def test_failure(self): dfp = DockerfileParser() dfp.content = """\ RUN apk update """ conf = dfp_group_by_instructions(dfp)[0] scan_result = check.scan_entity_conf(conf['RUN']) self.assertEqual(CheckResult.FAILED, scan_result[0])
def test_failure(self): dfp = DockerfileParser() dfp.content = """\ From base LABEL foo="bar baz" USER me""" conf = dfp_group_by_instructions(dfp)[0] scan_result = check.scan_entity_conf(conf) self.assertEqual((CheckResult.FAILED, None), scan_result)
def test_success(self): dfp = DockerfileParser() dfp.content = """\ From base """ conf = dfp_group_by_instructions(dfp)[0] scan_result = check.scan_entity_conf(conf) self.assertEqual((CheckResult.PASSED, None), scan_result)
def test_failure(self): dfp = DockerfileParser() dfp.content = """\ From base LABEL foo="bar baz" ADD http://example.com/package.zip /temp USER me""" conf = dfp_group_by_instructions(dfp)[0] scan_result = check.scan_entity_conf(conf['ADD']) self.assertEqual((CheckResult.FAILED), scan_result[0])
def test_success(self): dfp = DockerfileParser() dfp.content = """\ From base LABEL foo="bar baz" USER me HEALTHCHECK CMD curl --fail http://localhost:3000 || exit 1 """ conf = dfp_group_by_instructions(dfp)[0] scan_result = check.scan_entity_conf(conf) self.assertEqual(CheckResult.PASSED, scan_result[0])
def test_failure(self): dfp = DockerfileParser() dfp.content = """ From base MAINTAINER checkov """ conf = dfp_group_by_instructions(dfp)[0] scan_result = check.scan_entity_conf(conf) self.assertEqual((CheckResult.FAILED), scan_result[0])
def test_failure_latest_version_tag(self): dfp = DockerfileParser() dfp.content = """ FROM alpine:latest """ conf = dfp_group_by_instructions(dfp)[0] scan_result = check.scan_entity_conf(conf) self.assertEqual(CheckResult.FAILED, scan_result[0]) self.assertEqual("alpine:latest", scan_result[1]["value"])
def test_success(self): dfp = DockerfileParser() dfp.content = """\ RUN apt-get update \ && apt-get install -y --no-install-recommends foo \ && echo gooo RUN apk update \ && apk add --no-cache suuu looo RUN apk --update add moo """ conf = dfp_group_by_instructions(dfp)[0] scan_result = check.scan_entity_conf(conf['RUN']) self.assertEqual(CheckResult.PASSED, scan_result[0])
def test_success_multi_stage(self): dfp = DockerfileParser() dfp.content = """ FROM alpine:3 as base COPY test.sh /test.sh FROM base LABEL maintainer=checkov """ conf = dfp_group_by_instructions(dfp)[0] scan_result = check.scan_entity_conf(conf) self.assertEqual((CheckResult.PASSED, None), scan_result)