Add tests for istio improver

Signed-off-by: Tushar Goel <tushar.goel.dav@gmail.com>
nexB · Jan 26, 2023 · 041faa5 · 041faa5
1 parent 952fc12
commit 041faa5
Show file tree

Hide file tree

Showing 2 changed files with 333 additions and 0 deletions.
diff --git a/vulnerabilities/tests/test_data/istio/istio-improver-expected.json b/vulnerabilities/tests/test_data/istio/istio-improver-expected.json
@@ -0,0 +1,302 @@
+[
+  {
+    "vulnerability_id": null,
+    "aliases": [
+      "CVE-2019-12243"
+    ],
+    "confidence": 100,
+    "summary": "Incorrect access control.",
+    "affected_purls": [
+      {
+        "type": "golang",
+        "namespace": "istio.io",
+        "name": "istio",
+        "version": "1.1.0",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "golang",
+        "namespace": "istio.io",
+        "name": "istio",
+        "version": "1.1.1",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "golang",
+        "namespace": "istio.io",
+        "name": "istio",
+        "version": "1.1.2",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "golang",
+        "namespace": "istio.io",
+        "name": "istio",
+        "version": "1.1.3",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "golang",
+        "namespace": "istio.io",
+        "name": "istio",
+        "version": "1.1.4",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "golang",
+        "namespace": "istio.io",
+        "name": "istio",
+        "version": "1.1.5",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "golang",
+        "namespace": "istio.io",
+        "name": "istio",
+        "version": "1.1.6",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "golang",
+        "namespace": "istio.io",
+        "name": "istio",
+        "version": "1.1.7",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "golang",
+        "namespace": "istio.io",
+        "name": "istio",
+        "version": "1.1.8",
+        "qualifiers": null,
+        "subpath": null
+      }
+    ],
+    "fixed_purl": null,
+    "references": [
+      {
+        "reference_id": "ISTIO-SECURITY-2019-001",
+        "url": "https://istio.io/latest/news/security/ISTIO-SECURITY-2019-001/",
+        "severities": []
+      }
+    ],
+    "weaknesses": []
+  },
+  {
+    "vulnerability_id": null,
+    "aliases": [
+      "CVE-2019-12243"
+    ],
+    "confidence": 100,
+    "summary": "Incorrect access control.",
+    "affected_purls": [
+      {
+        "type": "github",
+        "namespace": "istio",
+        "name": "istio",
+        "version": "1.1.0",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "github",
+        "namespace": "istio",
+        "name": "istio",
+        "version": "1.1.1",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "github",
+        "namespace": "istio",
+        "name": "istio",
+        "version": "1.1.2",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "github",
+        "namespace": "istio",
+        "name": "istio",
+        "version": "1.1.3",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "github",
+        "namespace": "istio",
+        "name": "istio",
+        "version": "1.1.4",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "github",
+        "namespace": "istio",
+        "name": "istio",
+        "version": "1.1.5",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "github",
+        "namespace": "istio",
+        "name": "istio",
+        "version": "1.1.6",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "github",
+        "namespace": "istio",
+        "name": "istio",
+        "version": "1.1.7",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "github",
+        "namespace": "istio",
+        "name": "istio",
+        "version": "1.1.8",
+        "qualifiers": null,
+        "subpath": null
+      }
+    ],
+    "fixed_purl": null,
+    "references": [
+      {
+        "reference_id": "ISTIO-SECURITY-2019-001",
+        "url": "https://istio.io/latest/news/security/ISTIO-SECURITY-2019-001/",
+        "severities": []
+      }
+    ],
+    "weaknesses": []
+  },
+  {
+    "vulnerability_id": null,
+    "aliases": [
+      "CVE-2019-12243"
+    ],
+    "confidence": 100,
+    "summary": "Incorrect access control.",
+    "affected_purls": [
+      {
+        "type": "golang",
+        "namespace": "istio.io",
+        "name": "istio",
+        "version": "1.1.0",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "golang",
+        "namespace": "istio.io",
+        "name": "istio",
+        "version": "1.1.15",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "golang",
+        "namespace": "istio.io",
+        "name": "istio",
+        "version": "1.3.0",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "golang",
+        "namespace": "istio.io",
+        "name": "istio",
+        "version": "1.3.1",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "golang",
+        "namespace": "istio.io",
+        "name": "istio",
+        "version": "1.5.0",
+        "qualifiers": null,
+        "subpath": null
+      }
+    ],
+    "fixed_purl": null,
+    "references": [
+      {
+        "reference_id": "ISTIO-SECURITY-2019-001",
+        "url": "https://istio.io/latest/news/security/ISTIO-SECURITY-2019-001/",
+        "severities": []
+      }
+    ],
+    "weaknesses": []
+  },
+  {
+    "vulnerability_id": null,
+    "aliases": [
+      "CVE-2019-12243"
+    ],
+    "confidence": 100,
+    "summary": "Incorrect access control.",
+    "affected_purls": [
+      {
+        "type": "github",
+        "namespace": "istio",
+        "name": "istio",
+        "version": "1.1.0",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "github",
+        "namespace": "istio",
+        "name": "istio",
+        "version": "1.1.15",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "github",
+        "namespace": "istio",
+        "name": "istio",
+        "version": "1.3.0",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "github",
+        "namespace": "istio",
+        "name": "istio",
+        "version": "1.3.1",
+        "qualifiers": null,
+        "subpath": null
+      },
+      {
+        "type": "github",
+        "namespace": "istio",
+        "name": "istio",
+        "version": "1.5.0",
+        "qualifiers": null,
+        "subpath": null
+      }
+    ],
+    "fixed_purl": null,
+    "references": [
+      {
+        "reference_id": "ISTIO-SECURITY-2019-001",
+        "url": "https://istio.io/latest/news/security/ISTIO-SECURITY-2019-001/",
+        "severities": []
+      }
+    ],
+    "weaknesses": []
+  }
+]
diff --git a/vulnerabilities/tests/test_istio.py b/vulnerabilities/tests/test_istio.py
@@ -7,9 +7,14 @@
 # See https://aboutcode.org for more information about nexB OSS projects.
 #
 
