Type: v2.EventTypeDetection, 49 Data: v2.Detection{ 50 Type: v2.DetectionTypeManual, 51 }, 52 }, 53 }, 54 }, 55 }, 56 }, 57 }, 58 { 59 name: "updating existing advisory", 60 req: Request{ 61 Package: "brotli", 62 VulnerabilityID: "CVE-2020-8927", 63 Event: v2.Event{ 64 Timestamp: testTime, 65 Type: v2.EventTypeDetection, 66 Data: v2.Detection{ 67 Type: v2.DetectionTypeManual, 68 }, 69 }, 70 }, 71 wantErr: true, 72 }, 73 { 74 name: "creating additional advisory for package", 75 req: Request{ 76 Package: "brotli", 77 VulnerabilityID: "CVE-2023-1234", 78 Event: v2.Event{ 79 Timestamp: testTime, 80 Type: v2.EventTypeDetection, 81 Data: v2.Detection{ 82 Type: v2.DetectionTypeManual, 83 }, 84 }, 85 }, 86 wantErr: false, 87 expectedDoc: v2.Document{ 88 SchemaVersion: v2.SchemaVersion, 89 Package: v2.Package{Name: "brotli"}, 90 Advisories: v2.Advisories{ 91 { 92 ID: "CVE-2020-8927", 93 Events: []v2.Event{ 94 { 95 Timestamp: brotliExistingEventTime, 96 Type: v2.EventTypeFixed, 97 Data: v2.Fixed{ 98 FixedVersion: "1.0.9-r0", 99 }, 100 }, 101 }, 102 }, 103 { 104 ID: "CVE-2023-1234", 105 Events: []v2.Event{ 106 { 107 Timestamp: testTime, 108 Type: v2.EventTypeDetection, 109 Data: v2.Detection{ 110 Type: v2.DetectionTypeManual, 111 }, 112 }, 113 }, 114 }, 115 }, 116 }, 117 }, 118 { 119 name: "creating additional advisory for package, sorted before existing advisory", 120 req: Request{ 121 Package: "brotli", 122 VulnerabilityID: "CVE-2000-1234", 123 Event: v2.Event{ 124 Timestamp: testTime, 125 Type: v2.EventTypeDetection, 126 Data: v2.Detection{ 127 Type: v2.DetectionTypeManual, 128 }, 129 }, 130 }, 131 wantErr: false, 132 expectedDoc: v2.Document{ 133 SchemaVersion: v2.SchemaVersion, 134 Package: v2.Package{Name: "brotli"}, 135 Advisories: v2.Advisories{ 136 { 137 ID: "CVE-2000-1234", 138 Events: []v2.Event{ 139 { 140 Timestamp: testTime, 141 Type: v2.EventTypeDetection, 142 Data: v2.Detection{ 143 Type: v2.DetectionTypeManual, 144 }, 145 }, 146 }, 147 }, 148 { 149 ID: "CVE-2020-8927", 150 Events: []v2.Event{ 151 { 152 Timestamp: brotliExistingEventTime, 153 Type: v2.EventTypeFixed, 154 Data: v2.Fixed{ 155 FixedVersion: "1.0.9-r0", 156 }, 157 }, 158 }, 159 }, 160 }, 161 }, 162 }, 163 { 164 name: "no events", 165 req: Request{ 166 Package: "brotli", 167 VulnerabilityID: "CVE-2023-1234", 168 }, 169 wantErr: true, 170 }, 171 { 172 name: "event type doesn't match data type", 173 req: Request{ 174 Package: "brotli", 175 VulnerabilityID: "CVE-2023-1234", 176 Event: v2.Event{ 177 Timestamp: testTime, 178 Type: v2.EventTypeDetection, 179 Data: v2.Fixed{ 180 FixedVersion: "1.0.9-r0", 181 }, 182 }, 183 }, 184 wantErr: true, 185 }, 186 } 187 188 dirFS := os.DirFS("testdata/create/advisories") 189 190 for _, tt := range tests { 191 t.Run(tt.name, func(t *testing.T) { 192 // We want a fresh memfs for each test case. 193 fsys := memfs.New(dirFS) 194 advisoryDocs, err := v2.NewIndex(context.Background(), fsys) 195 require.NoError(t, err) 196 197 err = Create(context.Background(), tt.req, CreateOptions{ 198 AdvisoryDocs: advisoryDocs, 199 }) 200 201 if (err != nil) != tt.wantErr { 202 t.Errorf("Create() error = %v, wantErr %v", err, tt.wantErr) 203 } 204 205 if err == nil { 206 if diff := cmp.Diff(tt.expectedDoc, advisoryDocs.Select().WhereName(tt.req.Package).Configurations()[0]); diff != "" { 207 t.Errorf("Create() mismatch (-want +got):\n%s", diff) 208 } 209 } 210 }) 211 } 212 }