2022-10-10 07:05:55 -05:00
|
|
|
//go:build search
|
|
|
|
|
// +build search
|
2020-10-14 16:47:20 -05:00
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
package cli //nolint:testpackage
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"bytes"
|
|
|
|
|
"context"
|
|
|
|
|
"fmt"
|
|
|
|
|
"os"
|
|
|
|
|
"path"
|
|
|
|
|
"regexp"
|
|
|
|
|
"strings"
|
|
|
|
|
"testing"
|
|
|
|
|
"time"
|
|
|
|
|
|
|
|
|
|
. "github.com/smartystreets/goconvey/convey"
|
2022-01-19 10:57:10 -05:00
|
|
|
"github.com/spf13/cobra"
|
2021-11-10 09:31:03 -05:00
|
|
|
"gopkg.in/resty.v1"
|
2021-12-03 22:50:58 -05:00
|
|
|
zotErrors "zotregistry.io/zot/errors"
|
|
|
|
|
"zotregistry.io/zot/pkg/api"
|
|
|
|
|
"zotregistry.io/zot/pkg/api/config"
|
2022-02-24 15:31:36 -05:00
|
|
|
"zotregistry.io/zot/pkg/api/constants"
|
2021-12-03 22:50:58 -05:00
|
|
|
extconf "zotregistry.io/zot/pkg/extensions/config"
|
2022-01-19 14:54:17 -05:00
|
|
|
"zotregistry.io/zot/pkg/test"
|
2020-07-06 17:44:32 -05:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
func TestSearchCVECmd(t *testing.T) {
|
|
|
|
|
Convey("Test CVE help", t, func() {
|
|
|
|
|
args := []string{"--help"}
|
|
|
|
|
configPath := makeConfigFile("")
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cmd := NewCveCommand(new(mockService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cmd.SetArgs(args)
|
|
|
|
|
err := cmd.Execute()
|
|
|
|
|
So(buff.String(), ShouldContainSubstring, "Usage")
|
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
Convey("with the shorthand", func() {
|
|
|
|
|
args[0] = "-h"
|
|
|
|
|
configPath := makeConfigFile("")
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cmd := NewCveCommand(new(mockService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cmd.SetArgs(args)
|
|
|
|
|
err := cmd.Execute()
|
|
|
|
|
So(buff.String(), ShouldContainSubstring, "Usage")
|
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
})
|
|
|
|
|
})
|
2022-01-19 10:57:10 -05:00
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
Convey("Test CVE no url", t, func() {
|
|
|
|
|
args := []string{"cvetest", "-i", "cveIdRandom"}
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cmd := NewCveCommand(new(mockService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cmd.SetArgs(args)
|
|
|
|
|
err := cmd.Execute()
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
So(err, ShouldEqual, zotErrors.ErrNoURLProvided)
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("Test CVE no params", t, func() {
|
|
|
|
|
args := []string{"cvetest", "--url", "someUrl"}
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cmd := NewCveCommand(new(mockService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cmd.SetArgs(args)
|
|
|
|
|
err := cmd.Execute()
|
|
|
|
|
So(err, ShouldEqual, zotErrors.ErrInvalidFlagsCombination)
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("Test CVE invalid url", t, func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "dummyImageName:tag", "--url", "invalidUrl"}
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cmd.SetOut(buff)
|
|
|
|
|
cmd.SetErr(buff)
|
|
|
|
|
cmd.SetArgs(args)
|
|
|
|
|
err := cmd.Execute()
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
So(err, ShouldEqual, zotErrors.ErrInvalidURL)
|
|
|
|
|
So(buff.String(), ShouldContainSubstring, "invalid URL format")
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("Test CVE invalid url port", t, func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "dummyImageName:tag", "--url", "http://localhost:99999"}
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cmd.SetOut(buff)
|
|
|
|
|
cmd.SetErr(buff)
|
|
|
|
|
cmd.SetArgs(args)
|
|
|
|
|
err := cmd.Execute()
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
So(buff.String(), ShouldContainSubstring, "invalid port")
|
|
|
|
|
|
|
|
|
|
Convey("without flags", func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "dummyImageName:tag", "--url", "http://localhost:99999"}
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cmd.SetOut(buff)
|
|
|
|
|
cmd.SetErr(buff)
|
|
|
|
|
cmd.SetArgs(args)
|
|
|
|
|
err = cmd.Execute()
