def setUpClass(cls):
init_db(connect_str=cls.test_env.mk_db())
cls.load_images_from_env()
db = get_thread_scoped_session()
cls.test_image = db.query(Image).get((cls.test_env.get_images_named(cls.__default_image__)[0][0], '0'))
db.rollback()
def setUpClass(cls):
init_db(cls.test_env.mk_db(), do_bootstrap=True)
cls.default_bundle = cls.test_env.get_bundle('default')
cls.old_bundle = cls.test_env.get_bundle('old_default')
def setUpClass(cls):
init_db(cls.test_env.mk_db())
cls.default_bundle = cls.test_env.get_bundle('default')
cls.old_bundle = cls.test_env.get_bundle('old_default')
def setUpClass(cls):
init_db(cls.test_env.mk_db(), conn_args={})
logging.basicConfig(level=logging.DEBUG)
"""
This is an integration-level test for checking CVE updates at fine granularity.
"""
import logging
import os
import sqlalchemy.exc
from anchore_engine.db import get_thread_scoped_session as get_session, end_session, Image, ImagePackageVulnerability, ImagePackage, Vulnerability, VulnerableArtifact, FixedArtifact, FeedMetadata, FeedGroupMetadata
from anchore_engine.services.policy_engine.engine.tasks import FeedsUpdateTask
from test.services.policy_engine.utils import init_db, LocalTestDataEnvironment
logging.basicConfig(level='INFO')
log = logging.getLogger()
init_db()
test_env = LocalTestDataEnvironment(os.environ['ANCHORE_ENGINE_TEST_HOME'])
test_env.init_feeds()
test_user_id = 'test1'
test_img_id = 'img1'
test_image = Image(user_id=test_user_id,
id=test_img_id,
distro_name='centos',
distro_version='7')
test_image.familytree_json = [test_img_id]
test_image.layers_json = [test_img_id]
test_image.layer_info_json = ['somelayer_here']
test_image.like_distro = 'centos'
test_image.state = 'analyzed'
test_image.digest = 'digest1'
test_image.anchore_type = 'undefined'
def init_db_persisted():
global test_env
init_db()
def setUpClass(cls):
init_db(test_env.mk_db())
test_env.init_feeds()
import unittest
import os
from anchore_engine.services.policy_engine.engine.feeds import Vulnerability, VulnerabilityFeedDataMapper, GemPackageDataMapper, NpmPackageDataMapper, GemMetadata, NpmMetadata, DataFeeds
from test.services.policy_engine.utils import init_db, LocalTestDataEnvironment
test_env = LocalTestDataEnvironment(
data_dir=os.environ['ANCHORE_ENGINE_TEST_HOME'])
init_db(test_env.mk_db())
class TestVulnerabilityMapping(unittest.TestCase):
"""
Tests Feed mapping objects
"""
test_cve = {
'Vulnerability': {
'Description':
'Async Http Client (aka AHC or async-http-client) before 1.9.0 skips X.509 certificate verification unless both a keyStore location and a trustStore location are explicitly set, which allows man-in-the-middle attackers to spoof HTTPS servers by presenting an arbitrary certificate during use of a typical AHC configuration, as demonstrated by a configuration that does not send client certificates.',
'FixedIn': [{
'Name': 'async-http-client',
'NamespaceName': 'debian:9',
'Version': '1.6.5-3',
'VersionFormat': 'dpkg'
}],
'Link':
'https://security-tracker.debian.org/tracker/CVE-2013-7397',
'Metadata': {
'NVD': {
'CVSSv2': {
'Score': 4.3,
def setUpClass(cls):
init_db(cls.test_uri)
cls.load_test_data()
logging.basicConfig(level=logging.DEBUG)
def init_db_persisted(create_new=False):
global test_env
init_db(test_env.mk_db(generate=create_new))
