libffi-dev \
make \
libssl-dev \
+ golint \
+ sqlite3 \
+ debian-goodies \
build-essential \
autoconf automake autotools-dev m4 \
linux-headers-generic \
COPY --from=build /opt/akraino/lynis-remote.tar.gz /opt/akraino/lynis-remote.tar.gz
-RUN apt-get update && apt-get -y install \
- python3-pip python3.6 && \
+RUN apt-get update && apt-get -y upgrade && apt-get -y install \
+ python3-pip python3.6 \
+ sqlite \
+ debian-goodies \
+ wget \
+ curl apt-transport-https ca-certificates software-properties-common && \
+ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | apt-key add - && \
+ add-apt-repository "deb https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable" && \
+ apt-get update && \
+ apt-get install -y docker-ce && \
cd /usr/bin && ln -s python3 python && \
pip3 install -r /wheels/requirements/pip-requirements.txt \
-f /wheels && \
rm -rf /var/cache/apt/* && \
rm -rf /var/lib/apt/lists/*
+# Fetches vuls databases
+SHELL ["/bin/bash", "-c"]
+RUN wget https://dl.google.com/go/go1.12.6.linux-amd64.tar.gz -P /root/ && \
+ cd /root/ && \
+ tar -xzf go1.12.6.linux-amd64.tar.gz -C /root/ && \
+ export GOROOT=/root/go && \
+ export GOPATH=/root/go/src && \
+ export PATH=$PATH:/root/go/bin:/root/go/src/bin && \
+ mkdir -p /root/go/src/github.com/future-architect && \
+ cd /root/go/src/github.com/future-architect && \
+ git clone https://github.com/future-architect/vuls && \
+ cd vuls && \
+ make install && \
+ mkdir -p /root/go/src/github.com/kotakanbe && \
+ git -C /root/go/src/github.com/kotakanbe clone https://github.com/kotakanbe/go-cve-dictionary.git && \
+ cd /root/go/src/github.com/kotakanbe/go-cve-dictionary/ && \
+ make install && \
+ mkdir /opt/akraino/validation/tests/os/vuls/ && \
+ for i in $(seq 2002 "$(date +"%Y")"); do go-cve-dictionary fetchnvd -http-proxy=${HTTP_PROXY} -dbpath /opt/akraino/validation/tests/os/vuls/cve.sqlite3 -years "$i"; done && \
+ git -C /root/go/src/github.com/kotakanbe clone https://github.com/kotakanbe/goval-dictionary.git && \
+ cd /root/go/src/github.com/kotakanbe/goval-dictionary && \
+ make install && \
+ goval-dictionary fetch-ubuntu -http-proxy=${HTTP_PROXY} -dbpath=/opt/akraino/validation/tests/os/vuls/oval.sqlite3 16 && \
+ cd /opt/akraino/validation/tests/os/vuls && \
+ tar cvzf db.tar.gz *.sqlite3 && \
+ rm *.sqlite3
+
# Install bluval dependencies
RUN pip3 install -r /opt/akraino/validation/bluval/requirements.txt
ENV LC_ALL=C.UTF-8
--- /dev/null
+##############################################################################
+# Copyright (c) 2019 AT&T Intellectual Property. #
+# Copyright (c) 2019 Nokia. #
+# #
+# Licensed under the Apache License, Version 2.0 (the "License"); #
+# you maynot use this file except in compliance with the License. #
+# #
+# You may obtain a copy of the License at #
+# http://www.apache.org/licenses/LICENSE-2.0 #
+# #
+# Unless required by applicable law or agreed to in writing, software #
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT #
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. #
+# See the License for the specific language governing permissions and #
+# limitations under the License. #
+##############################################################################
+
+*** Settings ***
+Library SSHLibrary
+Library OperatingSystem
+Library BuiltIn
+Library Process
+
+*** Variables ***
+${LOG_PATH} /opt/akraino/validation/tests/os/vuls
+
+*** Test Cases ***
+Run Vuls test
+ Set Environment Variable GOROOT /root/go
+ Set Environment Variable GOPATH /root/go/src
+ Set Environment Variable PATH /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/root/go/bin:/root/go/src/bin
+ Set Environment Variable LC_ALL en_US.UTF-8
+ Set Environment Variable LANG en_US.UTF-8
+
+ ${rc} = Run And Return Rc install -D /opt/akraino/validation/tests/os/vuls/config /root/.ssh/
+ Should Be Equal As Integers ${rc} 0
+
+ ${rc} = Run And Return Rc sed -i 's/HOST/${HOST}/g' config.toml
+ Should Be Equal As Integers ${rc} 0
+
+ ${rc} = Run And Return Rc sed -i 's/USERNAME/${USERNAME}/g' config.toml
+ Should Be Equal As Integers ${rc} 0
+
+ ${rc} = Run And Return Rc tar xvzf db.tar.gz -C /opt/akraino/validation/tests/os/vuls/
+ Should Be Equal As Integers ${rc} 0
+
+ ${rc} = Run And Return Rc vuls scan -config config.toml -ssh-config
+ Should Be Equal As Integers ${rc} 0
+
+ ${rc} ${output} = Run And Return Rc And Output vuls report
+ Should Be Equal As Integers ${rc} 0
+ Append To File ${LOG_PATH}/vuls.log ${output}${\n}
Code Review / validation.git / commitdiff