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
So(buff.String(), ShouldContainSubstring, "invalid port")
|
|
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("Test CVE unreachable", t, func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "dummyImageName:tag", "--url", "http://localhost:9999"}
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cmd.SetOut(buff)
|
|
|
|
|
cmd.SetErr(buff)
|
|
|
|
|
cmd.SetArgs(args)
|
|
|
|
|
err := cmd.Execute()
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("Test CVE url from config", t, func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "dummyImageName:tag"}
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","url":"https://test-url.com","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cmd := NewCveCommand(new(mockService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cmd.SetArgs(args)
|
|
|
|
|
err := cmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
So(strings.TrimSpace(str), ShouldEqual, "ID SEVERITY TITLE dummyCVEID HIGH Title of that CVE")
|
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
})
|
|
|
|
|
|
2022-09-23 11:24:01 -05:00
|
|
|
Convey("Test debug flag", t, func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "dummyImageName:tag", "--debug"}
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","url":"https://test-url.com","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cmd.SetOut(buff)
|
|
|
|
|
cmd.SetErr(buff)
|
|
|
|
|
cmd.SetArgs(args)
|
|
|
|
|
err := cmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
So(strings.TrimSpace(str), ShouldContainSubstring, "GET")
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
})
|
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
Convey("Test CVE by name and CVE ID", t, func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "dummyImageName", "--cve-id", "aCVEID", "--url", "someURL"}
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(mockService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cveCmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
2022-01-19 10:57:10 -05:00
|
|
|
So(err, ShouldBeNil)
|
2020-07-06 17:44:32 -05:00
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
So(strings.TrimSpace(str), ShouldEqual, "IMAGE NAME TAG DIGEST SIZE dummyImageName tag DigestsA 123kB")
|
|
|
|
|
Convey("using shorthand", func() {
|
|
|
|
|
args := []string{"cvetest", "-I", "dummyImageName", "--cve-id", "aCVEID", "--url", "someURL"}
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(mockService))
|
|
|
|
|
cveCmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cveCmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
2022-01-19 10:57:10 -05:00
|
|
|
So(err, ShouldBeNil)
|
2020-07-06 17:44:32 -05:00
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
So(strings.TrimSpace(str), ShouldEqual, "IMAGE NAME TAG DIGEST SIZE dummyImageName tag DigestsA 123kB")
|
|
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("Test CVE by image name", t, func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "dummyImageName:tag", "--url", "someURL"}
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(mockService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cveCmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
So(strings.TrimSpace(str), ShouldEqual, "ID SEVERITY TITLE dummyCVEID HIGH Title of that CVE")
|
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
|
|
|
|
|
Convey("in json format", func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "dummyImageName:tag", "--url", "someURL", "-o", "json"}
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(mockService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cveCmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
So(strings.TrimSpace(str), ShouldEqual, `{ "Tag": "dummyImageName:tag", "CVEList": `+
|
|
|
|
|
`[ { "Id": "dummyCVEID", "Severity": "HIGH", "Title": "Title of that CVE", `+
|
|
|
|
|
`"Description": "Description of the CVE", "PackageList": [ { "Name": "packagename",`+
|
|
|
|
|
` "InstalledVersion": "installedver", "FixedVersion": "fixedver" } ] } ] }`)
|
