Skip to content

Modify a validation for trivy options #36

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 4 commits into from
Dec 6, 2019
Merged

Modify a validation for trivy options #36

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
4 commits
Select commit Hold shift + click to select a range
8bbdc84
[trivy] Modify a method to validate trivy option
homoluctus Nov 27, 2019
4705edc
[tests] Add validation methods unit test
homoluctus Nov 27, 2019
4a23816
[trivy.ts] Refactoring
homoluctus Nov 30, 2019
e8c23ae
[readme] Fix a little
homoluctus Dec 6, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions README.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ name: Vulnerability Scan

on:
schedule:
- cron: '00 9 * * *'
- cron: '0 9 * * *'

jobs:
scan:
Expand All @@ -51,7 +51,7 @@ jobs:
- name: Pull docker image
run: docker pull sample

- uses: homoluctus/gitrivy@v0.0.1
- uses: homoluctus/gitrivy@v1.0.0
with:
token: ${{ secrets.GITHUB_TOKEN }}
image: sample
Expand Down
107 changes: 88 additions & 19 deletions __tests__/trivy.test.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,7 @@ import { unlinkSync, writeFileSync } from 'fs';
import { Vulnerability, TrivyOption } from '../src/interface';

const downloader = new Downloader();
const trivy = new Trivy();

function removeTrivyCmd(path: string) {
path = path.replace(/\/trivy$/, '');
Expand Down Expand Up @@ -54,7 +55,7 @@ describe('getDownloadUrl', () => {
await expect(
downloader['getDownloadUrl'](version, os)
).rejects.toThrowError(
'The Trivy version that you specified does not exist.'
'Cloud not be found a Trivy asset that you specified.'
);
});

Expand All @@ -64,7 +65,7 @@ describe('getDownloadUrl', () => {
await expect(
downloader['getDownloadUrl'](version, os)
).rejects.toThrowError(
'Cloud not be found Trivy asset that You specified.'
'Cloud not be found a Trivy asset that you specified.'
);
});
});
Expand Down Expand Up @@ -109,7 +110,7 @@ describe('Trivy command', () => {
});
});

describe('Scan', () => {
describe('Trivy scan', () => {
let trivyPath: string;
const image: string = 'alpine:3.10';

Expand All @@ -123,49 +124,49 @@ describe('Scan', () => {
removeTrivyCmd(trivyPath);
});

test('with valid options', () => {
const options: TrivyOption = {
test('with valid option', () => {
const option: TrivyOption = {
severity: 'HIGH,CRITICAL',
vulnType: 'os,library',
ignoreUnfixed: true,
format: 'json',
};
const result: Vulnerability[] | string = Trivy.scan(
const result: Vulnerability[] | string = trivy.scan(
trivyPath,
image,
options
option
);
expect(result.length).toBeGreaterThanOrEqual(1);
expect(result).toBeInstanceOf(Object);
});

test('without ignoreUnfixed', () => {
const options: TrivyOption = {
const option: TrivyOption = {
severity: 'HIGH,CRITICAL',
vulnType: 'os,library',
ignoreUnfixed: false,
format: 'json',
};
const result: Vulnerability[] | string = Trivy.scan(
const result: Vulnerability[] | string = trivy.scan(
trivyPath,
image,
options
option
);
expect(result.length).toBeGreaterThanOrEqual(1);
expect(result).toBeInstanceOf(Object);
});

test('with table format', () => {
const options: TrivyOption = {
const option: TrivyOption = {
severity: 'HIGH,CRITICAL',
vulnType: 'os,library',
ignoreUnfixed: false,
format: 'table',
};
const result: Vulnerability[] | string = Trivy.scan(
const result: Vulnerability[] | string = trivy.scan(
trivyPath,
image,
options
option
);
expect(result.length).toBeGreaterThanOrEqual(1);
expect(result).toMatch(/alpine:3\.10/);
Expand All @@ -179,8 +180,8 @@ describe('Scan', () => {
format: 'json',
};
expect(() => {
Trivy.scan(trivyPath, image, invalidOption);
}).toThrowError('severity option error: INVALID is unknown severity');
trivy.scan(trivyPath, image, invalidOption);
}).toThrowError('Trivy option error: INVALID is unknown severity');
});

test('with invalid vulnType', () => {
Expand All @@ -191,8 +192,8 @@ describe('Scan', () => {
format: 'json',
};
expect(() => {
Trivy.scan(trivyPath, image, invalidOption);
}).toThrowError('vuln-type option error: INVALID is unknown vuln-type');
trivy.scan(trivyPath, image, invalidOption);
}).toThrowError('Trivy option error: INVALID is unknown vuln-type');
});
});

Expand All @@ -204,7 +205,7 @@ describe('Parse', () => {
Vulnerabilities: null,
},
];
const result = Trivy.parse(vulnerabilities);
const result = trivy.parse(vulnerabilities);
expect(result).toBe('');
});

Expand Down Expand Up @@ -247,9 +248,77 @@ describe('Parse', () => {
],
},
];
const result = Trivy.parse(vulnerabilities);
const result = trivy.parse(vulnerabilities);
expect(result).toMatch(
/\|Title\|Severity\|CVE\|Package Name\|Installed Version\|Fixed Version\|References\|/
);
});
});

describe('Validate trivy option', () => {
test('with a valid severity', () => {
const options: string[] = ['HIGH'];
const result = trivy['validateSeverity'](options);
expect(result).toBeTruthy();
});

test('with two valid severities', () => {
const options: string[] = ['HIGH', 'CRITICAL'];
const result = trivy['validateSeverity'](options);
expect(result).toBeTruthy();
});

test('with an invalid severity', () => {
const options: string[] = ['INVALID'];
expect(() => {
trivy['validateSeverity'](options);
}).toThrowError('Trivy option error: INVALID is unknown severity');
});

test('with two invalid severities', () => {
const options: string[] = ['INVALID', 'ERROR'];
expect(() => {
trivy['validateSeverity'](options);
}).toThrowError('Trivy option error: INVALID,ERROR is unknown severity');
});

test('with an invalid and a valid severities', () => {
const options: string[] = ['INVALID', 'HIGH'];
expect(() => {
trivy['validateSeverity'](options);
}).toThrowError('Trivy option error: INVALID,HIGH is unknown severity');
});

test('with a valid vuln-type', () => {
const options: string[] = ['os'];
const result = trivy['validateVulnType'](options);
expect(result).toBeTruthy();
});

test('with two valid vuln-types', () => {
const options: string[] = ['os', 'library'];
const result = trivy['validateVulnType'](options);
expect(result).toBeTruthy();
});

test('with an invalid vuln-type', () => {
const options: string[] = ['INVALID'];
expect(() => {
trivy['validateVulnType'](options);
}).toThrowError('Trivy option error: INVALID is unknown vuln-type');
});

test('with two invalid vuln-types', () => {
const options: string[] = ['INVALID', 'ERROR'];
expect(() => {
trivy['validateVulnType'](options);
}).toThrowError('Trivy option error: INVALID,ERROR is unknown vuln-type');
});

test('with a valid and an invalid vuln-types', () => {
const options: string[] = ['INVALID', 'os'];
expect(() => {
trivy['validateVulnType'](options);
}).toThrowError('Trivy option error: INVALID,os is unknown vuln-type');
});
});
Loading