Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVEs alerts inventory for Vulnerability Detector - Vulnerability Detector Integration Tests implementation #1496

Merged
merged 92 commits into from
Nov 9, 2021
Merged

CVEs alerts inventory for Vulnerability Detector - Vulnerability Detector Integration Tests implementation #1496

merged 92 commits into from
Nov 9, 2021

Conversation

MiguelazoDS
Copy link
Member

@MiguelazoDS MiguelazoDS commented Jun 24, 2021
edited
Loading

Related issue
#1261

Description

This pull request implements the following set of test cases for Vulnerability Detector:

  • test_scan_results: Includes tests that check vulnerabilities insertion and removal in:
    • Log file
    • Alerts file
    • Vulnerabilities inventory database.
  • test_scan_types: Includes tests for Baseline, Partial and Full scans
  • test_general_settings: Includes new settings min_full_scan_interval and retry_interval

These tests cover the new vulnerability detector functionalities as part of the epic #7749.
For more details, check the description of the epic #1261

Dod

test_scan_types

types

test_general_settings

general_settings

test_scan_results

scan_results

test_windows

image

Tests

  • Proven that tests pass when they have to pass.
  • Proven that tests fail when they have to fail.
  • Python codebase satisfies PEP-8 style style guide. pycodestyle --max-line-length=120 --show-source --show-pep8 file.py.
  • Python codebase is documented following the Google Style for Python docstrings.
  • The test is documented in wazuh-qa/docs.

@DProvinciani DProvinciani linked an issue Jun 24, 2021 that may be closed by this pull request
CVEs alerts inventory for Vulnerability Detector - Vulnerability Detector Integration Tests #1261
Closed
@DProvinciani DProvinciani requested a review from jmv74211 June 24, 2021 17:19
@DProvinciani DProvinciani force-pushed the 1261-cve-alerts-inventory branch from 3d784c4 to 6223667 Compare June 24, 2021 18:14
@MiguelazoDS MiguelazoDS force-pushed the 1261-cve-alerts-inventory branch from 7e2a1f6 to abc93d7 Compare June 28, 2021 22:06
@juliamagan juliamagan self-requested a review September 2, 2021 10:45
juliamagan
juliamagan requested changes Sep 2, 2021
View reviewed changes
deps/wazuh_testing/wazuh_testing/vulnerability_detector.py Outdated
from wazuh_testing.tools import file
from wazuh_testing.tools import agent_simulator as ag
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Due to new repository standards, the simulators tools (Authd, Remoted and Agent Simulators) will be deprecated. For this reason, every PRs that changed any test that uses then should be reconsidered as follows:

Perform this check without using any simulator.
If it is impossible for an integration test to check this case, a system test should be created. This will be noted as future work in a common issue for each module.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed

