@@ -14,15 +14,6 @@ import (
1414 "github.com/aquasecurity/trivy/pkg/types"
1515)
1616
17- const (
18- AllReport = "all"
19- SummaryReport = "summary"
20-
21- tableFormat = "table"
22- jsonFormat = "json"
23- cycloneDXFormat = "cyclonedx"
24- )
25-
2617var (
2718 roleWithMisconfig = report.Resource {
2819 Namespace : "default" ,
@@ -142,6 +133,44 @@ var (
142133 },
143134 },
144135 }
136+ deployOrionWithSingleMisconfig = report.Resource {
137+ Namespace : "default" ,
138+ Kind : "Deploy" ,
139+ Name : "orion" ,
140+ Results : types.Results {
141+ {
142+ Misconfigurations : []types.DetectedMisconfiguration {
143+ {
144+ ID : "ID100" ,
145+ Status : types .MisconfStatusFailure ,
146+ Severity : "LOW" ,
147+ },
148+ },
149+ },
150+ },
151+ Report : types.Report {
152+ Results : types.Results {
153+ {
154+ Class : types .ClassConfig ,
155+ MisconfSummary : & types.MisconfSummary {
156+ Successes : 0 ,
157+ Failures : 1 ,
158+ },
159+ Misconfigurations : []types.DetectedMisconfiguration {
160+ {
161+ ID : "ID100" ,
162+ Title : "Config file is bad" ,
163+ Description : "Your config file is not good." ,
164+ Message : "Oh no, a bad config." ,
165+ PrimaryURL : "https://google.com/search?q=bad%20config" ,
166+ Status : types .MisconfStatusFailure ,
167+ Severity : "LOW" ,
168+ },
169+ },
170+ },
171+ },
172+ },
173+ }
145174 deployOrionWithVulns = report.Resource {
146175 Namespace : "default" ,
147176 Kind : "Deploy" ,
@@ -181,9 +210,43 @@ var (
181210 },
182211 },
183212 }
213+
214+ deployOrionWithSingleVuln = report.Resource {
215+ Namespace : "default" ,
216+ Kind : "Deploy" ,
217+ Name : "orion" ,
218+ Results : types.Results {
219+ {
220+ Vulnerabilities : []types.DetectedVulnerability {
221+ {
222+ 223+ VulnerabilityID : "CVE-2022-1111" ,
224+ Vulnerability : dbTypes.Vulnerability {Severity : "LOW" },
225+ },
226+ },
227+ },
228+ },
229+ Report : types.Report {
230+ Results : types.Results {
231+ {
232+ Class : types .ClassLangPkg ,
233+ Vulnerabilities : []types.DetectedVulnerability {
234+ {
235+ PkgName : "foo/bar" ,
236+ VulnerabilityID : "CVE-2022-1111" ,
237+ InstalledVersion : "v0.0.1" ,
238+ FixedVersion : "v0.0.2" ,
239+ PrimaryURL : "https://avd.aquasec.com/nvd/cve-2022-1111" ,
240+ Vulnerability : dbTypes.Vulnerability {Severity : "LOW" },
241+ },
242+ },
243+ },
244+ },
245+ },
246+ }
184247)
185248
186- func TestReportWrite_Summary (t * testing.T ) {
249+ func TestReportWrite_Table (t * testing.T ) {
187250 allSeverities := []dbTypes.Severity {
188251 dbTypes .SeverityUnknown ,
189252 dbTypes .SeverityLow ,
@@ -198,6 +261,7 @@ func TestReportWrite_Summary(t *testing.T) {
198261 opt report.Option
199262 scanners types.Scanners
200263 severities []dbTypes.Severity
264+ reportType string
201265 expectedOutput string
202266 }{
203267 {
@@ -208,6 +272,7 @@ func TestReportWrite_Summary(t *testing.T) {
208272 },
209273 scanners : types.Scanners {types .MisconfigScanner },
210274 severities : allSeverities ,
275+ reportType : report .SummaryReport ,
211276 expectedOutput : `Summary Report for test
212277=======================
213278
@@ -229,6 +294,29 @@ Infra Assessment
229294│ │ │ C │ H │ M │ L │ U │
230295└───────────┴──────────┴───┴───┴───┴───┴───┘
231296Severities: C=CRITICAL H=HIGH M=MEDIUM L=LOW U=UNKNOWN` ,
297+ },
298+ {
299+ name : "Single misconfig with `--report all`" ,
300+ report : report.Report {
301+ ClusterName : "test" ,
302+ Resources : []report.Resource {deployOrionWithSingleMisconfig },
303+ },
304+ scanners : types.Scanners {types .MisconfigScanner },
305+ severities : []dbTypes.Severity {
306+ dbTypes .SeverityCritical ,
307+ },
308+ reportType : report .AllReport ,
309+ expectedOutput : `namespace: default, deploy: orion ()
310+ ====================================
311+ Tests: 1 (SUCCESSES: 0, FAILURES: 1)
312+ Failures: 0 (CRITICAL: 0)
313+
314+ (LOW): Oh no, a bad config.
315+ ════════════════════════════════════════
316+ Your config file is not good.
