Merge pull request #93 from kubescape/summary

fix missing attributes in vulns
kubescape · Apr 4, 2023 · 359ca86 · 359ca86
2 parents 9082d54 + c018a39
commit 359ca86
Show file tree

Hide file tree

Showing 6 changed files with 557 additions and 10 deletions.
diff --git a/adapters/v1/armo.go b/adapters/v1/armo.go
@@ -202,9 +202,9 @@ func (a *ArmoAdapter) SubmitCVE(ctx context.Context, cve domain.CVEManifest, cve
 
 	// fill context and designators into vulnerabilities
 	armoContext := armotypes.DesignatorToArmoContext(&finalReport.Designators, "designators")
-	for i := range finalReport.Vulnerabilities {
-		finalReport.Vulnerabilities[i].Context = armoContext
-		finalReport.Vulnerabilities[i].Designators = finalReport.Designators
+	for i := range vulnerabilities {
+		vulnerabilities[i].Context = armoContext
+		vulnerabilities[i].Designators = finalReport.Designators
 	}
 
 	// add summary

diff --git a/adapters/v1/armo_test.go b/adapters/v1/armo_test.go
@@ -18,6 +18,7 @@ import (
 	"github.com/armosec/utils-k8s-go/armometadata"
 	"github.com/go-test/deep"
 	"github.com/google/uuid"
+	"github.com/kinbiko/jsonassert"
 	"github.com/kubescape/kubevuln/core/domain"
 )
 
@@ -99,16 +100,19 @@ func TestArmoAdapter_SubmitCVE(t *testing.T) {
 	getCVEExceptionsFunc := func(s string, s2 string, designator *armotypes.PortalDesignator) ([]armotypes.VulnerabilityExceptionPolicy, error) {
 		return []armotypes.VulnerabilityExceptionPolicy{}, nil
 	}
+	ja := jsonassert.New(t)
 	tests := []struct {
-		name    string
-		cve     domain.CVEManifest
-		cvep    domain.CVEManifest
-		wantErr bool
+		name          string
+		cve           domain.CVEManifest
+		cvep          domain.CVEManifest
+		checkFullBody bool
+		wantErr       bool
 	}{
 		{
-			name: "submit small cve",
-			cve:  fileToCVEManifest("testdata/nginx-cve-small.json"),
-			cvep: domain.CVEManifest{},
+			name:          "submit small cve",
+			cve:           fileToCVEManifest("testdata/nginx-cve-small.json"),
+			cvep:          domain.CVEManifest{},
+			checkFullBody: true,
 		},
 		{
 			name: "submit big cve",
@@ -131,6 +135,21 @@ func TestArmoAdapter_SubmitCVE(t *testing.T) {
 				if err != nil {
 					t.Errorf("failed to unmarshal report: %v", err)
 				}
+				var expectedBody []byte
+				switch {
+				case tt.checkFullBody:
+					expectedBody, err = os.ReadFile("testdata/cve-body.json")
+				case report.Summary == nil:
+					expectedBody, err = os.ReadFile("testdata/cve-chunk.json")
+				case tt.cvep.Content != nil:
+					expectedBody, err = os.ReadFile("testdata/cve-chunk-with-relevant-summary.json")
+				default:
+					expectedBody, err = os.ReadFile("testdata/cve-chunk-with-summary.json")
+				}
+				if err != nil {
+					t.Errorf("failed to read expected body: %v", err)
+				}
+				ja.Assertf(string(body), string(expectedBody))
 				mu.Lock()
 				for _, v := range report.Vulnerabilities {
 					id := v.Name + "+" + v.RelatedPackageName