Adding unit tests

Maffooch · Sep 13, 2024 · f6178d0 · f6178d0
1 parent 15ffee7
commit f6178d0
Show file tree

Hide file tree

Showing 2 changed files with 65 additions and 1 deletion.
diff --git a/unittests/scans/wiz/sca_format.csv b/unittests/scans/wiz/sca_format.csv
@@ -0,0 +1,6 @@
+ID,WizURL,Name,CVSSSeverity,HasExploit,HasCisaKevExploit,FindingStatus,VendorSeverity,FirstDetected,LastDetected,ResolvedAt,ResolutionReason,Remediation,LocationPath,DetailedName,Version,FixedVersion,DetectionMethod,Link,Projects,AssetID,AssetName,AssetRegion,ProviderUniqueId,CloudProviderURL,CloudPlatform,Status,SubscriptionExternalId,SubscriptionId,SubscriptionName,Tags,ExecutionControllers,ExecutionControllersSubscriptionExternalIds,ExecutionControllersSubscriptionNames,CriticalRelatedIssuesCount,HighRelatedIssuesCount,MediumRelatedIssuesCount,LowRelatedIssuesCount,InfoRelatedIssuesCount,OperatingSystem,IpAddresses
+3ea99668-721f-11ef-94e9-bb8aaa280b32,https://app.wiz.io/explorer/vulnerability-findings#~(entity~(~'3ea99668-721f-11ef-94e9-bb8aaa280b32*2cSECURITY_TOOL_FINDING)),CVE-2024-39474,Low,false,false,Open,Low,2024-08-28T03:02:01Z,2024-08-07T12:27:01Z,,,go get -u github.com/containerd/containerd,/home/kubernetes/bin/containerd-gcfs-grpc,github.com/containerd/containerd,1.4.0,1.5.11,Library,https://github.com/advisories/GHSA-c9cp-9c75-9v8c,MyProject; Ops_k8s,a2ca5de0-7223-11ef-af4c-032d5da2afbf,k8s-bigcorp-default-zone-0dd0efbc-46n6,us-central1,https://www.googleapis.com/compute/v1/projects/big-corp/zones/us-central1-f/instances/k8s-bigcorp-default-zone-0dd0efbc-46n6,https://console.cloud.google.com/compute/instancesDetail/zones/us-central1-f/instances/k8s-bigcorp-default-zone-0dd0efbc-46n6?project=MyProject,GCP,Active,Big-Corp,11edc986-d649-500f-ae57-01eb6e2e42d8,Big-Corp,"{""k8s-myproject-public-117f7861-node"":""k8s-myproject-public-117f7861-node"",""goog-k8s-cost-mgnt"":"""",""goog-gke-node"":"""",""goog-k8s-cluster-location"":""us-central1"",""goog-k8s-cluster-name"":""myproject-public"",""goog-k8s-node-pool-name"":""default-pool""}",[],,,0,0,0,0,0,Linux,10.110.208.6
+3ea9e0fa-721f-11ef-9fd4-c3ec645f4a2e,https://app.wiz.io/explorer/vulnerability-findings#~(entity~(~'3ea9e0fa-721f-11ef-9fd4-c3ec645f4a2e*2cSECURITY_TOOL_FINDING)),CVE-2024-36891,Medium,false,false,Open,Medium,2024-08-28T03:02:01Z,2024-08-07T12:27:11Z,,,go get -u k8s.io/apimachinery,/home/kubernetes/bin/log-counter,k8s.io/apimachinery,0.17.2,0.17.9,Library,https://github.com/advisories/GHSA-33c5-9fx5-fvjm,MyProject; Ops_k8s,d44b822c-7223-11ef-abf8-d719c8dbc602,k8s-bigcorp-default-zone-a0930315-p21b,us-central1,https://www.googleapis.com/compute/v1/projects/big-corp/zones/us-central1-c/instances/k8s-bigcorp-default-zone-a0930315-p21b,https://console.cloud.google.com/compute/instancesDetail/zones/us-central1-c/instances/k8s-bigcorp-default-zone-a0930315-p21b?project=MyProject,GCP,Active,Big-Corp,11edc986-d649-500f-ae57-01eb6e2e42d8,Big-Corp,"{""k8s-myproject-public-117f7861-node"":""k8s-myproject-public-117f7861-node"",""goog-k8s-cost-mgnt"":"""",""goog-gke-node"":"""",""goog-k8s-cluster-location"":""us-central1"",""goog-k8s-cluster-name"":""myproject-public"",""goog-k8s-node-pool-name"":""default-pool""}",[],,,0,0,0,0,0,Linux,10.110.208.15
