mirror of
https://github.com/anchore/syft.git
synced 2026-02-12 18:46:41 +01:00
b3c70da3ea
* add info command from generated capabilities Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * correct gentoo and arch ecosystems Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * rename os pkg types Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * better binary cataloger description Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * expose metadata and pacakge types in json Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * expose json schema types Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add completeness tests for metadata types Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * latest generation Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix linting Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * improve testing a docs Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix tests and linting Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * restore goreleaser config Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * tweak diagram Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix pdm Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * chore: java binary data Signed-off-by: Keith Zantow <kzantow@gmail.com> * new capability descriptions for gguf and python Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * correct poetry lock integrity hash claim Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix compile error Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix: remove purl version from overrides Signed-off-by: Keith Zantow <kzantow@gmail.com> * fix lua deps ref Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * keep gguf as ai ecosystem Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * split packages.yaml to multiple files by go package Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * ensure tests do not use go test cache Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * sort json output for info command Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * docs: fix ocaml, php, and portage capabilities yaml Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com> * chore: update erlang capabilities Signed-off-by: Keith Zantow <kzantow@gmail.com> * chore: update java capabilities Signed-off-by: Keith Zantow <kzantow@gmail.com> * chore: update javascript capabilities Signed-off-by: Keith Zantow <kzantow@gmail.com> * chore: update linux kernel capabilities Signed-off-by: Keith Zantow <kzantow@gmail.com> * remove missing tests Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix package.yaml references Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * revert license list change Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * check for drift in capability descriptions Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * regenerate capabilities Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * test cleanup Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * use fixture cache in static analysis Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * claim fixtures pre-req for cap generation Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * update documentation with correct regeneration procedure Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * chore: ruby-gemspec-cataloger finds no dependencies Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com> * chore: fix python docs and config comment Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com> * chore: commit re-generated java yaml Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com> * add cataloger selection to caps command Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * re-generate cap yamls Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix tests for cataloger selection Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix cli test Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * add missing tests Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix linting Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * rename cmd to `cataloger info` Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * [wip] change capability description