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("in yaml format", func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "dummyImageName:tag", "--url", "someURL", "-o", "yaml"}
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(mockService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cveCmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
So(strings.TrimSpace(str), ShouldEqual, `tag: dummyImageName:tag cvelist: - id: dummyCVEID`+
|
|
|
|
|
` severity: HIGH title: Title of that CVE description: Description of the CVE packagelist: `+
|
|
|
|
|
`- name: packagename installedversion: installedver fixedversion: fixedver`)
|
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
})
|
|
|
|
|
Convey("invalid format", func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "dummyImageName:tag", "--url", "someURL", "-o", "random"}
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(mockService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cveCmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
So(strings.TrimSpace(str), ShouldEqual, "Error: invalid output format")
|
|
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("Test images by CVE ID", t, func() {
|
|
|
|
|
args := []string{"cvetest", "--cve-id", "aCVEID", "--url", "someURL"}
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(mockService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cveCmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
So(strings.TrimSpace(str), ShouldEqual, "IMAGE NAME TAG DIGEST SIZE anImage tag DigestsA 123kB")
|
|
|
|
|
So(err, ShouldBeNil)
|
2022-01-19 10:57:10 -05:00
|
|
|
|
|
|
|
|
Convey("invalid CVE ID", func() {
|
|
|
|
|
args := []string{"cvetest", "--cve-id", "invalidCVEID"}
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(mockService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("invalid url", func() {
|
|
|
|
|
args := []string{"cvetest", "--cve-id", "aCVEID", "--url", "invalidURL"}
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(NewSearchService())
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
So(err, ShouldEqual, zotErrors.ErrInvalidURL)
|
|
|
|
|
So(buff.String(), ShouldContainSubstring, "invalid URL format")
|
|
|
|
|
})
|
2020-07-06 17:44:32 -05:00
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("Test fixed tags by and image name CVE ID", t, func() {
|
|
|
|
|
args := []string{"cvetest", "--cve-id", "aCVEID", "--image", "fixedImage", "--url", "someURL", "--fixed"}
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(mockService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cveCmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
So(strings.TrimSpace(str), ShouldEqual, "IMAGE NAME TAG DIGEST SIZE fixedImage tag DigestsA 123kB")
|
2022-01-19 10:57:10 -05:00
|
|
|
|
|
|
|
|
Convey("invalid image name", func() {
|
|
|
|
|
args := []string{"cvetest", "--cve-id", "aCVEID", "--image", "invalidImageName"}
|
|
|
|
|
configPath := makeConfigFile(`{"configs":[{"_name":"cvetest","showspinner":false}]}`)
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(NewSearchService())
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
})
|
2020-07-06 17:44:32 -05:00
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
2022-10-05 05:21:14 -05:00
|
|
|
//nolint:dupl // GQL
|
2022-01-19 10:57:10 -05:00
|
|
|
func TestServerCVEResponseGQL(t *testing.T) {
|
2022-01-19 14:54:17 -05:00
|
|
|
port := test.GetFreePort()
|
|
|
|
|
url := test.GetBaseURL(port)
|
2021-06-08 15:11:18 -05:00
|
|
|
conf := config.New()
|
|
|
|
|
conf.HTTP.Port = port
|
2020-07-06 17:44:32 -05:00
|
|
|
|
2022-03-07 03:55:12 -05:00
|
|
|
dir := t.TempDir()
|
2020-07-06 17:44:32 -05:00
|
|
|
|
2022-03-07 03:55:12 -05:00
|
|
|
err := test.CopyFiles("../../test/data/zot-cve-test", path.Join(dir, "zot-cve-test"))
|
2020-07-06 17:44:32 -05:00
|
|
|
if err != nil {
|
|
|
|
|
panic(err)
|
|
|
|
|
}
|
|
|
|
|
|
2021-12-28 08:29:30 -05:00
|
|
|
conf.Storage.RootDirectory = dir
|
2021-06-08 15:11:18 -05:00
|
|
|
cveConfig := &extconf.CVEConfig{
|
2020-07-06 17:44:32 -05:00
|
|
|
UpdateInterval: 2,
|
|
|
|
|
}
|
2021-12-28 08:29:30 -05:00
|
|
|