+3eaa0422-721f-11ef-b00a-c772bc38a673,https://app.wiz.io/explorer/vulnerability-findings#~(entity~(~'3eaa0422-721f-11ef-b00a-c772bc38a673*2cSECURITY_TOOL_FINDING)),GHSA-c9cp-9c75-9v8c,Medium,false,false,Open,Medium,2024-08-28T05:52:53Z,2024-08-07T12:27:01Z,,,,,kernel,109.17800.218.33,109.17800.218.88,OS,https://cloud.google.com/container-optimized-os/docs/release-notes/m109#cos-109-17800-218-88_,MyProject; Ops_k8s,a2ca5de0-7223-11ef-af4c-032d5da2afbf,k8s-bigcorp-default-zone-0dd0efbc-46n6,us-central1,https://www.googleapis.com/compute/v1/projects/big-corp/zones/us-central1-f/instances/k8s-bigcorp-default-zone-0dd0efbc-46n6,https://console.cloud.google.com/compute/instancesDetail/zones/us-central1-f/instances/k8s-bigcorp-default-zone-0dd0efbc-46n6?project=MyProject,GCP,Active,Big-Corp,11edc986-d649-500f-ae57-01eb6e2e42d8,Big-Corp,"{""k8s-myproject-public-117f7861-node"":""k8s-myproject-public-117f7861-node"",""goog-k8s-cost-mgnt"":"""",""goog-gke-node"":"""",""goog-k8s-cluster-location"":""us-central1"",""goog-k8s-cluster-name"":""myproject-public"",""goog-k8s-node-pool-name"":""default-pool""}",[],,,0,0,0,0,0,Linux,10.110.208.6
+3ea965b2-721f-11ef-8a61-83124251d18e,https://app.wiz.io/explorer/vulnerability-findings#~(entity~(~'3ea965b2-721f-11ef-8a61-83124251d18e*2cSECURITY_TOOL_FINDING)),CVE-2020-8559,Medium,false,false,Open,Medium,2024-08-28T03:02:01Z,2024-08-07T12:28:33Z,,,,,kernel,109.17800.218.33,109.17800.218.83,OS,https://cloud.google.com/container-optimized-os/docs/release-notes/m109#cos-109-17800-218-83_,MyProject; Ops_k8s,045832bc-7224-11ef-baf5-2fe1c91669e7,k8s-bigcorp-default-zone-2a743c24-8wcy,us-central1,https://www.googleapis.com/compute/v1/projects/big-corp/zones/us-central1-b/instances/k8s-bigcorp-default-zone-2a743c24-8wcy,https://console.cloud.google.com/compute/instancesDetail/zones/us-central1-b/instances/k8s-bigcorp-default-zone-2a743c24-8wcy?project=MyProject,GCP,Active,Big-Corp,11edc986-d649-500f-ae57-01eb6e2e42d8,Big-Corp,"{""k8s-myproject-public-117f7861-node"":""k8s-myproject-public-117f7861-node"",""goog-k8s-cost-mgnt"":"""",""goog-gke-node"":"""",""goog-k8s-cluster-location"":""us-central1"",""goog-k8s-cluster-name"":""myproject-public"",""goog-k8s-node-pool-name"":""default-pool""}",[],,,0,0,0,0,0,Linux,10.110.208.233
+3ea9bdfa-721f-11ef-8722-2fdfd8ca32bc,https://app.wiz.io/explorer/vulnerability-findings#~(entity~(~'3ea9bdfa-721f-11ef-8722-2fdfd8ca32bc*2cSECURITY_TOOL_FINDING)),CVE-2024-36891,Medium,false,false,Open,Medium,2024-08-28T03:02:01Z,2024-08-07T12:28:33Z,,,,,kernel,109.17800.218.33,109.17800.218.88,OS,https://cloud.google.com/container-optimized-os/docs/release-notes/m109#cos-109-17800-218-88_,MyProject; Ops_k8s,045832bc-7224-11ef-baf5-2fe1c91669e7,k8s-bigcorp-default-zone-2a743c24-8wcy,us-central1,https://www.googleapis.com/compute/v1/projects/big-corp/zones/us-central1-b/instances/k8s-bigcorp-default-zone-2a743c24-8wcy,https://console.cloud.google.com/compute/instancesDetail/zones/us-central1-b/instances/k8s-bigcorp-default-zone-2a743c24-8wcy?project=MyProject,GCP,Active,Big-Corp,11edc986-d649-500f-ae57-01eb6e2e42d8,Big-Corp,"{""k8s-myproject-public-117f7861-node"":""k8s-myproject-public-117f7861-node"",""goog-k8s-cost-mgnt"":"""",""goog-gke-node"":"""",""goog-k8s-cluster-location"":""us-central1"",""goog-k8s-cluster-name"":""myproject-public"",""goog-k8s-node-pool-name"":""default-pool""}",[],,,0,0,0,0,0,Linux,10.110.208.233
diff --git a/unittests/tools/test_wiz_parser.py b/unittests/tools/test_wiz_parser.py
@@ -40,5 +40,63 @@ def test_multiple_findings(self):
             self.assertEqual("Unusual activity by a principal from previously unseen country", finding.title)
             self.assertEqual("High", finding.severity)
             finding = findings[20]
-            self.assertEqual("User/service account with get/list/watch permissions on secrets in an AKS cluster", finding.title)
+            self.assertEqual(
+                "User/service account with get/list/watch permissions on secrets in an AKS cluster", finding.title
+            )
