Skip to content

Commit d78b537

Browse files
OsamaMahmoodOsamaMahmood
committed
fixed remaining assertions
1 parent 395fff4 commit d78b537

2 files changed

Lines changed: 26 additions & 20 deletions

File tree

unittests/tools/test_wizcli_iac_parser.py

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -77,22 +77,22 @@ def test_multiple_findings(self):
7777
# Test second finding
7878
finding = findings[1]
7979
self.assertEqual(
80-
"Healthcheck Instruction Missing - FROM={{registry.gitlab.com/evilorg.com/infra/images/alpine-3.9:latest}}",
80+
"Bucket usage logs should be enabled - google_storage_bucket[vault-store]",
8181
finding.title,
8282
)
8383
self.assertEqual("Low", finding.severity)
84-
self.assertEqual("Dockerfile", finding.file_path)
85-
self.assertEqual(58, finding.line)
84+
self.assertEqual("states/dev/storage.tf", finding.file_path)
85+
self.assertEqual(17, finding.line)
8686
self.assertIn(
87-
"**Rule**: Healthcheck Instruction Missing (ID: `ab1043e3-1eeb-4e38-9ca9-7ec0e99fe2ba`)\n"
87+
"**Rule**: Bucket usage logs should be enabled (ID: `bd9e69dd-93a1-4122-900a-992135c62572`)\n"
8888
"**Severity**: Low\n"
89-
"**Resource**: `FROM={{registry.gitlab.com/evilorg.com/infra/images/alpine-3.9:latest}}`\n"
90-
"**File**: `Dockerfile`\n"
91-
"**Line**: 58\n"
92-
"**Code Snippet**: ```\nFROM registry.gitlab.com/evilorg.com/infra/images/alpine-3.9:latest\n```\n"
89+
"**Resource**: `google_storage_bucket[vault-store]`\n"
90+
"**File**: `states/dev/storage.tf`\n"
91+
"**Line**: 17\n"
92+
'**Code Snippet**: ```\nresource "google_storage_bucket" "vault-store" {\n```\n'
9393
"\n**Finding Details**:\n"
94-
"- **Expected**: Dockerfile should contain instruction 'HEALTHCHECK'\n"
95-
"- **Found**: Dockerfile doesn't contain instruction 'HEALTHCHECK'\n"
96-
"- **File Type**: DOCKERFILE",
94+
"- **Expected**: 'logging' should be set\n"
95+
"- **Found**: 'logging' is undefined\n"
96+
"- **File Type**: TERRAFORM",
9797
finding.description,
9898
)

unittests/tools/test_wizcli_img_parser.py

Lines changed: 15 additions & 9 deletions
Original file line numberDiff line numberDiff line change
@@ -68,19 +68,25 @@ def test_multiple_findings(self):
6868

6969
# Test second finding
7070
finding = findings[1]
71-
self.assertEqual("OS Pkg: libssl3 3.3.1-r0 - CVE-2024-5535", finding.title)
72-
self.assertEqual("Low", finding.severity)
71+
self.assertEqual("OS Pkg: curl 7.64.0-r5 - CVE-2023-38039", finding.title)
72+
self.assertEqual("Medium", finding.severity)
7373
self.assertIsNone(finding.file_path)
7474
self.assertIn(
75-
"**Vulnerability**: `CVE-2024-5535`\n"
76-
"**Severity**: Low\n"
77-
"**OS Package**: `libssl3`\n"
78-
"**Version**: `3.3.1-r0`\n"
79-
"**Fixed Version**: 3.3.1-r1\n"
80-
"**Source**: https://security.alpinelinux.org/vuln/CVE-2024-5535",
75+
"**Vulnerability**: `CVE-2023-38039`\n"
76+
"**Severity**: Medium\n"
77+
"**OS Package**: `curl`\n"
78+
"**Version**: `7.64.0-r5`\n"
79+
"**Fixed Version**: N/A\n"
80+
"**Source**: https://security.alpinelinux.org/vuln/CVE-2023-38039\n"
81+
"**CVSS Score (from Wiz)**: 7.5\n"
82+
"**Has Exploit (Known)**: True\n"
83+
"**In CISA KEV**: False\n\n"
84+
"**Ignored Policies**:\n"
85+
"- test Default vulnerabilities policy (ID: 9c6726d0-1ada-4541-b6d6-3da5ca1124f9)\n"
86+
"- test Default vulnerabilities policy ( Updated ) (ID: 9bf73b16-99e7-4a54-af1e-dcfa1436a8f2)",
8187
finding.description,
8288
)
83-
self.assertEqual("CVE-2024-5535", finding.cve)
89+
self.assertEqual("CVE-2023-38039", finding.cve)
8490
self.assertTrue(finding.static_finding)
8591
self.assertFalse(finding.dynamic_finding)
8692
self.assertTrue(finding.active)

0 commit comments

Comments
 (0)