defaultVal := true
|
2021-06-08 15:11:18 -05:00
|
|
|
searchConfig := &extconf.SearchConfig{
|
2021-06-08 13:37:31 -05:00
|
|
|
CVE: cveConfig,
|
2021-12-28 08:29:30 -05:00
|
|
|
Enable: &defaultVal,
|
2020-07-06 17:44:32 -05:00
|
|
|
}
|
2021-12-28 08:29:30 -05:00
|
|
|
conf.Extensions = &extconf.ExtensionConfig{
|
2020-07-06 17:44:32 -05:00
|
|
|
Search: searchConfig,
|
|
|
|
|
}
|
|
|
|
|
|
2021-12-28 08:29:30 -05:00
|
|
|
ctlr := api.NewController(conf)
|
|
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
go func(controller *api.Controller) {
|
|
|
|
|
// this blocks
|
2022-03-24 07:49:51 -05:00
|
|
|
if err := controller.Run(context.Background()); err != nil {
|
2020-07-06 17:44:32 -05:00
|
|
|
return
|
|
|
|
|
}
|
2021-12-13 14:23:31 -05:00
|
|
|
}(ctlr)
|
2020-07-06 17:44:32 -05:00
|
|
|
// wait till ready
|
|
|
|
|
for {
|
2022-10-18 22:46:06 -05:00
|
|
|
res, err := resty.R().Get(url + constants.FullSearchPrefix)
|
2022-07-15 06:10:51 -05:00
|
|
|
if err == nil && res.StatusCode() == 422 {
|
2020-07-06 17:44:32 -05:00
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
time.Sleep(100 * time.Millisecond)
|
|
|
|
|
}
|
2021-11-22 03:12:01 -05:00
|
|
|
time.Sleep(90 * time.Second)
|
2020-07-06 17:44:32 -05:00
|
|
|
|
|
|
|
|
defer func(controller *api.Controller) {
|
|
|
|
|
ctx := context.Background()
|
|
|
|
|
_ = controller.Server.Shutdown(ctx)
|
2021-12-13 14:23:31 -05:00
|
|
|
}(ctlr)
|
2020-07-06 17:44:32 -05:00
|
|
|
|
|
|
|
|
Convey("Test CVE by image name", t, func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "zot-cve-test:0.0.1"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cveCmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err = cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
str = strings.TrimSpace(str)
|
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
So(str, ShouldContainSubstring, "ID SEVERITY TITLE")
|
|
|
|
|
So(str, ShouldContainSubstring, "CVE")
|
2022-01-19 10:57:10 -05:00
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
Convey("invalid image", func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "invalid:0.0.1"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cveCmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err = cveCmd.Execute()
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
})
|
2022-01-19 10:57:10 -05:00
|
|
|
|
|
|
|
|
Convey("invalid image name and tag", func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "invalid:"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err = cveCmd.Execute()
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("invalid output format", func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "zot-cve-test:0.0.1", "-o", "random"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err = cveCmd.Execute()
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
So(buff.String(), ShouldContainSubstring, "invalid output format")
|
|
|
|
|
})
|
2020-07-06 17:44:32 -05:00
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("Test images by CVE ID", t, func() {
|
2020-12-21 16:43:33 -05:00
|
|
|
args := []string{"cvetest", "--cve-id", "CVE-2019-9923"}
|
2020-07-06 17:44:32 -05:00
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cveCmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
str = strings.TrimSpace(str)
|
|
|
|
|
So(err, ShouldBeNil)
|
2020-12-21 16:43:33 -05:00
|
|
|
So(str, ShouldEqual, "IMAGE NAME TAG DIGEST SIZE zot-cve-test 0.0.1 63a795ca 75MB")
|
2022-01-19 10:57:10 -05:00
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
Convey("invalid CVE ID", func() {
|
|
|
|
|
args := []string{"cvetest", "--cve-id", "invalid"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cveCmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
str = strings.TrimSpace(str)
|
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
So(str, ShouldNotContainSubstring, "IMAGE NAME TAG DIGEST SIZE")
|
|
|
|
|
})
|
2022-01-19 10:57:10 -05:00
|
|
|
|
|
|
|
|
Convey("invalid output format", func() {
|
|
|
|
|
args := []string{"cvetest", "--cve-id", "CVE-2019-9923", "-o", "random"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err = cveCmd.Execute()
