test: Change target for container vuln scanning tests

.circleci/config.yml

@@ -29,6 +29,10 @@ executors:
     resource_class: arm.medium
 
 jobs:
+  prepare-test-resources:
+    executor: go-executor
+    steps:
+      - run: make test-resources
   unit-test:
     executor: go-executor
     steps:
@@ -224,6 +228,7 @@ workflows:
             branches:
               only: main
     jobs:
+      - prepare-test-resources
       - unit-test
       - build-cli
       - integration-test-linux:

Makefile

@@ -74,6 +74,9 @@ generate-databox:
 generate-docs:
 	go generate cli/cmd/docs.go
 
+test-resources:
+	scripts/prepare_test_resources.sh all
+
 install-cli: build-cli-cross-platform
 ifeq (x86_64, $(shell uname -m))
 	mv bin/$(PACKAGENAME)-$(shell uname -s | tr '[:upper:]' '[:lower:]')-amd64 /usr/local/bin/$(CLINAME)

api/_examples/pagerduty-alert-channel/main.go

@@ -15,8 +15,7 @@ func main() {
 
 	alert := api.NewPagerDutyAlertChannel("pagerduty-alert-from-golang",
 		api.PagerDutyData{
-			IntegrationKey:   "1234abc8901abc567abc123abc78e012",
-			MinAlertSeverity: 5,
+			IntegrationKey: "1234abc8901abc567abc123abc78e012",
 		},
 	)
 

integration/container_vulnerability_test.go

@@ -31,10 +31,8 @@ import (
 )
 
 const (
-	registry   = "index.docker.io"
-	repository = "lacework/lacework-cli"
-	tag1       = "ubuntu-1804"
-	tag2       = "debian-10"
+	registry        = "index.docker.io"
+	dirtyRepository = "techallylw/test-cli-dirty"
 )
 
 func TestContainerVulnerabilityCommandAliases(t *testing.T) {
@@ -75,7 +73,7 @@ func TestContainerVulnerabilityCommandListAssessments(t *testing.T) {
 	// verify that at least our lacework-cli container is listed
 	expectedFields := []string{
 		registry,
-		repository,
+		dirtyRepository,
 		"Success", // status
 		"sha256:", // image digest
 	}
@@ -92,11 +90,11 @@ func TestContainerVulnerabilityCommandScanHumanReadablePollGenerateHtml(t *testi
 	home := createTOMLConfigFromCIvars()
 	defer os.RemoveAll(home)
 	out, err, exitcode := LaceworkCLIWithHome(home,
-		"vulnerability", "container", "scan", registry, repository, tag2, "--poll", "--html")
+		"vulnerability", "container", "scan", registry, dirtyRepository, "latest", "--poll", "--html")
 
 	assert.Contains(t, out.String(), "A new vulnerability scan has been requested. (request_id:",
 		"STDOUT changed, please check")
-	assert.Contains(t, out.String(), "The container vulnerability assessment was stored at 'lacework-lacework-cli-sha256",
+	assert.Contains(t, out.String(), "The container vulnerability assessment was stored at 'techallylw-test-cli-dirty-sha256",
 		"STDOUT changed, please check")
 	assert.Empty(t,
 		err.String(),
@@ -111,7 +109,7 @@ func TestContainerVulnerabilityCommandScanHumanReadablePollGenerateHtml(t *testi
 			imageDigest = shas[len(shas)-1]
 		)
 		assert.NotEmpty(t, imageDigest, "unable to extract image digest")
-		htmlFile := path.Join(home, fmt.Sprintf("lacework-lacework-cli-%s.html", imageDigest))
+		htmlFile := path.Join(home, fmt.Sprintf("techallylw-test-cli-dirty-%s.html", imageDigest))
 		assert.FileExists(t, htmlFile, "the HTML file was not generated")
 		storeFileInCircleCI(htmlFile)
 	})
@@ -134,9 +132,9 @@ func TestContainerVulnerabilityCommandsEndToEnd(t *testing.T) {
 	//   "requestId": "e94f2774-5662-4510-8ebf-2d5e3cd317f6",
 	//   "status": "Scanning"
 	// }
-	t.Run(fmt.Sprintf("run scan for %s/%s:%s", registry, repository, tag1), func(t *testing.T) {
+	t.Run(fmt.Sprintf("run scan for %s/%s", registry, dirtyRepository), func(t *testing.T) {
 		out, err, exitcode = LaceworkCLIWithTOMLConfig(
-			"vulnerability", "container", "scan", registry, repository, tag1, "--json")
+			"vulnerability", "container", "scan", registry, dirtyRepository, "latest", "--json")
 		assert.Empty(t,
 			err.String(),
 			"STDERR should be empty")
@@ -189,8 +187,8 @@ func TestContainerVulnerabilityCommandsEndToEnd(t *testing.T) {
 
