Skip to content

Commit

Permalink
chore: add rust auditable binary match integration test
Browse files Browse the repository at this point in the history
Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
  • Loading branch information
westonsteimel committed Oct 11, 2023
1 parent 2efcff5 commit 2440dd3
Show file tree
Hide file tree
Showing 6 changed files with 76 additions and 1 deletion.
6 changes: 6 additions & 0 deletions grype/db/v5/namespace/index_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,8 @@ func TestFromStringSlice(t *testing.T) {
"nvd:cpe",
"github:language:ruby",
"abc.xyz:language:ruby",
"github:language:rust",
"something:language:rust",
"1234.4567:language:unknown",
"---:cpe",
"another-provider:distro:alpine:3.15",
Expand All @@ -44,6 +46,10 @@ func TestFromStringSlice(t *testing.T) {
language.NewNamespace("github", syftPkg.Ruby, ""),
language.NewNamespace("abc.xyz", syftPkg.Ruby, ""),
},
syftPkg.Rust: {
language.NewNamespace("github", syftPkg.Rust, ""),
language.NewNamespace("something", syftPkg.Rust, ""),
},
syftPkg.Language("unknown"): {
language.NewNamespace("1234.4567", syftPkg.Language("unknown"), ""),
},
Expand Down
4 changes: 4 additions & 0 deletions grype/db/v5/namespace/language/namespace_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -25,6 +25,10 @@ func TestFromString(t *testing.T) {
namespaceString: "github:language:java",
result: NewNamespace("github", syftPkg.Java, ""),
},
{
namespaceString: "github:language:rust",
result: NewNamespace("github", syftPkg.Rust, ""),
},
{
namespaceString: "abc.xyz:language:something",
result: NewNamespace("abc.xyz", syftPkg.Language("something"), ""),
Expand Down
1 change: 1 addition & 0 deletions test/grype-test-config.yaml
Original file line number Diff line number Diff line change
@@ -1 +1,2 @@
check-for-app-update: false

16 changes: 16 additions & 0 deletions test/integration/db_mock_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -163,6 +163,22 @@ func newMockDbStore() *mockStore {
},
},
},
"github:language:rust": {
"hello-auditable": []grypeDB.Vulnerability{
{
ID: "CVE-rust-sample-1",
VersionConstraint: "< 0.2.0",
VersionFormat: "unknown",
},
},
"auditable": []grypeDB.Vulnerability{
{
ID: "CVE-rust-sample-2",
VersionConstraint: "< 0.2.0",
VersionFormat: "unknown",
},
},
},
"debian:distro:debian:8": {
"apt-dev": []grypeDB.Vulnerability{
{
Expand Down
48 changes: 47 additions & 1 deletion test/integration/match_by_image_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -545,6 +545,45 @@ func addHaskellMatches(t *testing.T, theSource source.Source, catalog *syftPkg.C
})
}

func addRustMatches(t *testing.T, theSource source.Source, catalog *syftPkg.Collection, theStore *mockStore, theResult *match.Matches) {
packages := catalog.PackagesByPath("/hello-auditable")
if len(packages) < 1 {
t.Logf("Rust Packages: %+v", packages)
t.Fatalf("problem with upstream syft cataloger (cargo-auditable-binary-cataloger)")
}

for _, p := range packages {
thePkg := pkg.New(p)
theVuln := theStore.backend["github:language:rust"][strings.ToLower(thePkg.Name)][0]
vulnObj, err := vulnerability.NewVulnerability(theVuln)
require.NoError(t, err)

theResult.Add(match.Match{
Vulnerability: *vulnObj,
Package: thePkg,
Details: []match.Detail{
{
Type: match.ExactDirectMatch,
Confidence: 1.0,
SearchedBy: map[string]any{
"language": "rust",
"namespace": "github:language:rust",
"package": map[string]string{
"name": thePkg.Name,
"version": thePkg.Version,
},
},
Found: map[string]any{
"versionConstraint": vulnObj.Constraint.String(),
"vulnerabilityID": vulnObj.ID,
},
Matcher: match.RustMatcher,
},
},
})
}
}

func TestMatchByImage(t *testing.T) {
observedMatchers := stringutil.NewStringSet()
definedMatchers := stringutil.NewStringSet()
Expand Down Expand Up @@ -603,6 +642,14 @@ func TestMatchByImage(t *testing.T) {
return expectedMatches
},
},
{
fixtureImage: "image-rust-auditable-match-coverage",
expectedFn: func(theSource source.Source, catalog *syftPkg.Collection, theStore *mockStore) match.Matches {
expectedMatches := match.NewMatches()
addRustMatches(t, theSource, catalog, theStore, &expectedMatches)
return expectedMatches
},
},
}

for _, test := range tests {
Expand Down Expand Up @@ -647,7 +694,6 @@ func TestMatchByImage(t *testing.T) {
}

actualResults := grype.FindVulnerabilitiesForPackage(str, theDistro, matchers, pkg.FromCollection(collection, pkg.SynthesisConfig{}))

for _, m := range actualResults.Sorted() {
for _, d := range m.Details {
observedMatchers.Add(string(d.Matcher))
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
# An image containing the example hello-auditable binary from https://github.com/Shnatsel/rust-audit/tree/master/hello-auditable
FROM docker.io/tofay/hello-rust-auditable:latest

0 comments on commit 2440dd3

Please sign in to comment.