locations Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * [wip] continued Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * [wip] adjust for import cycles Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * correct docs Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> * fix linting Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> --------- Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com> Signed-off-by: Keith Zantow <kzantow@gmail.com> Signed-off-by: Will Murphy <willmurphyscode@users.noreply.github.com> Co-authored-by: Keith Zantow <kzantow@gmail.com> Co-authored-by: Will Murphy <willmurphyscode@users.noreply.github.com>
545 lines
12 KiB
Go
545 lines
12 KiB
Go
package capabilities
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/google/go-cmp/cmp"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func Test_valuesEqual(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
a interface{}
|
|
b interface{}
|
|
want bool
|
|
}{
|
|
{
|
|
name: "both nil",
|
|
a: nil,
|
|
b: nil,
|
|
want: true,
|
|
},
|
|
{
|
|
name: "first nil second non-nil",
|
|
a: nil,
|
|
b: "value",
|
|
want: false,
|
|
},
|
|
{
|
|
name: "first non-nil second nil",
|
|
a: "value",
|
|
b: nil,
|
|
want: false,
|
|
},
|
|
{
|
|
name: "equal strings",
|
|
a: "hello",
|
|
b: "hello",
|
|
want: true,
|
|
},
|
|
{
|
|
name: "different strings",
|
|
a: "hello",
|
|
b: "world",
|
|
want: false,
|
|
},
|
|
{
|
|
name: "equal booleans true",
|
|
a: true,
|
|
b: true,
|
|
want: true,
|
|
},
|
|
{
|
|
name: "equal booleans false",
|
|
a: false,
|
|
b: false,
|
|
want: true,
|
|
},
|
|
{
|
|
name: "different booleans",
|
|
a: true,
|
|
b: false,
|
|
want: false,
|
|
},
|
|
{
|
|
name: "equal integers",
|
|
a: 42,
|
|
b: 42,
|
|
want: true,
|
|
},
|
|
{
|
|
name: "different integers",
|
|
a: 42,
|
|
b: 43,
|
|
want: false,
|
|
},
|
|
{
|
|
name: "equal slices",
|
|
a: []string{"a", "b", "c"},
|
|
b: []string{"a", "b", "c"},
|
|
want: true,
|
|
},
|
|
{
|
|
name: "different slices",
|
|
a: []string{"a", "b", "c"},
|
|
b: []string{"a", "b", "d"},
|
|
want: false,
|
|
},
|
|
{
|
|
name: "slices different length",
|
|
a: []string{"a", "b"},
|
|
b: []string{"a", "b", "c"},
|
|
want: false,
|
|
},
|
|
{
|
|
name: "equal maps",
|
|
a: map[string]int{"x": 1, "y": 2},
|
|
b: map[string]int{"x": 1, "y": 2},
|
|
want: true,
|
|
},
|
|
{
|
|
name: "different maps",
|
|
a: map[string]int{"x": 1, "y": 2},
|
|
b: map[string]int{"x": 1, "y": 3},
|
|
want: false,
|
|
},
|
|
{
|
|
name: "different types string vs int",
|
|
a: "42",
|
|
b: 42,
|
|
want: false,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
got := valuesEqual(tt.a, tt.b)
|
|
require.Equal(t, tt.want, got)
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestConditionMatches(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
when map[string]interface{}
|
|
config map[string]interface{}
|
|
want bool
|
|
}{
|
|
{
|
|
name: "empty when clause matches anything",
|
|
when: map[string]interface{}{},
|
|
config: map[string]interface{}{"key": "value"},
|
|
want: true,
|
|
},
|
|
{
|
|
name: "empty when clause with empty config",
|
|
when: map[string]interface{}{},
|
|
config: map[string]interface{}{},
|
|
want: true,
|
|
},
|
|
{
|
|
name: "single key match",
|
|
when: map[string]interface{}{"SearchLocalModCacheLicenses": true},
|
|
config: map[string]interface{}{"SearchLocalModCacheLicenses": true},
|
|
want: true,
|
|
},
|
|
{
|
|
name: "single key mismatch",
|
|
when: map[string]interface{}{"SearchLocalModCacheLicenses": true},
|
|
config: map[string]interface{}{"SearchLocalModCacheLicenses": false},
|
|
want: false,
|
|
},
|
|
{
|
|
name: "key missing from config",
|
|
when: map[string]interface{}{"SearchLocalModCacheLicenses": true},
|
|
config: map[string]interface{}{},
|
|
want: false,
|
|
},
|
|
{
|
|
name: "multiple keys all match",
|
|
when: map[string]interface{}{
|
|
"SearchLocalModCacheLicenses": true,
|
|
"UseNetwork": true,
|
|
},
|
|
config: map[string]interface{}{
|
|
"SearchLocalModCacheLicenses": true,
|
|
"UseNetwork": true,
|
|
"ExtraKey": "ignored",
|
|
},
|
|
want: true,
|
|
},
|
|
{
|
|
name: "multiple keys one mismatch",
|
|
when: map[string]interface{}{
|
|
"SearchLocalModCacheLicenses": true,