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
So(buff.String(), ShouldContainSubstring, "invalid output format")
|
|
|
|
|
})
|
2020-07-06 17:44:32 -05:00
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("Test fixed tags by and image name CVE ID", t, func() {
|
2020-12-21 16:43:33 -05:00
|
|
|
args := []string{"cvetest", "--cve-id", "CVE-2019-9923", "--image", "zot-cve-test", "--fixed"}
|
2020-07-06 17:44:32 -05:00
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cveCmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
str = strings.TrimSpace(str)
|
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
So(str, ShouldEqual, "")
|
2022-01-19 10:57:10 -05:00
|
|
|
|
2020-07-06 17:44:32 -05:00
|
|
|
Convey("random cve", func() {
|
|
|
|
|
args := []string{"cvetest", "--cve-id", "random", "--image", "zot-cve-test", "--fixed"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cveCmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
str = strings.TrimSpace(str)
|
|
|
|
|
So(err, ShouldBeNil)
|
2020-09-04 15:16:15 -05:00
|
|
|
So(strings.TrimSpace(str), ShouldContainSubstring, "IMAGE NAME TAG DIGEST SIZE")
|
2020-07-06 17:44:32 -05:00
|
|
|
})
|
2020-09-04 17:02:10 -05:00
|
|
|
|
2022-01-19 10:57:10 -05:00
|
|
|
Convey("random image", func() {
|
2020-09-04 17:02:10 -05:00
|
|
|
args := []string{"cvetest", "--cve-id", "CVE-2019-20807", "--image", "zot-cv-test", "--fixed"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cveCmd.SetErr(buff)
|
2020-09-04 17:02:10 -05:00
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
str = strings.TrimSpace(str)
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
So(strings.TrimSpace(str), ShouldNotContainSubstring, "IMAGE NAME TAG DIGEST SIZE")
|
|
|
|
|
})
|
2022-01-19 10:57:10 -05:00
|
|
|
|
|
|
|
|
Convey("invalid image", func() {
|
|
|
|
|
args := []string{"cvetest", "--cve-id", "CVE-2019-20807", "--image", "zot-cv-test:tag", "--fixed"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
str = strings.TrimSpace(str)
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
So(strings.TrimSpace(str), ShouldNotContainSubstring, "IMAGE NAME TAG DIGEST SIZE")
|
|
|
|
|
})
|
2020-07-06 17:44:32 -05:00
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("Test CVE by name and CVE ID", t, func() {
|
2020-12-21 16:43:33 -05:00
|
|
|
args := []string{"cvetest", "--image", "zot-cve-test", "--cve-id", "CVE-2019-9923"}
|
2020-07-06 17:44:32 -05:00
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cveCmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
So(err, ShouldBeNil)
|
2020-12-21 16:43:33 -05:00
|
|
|
So(strings.TrimSpace(str), ShouldEqual, "IMAGE NAME TAG DIGEST SIZE zot-cve-test 0.0.1 63a795ca 75MB")
|
2022-01-19 10:57:10 -05:00
|
|
|
|
|
|
|
|
Convey("invalid name and CVE ID", func() {
|
2020-07-06 17:44:32 -05:00
|
|
|
args := []string{"cvetest", "--image", "test", "--cve-id", "CVE-20807"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
2021-05-21 15:47:28 -05:00
|
|
|
cveCmd.SetErr(buff)
|
2020-07-06 17:44:32 -05:00
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
So(strings.TrimSpace(str), ShouldNotContainSubstring, "IMAGE NAME TAG DIGEST SIZE")
|
|
|
|
|
})
|
2022-01-19 10:57:10 -05:00
|
|
|
|
|
|
|
|
Convey("invalid output format", func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "zot-cve-test", "--cve-id", "CVE-2019-9923", "-o", "random"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err = cveCmd.Execute()
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
So(buff.String(), ShouldContainSubstring, "invalid output format")
|
|
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func TestNegativeServerResponse(t *testing.T) {
|
|
|
|
|
Convey("Test from real server without search endpoint", t, func() {
|
|
|
|
|
port := test.GetFreePort()
|
|
|
|
|
url := test.GetBaseURL(port)
|
|
|
|
|
conf := config.New()
|
|
|
|
|
conf.HTTP.Port = port
|
|
|
|
|
|
|
|
|
|
dir := t.TempDir()
|
|
|
|
|
|
|
|
|
|
err := test.CopyFiles("../../test/data/zot-cve-test", path.Join(dir, "zot-cve-test"))
|
|
|
|
|
if err != nil {
|
|
|
|