+import json
 import os
+from unittest import mock
 
+from vulnerabilities.importer import AdvisoryData
 from vulnerabilities.importers.istio import IstioImporter
+from vulnerabilities.importers.istio import IstioImprover
+from vulnerabilities.improvers.default import DefaultImprover
 from vulnerabilities.tests import util_tests
 
 BASE_DIR = os.path.dirname(os.path.abspath(__file__))
@@ -43,3 +48,29 @@ def test_istio_process_file():
     expected_file = os.path.join(TEST_DIR, f"istio-expected.json")
     result = [data.to_dict() for data in list(IstioImporter().process_file(path))]
     util_tests.check_results_against_json(result, expected_file)
+
+
+@mock.patch("vulnerabilities.importers.istio.IstioImprover.get_package_versions")
+def test_istio_improver(mock_response):
+    advisory_file = os.path.join(TEST_DIR, f"istio-expected.json")
+    expected_file = os.path.join(TEST_DIR, f"istio-improver-expected.json")
+    with open(advisory_file) as exp:
+        advisories = [AdvisoryData.from_dict(adv) for adv in (json.load(exp))]
+    mock_response.return_value = [
+        "1.1.0",
+        "1.1.1",
+        "1.1.2",
+        "1.1.3",
+        "1.1.4",
+        "1.1.5",
+        "1.1.6",
+        "1.1.7",
+        "1.1.8",
+    ]
+    improvers = [IstioImprover(), DefaultImprover()]
+    result = []
+    for improver in improvers:
+        for advisory in advisories:
+            inference = [data.to_dict() for data in improver.get_inferences(advisory)]
+            result.extend(inference)
+    util_tests.check_results_against_json(result, expected_file)