|
|
"UseNetwork": true,
|
|
},
|
|
config: map[string]interface{}{
|
|
"SearchLocalModCacheLicenses": true,
|
|
"UseNetwork": false,
|
|
},
|
|
want: false,
|
|
},
|
|
{
|
|
name: "multiple keys one missing",
|
|
when: map[string]interface{}{
|
|
"SearchLocalModCacheLicenses": true,
|
|
"UseNetwork": true,
|
|
},
|
|
config: map[string]interface{}{
|
|
"SearchLocalModCacheLicenses": true,
|
|
},
|
|
want: false,
|
|
},
|
|
{
|
|
name: "string value match",
|
|
when: map[string]interface{}{"mode": "fast"},
|
|
config: map[string]interface{}{"mode": "fast"},
|
|
want: true,
|
|
},
|
|
{
|
|
name: "slice value match",
|
|
when: map[string]interface{}{"formats": []string{"json", "yaml"}},
|
|
config: map[string]interface{}{"formats": []string{"json", "yaml"}},
|
|
want: true,
|
|
},
|
|
{
|
|
name: "slice value mismatch",
|
|
when: map[string]interface{}{"formats": []string{"json", "yaml"}},
|
|
config: map[string]interface{}{"formats": []string{"json", "xml"}},
|
|
want: false,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
got := ConditionMatches(tt.when, tt.config)
|
|
require.Equal(t, tt.want, got)
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestEvaluateField(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
capField CapabilityField
|
|
config map[string]interface{}
|
|
want interface{}
|
|
}{
|
|
{
|
|
name: "no conditions returns default",
|
|
capField: CapabilityField{
|
|
Name: "license",
|
|
Default: false,
|
|
Conditions: nil,
|
|
},
|
|
config: map[string]interface{}{},
|
|
want: false,
|
|
},
|
|
{
|
|
name: "empty conditions returns default",
|
|
capField: CapabilityField{
|
|
Name: "license",
|
|
Default: false,
|
|
Conditions: []CapabilityCondition{},
|
|
},
|
|
config: map[string]interface{}{},
|
|
want: false,
|
|
},
|
|
{
|
|
name: "single condition matches",
|
|
capField: CapabilityField{
|
|
Name: "license",
|
|
Default: false,
|
|
Conditions: []CapabilityCondition{
|
|
{
|
|
When: map[string]any{"SearchLocalModCacheLicenses": true},
|
|
Value: true,
|
|
},
|
|
},
|
|
},
|
|
config: map[string]interface{}{"SearchLocalModCacheLicenses": true},
|
|
want: true,
|
|
},
|
|
{
|
|
name: "single condition does not match",
|
|
capField: CapabilityField{
|
|
Name: "license",
|
|
Default: false,
|
|
Conditions: []CapabilityCondition{
|
|
{
|
|
When: map[string]any{"SearchLocalModCacheLicenses": true},
|
|
Value: true,
|
|
},
|
|
},
|
|
},
|
|
config: map[string]interface{}{"SearchLocalModCacheLicenses": false},
|
|
want: false,
|
|
},
|
|
{
|
|
name: "multiple conditions first match wins",
|
|
capField: CapabilityField{
|
|
Name: "license",
|
|
Default: false,
|
|
Conditions: []CapabilityCondition{
|
|
{
|
|
When: map[string]any{"SearchLocalModCacheLicenses": true},
|
|
Value: "local",
|
|
},
|
|
{
|
|
When: map[string]any{"SearchRemoteLicenses": true},
|
|
Value: "remote",
|
|
},
|
|
},
|
|
},
|
|
config: map[string]interface{}{
|
|
"SearchLocalModCacheLicenses": true,
|
|
"SearchRemoteLicenses": true,
|
|
},
|
|
want: "local",
|
|
},
|
|
{
|
|
name: "multiple conditions second matches",
|
|
capField: CapabilityField{
|
|
Name: "license",
|
|
Default: false,
|
|
Conditions: []CapabilityCondition{
|
|
{
|
|
When: map[string]any{"SearchLocalModCacheLicenses": true},
|
|
Value: "local",
|
|
},
|
|
{
|
|
When: map[string]any{"SearchRemoteLicenses": true},
|
|
Value: "remote",
|
|
},
|
|
},
|
|
},
|
|
config: map[string]interface{}{
|
|
"SearchLocalModCacheLicenses": false,
|
|
"SearchRemoteLicenses": true,
|
|
},
|
|
want: "remote",
|
|
},
|
|
{
|
|
name: "no conditions match returns default",
|
|
capField: CapabilityField{
|
|
Name: "license",
|
|
Default: "none",
|
|
Conditions: []CapabilityCondition{
|
|
{
|
|
When: map[string]any{"SearchLocalModCacheLicenses": true},
|
|
Value: "local",
|
|
},
|
|
{
|
|
When: map[string]any{"SearchRemoteLicenses": true},
|
|
Value: "remote",
|
|
},
|
|
},
|
|
},
|
|
config: map[string]interface{}{
|
|
"SearchLocalModCacheLicenses": false,
|
|
"SearchRemoteLicenses": false,
|
|
},
|
|
want: "none",
|
|
},
|
|
{
|
|
name: "slice default value",
|
|
capField: CapabilityField{
|
|
Name: "dependency.depth",
|
|
Default: []string{"direct", "indirect"},
|
|
Conditions: nil,