|
panic(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
conf.Storage.RootDirectory = dir
|
|
|
|
|
cveConfig := &extconf.CVEConfig{
|
|
|
|
|
UpdateInterval: 2,
|
|
|
|
|
}
|
|
|
|
|
defaultVal := false
|
|
|
|
|
searchConfig := &extconf.SearchConfig{
|
|
|
|
|
CVE: cveConfig,
|
|
|
|
|
Enable: &defaultVal,
|
|
|
|
|
}
|
|
|
|
|
conf.Extensions = &extconf.ExtensionConfig{
|
|
|
|
|
Search: searchConfig,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ctlr := api.NewController(conf)
|
|
|
|
|
|
|
|
|
|
go func(controller *api.Controller) {
|
|
|
|
|
// this blocks
|
|
|
|
|
if err := controller.Run(context.Background()); err != nil {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}(ctlr)
|
|
|
|
|
// wait till ready
|
|
|
|
|
for {
|
|
|
|
|
res, err := resty.R().Get(url)
|
|
|
|
|
if err == nil && res.StatusCode() == 404 {
|
|
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
time.Sleep(100 * time.Millisecond)
|
|
|
|
|
}
|
|
|
|
|
time.Sleep(90 * time.Second)
|
|
|
|
|
|
|
|
|
|
defer func(controller *api.Controller) {
|
|
|
|
|
ctx := context.Background()
|
|
|
|
|
_ = controller.Server.Shutdown(ctx)
|
|
|
|
|
}(ctlr)
|
|
|
|
|
|
|
|
|
|
Convey("Status Code Not Found", func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "zot-cve-test:0.0.1"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err = cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
str = strings.TrimSpace(str)
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
So(str, ShouldContainSubstring, "404 page not found")
|
|
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("Test non-existing manifest blob", t, func() {
|
|
|
|
|
port := test.GetFreePort()
|
|
|
|
|
url := test.GetBaseURL(port)
|
|
|
|
|
conf := config.New()
|
|
|
|
|
conf.HTTP.Port = port
|
|
|
|
|
|
|
|
|
|
dir := t.TempDir()
|
|
|
|
|
|
|
|
|
|
err := test.CopyFiles("../../test/data/zot-cve-test", path.Join(dir, "zot-cve-test"))
|
|
|
|
|
if err != nil {
|
|
|
|
|
panic(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = os.RemoveAll(path.Join(dir, "zot-cve-test/blobs"))
|
|
|
|
|
if err != nil {
|
|
|
|
|
panic(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
conf.Storage.RootDirectory = dir
|
|
|
|
|
cveConfig := &extconf.CVEConfig{
|
|
|
|
|
UpdateInterval: 2,
|
|
|
|
|
}
|
|
|
|
|
defaultVal := true
|
|
|
|
|
searchConfig := &extconf.SearchConfig{
|
|
|
|
|
CVE: cveConfig,
|
|
|
|
|
Enable: &defaultVal,
|
|
|
|
|
}
|
|
|
|
|
conf.Extensions = &extconf.ExtensionConfig{
|
|
|
|
|
Search: searchConfig,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ctlr := api.NewController(conf)
|
|
|
|
|
|
|
|
|
|
go func(controller *api.Controller) {
|
|
|
|
|
// this blocks
|
|
|
|
|
if err := controller.Run(context.Background()); err != nil {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}(ctlr)
|
|
|
|
|
// wait till ready
|
|
|
|
|
for {
|
|
|
|
|
res, err := resty.R().Get(url)
|
|
|
|
|
if err == nil && res.StatusCode() == 404 {
|
|
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
time.Sleep(100 * time.Millisecond)
|
|
|
|
|
}
|
|
|
|
|
time.Sleep(90 * time.Second)
|
|
|
|
|
|
|
|
|
|
defer func(controller *api.Controller) {
|
|
|
|
|
ctx := context.Background()
|
|
|
|
|
_ = controller.Server.Shutdown(ctx)
|
|
|
|
|
}(ctlr)
|
|
|
|
|
|
|
|
|
|
args := []string{"cvetest", "--cve-id", "CVE-2019-9923", "--image", "zot-cve-test", "--fixed"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := NewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err = cveCmd.Execute()
|
|
|
|
|
So(err, ShouldNotBeNil)
|
2020-07-06 17:44:32 -05:00
|
|
|
})
|
|
|
|
|
}
|
2022-01-19 10:57:10 -05:00
|
|
|
|
2022-10-05 05:21:14 -05:00
|
|
|
//nolint:dupl
|
2022-01-19 10:57:10 -05:00
|
|
|
func TestServerCVEResponse(t *testing.T) {
|
|
|
|
|
port := test.GetFreePort()
|
|
|
|
|
url := test.GetBaseURL(port)
|
|
|
|
|
conf := config.New()
|
|
|
|
|
conf.HTTP.Port = port
|
|
|
|
|
|
|
|
|
|
dir := t.TempDir()
|
|
|
|
|
|
|
|
|
|
err := test.CopyFiles("../../test/data/zot-cve-test", path.Join(dir, "zot-cve-test"))
|
|
|
|
|
if err != nil {
|
|
|
|
|
panic(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
