Merge pull request #2238 from coreos-inc/fake-clair

Add a fake security scanner class for easier testing

test/test_api_usage.py

@@ -14,7 +14,6 @@ from urllib import urlencode
 from urlparse import urlparse, urlunparse, parse_qs
 
 from playhouse.test_utils import assert_query_count, _QueryLogHandler
-from httmock import urlmatch, HTTMock
 from cryptography.hazmat.primitives import serialization
 from cryptography.hazmat.backends import default_backend
 from mockldap import MockLdap
@@ -28,6 +27,7 @@ from initdb import setup_database_for_testing, finished_database_for_testing
 from data import database, model
 from data.database import RepositoryActionCount, Repository as RepositoryTable
 from test.helpers import assert_action_logged
+from util.secscan.fake import fake_security_scanner
 
 from endpoints.api.team import (TeamMember, TeamMemberList, TeamMemberInvite, OrganizationTeam,
                                 TeamPermissions)
@@ -4115,47 +4115,6 @@ class TestSuperUserConfig(ApiTestCase):
       mockldap.stop()
 
 
-
-@urlmatch(netloc=r'(.*\.)?mockclairservice', path=r'/v1/layers/(.+)')
-def get_layer_success_mock(url, request):
-  vulnerabilities = [
-    {
-      "Name": "CVE-2014-9471",
-      "Namespace": "debian:8",
-      "Description": "The parse_datetime function in GNU coreutils allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted date string, as demonstrated by the \"--date=TZ=\"123\"345\" @1\" string to the touch or date command.",
-      "Link": "https://security-tracker.debian.org/tracker/CVE-2014-9471",
-      "Severity": "Low",
-      "FixedBy": "9.23-5"
-    }
-  ]
-
-  features = [
-    {
-      "Name": "coreutils",
-      "Namespace": "debian:8",
-      "Version": "8.23-4",
-      "Vulnerabilities": vulnerabilities,
-    }
-  ]
-
-  if not request.url.index('vulnerabilities') > 0:
-    vulnerabilities = []
-
-    if not request.url.index('features') > 0:
-      features = []
-
-  return py_json.dumps({
-    "Layer": {
-      "Name": "17675ec01494d651e1ccf81dc9cf63959ebfeed4f978fddb1666b6ead008ed52",
-      "Namespace": "debian:8",
-      "ParentName": "140f9bdfeb9784cf8730e9dab5dd12fbd704151cf555ac8cae650451794e5ac2",
-      "IndexedByVersion": 1,
-      "Features": features
-    }
-  })
-
-
-
 class TestRepositoryImageSecurity(ApiTestCase):
   def test_get_vulnerabilities(self):
     self.login(ADMIN_ACCESS_USER)
@@ -4175,7 +4134,9 @@ class TestRepositoryImageSecurity(ApiTestCase):
     layer.save()
 
     # Grab the security info again.
-    with HTTMock(get_layer_success_mock):
+    with fake_security_scanner() as security_scanner:
+      security_scanner.add_layer(security_scanner.layer_id(layer))
+
       response = self.getJsonResponse(RepositoryImageSecurity,
                                       params=dict(repository=ADMIN_ACCESS_USER + '/simple',
                                                   imageid=layer.docker_image_id,