|
1 | 1 | import { DepGraph } from "@snyk/dep-graph"; |
2 | 2 | import * as plugin from "../../lib"; |
| 3 | +import * as subProcess from "../../lib/sub-process"; |
3 | 4 | import { getFixture } from "../util"; |
4 | 5 |
|
5 | 6 | describe("plugin", () => { |
@@ -108,6 +109,35 @@ describe("plugin", () => { |
108 | 109 | expect(depGraph.rootPkg.version).toEqual("1.19.0"); |
109 | 110 | }); |
110 | 111 |
|
| 112 | + describe("when scanning a locally loaded image", () => { |
| 113 | + const imageName = "busybox"; |
| 114 | + const imageTag = "latest"; |
| 115 | + const imageNameWithTag = `${imageName}:${imageTag}`; |
| 116 | + |
| 117 | + beforeAll(async () => { |
| 118 | + const fixturePath = getFixture([ |
| 119 | + "../fixtures/docker-archives", |
| 120 | + "skopeo-copy/busybox.tar", |
| 121 | + ]); |
| 122 | + await subProcess.execute("docker", ["load", "--input", fixturePath]); |
| 123 | + }, 10000); // 10s timeout for loading image |
| 124 | + |
| 125 | + afterAll(async () => { |
| 126 | + await subProcess.execute("docker", ["rmi", imageNameWithTag]); |
| 127 | + }); |
| 128 | + |
| 129 | + test("should successfully scan a local image loaded from a tar archive", async () => { |
| 130 | + const pluginResult = await plugin.scan({ path: imageNameWithTag }); |
| 131 | + const depGraph: DepGraph = pluginResult.scanResults[0].facts.find( |
| 132 | + (fact) => fact.type === "depGraph", |
| 133 | + )!.data; |
| 134 | + |
| 135 | + expect(depGraph.rootPkg.name).toEqual(`docker-image|${imageName}`); |
| 136 | + expect(depGraph.rootPkg.version).toEqual(imageTag); |
| 137 | + expect(pluginResult.scanResults[0].identity.type).toEqual("linux"); |
| 138 | + }); |
| 139 | + }); |
| 140 | + |
111 | 141 | test("static scan for Identifier type image (nginx:1.19.0)", async () => { |
112 | 142 | // This digest resolves to the `1.19.0` tag. We're using the digest to guarantee we always get the correct |
113 | 143 | // image, no matter on which platform this test is run on. |
|
0 commit comments