mirror of https://github.com/artifacthub/hub.git
198 lines
5.5 KiB
SQL
198 lines
5.5 KiB
SQL
-- Start transaction and plan tests
|
|
begin;
|
|
select plan(14);
|
|
|
|
-- Declare some variables
|
|
\set user1ID '00000000-0000-0000-0000-000000000001'
|
|
\set repo1ID '00000000-0000-0000-0000-000000000001'
|
|
\set package1ID '00000000-0000-0000-0000-000000000001'
|
|
\set package2ID '00000000-0000-0000-0000-000000000002'
|
|
|
|
-- Seed some data
|
|
insert into "user" (user_id, alias, email) values (:'user1ID', 'user1', 'user1@email.com');
|
|
insert into repository (repository_id, name, display_name, url, repository_kind_id, user_id)
|
|
values (:'repo1ID', 'repo1', 'Repo 1', 'https://repo1.com', 0, :'user1ID');
|
|
insert into package (
|
|
package_id,
|
|
name,
|
|
latest_version,
|
|
repository_id
|
|
) values (
|
|
:'package1ID',
|
|
'package1',
|
|
'1.0.0',
|
|
:'repo1ID'
|
|
);
|
|
insert into snapshot (
|
|
package_id,
|
|
version,
|
|
containers_images
|
|
) values (
|
|
:'package1ID',
|
|
'1.0.0',
|
|
'[{"image": "quay.io/org/pkg1:1.0.0"}]'
|
|
);
|
|
insert into package (
|
|
package_id,
|
|
name,
|
|
latest_version,
|
|
repository_id
|
|
) values (
|
|
:'package2ID',
|
|
'package2',
|
|
'1.0.0',
|
|
:'repo1ID'
|
|
);
|
|
insert into snapshot (
|
|
package_id,
|
|
version
|
|
) values (
|
|
:'package2ID',
|
|
'1.0.0'
|
|
);
|
|
insert into snapshot (
|
|
package_id,
|
|
version
|
|
) values (
|
|
:'package2ID',
|
|
'0.0.9'
|
|
);
|
|
|
|
-- Test security report information update
|
|
select is(security_report, null, 'Security report should be null')
|
|
from snapshot where package_id = :'package1ID' and version = '1.0.0';
|
|
select is(security_report_alert_digest, null, 'Security report alert digest should be null')
|
|
from snapshot where package_id = :'package1ID' and version = '1.0.0';
|
|
select is(security_report_created_at, null, 'Security report created at should be null')
|
|
from snapshot where package_id = :'package1ID' and version = '1.0.0';
|
|
select is(security_report_summary, null, 'Security report summary should be null')
|
|
from snapshot where package_id = :'package1ID' and version = '1.0.0';
|
|
select update_snapshot_security_report('{
|
|
"package_id": "00000000-0000-0000-0000-000000000001",
|
|
"version": "1.0.0",
|
|
"alert_digest": "digest",
|
|
"summary": {
|
|
"critical": 2,
|
|
"high": 3,
|
|
"low": 10
|
|
},
|
|
"images_reports": {
|
|
"quay.io/org/pkg1:1.0.0": [
|
|
{"k": "v"}
|
|
]
|
|
}
|
|
}');
|
|
select is(security_report, '{
|
|
"quay.io/org/pkg1:1.0.0": [
|
|
{"k": "v"}
|
|
]
|
|
}', 'Security report should exist')
|
|
from snapshot where package_id = :'package1ID' and version = '1.0.0';
|
|
select is(security_report_alert_digest, 'digest', 'Security report alert digest should exist')
|
|
from snapshot where package_id = :'package1ID' and version = '1.0.0';
|
|
select isnt(security_report_created_at, null, 'Security report created at should exist')
|
|
from snapshot where package_id = :'package1ID' and version = '1.0.0';
|
|
select is(security_report_summary, '{
|
|
"critical": 2,
|
|
"high": 3,
|
|
"low": 10
|
|
}', 'Security report summary should exist')
|
|
from snapshot where package_id = :'package1ID' and version = '1.0.0';
|
|
|
|
-- Test security alert events
|
|
select update_snapshot_security_report('{
|
|
"package_id": "00000000-0000-0000-0000-000000000002",
|
|
"version": "0.0.9",
|
|
"alert_digest": "digest-a"
|
|
}');
|
|
select is(
|
|
count(*)::int,
|
|
0::int,
|
|
'No security alert event should exist for package 2 version 0.0.9 as the version is not the latest'
|
|
)
|
|
from event e
|
|
join package p using (package_id)
|
|
where p.name = 'package2' and e.package_version = '0.0.9';
|
|
|
|
select update_snapshot_security_report('{
|
|
"package_id": "00000000-0000-0000-0000-000000000002",
|
|
"version": "1.0.0"
|
|
}');
|
|
select is(
|
|
count(*)::int,
|
|
0::int,
|
|
'No security alert event should exist for package 2 version 1.0.0 as the alert digest is null'
|
|
)
|
|
from event e
|
|
join package p using (package_id)
|
|
where p.name = 'package2' and e.package_version = '0.0.9';
|
|
|
|
select update_snapshot_security_report('{
|
|
"package_id": "00000000-0000-0000-0000-000000000002",
|
|
"version": "1.0.0",
|
|
"alert_digest": "digest-b"
|
|
}');
|
|
select is(
|
|
count(*)::int,
|
|
1::int,
|
|
'New security alert event should exist for package2 version 1.0.0'
|
|
)
|
|
from event e
|
|
join package p using (package_id)
|
|
where p.name = 'package2' and e.package_version = '1.0.0';
|
|
|
|
select update_snapshot_security_report('{
|
|
"package_id": "00000000-0000-0000-0000-000000000002",
|
|
"version": "1.0.0",
|
|
"alert_digest": "digest-b"
|
|
}');
|
|
select is(
|
|
count(*)::int,
|
|
1::int,
|
|
'No new security alert event should exist for package 2 version 1.0.0 as the alert digest has not changed'
|
|
)
|
|
from event e
|
|
join package p using (package_id)
|
|
where p.name = 'package2' and e.package_version = '1.0.0';
|
|
|
|
insert into snapshot (
|
|
package_id,
|
|
version
|
|
) values (
|
|
:'package2ID',
|
|
'1.1.0'
|
|
);
|
|
update package set latest_version='1.1.0' where name = 'package2';
|
|
|
|
select update_snapshot_security_report('{
|
|
"package_id": "00000000-0000-0000-0000-000000000002",
|
|
"version": "1.1.0",
|
|
"alert_digest": "digest-b"
|
|
}');
|
|
select is(
|
|
count(*)::int,
|
|
1::int,
|
|
'New security alert event should exist for package2 version 1.1.0 (new latest version, digest-b)'
|
|
)
|
|
from event e
|
|
join package p using (package_id)
|
|
where p.name = 'package2' and e.package_version = '1.1.0';
|
|
|
|
select update_snapshot_security_report('{
|
|
"package_id": "00000000-0000-0000-0000-000000000002",
|
|
"version": "1.1.0",
|
|
"alert_digest": "digest-c"
|
|
}');
|
|
select is(
|
|
count(*)::int,
|
|
2::int,
|
|
'New security alert event should exist for package2 version 1.1.0 (digest-c)'
|
|
)
|
|
from event e
|
|
join package p using (package_id)
|
|
where p.name = 'package2' and e.package_version = '1.1.0';
|
|
|
|
-- Finish tests and rollback transaction
|
|
select * from finish();
|
|
rollback;
|