             self.assertEqual("Informational", finding.severity)
+
+    def test_sca_format(self):
+        with open("unittests/scans/wiz/sca_format.csv", encoding="utf-8") as testfile:
+            parser = WizParser()
+            findings = parser.get_findings(testfile, Test())
+            self.assertEqual(5, len(findings))
+
+            finding = findings[0]
+            self.assertEqual("github.com/containerd/containerd: CVE-2024-39474", finding.title)
+            self.assertEqual("Low", finding.severity)
+            self.assertEqual("github.com/containerd/containerd", finding.component_name)
+            self.assertEqual("1.4.0", finding.component_version)
+            self.assertIn("goog-k8s-cluster-location: us-central1", finding.unsaved_tags)
+            self.assertIn("CVE-2024-39474", finding.unsaved_vulnerability_ids)
+            self.assertIn("**Location Path**: `/home/kubernetes/bin/containerd-gcfs-grpc`", finding.description)
+            self.assertIn("**Location Path**: `/home/kubernetes/bin/containerd-gcfs-grpc`", finding.mitigation)
+
+            finding = findings[1]
+            self.assertEqual("k8s.io/apimachinery: CVE-2024-36891", finding.title)
+            self.assertEqual("Medium", finding.severity)
+            self.assertEqual("k8s.io/apimachinery", finding.component_name)
+            self.assertEqual("0.17.2", finding.component_version)
+            self.assertIn("goog-k8s-cluster-location: us-central1", finding.unsaved_tags)
+            self.assertIn("CVE-2024-36891", finding.unsaved_vulnerability_ids)
+            self.assertIn("**Location Path**: `/home/kubernetes/bin/log-counter`", finding.description)
+            self.assertIn("**Location Path**: `/home/kubernetes/bin/log-counter`", finding.mitigation)
+
+            finding = findings[2]
+            self.assertEqual("kernel: GHSA-c9cp-9c75-9v8c", finding.title)
+            self.assertEqual("Medium", finding.severity)
+            self.assertEqual("kernel", finding.component_name)
+            self.assertEqual("109.17800.218.33", finding.component_version)
+            self.assertIn("goog-k8s-cluster-location: us-central1", finding.unsaved_tags)
+            self.assertIn("GHSA-c9cp-9c75-9v8c", finding.unsaved_vulnerability_ids)
+            self.assertNotIn("**Location Path**:", finding.description)
+            self.assertNotIn("**Location Path**:", finding.mitigation)
+
+            finding = findings[3]
+            self.assertEqual("kernel: CVE-2020-8559", finding.title)
+            self.assertEqual("Medium", finding.severity)
+            self.assertEqual("kernel", finding.component_name)
+            self.assertEqual("109.17800.218.33", finding.component_version)
+            self.assertIn("goog-k8s-cluster-location: us-central1", finding.unsaved_tags)
+            self.assertIn("CVE-2020-8559", finding.unsaved_vulnerability_ids)
+            self.assertNotIn("**Location Path**:", finding.description)
+            self.assertNotIn("**Location Path**:", finding.mitigation)
+
+            finding = findings[4]
+            self.assertEqual("kernel: CVE-2024-36891", finding.title)
+            self.assertEqual("Medium", finding.severity)
+            self.assertEqual("kernel", finding.component_name)
+            self.assertEqual("109.17800.218.33", finding.component_version)
+            self.assertIn("goog-k8s-cluster-location: us-central1", finding.unsaved_tags)
+            self.assertIn("CVE-2024-36891", finding.unsaved_vulnerability_ids)
+            self.assertNotIn("**Location Path**:", finding.description)
+            self.assertNotIn("**Location Path**:", finding.mitigation)