diff --git a/test/cli/power_user_cmd_test.go b/test/cli/power_user_cmd_test.go index 95e698cb1..8091ebd35 100644 --- a/test/cli/power_user_cmd_test.go +++ b/test/cli/power_user_cmd_test.go @@ -6,6 +6,7 @@ import ( ) func TestPowerUserCmdFlags(t *testing.T) { + secretsFixture := getFixtureImage(t, "image-secrets") tests := []struct { name string args []string @@ -32,30 +33,9 @@ func TestPowerUserCmdFlags(t *testing.T) { assertSuccessfulReturnCode, }, }, - { - name: "defaut-secrets-results-w-reveal-values", - env: map[string]string{ - "SYFT_SECRETS_REVEAL_VALUES": "true", - }, - args: []string{"power-user", "docker-archive:" + getFixtureImage(t, "image-secrets")}, - assertions: []traitAssertion{ - assertInOutput(`"classification": "generic-api-key"`), // proof of the secrets cataloger finding something - assertInOutput(`"12345A7a901b345678901234567890123456789012345678901234567890"`), // proof of the secrets cataloger finding the api key - assertSuccessfulReturnCode, - }, - }, - { - name: "default-secret-results-dont-reveal-values", - args: []string{"power-user", "docker-archive:" + getFixtureImage(t, "image-secrets")}, - assertions: []traitAssertion{ - assertInOutput(`"classification": "generic-api-key"`), // proof of the secrets cataloger finding something - assertNotInOutput(`"12345A7a901b345678901234567890123456789012345678901234567890"`), // proof of the secrets cataloger finding the api key - assertSuccessfulReturnCode, - }, - }, { name: "content-cataloger-wired-up", - args: []string{"power-user", "docker-archive:" + getFixtureImage(t, "image-secrets")}, + args: []string{"power-user", "docker-archive:" + secretsFixture}, env: map[string]string{ "SYFT_FILE_CONTENTS_GLOBS": "/api-key.txt", }, @@ -75,12 +55,33 @@ func TestPowerUserCmdFlags(t *testing.T) { assertSuccessfulReturnCode, }, }, + { + name: "default-secrets-results-w-reveal-values", + env: map[string]string{ + "SYFT_SECRETS_REVEAL_VALUES": "true", + }, + args: []string{"power-user", "docker-archive:" + secretsFixture}, + assertions: []traitAssertion{ + assertInOutput(`"classification": "generic-api-key"`), // proof of the secrets cataloger finding something + assertInOutput(`"12345A7a901b345678901234567890123456789012345678901234567890"`), // proof of the secrets cataloger finding the api key + assertSuccessfulReturnCode, + }, + }, + { + name: "default-secret-results-dont-reveal-values", + args: []string{"power-user", "docker-archive:" + secretsFixture}, + assertions: []traitAssertion{ + assertInOutput(`"classification": "generic-api-key"`), // proof of the secrets cataloger finding something + assertNotInOutput(`"12345A7a901b345678901234567890123456789012345678901234567890"`), // proof of the secrets cataloger finding the api key + assertSuccessfulReturnCode, + }, + }, { name: "default-secrets-dir-results-w-reveal-values", env: map[string]string{ "SYFT_SECRETS_REVEAL_VALUES": "true", }, - args: []string{"power-user", "dir:test-fixtures/image-secrets"}, + args: []string{"power-user", "dir:test-fixtures/image-secrets-dir"}, assertions: []traitAssertion{ assertInOutput(`"classification": "generic-api-key"`), // proof of the secrets cataloger finding something assertInOutput(`"12345A7a901b345678901234567890123456789012345678901234567890"`), // proof of the secrets cataloger finding the api key diff --git a/test/cli/test-fixtures/image-secrets-dir/Dockerfile b/test/cli/test-fixtures/image-secrets-dir/Dockerfile new file mode 100644 index 000000000..28a283a0b --- /dev/null +++ b/test/cli/test-fixtures/image-secrets-dir/Dockerfile @@ -0,0 +1,2 @@ +FROM scratch +ADD api-key.txt . \ No newline at end of file diff --git a/test/cli/test-fixtures/image-secrets-dir/api-key.txt b/test/cli/test-fixtures/image-secrets-dir/api-key.txt new file mode 100644 index 000000000..6cbbd99e3 --- /dev/null +++ b/test/cli/test-fixtures/image-secrets-dir/api-key.txt @@ -0,0 +1 @@ +some_ApI-kEy = "12345A7a901b345678901234567890123456789012345678901234567890"