conf.Storage.RootDirectory = dir
|
|
|
|
|
cveConfig := &extconf.CVEConfig{
|
|
|
|
|
UpdateInterval: 2,
|
|
|
|
|
}
|
|
|
|
|
defaultVal := true
|
|
|
|
|
searchConfig := &extconf.SearchConfig{
|
|
|
|
|
CVE: cveConfig,
|
|
|
|
|
Enable: &defaultVal,
|
|
|
|
|
}
|
|
|
|
|
conf.Extensions = &extconf.ExtensionConfig{
|
|
|
|
|
Search: searchConfig,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
ctlr := api.NewController(conf)
|
|
|
|
|
|
|
|
|
|
go func(controller *api.Controller) {
|
|
|
|
|
// this blocks
|
|
|
|
|
if err := controller.Run(context.Background()); err != nil {
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
}(ctlr)
|
|
|
|
|
// wait till ready
|
|
|
|
|
for {
|
2022-10-18 22:46:06 -05:00
|
|
|
res, err := resty.R().Get(url + constants.FullSearchPrefix)
|
2022-01-19 10:57:10 -05:00
|
|
|
if err == nil && res.StatusCode() == 422 {
|
|
|
|
|
break
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
time.Sleep(100 * time.Millisecond)
|
|
|
|
|
}
|
|
|
|
|
time.Sleep(90 * time.Second)
|
|
|
|
|
|
|
|
|
|
defer func(controller *api.Controller) {
|
|
|
|
|
ctx := context.Background()
|
|
|
|
|
_ = controller.Server.Shutdown(ctx)
|
|
|
|
|
}(ctlr)
|
|
|
|
|
|
|
|
|
|
Convey("Test CVE by image name", t, func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "zot-cve-test:0.0.1"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := MockNewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err = cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
str = strings.TrimSpace(str)
|
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
So(str, ShouldContainSubstring, "ID SEVERITY TITLE")
|
|
|
|
|
So(str, ShouldContainSubstring, "CVE")
|
|
|
|
|
Convey("invalid image", func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "invalid:0.0.1"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := MockNewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err = cveCmd.Execute()
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("Test images by CVE ID", t, func() {
|
|
|
|
|
args := []string{"cvetest", "--cve-id", "CVE-2019-9923"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := MockNewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
str = strings.TrimSpace(str)
|
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
So(str, ShouldEqual, "IMAGE NAME TAG DIGEST SIZE zot-cve-test 0.0.1 63a795ca 75MB")
|
|
|
|
|
Convey("invalid CVE ID", func() {
|
|
|
|
|
args := []string{"cvetest", "--cve-id", "invalid"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := MockNewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
str = strings.TrimSpace(str)
|
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
So(str, ShouldNotContainSubstring, "IMAGE NAME TAG DIGEST SIZE")
|
|
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("Test fixed tags by and image name CVE ID", t, func() {
|
|
|
|
|
args := []string{"cvetest", "--cve-id", "CVE-2019-9923", "--image", "zot-cve-test", "--fixed"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := MockNewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
str = strings.TrimSpace(str)
|
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
So(str, ShouldEqual, "")
|
|
|
|
|
Convey("random cve", func() {
|
|
|
|
|
args := []string{"cvetest", "--cve-id", "random", "--image", "zot-cve-test", "--fixed"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := MockNewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
str = strings.TrimSpace(str)
|
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
So(strings.TrimSpace(str), ShouldContainSubstring, "IMAGE NAME TAG DIGEST SIZE")
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("invalid image", func() {
|
|
|
|
|
args := []string{"cvetest", "--cve-id", "CVE-2019-20807", "--image", "zot-cv-test", "--fixed"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := MockNewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
str = strings.TrimSpace(str)
|
|
|
|
|
So(err, ShouldNotBeNil)
|
|
|
|
|
So(strings.TrimSpace(str), ShouldNotContainSubstring, "IMAGE NAME TAG DIGEST SIZE")
|
|
