fleet/cmd/fleetctl/vulnerability_data_stream_test.go

package main

import (
	"fmt"
	"path"
	"testing"
	"time"

	"github.com/fleetdm/fleet/v4/pkg/nettest"
	"github.com/stretchr/testify/assert"
	"github.com/stretchr/testify/require"
)

func TestVulnerabilityDataStream(t *testing.T) {
	nettest.Run(t)

	runAppCheckErr(t, []string{"vulnerability-data-stream"}, "No directory provided")

	vulnPath := t.TempDir()
	expectedOutput := `[-] Downloading CPE database... Done
[-] Downloading CPE translations... Done
[-] Downloading NVD CVE feed... Done
[-] Downloading EPSS feed... Done
[-] Downloading CISA known exploits feed... Done
[-] Downloading Oval definitions... Done
[-] Downloading MSRC artifacts... Done
[-] Downloading MacOffice release notes... Done
[+] Data streams successfully downloaded!
`

	var actualOutput string
	err := nettest.RunWithNetRetry(t, func() error {
		w, err := runAppNoChecks([]string{"vulnerability-data-stream", "--dir", vulnPath})
		actualOutput = w.String()
		return err
	})
	require.NoError(t, err)
	assert.Equal(t, expectedOutput, actualOutput)

	assert.FileExists(t, path.Join(vulnPath, "cpe.sqlite"))

	files := []string{
		"cpe.sqlite",
		"nvdcve-1.1-modified.json.gz",
		"nvdcve-1.1-recent.json.gz",
		"epss_scores-current.csv",
		"known_exploited_vulnerabilities.json",
	}
	currentYear := time.Now().Year()
	for y := 2002; y <= currentYear; y++ {
		files = append(
			files,
			fmt.Sprintf("nvdcve-1.1-%d.json.gz", y),
			fmt.Sprintf("nvdcve-1.1-%d.meta", y),
		)
	}
	for _, file := range files {
		assert.FileExists(t, path.Join(vulnPath, file))
	}
}