From f99da0110052b78a6723d6540b7ce191a9e161c2 Mon Sep 17 00:00:00 2001 From: Alex Goodman Date: Tue, 25 May 2021 17:04:41 -0400 Subject: [PATCH] add staging update-url to cli tests + add pre-release check Signed-off-by: Alex Goodman --- Makefile | 7 ++++++- cmd/root.go | 13 +++++++++---- go.mod | 2 +- go.sum | 4 ++-- test/cli/cli-test-config.yaml | 3 +++ test/cli/utils_test.go | 13 ++++++++----- 6 files changed, 29 insertions(+), 13 deletions(-) create mode 100644 test/cli/cli-test-config.yaml diff --git a/Makefile b/Makefile index dc0347d9..92e7ed4b 100644 --- a/Makefile +++ b/Makefile @@ -219,8 +219,13 @@ changelog-unreleased: ## show the current changelog that will be produced on the -t 754.5889 \ /CHANGELOG.md +.PHONY: validate-cli-test-config +validate-cli-test-config: + # ensure the update URL is not overridden (not pointing to staging) + @ grep -q "update-url" test/cli/cli-test-config.yaml && echo "Found 'update-url' in CLI testing config. Cannot release if previous CLI testing did not use production (default) values" + .PHONY: release -release: clean-dist changelog-release ## Build and publish final binaries and packages. Intended to be run only on macOS. +release: clean-dist validate-cli-test-config changelog-release ## Build and publish final binaries and packages. Intended to be run only on macOS. $(call title,Publishing release artifacts) # Prepare for macOS-specific signing process diff --git a/cmd/root.go b/cmd/root.go index 119fed77..005b2e10 100644 --- a/cmd/root.go +++ b/cmd/root.go @@ -209,6 +209,9 @@ func startWorker(userInput string, failOnSeverity *vulnerability.Severity) <-cha if err != nil { errs <- fmt.Errorf("failed to load vulnerability db: %w", err) } + if dbStatus == nil { + errs <- fmt.Errorf("unable to determine DB status") + } }() go func() { @@ -234,10 +237,12 @@ func startWorker(userInput string, failOnSeverity *vulnerability.Severity) <-cha errs <- grypeerr.ErrAboveSeverityThreshold } - bus.Publish(partybus.Event{ - Type: event.VulnerabilityScanningFinished, - Value: presenter.GetPresenter(presenterConfig, matches, packages, context, metadataProvider, *appConfig, *dbStatus), - }) + if appConfig != nil && dbStatus != nil { + bus.Publish(partybus.Event{ + Type: event.VulnerabilityScanningFinished, + Value: presenter.GetPresenter(presenterConfig, matches, packages, context, metadataProvider, *appConfig, *dbStatus), + }) + } }() return errs } diff --git a/go.mod b/go.mod index a7ad96ea..49d304b6 100644 --- a/go.mod +++ b/go.mod @@ -7,7 +7,7 @@ require ( github.com/adrg/xdg v0.2.1 github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04 github.com/anchore/go-version v1.2.2-0.20200810141238-330bef18dbca - github.com/anchore/grype-db v0.0.0-20210322113357-5aec8a7cb962 + github.com/anchore/grype-db v0.0.0-20210525151544-6d0ab949b8fb github.com/anchore/stereoscope v0.0.0-20210524175238-3b7662f3a66f github.com/anchore/syft v0.15.3-0.20210524151556-2ca2f0350133 github.com/docker/docker v17.12.0-ce-rc1.0.20200309214505-aa6a9891b09c+incompatible diff --git a/go.sum b/go.sum index bf6ea71b..3ddf419f 100644 --- a/go.sum +++ b/go.sum @@ -122,8 +122,8 @@ github.com/anchore/go-testutils v0.0.0-20200925183923-d5f45b0d3c04/go.mod h1:6dK github.com/anchore/go-version v1.2.2-0.20200701162849-18adb9c92b9b/go.mod h1:Bkc+JYWjMCF8OyZ340IMSIi2Ebf3uwByOk6ho4wne1E= github.com/anchore/go-version v1.2.2-0.20200810141238-330bef18dbca h1:rLyc7Rih769rYABQe4nBPt3jHJd/snBuVvKKGoy5HEc= github.com/anchore/go-version v1.2.2-0.20200810141238-330bef18dbca/go.mod h1:Bkc+JYWjMCF8OyZ340IMSIi2Ebf3uwByOk6ho4wne1E= -github.com/anchore/grype-db v0.0.0-20210322113357-5aec8a7cb962 h1:yW3xed7hbEjdmEXRnBFit5AGN0exPIFgE1jgW9bks+Q= -github.com/anchore/grype-db v0.0.0-20210322113357-5aec8a7cb962/go.mod h1:LINmipRzG88vnJEWvgMMDVCFH1qZsj7+bjmpERlSyaA= +github.com/anchore/grype-db v0.0.0-20210525151544-6d0ab949b8fb h1:kngIkZ7X1mzY9mIo7me2iXx7GYrbzzEQiljBaOlQ4oc= +github.com/anchore/grype-db v0.0.0-20210525151544-6d0ab949b8fb/go.mod h1:LINmipRzG88vnJEWvgMMDVCFH1qZsj7+bjmpERlSyaA= github.com/anchore/stereoscope v0.0.0-20210413221244-d577f30b19e6/go.mod h1:vhh1M99rfWx5ejMvz1lkQiFZUrC5wu32V12R4JXH+ZI= github.com/anchore/stereoscope v0.0.0-20210524175238-3b7662f3a66f h1:bFadyOLOkzME3BrZFZ5m8cf/b2hsn3aMSS9s+SKubRk= github.com/anchore/stereoscope v0.0.0-20210524175238-3b7662f3a66f/go.mod h1:vhh1M99rfWx5ejMvz1lkQiFZUrC5wu32V12R4JXH+ZI= diff --git a/test/cli/cli-test-config.yaml b/test/cli/cli-test-config.yaml new file mode 100644 index 00000000..207720f7 --- /dev/null +++ b/test/cli/cli-test-config.yaml @@ -0,0 +1,3 @@ +check-for-app-update: false +db: + update-url: https://toolbox-data.anchore.io/grype/staging-databases/listing.json \ No newline at end of file diff --git a/test/cli/utils_test.go b/test/cli/utils_test.go index 320a0df7..c1f8bf68 100644 --- a/test/cli/utils_test.go +++ b/test/cli/utils_test.go @@ -48,16 +48,19 @@ func getGrypeCommand(t testing.TB, args ...string) *exec.Cmd { } } - cmd := exec.Command(binaryLocation, args...) - // note: we need to preserve env vars + add an additional var to suppress checking for app updates - cmd.Env = append(os.Environ(), "GRYPE_CHECK_FOR_APP_UPDATE=false") - return cmd + return exec.Command( + binaryLocation, + append( + []string{"-c", "cli-test-config.yaml"}, + args..., + )..., + ) } func runGrypeCommand(t testing.TB, env map[string]string, args ...string) (*exec.Cmd, string, string) { cmd := getGrypeCommand(t, args...) if env != nil { - cmd.Env = append(cmd.Env, envMapToSlice(env)...) + cmd.Env = append(os.Environ(), envMapToSlice(env)...) } var stdout, stderr bytes.Buffer cmd.Stdout = &stdout