 		// fields
 		"Registry    " + registry,
-		"Repository  " + repository,
-		"Tags        " + tag1,
+		"Repository  " + dirtyRepository,
+		"Tags        " + "latest",
 		"Size",
 		"ID",
 		"Digest",
@@ -271,7 +269,7 @@ func TestContainerVulnerabilityCommandsEndToEnd(t *testing.T) {
 			"STDERR should be empty")
 		assert.Equal(t, 0, exitcode,
 			"EXITCODE is not the expected one")
-		assert.Contains(t, out.String(), "The container vulnerability assessment was stored at 'lacework-lacework-cli-sha256",
+		assert.Contains(t, out.String(), "The container vulnerability assessment was stored at 'techallylw-test-cli-dirty-sha256",
 			"STDOUT changed, please check")
 
 		assert.NotContains(t, out.String(), "Try adding '--details' to increase details shown about the vulnerability assessment.",
@@ -284,7 +282,7 @@ func TestContainerVulnerabilityCommandsEndToEnd(t *testing.T) {
 				imageDigest = shas[len(shas)-1]
 			)
 			assert.NotEmpty(t, imageDigest, "unable to extract image digest")
-			htmlFile := path.Join(home, fmt.Sprintf("lacework-lacework-cli-%s.html", imageDigest))
+			htmlFile := path.Join(home, fmt.Sprintf("techallylw-test-cli-dirty-%s.html", imageDigest))
 			assert.FileExists(t, htmlFile, "the HTML file was not generated")
 			storeFileInCircleCI(htmlFile)
 		})

integration/test_resources/clean.Dockerfile

@@ -0,0 +1,2 @@
+FROM alpine:latest as alpine
+

integration/test_resources/vuln_scan/dirty.Dockerfile

@@ -0,0 +1 @@
+FROM node:15.2.0

scripts/prepare_test_resources.sh

@@ -0,0 +1,42 @@
+#!/bin/bash
+#
+# Name::        prepare_test_resources.sh
+# Description:: Make ready resources required by integration tests
+# Author::      Darren Murray (<[email protected]>)
+#
+
+main() {
+  if [[ -z $DOCKERHUB_PASS ]]; then
+    echo "$DOCKERHUB_PASS" | docker login -u "$DOCKERHUB_USERNAME" --password-stdin
+  fi
+
+  case "${1:-}" in
+  clean)
+    build_clean
+    ;;
+  dirty)
+    build_dirty
+    ;;
+  all)
+    build_clean
+    build_dirty
+    ;;
+  *)
+    echo "invalid argument"
+    ;;
+esac
+}
+
+build_clean() {
+  echo "building clean container"
+  docker build --no-cache -f "integration/test_resources/clean.Dockerfile" -t techallylw/test-cli-clean .
+  docker push techallylw/test-cli-clean
+}
+
+build_dirty() {
+  echo "building dirty container"
+  docker build -f "integration/test_resources/vuln_scan/dirty.Dockerfile" -t techallylw/test-cli-dirty .
+  docker push techallylw/test-cli-dirty
+}
+
+main "$@" || exit 99