Fix aosp CI test

Signed-off-by: ziad hany <ziadhany2016@gmail.com>

Author: ziadhany

vulnerabilities/tests/pipelines/v2_importers/test_commits_aosp_dataset.py

@@ -7,9 +7,9 @@
 # See https://aboutcode.org for more information about nexB OSS projects.
 #
 
-import os
 from pathlib import Path
 from unittest.mock import Mock
+from unittest.mock import patch
 
 import pytest
 
@@ -18,11 +18,23 @@
 
 TEST_DATA = Path(__file__).parent.parent.parent / "test_data" / "aosp"
 
+TEST_CVE_FILES = [
+    TEST_DATA / "CVE-aosp_test1.json",
+    TEST_DATA / "CVE-aosp_test2.json",
+    TEST_DATA / "CVE-aosp_test3.json",
+    TEST_DATA / "CVE-aosp_test4.json",
+    TEST_DATA / "CVE-aosp_test5.json",
+]
+
 
 @pytest.mark.django_db
-def test_aosp_advisories():
-    expected_file = os.path.join(TEST_DATA, "aosp_advisoryv2-expected.json")
+@pytest.mark.parametrize("json_file", TEST_CVE_FILES)
+def test_aosp_advisories_per_file(json_file):
     pipeline = AospImporterPipeline()
     pipeline.vcs_response = Mock(dest_dir=TEST_DATA)
-    result = [adv.to_dict() for adv in pipeline.collect_advisories()]
+
+    with patch.object(Path, "rglob", return_value=[json_file]):
+        result = [adv.to_dict() for adv in pipeline.collect_advisories()]
+
+    expected_file = json_file.with_name(json_file.stem + "-expected.json")
     util_tests.check_results_against_json(result, expected_file)

vulnerabilities/tests/test_data/aosp/CVE-aosp_test1-expected.json

@@ -0,0 +1,25 @@
+[
+  {
+    "advisory_id": "CVE-2021-30294",
+    "aliases": [],
+    "summary": "Vulnerability",
+    "affected_packages": [],
+    "references_v2": [
+      {
+        "reference_id": "",
+        "reference_type": "commit",
+        "url": "https://source.codeaurora.org/quic/la/kernel/msm-5.4/commit/?id=d6876813add62f3cac7c429a41cc8710005d69e8"
+      }
+    ],
+    "severities": [
+      {
+        "system": "generic_textual",
+        "value": "High",
+        "scoring_elements": ""
+      }
+    ],
+    "date_published": null,
+    "weaknesses": [],
+    "url": "https://raw.githubusercontent.com/quarkslab/aosp_dataset/refs/heads/master/cves/CVE-aosp_test1.json"
+  }
+]

…/test_data/aosp/cves/CVE-aosp_test1.json …tests/test_data/aosp/CVE-aosp_test1.jsonvulnerabilities/tests/test_data/aosp/cves/CVE-aosp_test1.json renamed to vulnerabilities/tests/test_data/aosp/CVE-aosp_test1.json vulnerabilities/tests/test_data/aosp/cves/CVE-aosp_test1.json renamed to vulnerabilities/tests/test_data/aosp/CVE-aosp_test1.json

@@ -0,0 +1,25 @@
+[
+  {
+    "advisory_id": "CVE-2017-13282",
+    "aliases": [],
+    "summary": "Remote Code Execution Vulnerability",
+    "affected_packages": [],
+    "references_v2": [
+      {
+        "reference_id": "6ecbbc093f4383e90cbbf681cd55da1303a8ef94",
+        "reference_type": "commit",
+        "url": "https://android.googlesource.com/platform/system/bt/+/6ecbbc093f4383e90cbbf681cd55da1303a8ef94"
+      }
+    ],
+    "severities": [
+      {
+        "system": "generic_textual",
+        "value": "Critical",
+        "scoring_elements": ""
+      }
+    ],
+    "date_published": "2018-04-04T00:00:00+00:00",
+    "weaknesses": [],
+    "url": "https://raw.githubusercontent.com/quarkslab/aosp_dataset/refs/heads/master/cves/CVE-aosp_test2.json"
+  }
+]

vulnerabilities/tests/test_data/aosp/CVE-aosp_test2-expected.json

@@ -0,0 +1,40 @@
+[
+  {
+    "advisory_id": "CVE-2015-9016",
+    "aliases": [],
+    "summary": "Elevation of Privilege Vulnerability",
+    "affected_packages": [
+      {
+        "package": {
+          "type": "github",
+          "namespace": "torvalds",
+          "name": "linux",
+          "version": "",
+          "qualifiers": "",
+          "subpath": ""
+        },
+        "affected_version_range": null,
+        "fixed_version_range": null,
+        "introduced_by_commits": [],
+        "fixed_by_commits": [
+          {
+            "commit_hash": "0048b4837affd153897ed1222283492070027aa9",
+            "vcs_url": "https://github.com/torvalds/linux.git",
+            "commit_patch": null
+          }
+        ]
+      }
+    ],
+    "references_v2": [],
+    "severities": [
+      {
+        "system": "generic_textual",
+        "value": "High",
+        "scoring_elements": ""
+      }
+    ],
+    "date_published": "2018-04-05T00:00:00+00:00",
+    "weaknesses": [],
+    "url": "https://raw.githubusercontent.com/quarkslab/aosp_dataset/refs/heads/master/cves/CVE-aosp_test3.json"
+  }
+]

