diff options
| author | mo khan <mo.khan@gmail.com> | 2020-10-28 16:45:45 -0600 |
|---|---|---|
| committer | mo khan <mo.khan@gmail.com> | 2020-10-28 16:45:45 -0600 |
| commit | 741cf1016de0494976319e94df74bb0e23426f65 (patch) | |
| tree | bdc0039cfe41aed91720f206b017f8eb2b947f0b | |
| parent | 5c4475ae88db0c3253a9c3fd18ed251a97b7e751 (diff) | |
Add test to verify that shelling out to rpm works
| -rw-r--r-- | lib/e2e/docker.rb | 11 | ||||
| -rw-r--r-- | spec/fixtures/docker/centos8-Dockerfile | 1 | ||||
| -rw-r--r-- | spec/integration/klar_spec.rb | 18 |
3 files changed, 24 insertions, 6 deletions
diff --git a/lib/e2e/docker.rb b/lib/e2e/docker.rb index f8347e9..5cc3df8 100644 --- a/lib/e2e/docker.rb +++ b/lib/e2e/docker.rb @@ -19,7 +19,7 @@ class Docker end end - def run(image:, project_path: Pathname.pwd, env: {}, debug: ENV.fetch('DEBUG', 'false') == 'true') + def run(image:, project_path: Pathname.pwd, env: {}, debug: ENV.fetch('DEBUG', 'false') == 'true', command: '/analyzer run') env_options = DEFAULT_ENV.merge(env).map { |(key, value)| "--env #{key}='#{value}'" } Dir.chdir pwd do arguments = [ @@ -29,11 +29,12 @@ class Docker "--network=host", "--volume=#{project_path}:/tmp/app", "--workdir=/tmp/app", - env_options + env_options, + "--entrypoint=/bin/sh" ] - arguments.push(debug ? ["-it", "--entrypoint=''", image, '/bin/sh'] : [image, '/analyzer run']) - command = expand(arguments) - system(command, exception: true) + arguments.push(debug ? ["-it", image] : [image]) + arguments.push("-c '#{command}'") + system(expand(arguments), exception: true) end end diff --git a/spec/fixtures/docker/centos8-Dockerfile b/spec/fixtures/docker/centos8-Dockerfile new file mode 100644 index 0000000..dd95913 --- /dev/null +++ b/spec/fixtures/docker/centos8-Dockerfile @@ -0,0 +1 @@ +FROM centos:8 diff --git a/spec/integration/klar_spec.rb b/spec/integration/klar_spec.rb index 1704af8..627ca9d 100644 --- a/spec/integration/klar_spec.rb +++ b/spec/integration/klar_spec.rb @@ -9,15 +9,31 @@ RSpec.describe 'klar' do { DOCKERFILE_PATH: project.path.join("minbox-Dockerfile"), DOCKER_IMAGE: "mokhan/minbox:latest", - SECURE_LOG_LEVEL: "debug" } end pending { expect(subject).to match_schema(:container_scanning) } specify do + expect(subject['scan']['status']).to eql('success') expect(subject['vulnerabilities'].length).to be > 0 expect(subject['vulnerabilities']).to all(include('category' => 'container_scanning')) end end + + context "when scanning a RHEL based image" do + let(:env) do + { + DOCKERFILE_PATH: project.path.join("centos8-Dockerfile"), + DOCKER_IMAGE: "centos:8", + } + end + + pending { expect(subject).to match_schema(:container_scanning) } + specify { expect(subject['scan']['status']).to eql('success') } + + it "can shell out to `rpm`" do + expect(docker.run(image: docker_image, project_path: project.path, env: env, command: 'rpm -q rpm')).to be(true) + end + end end |