def test_notfixed_match(vulnerability_with_nofix, vulnerable_pkg1, monkeypatch_distros): """ Test matches against fixed artifacts :return: """ f = vulnerability_with_nofix.fixed_in[0] logger.info("Testing package %s", vulnerable_pkg1) logger.info("Testing vuln %s", f) assert isinstance(f, FixedArtifact) assert f.match_but_not_fixed(vulnerable_pkg1) pkg_vuln = ImagePackageVulnerability() pkg_vuln.package = vulnerable_pkg1 pkg_vuln.vulnerability = vulnerability_with_nofix pkg_vuln.pkg_type = vulnerable_pkg1.name pkg_vuln.pkg_version = vulnerable_pkg1.version pkg_vuln.pkg_image_id = vulnerable_pkg1.image_id pkg_vuln.pkg_user_id = vulnerable_pkg1.image_user_id pkg_vuln.pkg_name = vulnerable_pkg1.name pkg_vuln.pkg_arch = vulnerable_pkg1.arch pkg_vuln.vulnerability_id = vulnerability_with_nofix.id pkg_vuln.vulnerability_namespace_name = vulnerability_with_nofix.namespace_name assert pkg_vuln.fixed_in() is None
def test_fixed_and_vulnerable(vulnerability_with_both, vulnerable_pkg1, nonvulnerable_pkg1, monkeypatch_distros): """ Test both fixed and vulnerable matches :return: """ f = vulnerability_with_both.fixed_in[0] v = vulnerability_with_both.vulnerable_in[0] logger.info("Testing package %s", vulnerable_pkg1) logger.info("Testing vuln %s", f) assert isinstance(v, VulnerableArtifact) assert v.match_and_vulnerable(vulnerable_pkg1) assert not v.match_and_vulnerable(nonvulnerable_pkg1) pkg_vuln = ImagePackageVulnerability() pkg_vuln.package = vulnerable_pkg1 pkg_vuln.vulnerability = vulnerability_with_both pkg_vuln.pkg_type = vulnerable_pkg1.name pkg_vuln.pkg_version = vulnerable_pkg1.version pkg_vuln.pkg_image_id = vulnerable_pkg1.image_id pkg_vuln.pkg_user_id = vulnerable_pkg1.image_user_id pkg_vuln.pkg_name = vulnerable_pkg1.name pkg_vuln.pkg_arch = vulnerable_pkg1.arch pkg_vuln.vulnerability_id = vulnerability_with_both.id pkg_vuln.vulnerability_namespace_name = vulnerability_with_both.namespace_name assert pkg_vuln.fixed_in() == "0:1.1.el8"
def test_vulnerable_in(vulnerability_with_vulnartifact, vulnerable_pkg1, nonvulnerable_pkg1, monkeypatch_distros): """ Test vulnerable in matches :return: """ f = vulnerability_with_vulnartifact.vulnerable_in[0] logger.info('Testing package %s', vulnerable_pkg1) logger.info('Testing vuln %s', f) assert isinstance(f, VulnerableArtifact) assert f.match_and_vulnerable(vulnerable_pkg1) assert not f.match_and_vulnerable(nonvulnerable_pkg1) f = vulnerability_with_vulnartifact.vulnerable_in[1] logger.info('Testing package %s', vulnerable_pkg1) logger.info('Testing vuln %s', f) assert isinstance(f, VulnerableArtifact) assert not f.match_and_vulnerable(vulnerable_pkg1) # Both not vuln now, this entry is for 0.9.x assert not f.match_and_vulnerable(nonvulnerable_pkg1) pkg_vuln = ImagePackageVulnerability() pkg_vuln.package = vulnerable_pkg1 pkg_vuln.vulnerability = vulnerability_with_vulnartifact pkg_vuln.pkg_type = vulnerable_pkg1.name pkg_vuln.pkg_version = vulnerable_pkg1.version pkg_vuln.pkg_image_id = vulnerable_pkg1.image_id pkg_vuln.pkg_user_id = vulnerable_pkg1.image_user_id pkg_vuln.pkg_name = vulnerable_pkg1.name pkg_vuln.pkg_arch = vulnerable_pkg1.arch pkg_vuln.vulnerability_id = vulnerability_with_vulnartifact.id pkg_vuln.vulnerability_namespace_name = vulnerability_with_vulnartifact.namespace_name assert pkg_vuln.fixed_in() == None