Elgato_dark/fleet
1
0
Fork 0
mirror of https://github.com/fleetdm/fleet synced 2026-05-21 07:58:31 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 111
fleet/server/vulnerabilities/oval/oval_platform_test.go
Ian Littman e96c70e4c0
Pull xz'd goval-dictionary sqlite files to evaluate vulnerabilities on Amazon Linux hosts (#21506) 
#20934

This is tied to https://github.com/fleetdm/vulnerabilities/pull/14; for
supported OS versions (currently Amazon Linux 1/2/2022/2023) we'll pull
XZ'd sqlite files from the vulnerabilities repo and query them to
determine what's vulnerable. See the associated issue for how I
self-QA'd this.

This replaced OVAL parsing for Amazon Linux 2, as we were using the
wrong data source there (Amazon has backported a bunch of fixes to their
own-named releases, so any RHEL fixes don't match).

Some checklist items are missing here; getting this set up in draft to
get code feedback now, and I'll push updates with e.g. docs changes, as
well ass an addition to the changes file.

# Checklist for submitter

If some of the following don't apply, delete the relevant line.

<!-- Note that API documentation changes are now addressed by the
product design team. -->

- [x] Changes file added for user-visible changes in `changes/`,
`orbit/changes/` or `ee/fleetd-chrome/changes`.
See [Changes
files](https://github.com/fleetdm/fleet/blob/main/docs/Contributing/Committing-Changes.md#changes-files)
for more information.
- [x] Input data is properly validated, `SELECT *` is avoided, SQL
injection is prevented (using placeholders for values in statements)
- [x] Added/updated tests
    - [x] Add tests to oval_platform
    - [x] Add sync_test
    - [x] Add database_test
- [x] Manual QA for all new/changed functionality
- [x] Update vulnerability management docs
2024-08-26 14:07:42 -05:00

91 lines
3.1 KiB
Go
Raw Blame History

package oval
import (
"testing"
"time"
"github.com/stretchr/testify/require"
)
func TestOvalPlatform(t *testing.T) {
t.Run("NewPlatform", func(t *testing.T) {
cases := []struct {
platform string
osVersion string
expected string
}{
{"centos", "CentOS Linux 8.3.2011", "centos_08"},
{"ubuntu", "Ubuntu 20.4.0", "ubuntu_2004"},
{"centos", "CentOS 6.10.0", "centos_06"},
{"debian", "Debian GNU/Linux 9.0.0", "debian_09"},
{"debian", "Debian GNU/Linux 10.0.0", "debian_10"},
{"centos", "CentOS Linux 7.9.2009", "centos_07"},
{"ubuntu", "Ubuntu 16.4.0", "ubuntu_1604"},
{"ubuntu", "Ubuntu 18.4.0", "ubuntu_1804"},
{"ubuntu", "Ubuntu 18.4", "ubuntu_1804"},
{"ubuntu", "Ubuntu 18.4.0 ", "ubuntu_1804"},
{"ubuntu", "Ubuntu 18.4.0 LTS asdfasd", "ubuntu_1804"},
{"rhel", "CentOS Linux 7.9.2009", "rhel_07"},
{"amzn", "Amazon Linux 2.0.0", "amzn_02"},
{"amzn", "Amazon Linux 2023.0.0", "amzn_2023"},
{"rhel", "Fedora Linux 12.0.0", "rhel_06"},
{"rhel", "Fedora Linux 13.0.0", "rhel_06"},
{"rhel", "Fedora Linux 14.0.0", "rhel_06"},
{"rhel", "Fedora Linux 15.0.0", "rhel_06"},
{"rhel", "Fedora Linux 16.0.0", "rhel_06"},
{"rhel", "Fedora Linux 17.0.0", "rhel_06"},
{"rhel", "Fedora Linux 18.0.0", "rhel_06"},
{"rhel", "Fedora Linux 19.0.0", "rhel_07"},
{"rhel", "Fedora Linux 20.0.0", "rhel_07"},
{"rhel", "Fedora Linux 21.0.0", "rhel_07"},
{"rhel", "Fedora Linux 22.0.0", "rhel_07"},
{"rhel", "Fedora Linux 23.0.0", "rhel_07"},
{"rhel", "Fedora Linux 24.0.0", "rhel_07"},
{"rhel", "Fedora Linux 25.0.0", "rhel_07"},
{"rhel", "Fedora Linux 26.0.0", "rhel_07"},
{"rhel", "Fedora Linux 27.0.0", "rhel_07"},
{"rhel", "Fedora Linux 28.0.0", "rhel_08"},
{"rhel", "Fedora Linux 29.0.0", "rhel_08"},
{"rhel", "Fedora Linux 30.0.0", "rhel_08"},
{"rhel", "Fedora Linux 31.0.0", "rhel_08"},
{"rhel", "Fedora Linux 32.0.0", "rhel_08"},
{"rhel", "Fedora Linux 33.0.0", "rhel_08"},
{"rhel", "Fedora Linux 34.0.0", "rhel_09"},
{"rhel", "Fedora Linux 35.0.0", "rhel_09"},
{"rhel", "Fedora Linux 36.0.0", "rhel_09"},
{"ubuntu", "Ubuntu 20.04.2 LTS", "ubuntu_2004"},
}
for _, c := range cases {
require.Equal(t, c.expected, string(NewPlatform(c.platform, c.osVersion)), c)
}
})
t.Run("ToFilename", func(t *testing.T) {
cases := []struct {
date time.Time
expected string
}{
{time.Date(2020, 1, 1, 0, 0, 0, 0, time.UTC), "fleet_oval_ubuntu_2004-2020_01_01.json"},
{time.Date(2020, 10, 10, 0, 0, 0, 0, time.UTC), "fleet_oval_ubuntu_2004-2020_10_10.json"},
}
for _, c := range cases {
plat := NewPlatform("ubuntu", "Ubuntu 20.4.0")
require.Equal(t, c.expected, plat.ToFilename(c.date, "json"))
}
})
t.Run("ToGovalDictionaryFilename", func(t *testing.T) {
cases := []struct {
version string
expected string
}{
{"Amazon Linux 2.0.0", "fleet_goval_dictionary_amzn_02.sqlite3"},
{"Amazon Linux 2023.0.0", "fleet_goval_dictionary_amzn_2023.sqlite3"},
}
for _, c := range cases {
plat := NewPlatform("amzn", c.version)
require.Equal(t, c.expected, plat.ToGovalDictionaryFilename())
}
})
}
Reference in a new issue View git blame Copy permalink