2022-04-27 01:00:20 -05:00
|
|
|
load helpers_cve
|
|
|
|
|
|
|
|
function setup_file() {
|
|
|
|
|
|
|
|
# Verify prerequisites are available
|
|
|
|
if ! verify_prerequisites; then
|
|
|
|
exit 1
|
|
|
|
fi
|
|
|
|
|
|
|
|
# Download test data to folder common for the entire suite, not just this file
|
2023-02-17 16:54:49 -05:00
|
|
|
skopeo --insecure-policy copy --format=oci docker://ghcr.io/project-zot/golang:1.20 oci:${TEST_DATA_DIR}/golang:1.20
|
2022-04-27 01:00:20 -05:00
|
|
|
# Setup zot server
|
|
|
|
local zot_root_dir=${BATS_FILE_TMPDIR}/zot
|
|
|
|
local zot_config_file=${BATS_FILE_TMPDIR}/zot_config.json
|
|
|
|
mkdir -p ${zot_root_dir}
|
|
|
|
cat >${zot_config_file} <<EOF
|
|
|
|
{
|
2023-01-31 12:35:33 -05:00
|
|
|
"distSpecVersion": "1.1.0",
|
2022-04-27 01:00:20 -05:00
|
|
|
"storage": {
|
|
|
|
"rootDirectory": "${zot_root_dir}"
|
|
|
|
},
|
|
|
|
"http": {
|
|
|
|
"address": "0.0.0.0",
|
2022-07-14 10:13:46 -05:00
|
|
|
"port": "8080"
|
2022-04-27 01:00:20 -05:00
|
|
|
},
|
|
|
|
"log": {
|
|
|
|
"level": "debug"
|
|
|
|
},
|
|
|
|
"extensions": {
|
|
|
|
"search": {
|
|
|
|
"enable": true,
|
|
|
|
"cve": {
|
|
|
|
"updateInterval": "24h"
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
EOF
|
|
|
|
setup_zot_file_level ${zot_config_file}
|
|
|
|
wait_zot_reachable "http://127.0.0.1:8080/v2/_catalog"
|
|
|
|
|
|
|
|
# setup zli to add zot registry to configs
|
|
|
|
local registry_name=main
|
|
|
|
local registry_url="http://127.0.0.1:8080/"
|
|
|
|
zli_add_config ${registry_name} ${registry_url}
|
|
|
|
}
|
|
|
|
|
|
|
|
function teardown_file() {
|
|
|
|
local zot_root_dir=${BATS_FILE_TMPDIR}/zot
|
|
|
|
teardown_zot_file_level
|
|
|
|
rm -rf ${zot_root_dir}
|
|
|
|
}
|
|
|
|
|
|
|
|
@test "cve by image name and tag" {
|
|
|
|
run skopeo --insecure-policy copy --dest-tls-verify=false \
|
2023-02-17 16:54:49 -05:00
|
|
|
oci:${TEST_DATA_DIR}/golang:1.20 \
|
|
|
|
docker://127.0.0.1:8080/golang:1.20
|
2022-04-27 01:00:20 -05:00
|
|
|
[ "$status" -eq 0 ]
|
|
|
|
run curl http://127.0.0.1:8080/v2/_catalog
|
|
|
|
[ "$status" -eq 0 ]
|
|
|
|
[ $(echo "${lines[-1]}" | jq '.repositories[]') = '"golang"' ]
|
|
|
|
run curl http://127.0.0.1:8080/v2/golang/tags/list
|
|
|
|
[ "$status" -eq 0 ]
|
2023-02-17 16:54:49 -05:00
|
|
|
[ $(echo "${lines[-1]}" | jq '.tags[]') = '"1.20"' ]
|
|
|
|
run ${ZLI_PATH} cve ${REGISTRY_NAME} -I golang:1.20
|
2022-04-27 01:00:20 -05:00
|
|
|
[ "$status" -eq 0 ]
|
2023-03-23 13:11:29 -05:00
|
|
|
|
|
|
|
found=0
|
|
|
|
for i in "${lines[@]}"
|
|
|
|
do
|
|
|
|
|
2023-06-15 05:22:29 -05:00
|
|
|
if [[ "$i" = *"CVE-2011-4915 LOW fs/proc/base.c in the Linux kernel through 3..."* ]]; then
|
2023-03-23 13:11:29 -05:00
|
|
|
found=1
|
|
|
|
fi
|
|
|
|
done
|
|
|
|
[ "$found" -eq 1 ]
|
2022-04-27 01:00:20 -05:00
|
|
|
}
|