deps/wazuh_testing/wazuh_testing/vulnerability_detector.py Outdated Show resolved Hide resolved
deps/wazuh_testing/wazuh_testing/wazuh_db.py Outdated Show resolved Hide resolved
@DProvinciani DProvinciani force-pushed the 1261-cve-alerts-inventory branch from a3dad16 to b625606 Compare October 25, 2021 21:10
@DProvinciani DProvinciani force-pushed the 1261-cve-alerts-inventory branch 2 times, most recently from ded1663 to 347b485 Compare November 9, 2021 14:50
BraulioV and others added 15 commits November 9, 2021 14:55
@BraulioV @DProvinciani
Remove ignore_time tests due to deprecation
48ee29e
@BraulioV @DProvinciani
Minor improvements in the code base
3bf30ea
@mdengra @DProvinciani
Add test: test_min_full_scan_interval
f999f85 
Add interval_to_time_modifier function in vulnerability_detector.py module
Add offline feeds for Debian, RHEL and Canonical Wazuh managers
Add custom settings for each manager GNU/Linux distro family #1359
@mdengra @DProvinciani
Add test documentation
4910c84 
Fix broken links in tests #1359
@mdengra @DProvinciani
Update general info in test_general_settings documentation
525bfdf
@mdengra @DProvinciani
Replace identity testing with equality testing in some sentences
58f2a58
@mdengra @DProvinciani
Change the way the distro name is parsed to avoid false negatives
dee9036
@mdengra @DProvinciani
Move interval_to_time_modifier function to time.py module of wazuh_te…
0ed8677 
…sting #1359
@mdengra @DProvinciani
Refactor test_min_full_scan_interval to use a minimal number of offli…
02e381e 
…ne feeds #1359
@mdengra @DProvinciani
Update documentation #1359
a2506f1
@mdengra @DProvinciani
Use feed paths from vulnerability_detector module
af77f19 
Disable syscollector on the manager #1359
@mdengra @DProvinciani
Delete old offline feed files #1359
6dfa4e3
@mdengra @DProvinciani
Enable syscollector in manager
f9ab71c
@mdengra @DProvinciani
Use the wdb socket to make database changes
993040d 
Disable syscollector on the manager #1359
@mdengra @DProvinciani
Fix documentation #1359
45cc1ba
pereyra-m and others added 20 commits November 9, 2021 14:55
@pereyra-m @DProvinciani
Updating arch_linux test
aece591
@pereyra-m @DProvinciani
Updating alert_vulnerability_removal test
20ada8b
@pereyra-m @DProvinciani
Documenting new methods
6ae3bfd
@pereyra-m @DProvinciani
Fixing long lines and extra whitespaces
4aa7e82
@pereyra-m @DProvinciani
Updating check_vulnerability_scan_inventory for removed condition
649279a
@MiguelazoDS @DProvinciani
Fix after rebase
03289a0
@MiguelazoDS @DProvinciani
Disable unneeded modules
1fe59db
@pereyra-m @DProvinciani
Fixing tests after rebase
75d26fa
@pereyra-m @DProvinciani
Fixing insert_package parameter list
74f1626
@pereyra-m @DProvinciani
Fixing scan providers and NVD feed test
bc9fc4a
@MiguelazoDS @DProvinciani
Added removal vulnerability verification in ALAS
f2ce2f3
@pereyra-m @DProvinciani
Enabling authd for add_simulated_agent fixture
89245e0
@pereyra-m @DProvinciani
Enabling skipped tests
37d105f
@MiguelazoDS @DProvinciani
Fixing fixture that adds package is not always executed
c668ce7
@MiguelazoDS @DProvinciani
Deprecate agent simulators
a12ba4d
@MiguelazoDS @DProvinciani
Code style fix
ae9a5a7
@MiguelazoDS @DProvinciani
Code review changes
1dd1bf2
@MiguelazoDS @DProvinciani
Added check if score key exists
d65943d
@DProvinciani
Add friendly test IDs and in-code Documentation
b5f86c5
@DProvinciani
Code review fixes
88587c9
@DProvinciani DProvinciani force-pushed the 1261-cve-alerts-inventory branch from 1c09205 to 88587c9 Compare November 9, 2021 17:58
@DProvinciani DProvinciani changed the base branch from master to dev-cves-alerts-inventory November 9, 2021 18:02
DProvinciani and others added 2 commits November 9, 2021 16:21
@DProvinciani @juliamagan
Update deps/wazuh_testing/wazuh_testing/wazuh_db.py
6eb80c1 
Co-authored-by: Julia Magán <80041853+juliamagan@users.noreply.github.com>
@DProvinciani @juliamagan
Update deps/wazuh_testing/wazuh_testing/vulnerability_detector.py
d5341b9 
Co-authored-by: Julia Magán <80041853+juliamagan@users.noreply.github.com>
DProvinciani
DProvinciani approved these changes Nov 9, 2021
View reviewed changes
Copy link
Contributor

@DProvinciani DProvinciani left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good!

@DProvinciani DProvinciani merged commit dae6d59 into dev-cves-alerts-inventory Nov 9, 2021
@DProvinciani DProvinciani deleted the 1261-cve-alerts-inventory branch November 9, 2021 19:24
@DProvinciani DProvinciani mentioned this pull request Nov 9, 2021
Closed
This was referenced Feb 9, 2022
Closed
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@juliamagan juliamagan juliamagan requested changes

@DProvinciani DProvinciani DProvinciani approved these changes

@jmv74211 jmv74211 Awaiting requested review from jmv74211

Assignees

@DProvinciani DProvinciani

@palaciosjeremias palaciosjeremias

@MiguelazoDS MiguelazoDS

@pereyra-m pereyra-m

@mdengra mdengra

Labels
feature/vuln-detector
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

CVEs alerts inventory for Vulnerability Detector - Vulnerability Detector Integration Tests
7 participants
@MiguelazoDS @DProvinciani @juliamagan @palaciosjeremias @pereyra-m @mdengra @BraulioV