improve assertions

pantsbuild · Dec 19, 2024 · 42c6391 · 42c6391
1 parent a607d13
commit 42c6391
Show file tree

Hide file tree

Showing 3 changed files with 28 additions and 10 deletions.
diff --git a/src/python/pants/backend/docker/lint/trivy/trivy_integration_test.py b/src/python/pants/backend/docker/lint/trivy/trivy_integration_test.py
@@ -10,7 +10,7 @@
 from pants.backend.docker.rules import rules as docker_rules
 from pants.backend.docker.target_types import DockerImageTarget
 from pants.backend.tools.trivy.rules import rules as trivy_rules
-from pants.backend.tools.trivy.testutil import assert_trivy_output, trivy_config
+from pants.backend.tools.trivy.testutil import assert_trivy_output, trivy_config, assert_trivy_success
 from pants.core.goals import package
 from pants.core.goals.lint import LintResult
 from pants.core.util_rules import source_files
@@ -80,8 +80,7 @@ def test_trivy_good(rule_runner: RuleRunner) -> None:
         ],
     )
 
-    assert result.exit_code == 0
-    assert json.loads(result.stdout), "got nothing as output from trivy"
+    assert_trivy_success(result)
 
 
 def test_trivy_bad(rule_runner: RuleRunner) -> None:

diff --git a/src/python/pants/backend/terraform/lint/trivy/trivy_integration_test.py b/src/python/pants/backend/terraform/lint/trivy/trivy_integration_test.py
@@ -52,10 +52,6 @@ def rule_runner(standard_deployment: StandardDeployment) -> RuleRunner:
         }
     )
     rule_runner.write_files(trivy_deployment.files)
-    # # test changing severity
-    # rule_runner.set_options([
-    #     "--trivy-severity=CRITICAL"
-    # ])
 
     return rule_runner
 

diff --git a/src/python/pants/backend/tools/trivy/testutil.py b/src/python/pants/backend/tools/trivy/testutil.py
@@ -2,20 +2,29 @@
 # Licensed under the Apache License, Version 2.0 (see LICENSE).
 import json
 
+from pants.core.goals.lint import LintResult
+
 trivy_config = """
 format: json
 """
 
 
 def assert_trivy_output(
-    result, expected_exit_code: int, target: str, scanner_type: str, expected_error_count: int
+    result: LintResult, expected_exit_code: int, target: str, scanner_type: str, expected_error_count: int
 ):
-    assert result.exit_code == expected_exit_code
-    report = json.loads(result.stdout)
+    if result.exit_code != expected_exit_code:
+        raise AssertionError(f"Trivy process had incorrect exit code, expected={expected_exit_code}, actual={result.exit_code}, stdout={result.stdout}, stderr={result.stderr}")
+
+    try:
+        report = json.loads(result.stdout)
+    except json.decoder.JSONDecodeError as e:
+        raise AssertionError(f"Trivy output could not be parsed as JSON, stdout={result.stdout=}, stderr={result.stderr}") from e
+
     findings_by_target = {res["Target"]: res for res in report["Results"]}
     assert (
         target in findings_by_target
     ), f"Did not find expected file in results, target={target} files={list(findings_by_target.keys())}"
+
     if scanner_type == "config":
         found_count = findings_by_target[target]["MisconfSummary"]["Failures"]
         assert (
@@ -26,3 +35,17 @@ def assert_trivy_output(
         assert (
             found_count == expected_error_count
         ), f"Did not find expected vulnerabilities found={found_count} expected={expected_error_count}"
+
+
+
+
+def assert_trivy_success(result: LintResult):
+    if result.exit_code != 0:
+        raise AssertionError(
+            f"Trivy process was not successful, stdout={result.stdout}"
+        )
+
+    try:
+        json.loads(result.stdout)
+    except json.decoder.JSONDecodeError as e:
+        raise AssertionError(f"Trivy output could not be parsed as JSON, stdout={result.stdout}, stderr={result.stderr}") from e