317+
318+ See https://google.com/search?q=bad%20config
319+ ────────────────────────────────────────` ,
232320 },
233321 {
234322 name : "Only vuln, all serverities" ,
@@ -238,6 +326,7 @@ Severities: C=CRITICAL H=HIGH M=MEDIUM L=LOW U=UNKNOWN`,
238326 },
239327 scanners : types.Scanners {types .VulnerabilityScanner },
240328 severities : allSeverities ,
329+ reportType : report .SummaryReport ,
241330 expectedOutput : `Summary Report for test
242331=======================
243332
@@ -259,6 +348,27 @@ Infra Assessment
259348│ │ │ C │ H │ M │ L │ U │
260349└───────────┴──────────┴───┴───┴───┴───┴───┘
261350Severities: C=CRITICAL H=HIGH M=MEDIUM L=LOW U=UNKNOWN` ,
351+ },
352+ {
353+ name : "Single vuln with `--report all`" ,
354+ report : report.Report {
355+ ClusterName : "test" ,
356+ Resources : []report.Resource {deployOrionWithSingleVuln },
357+ },
358+ scanners : types.Scanners {types .VulnerabilityScanner },
359+ severities : []dbTypes.Severity {
360+ dbTypes .SeverityLow ,
361+ },
362+ reportType : report .AllReport ,
363+ expectedOutput : `namespace: default, deploy: orion ()
364+ ====================================
365+ Total: 1 (LOW: 1)
366+
367+ ┌─────────┬───────────────┬──────────┬─────────┬───────────────────┬───────────────┬───────────────────────────────────────────┐
368+ │ Library │ Vulnerability │ Severity │ Status │ Installed Version │ Fixed Version │ Title │
369+ ├─────────┼───────────────┼──────────┼─────────┼───────────────────┼───────────────┼───────────────────────────────────────────┤
370+ │ foo/bar │ CVE-2022-1111 │ LOW │ unknown │ v0.0.1 │ v0.0.2 │ https://avd.aquasec.com/nvd/cve-2022-1111 │
371+ └─────────┴───────────────┴──────────┴─────────┴───────────────────┴───────────────┴───────────────────────────────────────────┘` ,
262372 },
263373 {
264374 name : "Only rbac, all serverities" ,
@@ -268,6 +378,7 @@ Severities: C=CRITICAL H=HIGH M=MEDIUM L=LOW U=UNKNOWN`,
268378 },
269379 scanners : types.Scanners {types .RBACScanner },
270380 severities : allSeverities ,
381+ reportType : report .SummaryReport ,
271382 expectedOutput : `Summary Report for test
272383=======================
273384
@@ -289,6 +400,7 @@ Severities: C=CRITICAL H=HIGH M=MEDIUM L=LOW U=UNKNOWN`,
289400 },
290401 scanners : types.Scanners {types .SecretScanner },
291402 severities : allSeverities ,
403+ reportType : report .SummaryReport ,
292404 expectedOutput : `Summary Report for test
293405=======================
294406
@@ -319,6 +431,7 @@ Severities: C=CRITICAL H=HIGH M=MEDIUM L=LOW U=UNKNOWN`,
319431 },
320432 scanners : types.Scanners {types .MisconfigScanner },
321433 severities : allSeverities ,
434+ reportType : report .SummaryReport ,
322435 expectedOutput : `Summary Report for test
323436=======================
324437
@@ -353,6 +466,7 @@ Severities: C=CRITICAL H=HIGH M=MEDIUM L=LOW U=UNKNOWN`,
353466 types .SecretScanner ,
354467 },
355468 severities : allSeverities ,
469+ reportType : report .SummaryReport ,
356470 expectedOutput : `Summary Report for test
357471=======================
358472
@@ -386,6 +500,7 @@ Severities: C=CRITICAL H=HIGH M=MEDIUM L=LOW U=UNKNOWN`,
386500 types .VulnerabilityScanner ,
387501 },
388502 severities : allSeverities ,
503+ reportType : report .SummaryReport ,
389504 expectedOutput : `Summary Report for test
390505=======================
391506
@@ -412,19 +527,22 @@ Severities: C=CRITICAL H=HIGH M=MEDIUM L=LOW U=UNKNOWN`,
412527
413528 for _ , tc := range tests {
414529 t .Run (tc .name , func (t * testing.T ) {
530+ t .Setenv ("TRIVY_DISABLE_VEX_NOTICE" , "true" )
415531 output := bytes.Buffer {}
416532
417533 opt := report.Option {
418534 Format : "table" ,
419- Report : "summary" ,
535+ Report : tc . reportType ,
420536 Output : & output ,
421537 Scanners : tc .scanners ,
422538 Severities : tc .severities ,
423539 }
424540
425541 err := Write (t .Context (), tc .report , opt )
426542 require .NoError (t , err )
427- assert .Equal (t , tc .expectedOutput , stripAnsi (output .String ()), tc .name )
543+ got := stripAnsi (output .String ())
544+ got = strings .ReplaceAll (got , "\r \n " , "\n " )
545+ assert .Equal (t , tc .expectedOutput , got , tc .name )
428546 })
429547 }
430548}
0 commit comments