test: avoid kubernetes access for tests

Signed-off-by: Christian Kotzbauer <[email protected]>
ckotzbauer · Jun 17, 2022 · 420eea6 · 420eea6
1 parent aec1106
commit 420eea6
Show file tree

Hide file tree

Showing 3 changed files with 20 additions and 9 deletions.
diff --git a/internal/vuln/daemon/daemon.go b/internal/vuln/daemon/daemon.go
@@ -69,7 +69,8 @@ func (c *CronService) runBackgroundService() {
 	gr, err := grype.New(
 		viper.GetString(vuln.ConfigKeyGrypeConfigFile),
 		viper.GetString(vuln.ConfigKeyMinSeverity),
-		viper.GetBool(vuln.ConfigKeyOnlyFixed))
+		viper.GetBool(vuln.ConfigKeyOnlyFixed),
+		false)
 
 	if err != nil {
 		c.printNextExecution()

diff --git a/internal/vuln/grype/grype.go b/internal/vuln/grype/grype.go
@@ -34,7 +34,7 @@ type grypeConfig struct {
 	Ignore []match.IgnoreRule `yaml:"ignore"`
 }
 
-func New(grypeConfigFile, minSeverity string, onlyFixed bool) (Grype, error) {
+func New(grypeConfigFile, minSeverity string, onlyFixed, withoutK8s bool) (Grype, error) {
 	grypeCfg := grypeConfig{}
 
 	if grypeConfigFile != "" {
@@ -71,7 +71,11 @@ func New(grypeConfigFile, minSeverity string, onlyFixed bool) (Grype, error) {
 		return Grype{}, err
 	}
 
-	client := kubernetes.NewClient()
+	var client *kubernetes.KubeClient
+
+	if !withoutK8s {
+		client = kubernetes.NewClient()
+	}
 
 	return Grype{
 		provider:         provider,
@@ -147,8 +151,7 @@ func (s *Grype) buildVulnerabilities(matches match.Matches, imageID string) []Vu
 			}
 		}
 
-		infos, _ := s.kubeClient.GetContainersWithImage(imageID)
-		vulnerabilities = append(vulnerabilities, Vulnerability{
+		v := Vulnerability{
 			ID:         m.Vulnerability.ID,
 			Namespace:  m.Vulnerability.Namespace,
 			Severity:   metadata.Severity,
@@ -159,8 +162,15 @@ func (s *Grype) buildVulnerabilities(matches match.Matches, imageID string) []Vu
 			FixState:   string(m.Vulnerability.Fix.State),
 			URLs:       metadata.URLs,
 			ImageID:    imageID,
-			Containers: infos,
-		})
+			Containers: []kubernetes.ContainerInfo{},
+		}
+
+		if s.kubeClient != nil {
+			infos, _ := s.kubeClient.GetContainersWithImage(imageID)
+			v.Containers = infos
+		}
+
+		vulnerabilities = append(vulnerabilities, v)
 	}
 
 	return vulnerabilities

diff --git a/internal/vuln/grype/grype_test.go b/internal/vuln/grype/grype_test.go
@@ -26,7 +26,7 @@ type vulnerabilitySlim struct {
 }
 
 func testSbomVulnerabilities(t *testing.T, testType, imageID string, expected []vulnerabilitySlim) {
-	g, err := grype.New("", "medium", false)
+	g, err := grype.New("", "medium", false, true)
 	assert.NoError(t, err)
 
 	b, _ := os.ReadFile(fmt.Sprintf("fixtures/%s-alpine-sbom.json", testType))
@@ -38,7 +38,7 @@ func testSbomVulnerabilities(t *testing.T, testType, imageID string, expected []
 }
 
 func testImageVulnerabilities(t *testing.T, imageID string, expected []vulnerabilitySlim) {
-	g, err := grype.New("", "medium", false)
+	g, err := grype.New("", "medium", false, true)
 	assert.NoError(t, err)
 
 	vulnerabilities, err := g.ScanItem(source.Image{KubeImage: libk8s.KubeImage{Image: oci.RegistryImage{ImageID: imageID}}})