From 26567831a12e2aafa39a26374bbaedda4dff3385 Mon Sep 17 00:00:00 2001 From: Simar Date: Sun, 16 Jul 2023 11:45:11 +0300 Subject: [PATCH] fix tests Signed-off-by: Simar --- .github/workflows/build.yaml | 2 +- test/data/config-sarif.test | 2 +- test/data/config.test | 37 +++++++++++++++++++++++++++++++ test/data/image-sarif.test | 2 +- test/data/image-trivyignores.test | 7 ++---- test/data/image.test | 7 ++---- 6 files changed, 44 insertions(+), 13 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index ae99a99..3f562d9 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -1,7 +1,7 @@ name: "build" on: [push, pull_request] env: - TRIVY_VERSION: 0.42.1 + TRIVY_VERSION: 0.43.1 BATS_LIB_PATH: '/usr/lib/' jobs: build: diff --git a/test/data/config-sarif.test b/test/data/config-sarif.test index 0df326b..00b2ff7 100644 --- a/test/data/config-sarif.test +++ b/test/data/config-sarif.test @@ -64,7 +64,7 @@ } } ], - "version": "0.42.1" + "version": "0.43.1" } }, "results": [ diff --git a/test/data/config.test b/test/data/config.test index bc7c357..f0e3969 100644 --- a/test/data/config.test +++ b/test/data/config.test @@ -78,6 +78,43 @@ } } ] + }, + { + "Target": "configmap.yaml", + "Class": "config", + "Type": "kubernetes", + "MisconfSummary": { + "Successes": 140, + "Failures": 1, + "Exceptions": 0 + }, + "Misconfigurations": [ + { + "Type": "Kubernetes Security Check", + "ID": "AVD-KSV-01010", + "AVDID": "AVD-KSV-01010", + "Title": "ConfigMap with sensitive content", + "Description": "Storing sensitive content such as usernames and email addresses in configMaps is unsafe", + "Message": "ConfigMap 'foo-config' in 'default' namespace stores sensitive contents in key(s) or value(s) '{\"key\"}'", + "Namespace": "builtin.kubernetes.KSV01010", + "Query": "data.builtin.kubernetes.KSV01010.deny", + "Resolution": "Remove sensitive content from configMap data value", + "Severity": "HIGH", + "PrimaryURL": "https://avd.aquasec.com/misconfig/avd-ksv-01010", + "References": [ + "https://avd.aquasec.com/misconfig/avd-ksv-01010" + ], + "Status": "FAIL", + "Layer": {}, + "CauseMetadata": { + "Provider": "Kubernetes", + "Service": "general", + "Code": { + "Lines": null + } + } + } + ] } ] } diff --git a/test/data/image-sarif.test b/test/data/image-sarif.test index c0607ed..932ff7b 100644 --- a/test/data/image-sarif.test +++ b/test/data/image-sarif.test @@ -37,7 +37,7 @@ } } ], - "version": "0.42.1" + "version": "0.43.1" } }, "results": [ diff --git a/test/data/image-trivyignores.test b/test/data/image-trivyignores.test index b17e763..e13d517 100644 --- a/test/data/image-trivyignores.test +++ b/test/data/image-trivyignores.test @@ -75,15 +75,12 @@ Total: 19 (CRITICAL: 19) rust-app/Cargo.lock (cargo) =========================== -Total: 2 (CRITICAL: 2) +Total: 1 (CRITICAL: 1) ┌──────────┬────────────────┬──────────┬───────────────────┬───────────────┬─────────────────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Installed Version │ Fixed Version │ Title │ ├──────────┼────────────────┼──────────┼───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤ -│ openssl │ CVE-2018-20997 │ CRITICAL │ 0.8.3 │ 0.10.9 │ Use after free in openssl │ -│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2018-20997 │ -├──────────┼────────────────┤ ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤ -│ smallvec │ CVE-2021-25900 │ │ 0.6.9 │ 1.6.1, 0.6.14 │ An issue was discovered in the smallvec crate before 0.6.14 │ +│ smallvec │ CVE-2021-25900 │ CRITICAL │ 0.6.9 │ 1.6.1, 0.6.14 │ An issue was discovered in the smallvec crate before 0.6.14 │ │ │ │ │ │ │ and 1.x... │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2021-25900 │ └──────────┴────────────────┴──────────┴───────────────────┴───────────────┴─────────────────────────────────────────────────────────────┘ diff --git a/test/data/image.test b/test/data/image.test index 86f29c9..b540f9e 100644 --- a/test/data/image.test +++ b/test/data/image.test @@ -75,15 +75,12 @@ Total: 19 (CRITICAL: 19) rust-app/Cargo.lock (cargo) =========================== -Total: 5 (CRITICAL: 5) +Total: 4 (CRITICAL: 4) ┌───────────┬────────────────┬──────────┬───────────────────┬───────────────┬─────────────────────────────────────────────────────────────┐ │ Library │ Vulnerability │ Severity │ Installed Version │ Fixed Version │ Title │ ├───────────┼────────────────┼──────────┼───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤ -│ openssl │ CVE-2018-20997 │ CRITICAL │ 0.8.3 │ 0.10.9 │ Use after free in openssl │ -│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2018-20997 │ -├───────────┼────────────────┤ ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤ -│ rand_core │ CVE-2020-25576 │ │ 0.4.0 │ 0.3.1, 0.4.2 │ An issue was discovered in the rand_core crate before 0.4.2 │ +│ rand_core │ CVE-2020-25576 │ CRITICAL │ 0.4.0 │ 0.3.1, 0.4.2 │ An issue was discovered in the rand_core crate before 0.4.2 │ │ │ │ │ │ │ for Rust.... │ │ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2020-25576 │ ├───────────┼────────────────┤ ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