def test_perform_indexing_api_request_failure_index(initialized_db,
set_secscan_config):
secscan = V4SecurityScanner(app, instance_keys, storage)
secscan._secscan_api = mock.Mock()
secscan._secscan_api.state.return_value = {"state": "abc"}
secscan._secscan_api.index.side_effect = APIRequestFailure()
next_token = secscan.perform_indexing()
assert next_token is None
assert ManifestSecurityStatus.select().count() == 0
# Set security scanner to return good results and attempt indexing again
secscan._secscan_api.index.side_effect = None
secscan._secscan_api.index.return_value = (
{
"err": None,
"state": IndexReportState.Index_Finished
},
"abc",
)
next_token = secscan.perform_indexing()
assert next_token.min_id == Manifest.select(fn.Max(
Manifest.id)).scalar() + 1
assert ManifestSecurityStatus.select().count() == Manifest.select(
fn.Max(Manifest.id)).count()
def test_perform_indexing_api_request_failure_index(initialized_db):
app.config["SECURITY_SCANNER_V4_NAMESPACE_WHITELIST"] = ["devtable"]
expected_manifests = (
Manifest.select(fn.Max(Manifest.id))
.join(Repository)
.join(User)
.where(User.username == "devtable")
)
secscan = V4SecurityScanner(app, instance_keys, storage)
secscan._secscan_api = mock.Mock()
secscan._secscan_api.state.return_value = "abc"
secscan._secscan_api.index.side_effect = APIRequestFailure()
next_token = secscan.perform_indexing()
assert next_token is None
assert ManifestSecurityStatus.select().count() == 0
# Set security scanner to return good results and attempt indexing again
secscan._secscan_api.index.side_effect = None
secscan._secscan_api.index.return_value = (
{"err": None, "state": IndexReportState.Index_Finished},
"abc",
)
next_token = secscan.perform_indexing()
assert next_token.min_id == expected_manifests.scalar() + 1
assert ManifestSecurityStatus.select().count() == expected_manifests.count()
def test_load_security_information_api_request_failure(initialized_db,
set_secscan_config):
repository_ref = registry_model.lookup_repository("devtable", "simple")
tag = registry_model.get_repo_tag(repository_ref,
"latest",
include_legacy_image=True)
manifest = registry_model.get_manifest_for_tag(tag,
backfill_if_necessary=True)
mss = ManifestSecurityStatus.create(
manifest=manifest._db_id,
repository=repository_ref._db_id,
error_json={},
index_status=IndexStatus.COMPLETED,
indexer_hash="abc",
indexer_version=IndexerVersion.V4,
metadata_json={},
)
secscan = V4SecurityScanner(app, instance_keys, storage)
secscan._secscan_api = mock.Mock()
secscan._secscan_api.vulnerability_report.side_effect = APIRequestFailure()
assert secscan.load_security_information(
manifest).status == ScanLookupStatus.COULD_NOT_LOAD
assert not ManifestSecurityStatus.select().where(
ManifestSecurityStatus.id == mss.id).exists()
def test_perform_indexing_api_request_failure_state(initialized_db, set_secscan_config):
secscan = V4SecurityScanner(app, instance_keys, storage)
secscan._secscan_api = mock.Mock()
secscan._secscan_api.state.side_effect = APIRequestFailure()
next_token = secscan.perform_indexing()
assert next_token is None
assert ManifestSecurityStatus.select().count() == 0
def test_perform_indexing_api_request_failure_state(initialized_db):
app.config["SECURITY_SCANNER_V4_NAMESPACE_WHITELIST"] = ["devtable"]
secscan = V4SecurityScanner(app, instance_keys, storage)
secscan._secscan_api = mock.Mock()
secscan._secscan_api.state.side_effect = APIRequestFailure()
next_token = secscan.perform_indexing()
assert next_token is None
assert ManifestSecurityStatus.select().count() == 0