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
Convey("Test CVE by name and CVE ID", t, func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "zot-cve-test", "--cve-id", "CVE-2019-9923"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := MockNewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
So(strings.TrimSpace(str), ShouldEqual, "IMAGE NAME TAG DIGEST SIZE zot-cve-test 0.0.1 63a795ca 75MB")
|
|
|
|
|
Convey("invalid name and CVE ID", func() {
|
|
|
|
|
args := []string{"cvetest", "--image", "test", "--cve-id", "CVE-20807"}
|
|
|
|
|
configPath := makeConfigFile(fmt.Sprintf(`{"configs":[{"_name":"cvetest","url":"%s","showspinner":false}]}`, url))
|
|
|
|
|
defer os.Remove(configPath)
|
|
|
|
|
cveCmd := MockNewCveCommand(new(searchService))
|
|
|
|
|
buff := bytes.NewBufferString("")
|
|
|
|
|
cveCmd.SetOut(buff)
|
|
|
|
|
cveCmd.SetErr(buff)
|
|
|
|
|
cveCmd.SetArgs(args)
|
|
|
|
|
err := cveCmd.Execute()
|
|
|
|
|
space := regexp.MustCompile(`\s+`)
|
|
|
|
|
str := space.ReplaceAllString(buff.String(), " ")
|
|
|
|
|
So(err, ShouldBeNil)
|
|
|
|
|
So(strings.TrimSpace(str), ShouldNotContainSubstring, "IMAGE NAME TAG DIGEST SIZE")
|
|
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func MockNewCveCommand(searchService SearchService) *cobra.Command {
|
|
|
|
|
searchCveParams := make(map[string]*string)
|
|
|
|
|
|
|
|
|
|
var servURL, user, outputFormat string
|
|
|
|
|
|
2022-09-23 11:24:01 -05:00
|
|
|
var verifyTLS, fixedFlag, verbose, debug bool
|
2022-01-19 10:57:10 -05:00
|
|
|
|
|
|
|
|
cveCmd := &cobra.Command{
|
|
|
|
|
RunE: func(cmd *cobra.Command, args []string) error {
|
|
|
|
|
home, err := os.UserHomeDir()
|
|
|
|
|
if err != nil {
|
|
|
|
|
panic(err)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
configPath := path.Join(home + "/.zot")
|
|
|
|
|
if len(args) > 0 {
|
|
|
|
|
urlFromConfig, err := getConfigValue(configPath, args[0], "url")
|
|
|
|
|
if err != nil {
|
|
|
|
|
cmd.SilenceUsage = true
|
|
|
|
|
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if urlFromConfig == "" {
|
|
|
|
|
return zotErrors.ErrNoURLProvided
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
servURL = urlFromConfig
|
|
|
|
|
} else {
|
|
|
|
|
return zotErrors.ErrNoURLProvided
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if len(args) > 0 {
|
|
|
|
|
var err error
|
|
|
|
|
|
|
|
|
|
verifyTLS, err = parseBooleanConfig(configPath, args[0], verifyTLSConfig)
|
|
|
|
|
if err != nil {
|
|
|
|
|
cmd.SilenceUsage = true
|
|
|
|
|
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
verbose = false
|
2022-09-23 11:24:01 -05:00
|
|
|
debug = false
|
2022-01-19 10:57:10 -05:00
|
|
|
|
|
|
|
|
searchConfig := searchConfig{
|
|
|
|
|
params: searchCveParams,
|
|
|
|
|
searchService: searchService,
|
|
|
|
|
servURL: &servURL,
|
|
|
|
|
user: &user,
|
|
|
|
|
outputFormat: &outputFormat,
|
|
|
|
|
fixedFlag: &fixedFlag,
|
|
|
|
|
verifyTLS: &verifyTLS,
|
|
|
|
|
verbose: &verbose,
|
2022-09-23 11:24:01 -05:00
|
|
|
debug: &debug,
|
2022-01-19 10:57:10 -05:00
|
|
|
resultWriter: cmd.OutOrStdout(),
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err = MockSearchCve(searchConfig)
|
|
|
|
|
|
|
|
|
|
if err != nil {
|
|
|
|
|
cmd.SilenceUsage = true
|
|
|
|
|
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
vars := cveFlagVariables{
|
|
|
|
|
searchCveParams: searchCveParams,
|
|
|
|
|
servURL: &servURL,
|
|
|
|
|
user: &user,
|
|
|
|
|
outputFormat: &outputFormat,
|
|
|
|
|
fixedFlag: &fixedFlag,
|
2022-09-23 11:24:01 -05:00
|
|
|
debug: &debug,
|
2022-01-19 10:57:10 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
setupCveFlags(cveCmd, vars)
|
|
|
|
|
|
|
|
|
|
return cveCmd
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func MockSearchCve(searchConfig searchConfig) error {
|
|
|
|
|
searchers := getCveSearchers()
|
|
|
|
|
|
|
|
|
|
for _, searcher := range searchers {
|
|
|
|
|
found, err := searcher.search(searchConfig)
|
|
|
|
|
if found {
|
|
|
|
|
if err != nil {
|
|
|
|
|
return err
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return zotErrors.ErrInvalidFlagsCombination
|
|
|
|
|
}
|
