jfrog-cli-security/commands/enrich/enrich_test.go at 425747b09089f6b9709acb54e0fb538771a79e80 · jfrog/jfrog-cli-security · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
package enrich

import (
	"bytes"
	"strings"
	"testing"

	coreformat "github.com/jfrog/jfrog-cli-core/v2/common/format"
	"github.com/jfrog/jfrog-cli-security/utils"
	"github.com/jfrog/jfrog-cli-security/utils/results"
	"github.com/jfrog/jfrog-client-go/xray/services"
	"github.com/stretchr/testify/assert"
	"github.com/stretchr/testify/require"
)

func makeCmdResultsWithVulns(vulns []services.Vulnerability) *results.SecurityCommandResults {
	cmdResults := results.NewCommandResults(utils.SBOM)
	target := cmdResults.NewScanResults(results.ScanTarget{Target: "test.json", Name: "test.json"})
	target.ScaScanResults(0, services.ScanResponse{Vulnerabilities: vulns})
	return cmdResults
}

func TestPrintVulnerabilitiesTable_WithFindings(t *testing.T) {
	cmdResults := makeCmdResultsWithVulns([]services.Vulnerability{
		{
			Cves:       []services.Cve{{Id: "CVE-2021-1234"}},
			Components: map[string]services.Component{"pkg:npm/lodash@4.17.11": {}},
		},
		{
			Cves:       []services.Cve{{Id: "CVE-2020-9999"}},
			Components: map[string]services.Component{"pkg:npm/minimist@1.2.5": {}},
		},
	})

	cmd := &EnrichCommand{outputFormat: coreformat.Table}
	var buf bytes.Buffer
	err := cmd.printVulnerabilitiesTable(cmdResults, &buf)
	require.NoError(t, err)

	out := buf.String()
	assert.Contains(t, out, "COMPONENT")
	assert.Contains(t, out, "CVE-ID")
	assert.Contains(t, out, "pkg:npm/lodash@4.17.11")
	assert.Contains(t, out, "CVE-2021-1234")
	assert.Contains(t, out, "pkg:npm/minimist@1.2.5")
	assert.Contains(t, out, "CVE-2020-9999")
}

func TestPrintVulnerabilitiesTable_Empty(t *testing.T) {
	cmdResults := makeCmdResultsWithVulns(nil)

	cmd := &EnrichCommand{outputFormat: coreformat.Table}
	var buf bytes.Buffer
	err := cmd.printVulnerabilitiesTable(cmdResults, &buf)
	require.NoError(t, err)

	out := buf.String()
	assert.Contains(t, out, "COMPONENT")
	assert.Contains(t, out, "CVE-ID")
	// no data rows
	lines := strings.Split(strings.TrimSpace(out), "\n")
	assert.Len(t, lines, 1)
}

func TestPrintVulnerabilitiesTable_NoCves(t *testing.T) {
	cmdResults := makeCmdResultsWithVulns([]services.Vulnerability{
		{
			Cves:       nil,
			Components: map[string]services.Component{"pkg:go/golang.org/x/net@v0.0.0-20210226": {}},
		},
	})

	cmd := &EnrichCommand{outputFormat: coreformat.Table}
	var buf bytes.Buffer
	err := cmd.printVulnerabilitiesTable(cmdResults, &buf)
	require.NoError(t, err)

	out := buf.String()
	assert.Contains(t, out, "pkg:go/golang.org/x/net@v0.0.0-20210226")
	// CVE-ID column is blank but row is present
	assert.True(t, strings.Count(out, "\n") >= 2)
}