…/test_data/aosp/cves/CVE-aosp_test2.json …tests/test_data/aosp/CVE-aosp_test2.jsonvulnerabilities/tests/test_data/aosp/cves/CVE-aosp_test2.json renamed to vulnerabilities/tests/test_data/aosp/CVE-aosp_test2.json vulnerabilities/tests/test_data/aosp/cves/CVE-aosp_test2.json renamed to vulnerabilities/tests/test_data/aosp/CVE-aosp_test2.json

@@ -0,0 +1,75 @@
+[
+  {
+    "advisory_id": "CVE-2014-9322",
+    "aliases": [],
+    "summary": "Elevation of Privilege Vulnerability",
+    "affected_packages": [],
+    "references_v2": [
+      {
+        "reference_id": "c22e479e335628ce8766cfbf06e2ba17e8f9a1bb",
+        "reference_type": "commit",
+        "url": "https://android.googlesource.com/kernel/common/+/c22e479e335628ce8766cfbf06e2ba17e8f9a1bb"
+      },
+      {
+        "reference_id": "1b627d4e5e61e89b840f77abb3ca6711ad6ffbeb",
+        "reference_type": "commit",
+        "url": "https://android.googlesource.com/kernel/common/+/1b627d4e5e61e89b840f77abb3ca6711ad6ffbeb"
+      },
+      {
+        "reference_id": "4c941665c7368a34b146929b31949555e680a4ee",
+        "reference_type": "commit",
+        "url": "https://android.googlesource.com/kernel/common/+/4c941665c7368a34b146929b31949555e680a4ee"
+      },
+      {
+        "reference_id": "758f0dac9104b46016af98304656a0268ac3e105",
+        "reference_type": "commit",
+        "url": "https://android.googlesource.com/kernel/common/+/758f0dac9104b46016af98304656a0268ac3e105"
+      },
+      {
+        "reference_id": "44d057a37868a60bc2eb6e7d1dcea701f234d56a",
+        "reference_type": "commit",
+        "url": "https://android.googlesource.com/kernel/common/+/44d057a37868a60bc2eb6e7d1dcea701f234d56a"
+      },
+      {
+        "reference_id": "b9b9f908c8ae82b73b9d75181982028b6bc06c2b",
+        "reference_type": "commit",
+        "url": "https://android.googlesource.com/kernel/common/+/b9b9f908c8ae82b73b9d75181982028b6bc06c2b"
+      },
+      {
+        "reference_id": "e068734f9e7344997a61022629b92d142a985ab3",
+        "reference_type": "commit",
+        "url": "https://android.googlesource.com/kernel/common/+/e068734f9e7344997a61022629b92d142a985ab3"
+      },
+      {
+        "reference_id": "fdc6c1052bc7d89a5826904fbb4318677e8442ce",
+        "reference_type": "commit",
+        "url": "https://android.googlesource.com/kernel/common/+/fdc6c1052bc7d89a5826904fbb4318677e8442ce"
+      },
+      {
+        "reference_id": "211d59c0034ec9d88690c750ccd6da27f6952dc5",
+        "reference_type": "commit",
+        "url": "https://android.googlesource.com/kernel/common/+/211d59c0034ec9d88690c750ccd6da27f6952dc5"
+      },
+      {
+        "reference_id": "c9e31d5a4747e9967ace6d05896c78516c4c0850",
+        "reference_type": "commit",
+        "url": "https://android.googlesource.com/kernel/common/+/c9e31d5a4747e9967ace6d05896c78516c4c0850"
+      },
+      {
+        "reference_id": "e01834bfbafd25fd392bf10014451c4e5f34f829",
+        "reference_type": "commit",
+        "url": "https://android.googlesource.com/kernel/common/+/e01834bfbafd25fd392bf10014451c4e5f34f829"
+      }
+    ],
+    "severities": [
+      {
+        "system": "generic_textual",
+        "value": "Critical",
+        "scoring_elements": ""
+      }
+    ],
+    "date_published": "2015-12-25T00:00:00+00:00",
+    "weaknesses": [],
+    "url": "https://raw.githubusercontent.com/quarkslab/aosp_dataset/refs/heads/master/cves/CVE-aosp_test4.json"
+  }
+]

vulnerabilities/tests/test_data/aosp/CVE-aosp_test3-expected.json

@@ -0,0 +1,35 @@
+[
+  {
+    "advisory_id": "CVE-2017-13077",
+    "aliases": [],
+    "summary": "Elevation of Privilege Vulnerability",
+    "affected_packages": [],
+    "references_v2": [
+      {
+        "reference_id": "c66556ca2473620df9751e73eb97ec50a40ffd3e",
+        "reference_type": "commit",
+        "url": "https://android.googlesource.com/platform/external/wpa_supplicant_8/+/c66556ca2473620df9751e73eb97ec50a40ffd3e"
+      },
+      {
+        "reference_id": "",
+        "reference_type": "commit",
+        "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-3.0/commit/?id=776f17c87599fae3202e69bb5718ac9062f14695"
+      },
+      {
+        "reference_id": "",
+        "reference_type": "commit",
+        "url": "https://source.codeaurora.org/quic/la/platform/vendor/qcom-opensource/wlan/qcacld-2.0/commit/?id=edb507885fc47cf3cdf061bfba1dc77451a6a332"
+      }
+    ],
+    "severities": [
+      {
+        "system": "generic_textual",
+        "value": "High",
+        "scoring_elements": ""
+      }
+    ],
+    "date_published": "2017-10-17T00:00:00+00:00",
+    "weaknesses": [],
+    "url": "https://raw.githubusercontent.com/quarkslab/aosp_dataset/refs/heads/master/cves/CVE-aosp_test5.json"
+  }
+]