|
|
},
|
|
config: map[string]interface{}{},
|
|
want: []string{"direct", "indirect"},
|
|
},
|
|
{
|
|
name: "condition with multiple when keys",
|
|
capField: CapabilityField{
|
|
Name: "feature",
|
|
Default: false,
|
|
Conditions: []CapabilityCondition{
|
|
{
|
|
When: map[string]any{
|
|
"EnableFeatureA": true,
|
|
"EnableFeatureB": true,
|
|
},
|
|
Value: true,
|
|
},
|
|
},
|
|
},
|
|
config: map[string]interface{}{
|
|
"EnableFeatureA": true,
|
|
"EnableFeatureB": true,
|
|
},
|
|
want: true,
|
|
},
|
|
{
|
|
name: "condition with multiple when keys partial match fails",
|
|
capField: CapabilityField{
|
|
Name: "feature",
|
|
Default: false,
|
|
Conditions: []CapabilityCondition{
|
|
{
|
|
When: map[string]any{
|
|
"EnableFeatureA": true,
|
|
"EnableFeatureB": true,
|
|
},
|
|
Value: true,
|
|
},
|
|
},
|
|
},
|
|
config: map[string]interface{}{
|
|
"EnableFeatureA": true,
|
|
"EnableFeatureB": false,
|
|
},
|
|
want: false,
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
got := EvaluateField(tt.capField, tt.config)
|
|
if diff := cmp.Diff(tt.want, got); diff != "" {
|
|
t.Errorf("EvaluateField() mismatch (-want +got):\n%s", diff)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestEvaluateCapabilities(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
caps CapabilitySet
|
|
config map[string]interface{}
|
|
want map[string]interface{}
|
|
}{
|
|
{
|
|
name: "empty capability set",
|
|
caps: CapabilitySet{},
|
|
config: map[string]interface{}{},
|
|
want: map[string]interface{}{},
|
|
},
|
|
{
|
|
name: "single capability no conditions",
|
|
caps: CapabilitySet{
|
|
{
|
|
Name: "license",
|
|
Default: false,
|
|
},
|
|
},
|
|
config: map[string]interface{}{},
|
|
want: map[string]interface{}{
|
|
"license": false,
|
|
},
|
|
},
|
|
{
|
|
name: "single capability with matching condition",
|
|
caps: CapabilitySet{
|
|
{
|
|
Name: "license",
|
|
Default: false,
|
|
Conditions: []CapabilityCondition{
|
|
{
|
|
When: map[string]any{"SearchLocalModCacheLicenses": true},
|
|
Value: true,
|
|
},
|
|
},
|
|
},
|
|
},
|
|
config: map[string]interface{}{"SearchLocalModCacheLicenses": true},
|
|
want: map[string]interface{}{
|
|
"license": true,
|
|
},
|
|
},
|
|
{
|
|
name: "multiple capabilities mixed conditions",
|
|
caps: CapabilitySet{
|
|
{
|
|
Name: "license",
|
|
Default: false,
|
|
Conditions: []CapabilityCondition{
|
|
{
|
|
When: map[string]any{"SearchLocalModCacheLicenses": true},
|
|
Value: true,
|
|
},
|
|
},
|
|
},
|
|
{
|
|
Name: "dependency.depth",
|
|
Default: []string{"direct", "indirect"},
|
|
},
|
|
{
|
|
Name: "dependency.edges",
|
|
Default: "flat",
|
|
},
|
|
},
|
|
config: map[string]interface{}{"SearchLocalModCacheLicenses": true},
|
|
want: map[string]interface{}{
|
|
"license": true,
|
|
"dependency.depth": []string{"direct", "indirect"},
|
|
"dependency.edges": "flat",
|
|
},
|
|
},
|
|
{
|
|
name: "real-world go module binary cataloger example",
|
|
caps: CapabilitySet{
|
|
{
|
|
Name: "license",
|
|
Default: false,
|
|
Conditions: []CapabilityCondition{
|
|
{
|
|
When: map[string]any{"SearchLocalModCacheLicenses": true},
|
|
Value: true,
|
|
},
|
|
{
|
|
When: map[string]any{"SearchRemoteLicenses": true},
|
|
Value: true,
|
|
},
|
|
},
|
|
},
|
|
{
|
|
Name: "dependency.depth",
|
|
Default: []string{"direct", "indirect"},
|
|
},
|
|
{
|
|
Name: "dependency.edges",
|
|
Default: "flat",
|
|
},
|
|
{
|
|
Name: "package_manager.files.listing",
|
|
Default: false,
|
|
},
|
|
},
|
|
config: map[string]interface{}{
|
|
"SearchLocalModCacheLicenses": false,
|
|
"SearchRemoteLicenses": true,
|
|
},
|
|
want: map[string]interface{}{
|
|
"license": true,
|
|
"dependency.depth": []string{"direct", "indirect"},
|
|
"dependency.edges": "flat",
|
|
"package_manager.files.listing": false,
|
|
},
|
|
},
|
|
{
|
|
name: "nil capability set",
|
|
caps: nil,
|
|
config: map[string]interface{}{
|
|
"anything": true,
|
|
},
|
|
want: map[string]interface{}{},
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
got := EvaluateCapabilities(tt.caps, tt.config)
|
|
if diff := cmp.Diff(tt.want, got); diff != "" {
|
|
t.Errorf("EvaluateCapabilities() mismatch (-want +got):\n%s", diff)
|
|
}
|
|
})
|
|
}
|
|
}
|