diff options
| -rw-r--r-- | docker-compose.yml | 6 | ||||
| -rw-r--r-- | lib/e2e/docker.rb | 3 | ||||
| -rw-r--r-- | spec/fixtures/empty/.keep | 0 | ||||
| -rw-r--r-- | spec/integration/klar_spec.rb | 9 | ||||
| -rw-r--r-- | spec/support/shared/with_scanner.rb | 2 |
5 files changed, 18 insertions, 2 deletions
diff --git a/docker-compose.yml b/docker-compose.yml new file mode 100644 index 0000000..6b482ca --- /dev/null +++ b/docker-compose.yml @@ -0,0 +1,6 @@ +version: "3.8" +services: + clair-vulnerabilities-db: + image: "registry.gitlab.com/gitlab-org/security-products/analyzers/clair-vulnerabilities-db:latest" + ports: + - "5432:5432" diff --git a/lib/e2e/docker.rb b/lib/e2e/docker.rb index b2b883c..121e47b 100644 --- a/lib/e2e/docker.rb +++ b/lib/e2e/docker.rb @@ -25,8 +25,9 @@ class Docker arguments = [ :docker, :run, '--rm', "--volume=#{project_path}:/tmp/app", - '--network=host', + '--add-host=clair-vulnerabilities-db:127.0.0.1', '--add-host=maven.test:127.0.0.1', + '--network=host', env_options ] arguments.push(debug ? ["-it", "--entrypoint=''", image, '/bin/bash -l'] : [image, '/analyzer run']) diff --git a/spec/fixtures/empty/.keep b/spec/fixtures/empty/.keep new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/spec/fixtures/empty/.keep diff --git a/spec/integration/klar_spec.rb b/spec/integration/klar_spec.rb new file mode 100644 index 0000000..13ebb94 --- /dev/null +++ b/spec/integration/klar_spec.rb @@ -0,0 +1,9 @@ +# frozen_string_literal: true + +RSpec.describe 'klar' do + let(:scanner) { 'klar' } + let(:project_fixture) { 'docker/compose' } + let(:env) { { DOCKER_IMAGE: 'mokhan/minbox:latest' } } + + specify { expect(subject).to match_schema(:container_scanning) } +end diff --git a/spec/support/shared/with_scanner.rb b/spec/support/shared/with_scanner.rb index 6817515..0d69aef 100644 --- a/spec/support/shared/with_scanner.rb +++ b/spec/support/shared/with_scanner.rb @@ -9,7 +9,7 @@ RSpec.shared_context 'with scanner' do let(:project) { Project.new } let(:project_fixture) { nil } let(:env) { {} } - let(:report_types) { { 'gemnasium-maven' => :dependency_scanning, 'spotbugs' => :sast } } + let(:report_types) { { 'gemnasium-maven' => :dependency_scanning, 'spotbugs' => :sast, 'klar' => :container_scanning } } let(:report_type) { report_types.fetch(scanner) } around do |example| |