test/security/check_versions/tests/test_main.py

   1 #!/usr/bin/env python3
   2
   3 import k8s_bin_versions_inspector as kbvi
   4 import json
   5 import tempfile
   6 import yaml
   7
   8
   9 def exec_main(pod_name_trimmer, acceptable_data):
  10     with tempfile.NamedTemporaryFile() as output_temp, tempfile.NamedTemporaryFile() as acceptable_temp:
  11         with open(acceptable_temp.name, "w") as stream:
  12             yaml.safe_dump(acceptable_data, stream)
  13
  14         result = kbvi.main(
  15             [
  16                 "--quiet",
  17                 "--output-file",
  18                 output_temp.name,
  19                 "--output-format",
  20                 "json",
  21                 "--acceptable",
  22                 acceptable_temp.name,
  23             ]
  24         )
  25
  26         with open(output_temp.name, "r") as stream:
  27             output_data = json.load(stream)
  28             output_extracted = (
  29                 (
  30                     item["namespace"],
  31                     pod_name_trimmer(item["pod"]),
  32                     item["container"],
  33                     item["versions"]["python"],
  34                     item["versions"]["java"],
  35                 )
  36                 for item in output_data
  37             )
  38             output_sorted = sorted(output_extracted)
  39
  40     assert output_sorted == [
  41         ("default", "kbvi-test-java-keycloak", "keycloak", [], ["11.0.8"]),
  42         ("default", "kbvi-test-java-keycloak-old", "keycloak-old", [], ["11.0.5"]),
  43         (
  44             "default",
  45             "kbvi-test-java-keycloak-very-old",
  46             "keycloak-very-old",
  47             ["2.7.5"],
  48             [],
  49         ),
  50         ("default", "kbvi-test-python-jupyter", "jupyter", ["3.8.4"], []),
  51         ("default", "kbvi-test-python-jupyter-old", "jupyter-old", ["3.6.6"], []),
  52         ("default", "kbvi-test-python-stderr-filebeat", "filebeat", ["2.7.5"], []),
  53         ("default", "kbvi-test-terminated", "python", [], []),
  54         ("ingress-nginx", "kbvi-test-ingress-nginx", "echo-server", [], []),
  55         ("kube-system", "kbvi-test-kube-system", "echo-server", [], []),
  56     ]
  57
  58     return result
  59
  60
  61 def test_main(pod_name_trimmer):
  62     acceptable_data = {
  63         "python": ["2.7.5", "3.6.6", "3.8.4"],
  64         "java": ["11.0.5", "11.0.8"],
  65     }
  66
  67     result = exec_main(pod_name_trimmer, acceptable_data)
  68
  69     assert result == 0
  70
  71
  72 def test_main_neg(pod_name_trimmer):
  73     acceptable_data = {
  74         "python": ["3.6.6", "3.8.4"],
  75         "java": ["11.0.5", "11.0.8"],
  76     }
  77
  78     result = exec_main(pod_name_trimmer, acceptable_data)
  79
  80     assert result == 1