From 7874860e92b3b192717cf9f345b1a4e9361bea28 Mon Sep 17 00:00:00 2001
From: Alex Goodman <wagoodman@users.noreply.github.com>
Date: Wed, 18 Oct 2023 15:07:03 -0400
Subject: [PATCH] add mariner snapshot tests

Signed-off-by: Alex Goodman <wagoodman@users.noreply.github.com>
---
 .../snapshots/mariner:2.0/CVE-2022-3736.json  |  1 +
 .../snapshots/mariner:2.0/CVE-2023-21977.json |  1 +
 .../snapshots/mariner:2.0/CVE-2023-21980.json |  1 +
 tests/unit/providers/mariner/test_mariner.py  | 20 +++++++++++++++++++
 4 files changed, 23 insertions(+)
 create mode 100644 tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2022-3736.json
 create mode 100644 tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-21977.json
 create mode 100644 tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-21980.json

diff --git a/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2022-3736.json b/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2022-3736.json
new file mode 100644
index 00000000..3acb83c0
--- /dev/null
+++ b/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2022-3736.json
@@ -0,0 +1 @@
+{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"mariner:2.0/CVE-2022-3736","item":{"Vulnerability":{"Name":"CVE-2022-3736","NamespaceName":"mariner:2.0","Description":"CVE-2022-3736 affecting package bind 9.16.33-1. No patch is available currently.","Severity":"High","Link":"https://nvd.nist.gov/vuln/detail/CVE-2022-3736","CVSS":[],"FixedIn":[{"Name":"bind","NamespaceName":"mariner:2.0","VersionFormat":"rpm","Version":"None","Module":"","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Metadata":{}}}}
diff --git a/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-21977.json b/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-21977.json
new file mode 100644
index 00000000..b3e4a8ba
--- /dev/null
+++ b/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-21977.json
@@ -0,0 +1 @@
+{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"mariner:2.0/CVE-2023-21977","item":{"Vulnerability":{"Name":"CVE-2023-21977","NamespaceName":"mariner:2.0","Description":"CVE-2023-21977 affecting package mysql 8.0.32-1. An upgraded version of the package is available that resolves this issue.","Severity":"Medium","Link":"https://nvd.nist.gov/vuln/detail/CVE-2023-21977","CVSS":[],"FixedIn":[{"Name":"mysql","NamespaceName":"mariner:2.0","VersionFormat":"rpm","Version":"0:8.0.33-1.cm2","Module":"","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Metadata":{}}}}
diff --git a/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-21980.json b/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-21980.json
new file mode 100644
index 00000000..6447c5fd
--- /dev/null
+++ b/tests/unit/providers/mariner/test-fixtures/snapshots/mariner:2.0/CVE-2023-21980.json
@@ -0,0 +1 @@
+{"schema":"https://raw.githubusercontent.com/anchore/vunnel/main/schema/vulnerability/os/schema-1.0.0.json","identifier":"mariner:2.0/CVE-2023-21980","item":{"Vulnerability":{"Name":"CVE-2023-21980","NamespaceName":"mariner:2.0","Description":"CVE-2023-21980 affecting package mysql 8.0.32-1. An upgraded version of the package is available that resolves this issue.","Severity":"High","Link":"https://nvd.nist.gov/vuln/detail/CVE-2023-21980","CVSS":[],"FixedIn":[{"Name":"mysql","NamespaceName":"mariner:2.0","VersionFormat":"rpm","Version":"0:8.0.33-1.cm2","Module":"","VendorAdvisory":{"NoAdvisory":false,"AdvisorySummary":[]}}],"Metadata":{}}}}
diff --git a/tests/unit/providers/mariner/test_mariner.py b/tests/unit/providers/mariner/test_mariner.py
index 2feb84e2..0917cbce 100644
--- a/tests/unit/providers/mariner/test_mariner.py
+++ b/tests/unit/providers/mariner/test_mariner.py
@@ -113,3 +113,23 @@ def mock_download(*args, **kwargs):
 
     assert 3 == workspace.num_result_entries()
     assert workspace.result_schemas_valid(require_entries=True)
+
+
+def test_provider_via_snapshot(helpers, disable_get_requests, monkeypatch):
+    workspace = helpers.provider_workspace_helper(name=Provider.name())
+
+    c = Config(allow_versions=["2.0"])
+    c.runtime.result_store = result.StoreStrategy.FLAT_FILE
+    p = Provider(root=workspace.root, config=c)
+
+    mock_data_path = helpers.local_dir("test-fixtures/mariner-truncated-2.0-oval.xml")
+    shutil.copy(mock_data_path, workspace.input_dir / "mariner-truncated-2.0-oval.xml")
+
+    def mock_download(*args, **kwargs):
+        return [mock_data_path]
+
+    monkeypatch.setattr(p.parser, "_download", mock_download)
+
+    p.update(None)
+
+    workspace.assert_result_snapshots()