22360764254

Committed 24 Feb 2026 04:46PM UTC coverage: 88.798% (-4.1%) from 92.935%

Build # 22360764254

Build Type

Pull #23133

github

Committed by

web-flow

Commit Message

Merge 4c056364c into 4d038bd74

Pull Request Pull Request #23133: Add buildctl engine

Coverage Stats

181 of 264 new or added lines in 8 files covered. (68.56%)

3184 existing lines in 145 files now uncovered.

77555 of 87339 relevant lines covered (88.8%)

3.34 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

20.0

/src/python/pants/backend/tools/trivy/testutil.py

# Copyright 2024 Pants project contributors (see CONTRIBUTORS.md).
# Licensed under the Apache License, Version 2.0 (see LICENSE).
import json

from pants.core.goals.lint import LintResult

trivy_config = """
format: json
"""


def assert_trivy_output(
    result: LintResult,
    expected_exit_code: int,
    target: str,
    scanner_type: str,
    expected_error_count: int,
):
    """Assert that the output of Trivy matches our expectations.

    For checking the error count, we assert that there are _at least_ as many errors as specified,
    since new ones are found as time goes on and we don't want the tests to suddenly break
    """
    if result.exit_code != expected_exit_code:
        raise AssertionError(
            f"Trivy process had incorrect exit code, expected={expected_exit_code}, actual={result.exit_code}, stdout={result.stdout}, stderr={result.stderr}"
        )

    try:
        report = json.loads(result.stdout)
    except json.decoder.JSONDecodeError as e:
        raise AssertionError(
            f"Trivy output could not be parsed as JSON, stdout={result.stdout=}, stderr={result.stderr}"
        ) from e

    findings_by_target = {res["Target"]: res for res in report["Results"]}
    assert target in findings_by_target, (
        f"Did not find expected file in results, target={target} files={list(findings_by_target.keys())}"
    )

    if scanner_type == "config":
        found_count = findings_by_target[target]["MisconfSummary"]["Failures"]
        assert found_count >= expected_error_count, (
            f"Did not find expected failure count actual={found_count} expected={expected_error_count}"
        )
    elif scanner_type == "image":
        found_count = len(findings_by_target[target]["Vulnerabilities"])
        assert found_count >= expected_error_count, (
            f"Did not find expected vulnerabilities found={found_count} expected={expected_error_count}"
        )


def assert_trivy_success(result: LintResult):
    if result.exit_code != 0:
        raise AssertionError(f"Trivy process was not successful, stdout={result.stdout}")

    try:
        json.loads(result.stdout)
    except json.decoder.JSONDecodeError as e:
        raise AssertionError(
            f"Trivy output could not be parsed as JSON, stdout={result.stdout}, stderr={result.stderr}"
        ) from e

1	# Copyright 2024 Pants project contributors (see CONTRIBUTORS.md).
2	# Licensed under the Apache License, Version 2.0 (see LICENSE).
3	import json	1✔
4
5	from pants.core.goals.lint import LintResult	1✔
6
7	trivy_config = """	1✔
8	format: json
9	"""
10
11
12	def assert_trivy_output(	1✔
13	result: LintResult,
14	expected_exit_code: int,
15	target: str,
16	scanner_type: str,
17	expected_error_count: int,
18	):
19	"""Assert that the output of Trivy matches our expectations.
20
21	For checking the error count, we assert that there are _at least_ as many errors as specified,
22	since new ones are found as time goes on and we don't want the tests to suddenly break
23	"""
UNCOV 24	if result.exit_code != expected_exit_code:	×
25	raise AssertionError(	×
26	f"Trivy process had incorrect exit code, expected={expected_exit_code}, actual={result.exit_code}, stdout={result.stdout}, stderr={result.stderr}"
27	)
28
UNCOV 29	try:	×
UNCOV 30	report = json.loads(result.stdout)	×
31	except json.decoder.JSONDecodeError as e:	×
32	raise AssertionError(	×
33	f"Trivy output could not be parsed as JSON, stdout={result.stdout=}, stderr={result.stderr}"
34	) from e
35
UNCOV 36	findings_by_target = {res["Target"]: res for res in report["Results"]}	×
UNCOV 37	assert target in findings_by_target, (	×
38	f"Did not find expected file in results, target={target} files={list(findings_by_target.keys())}"
39	)
40
UNCOV 41	if scanner_type == "config":	×
UNCOV 42	found_count = findings_by_target[target]["MisconfSummary"]["Failures"]	×
UNCOV 43	assert found_count >= expected_error_count, (	×
44	f"Did not find expected failure count actual={found_count} expected={expected_error_count}"
45	)
UNCOV 46	elif scanner_type == "image":	×
UNCOV 47	found_count = len(findings_by_target[target]["Vulnerabilities"])	×
UNCOV 48	assert found_count >= expected_error_count, (	×
49	f"Did not find expected vulnerabilities found={found_count} expected={expected_error_count}"
50	)
51
52
53	def assert_trivy_success(result: LintResult):	1✔
UNCOV 54	if result.exit_code != 0:	×
55	raise AssertionError(f"Trivy process was not successful, stdout={result.stdout}")	×
56
UNCOV 57	try:	×
UNCOV 58	json.loads(result.stdout)	×
59	except json.decoder.JSONDecodeError as e:	×
60	raise AssertionError(	×
61	f"Trivy output could not be parsed as JSON, stdout={result.stdout}, stderr={result.stderr}"
62	) from e

pantsbuild / pants / 22360764254

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous