Skip to content

Commit a803c34

Browse files
keshav-spacekeshav-space
committed
Add tests for v3 OpenSSL importer pipeline
Signed-off-by: Keshav Priyadarshi <[email protected]>
1 parent ee9630c commit a803c34

File tree

8 files changed

+923
-7
lines changed

8 files changed

+923
-7
lines changed

vulnerabilities/tests/pipelines/v2_importers/test_openssl_importer.py

Lines changed: 7 additions & 7 deletions
Original file line numberDiff line numberDiff line change
@@ -14,26 +14,26 @@
1414
from django.test import TestCase
1515

1616
from vulnerabilities.models import AdvisoryV2
17-
from vulnerabilities.models import PackageV2
1817
from vulnerabilities.pipelines.v2_importers.openssl_importer import OpenSSLImporterPipeline
1918
from vulnerabilities.tests import util_tests
19+
from vulnerabilities.tests.pipelines import TestLogger
2020

2121
TEST_DATA = Path(__file__).parent.parent.parent / "test_data" / "openssl" / "release_metadata"
2222

2323

2424
class TestOpenSSLImporterPipeline(TestCase):
25+
def setUp(self):
26+
self.logger = TestLogger()
27+
2528
@patch("vulnerabilities.pipelines.v2_importers.openssl_importer.OpenSSLImporterPipeline.clone")
2629
def test_redhat_advisories_v2(self, mock_clone):
2730
mock_clone.__name__ = "clone"
2831
pipeline = OpenSSLImporterPipeline()
2932
pipeline.advisory_path = TEST_DATA
3033
pipeline.vcs_response = None
34+
pipeline.log = self.logger.write
3135
pipeline.execute()
3236

33-
# self.assertEqual(6, AdvisoryV2.objects.count())
34-
# self.assertEqual(93, PackageV2.objects.count())
35-
3637
expected_file = TEST_DATA / "openssl_advisoryv2-expected.json"
37-
result = [adv.to_advisory_data() for adv in AdvisoryV2.objects.all()]
38-
print(result)
39-
# util_tests.check_results_against_json(result, expected_file, regen=True)
38+
result = [adv.to_advisory_data().to_dict() for adv in AdvisoryV2.objects.all()]
39+
util_tests.check_results_against_json(result, expected_file)

vulnerabilities/tests/pipes/test_openssl.py

Lines changed: 102 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -6,3 +6,105 @@
66
# See https://github.com/aboutcode-org/vulnerablecode for support or download.
77
# See https://aboutcode.org for more information about nexB OSS projects.
88
#
9+
10+
from datetime import datetime
11+
from unittest import TestCase
12+
13+
import pytest
14+
from django.core.exceptions import ValidationError
15+
from django.utils import timezone
16+
from packageurl import PackageURL
17+
from univers.version_range import VersionRange
18+
19+
from vulnerabilities import models
20+
from vulnerabilities.importer import AdvisoryData
21+
from vulnerabilities.importer import AffectedPackage
22+
from vulnerabilities.importer import PackageCommitPatchData
23+
from vulnerabilities.importer import Reference
24+
from vulnerabilities.importer import ReferenceV2
25+
from vulnerabilities.models import AdvisoryAlias
26+
from vulnerabilities.models import AdvisoryReference
27+
from vulnerabilities.models import AdvisorySeverity
28+
from vulnerabilities.models import AdvisoryWeakness
29+
from vulnerabilities.models import PackageCommitPatch
30+
from vulnerabilities.pipes.advisory import get_or_create_advisory_aliases
31+
from vulnerabilities.pipes.advisory import get_or_create_advisory_package_commit_patches
32+
from vulnerabilities.pipes.advisory import get_or_create_advisory_references
33+
from vulnerabilities.pipes.advisory import get_or_create_advisory_severities
34+
from vulnerabilities.pipes.advisory import get_or_create_advisory_weaknesses
35+
from vulnerabilities.pipes.advisory import get_or_create_aliases
36+
from vulnerabilities.pipes.advisory import import_advisory
37+
from vulnerabilities.pipes.openssl import get_commit_patch
38+
from vulnerabilities.pipes.openssl import get_reference
39+
from vulnerabilities.pipes.openssl import parse_affected_fixed
40+
from vulnerabilities.tests.pipelines import TestLogger
41+
from vulnerabilities.utils import compute_content_id
42+
43+
44+
class TestPipeOpenSSL(TestCase):
45+
def setUp(self):
46+
self.logger = TestLogger()
47+
48+
def test_vulnerability_pipes_openssl_get_reference(self):
49+
refrence_name = "OpenSSL Advisory"
50+
tag = "vendor-advisory"
51+
refrence_url = "https://www.openssl.org/news/secadv/20221213.txt"
52+
result = get_reference(
53+
reference_name=refrence_name,
54+
tag=tag,
55+
reference_url=refrence_url,
56+
)
57+
expected = ReferenceV2(
58+
reference_id=refrence_name,
59+
reference_type=AdvisoryReference.ADVISORY,
60+
url=refrence_url,
61+
)
62+
63+
self.assertEqual(result, expected)
64+
65+
def test_vulnerability_pipes_openssl_get_commit_patch(self):
66+
url = "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=cca1cd9a3447dd067503e4a85ebd1679ee78a48e"
67+
result_patch = get_commit_patch(url=url, logger=self.logger.write)
68+
expected_vcs = "https://github.com/openssl/openssl/"
69+
expected_hash = "cca1cd9a3447dd067503e4a85ebd1679ee78a48e"
70+
71+
self.assertEqual(result_patch.vcs_url, expected_vcs)
72+
self.assertEqual(result_patch.commit_hash, expected_hash)
73+
74+
def test_vulnerability_pipes_openssl_get_commit_patch_unsupported(self):
75+
url = "https://someunsupported.url/commit/93l232slfsll3l23l2"
76+
get_commit_patch(url=url, logger=self.logger.write)
77+
78+
self.assertIn("Unsupported commit url", self.logger.getvalue())
79+
80+
def test_vulnerability_pipes_openssl_parse_affected_fixed_lessthan(self):
81+
affected = {
82+
"lessThan": "0.9.7a",
83+
"status": "affected",
84+
"version": "0.9.7",
85+
"versionType": "custom",
86+
}
87+
88+
result_affected, result_fixed = parse_affected_fixed(affected)
89+
result_affected = [str(const) for const in result_affected]
90+
expected_affected = [">=0.9.7", "<0.9.7a"]
91+
expected_fixed = "0.9.7a"
92+
93+
self.assertCountEqual(result_affected, expected_affected)
94+
self.assertEqual(result_fixed, expected_fixed)
95+
96+
def test_vulnerability_pipes_openssl_parse_affected_fixed_lessthanorequal(self):
97+
affected = {
98+
"lessThanOrEqual": "3.0.7",
99+
"status": "affected",
100+
"version": "3.0.0",
101+
"versionType": "semver",
102+
}
103+
104+
result_affected, result_fixed = parse_affected_fixed(affected)
105+
result_affected = [str(const) for const in result_affected]
106+
expected_affected = [">=3.0.0", "<=3.0.7"]
107+
expected_fixed = None
108+
109+
self.assertCountEqual(result_affected, expected_affected)
110+
self.assertEqual(result_fixed, expected_fixed)

0 commit comments

Comments
 (0)