2021-09-14 13:58:35 +00:00
|
|
|
package main
|
|
|
|
|
|
|
|
import (
|
2022-06-01 16:06:57 +00:00
|
|
|
"fmt"
|
2021-09-14 13:58:35 +00:00
|
|
|
"path"
|
|
|
|
"testing"
|
2022-06-01 16:06:57 +00:00
|
|
|
"time"
|
2021-09-14 13:58:35 +00:00
|
|
|
|
2022-05-10 14:52:33 +00:00
|
|
|
"github.com/fleetdm/fleet/v4/pkg/nettest"
|
2021-09-14 13:58:35 +00:00
|
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
)
|
|
|
|
|
|
|
|
func TestVulnerabilityDataStream(t *testing.T) {
|
2022-05-10 14:52:33 +00:00
|
|
|
nettest.Run(t)
|
2021-09-20 18:09:38 +00:00
|
|
|
|
2021-09-14 13:58:35 +00:00
|
|
|
runAppCheckErr(t, []string{"vulnerability-data-stream"}, "No directory provided")
|
|
|
|
|
|
|
|
vulnPath := t.TempDir()
|
|
|
|
expected := `[-] Downloading CPE database... Done
|
2022-06-01 16:06:57 +00:00
|
|
|
[-] Downloading NVD CVE feed... Done
|
|
|
|
[-] Downloading EPSS feed... Done
|
|
|
|
[-] Downloading CISA known exploits feed... Done
|
2022-06-08 01:09:47 +00:00
|
|
|
[-] Downloading Oval definitions... Done
|
2021-09-14 13:58:35 +00:00
|
|
|
[+] Data streams successfully downloaded!
|
|
|
|
`
|
|
|
|
assert.Equal(t,
|
|
|
|
expected,
|
|
|
|
runAppForTest(t, []string{"vulnerability-data-stream", "--dir", vulnPath}),
|
|
|
|
)
|
|
|
|
assert.FileExists(t, path.Join(vulnPath, "cpe.sqlite"))
|
|
|
|
|
2022-06-01 16:06:57 +00:00
|
|
|
files := []string{
|
|
|
|
"cpe.sqlite",
|
|
|
|
"nvdcve-1.1-modified.json.gz",
|
|
|
|
"nvdcve-1.1-recent.json.gz",
|
|
|
|
"epss_scores-current.csv",
|
|
|
|
"known_exploited_vulnerabilities.json",
|
|
|
|
}
|
|
|
|
currentYear := time.Now().Year()
|
|
|
|
for y := 2002; y <= currentYear; y++ {
|
|
|
|
files = append(
|
|
|
|
files,
|
|
|
|
fmt.Sprintf("nvdcve-1.1-%d.json.gz", y),
|
|
|
|
fmt.Sprintf("nvdcve-1.1-%d.meta", y),
|
|
|
|
)
|
|
|
|
}
|
|
|
|
for _, file := range files {
|
|
|
|
assert.FileExists(t, path.Join(vulnPath, file))
|
|
|
|
}
|
2021-09-14 13:58:35 +00:00
|
|
|
}
|