Migrate test_scan_results documentation to qa-docs

tests/integration/test_vulnerability_detector/test_scan_results/test_alas_inventory_alas_feed.py

@@ -1,7 +1,59 @@
-# Copyright (C) 2015-2021, Wazuh Inc.
-# Created by Wazuh, Inc. <[email protected]>.
-# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
-
+'''
+copyright: Copyright (C) 2015-2021, Wazuh Inc.
+
+ Created by Wazuh, Inc. <[email protected]>.
+
+ This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+
+type: integration
+
+brief: Wazuh is able to detect vulnerabilities in the applications installed in agents using the Vulnerability Detector
+ module. This software audit is performed through the integration of vulnerability feeds indexed by Redhat,
+ Canonical, Debian, Amazon Linux and NVD Database.
+
+tier: 1
+
+modules:
+ - vulnerability_detector
+
+components:
+ - manager
+
+daemons:
+ - wazuh-modulesd
+ - wazuh-db
+ - wazuh-analysisd
+
+os_platform:
+ - linux
+
+os_version:
+ - Arch Linux
+ - Amazon Linux 2
+ - Amazon Linux 1
+ - CentOS 8
+ - CentOS 7
+ - CentOS 6
+ - Ubuntu Focal
+ - Ubuntu Bionic
+ - Ubuntu Xenial
+ - Ubuntu Trusty
+ - Debian Buster
+ - Debian Stretch
+ - Debian Jessie
+ - Debian Wheezy
+ - Red Hat 8
+ - Red Hat 7
+ - Red Hat 6
+
+references:
+ - https://documentation.wazuh.com/current/user-manual/capabilities/vulnerability-detection/index.html
+
+tags:
+ - settings
+ - vulnerability
+ - vulnerability_detector
+'''
 import os
 
 import pytest
@@ -35,6 +87,7 @@
 configurations = load_wazuh_configurations(configurations_path, __name__, params=parameters)
 local_internal_options = {'wazuh_modules.debug': '2'}
 
+
 # Fixtures
 @pytest.fixture(scope='module', params=configurations, ids=['alas_feed'])
 def get_configuration(request):
@@ -63,18 +116,50 @@ def mock_vulnerability_scan(request, mock_agent):
  vendor=f"{vd.VENDOR[request.param['target']]}")
 
 
-def test_amazon_linux_vulnerabilities_report(configure_local_internal_options_module, get_configuration, configure_environment, restart_modulesd, check_cve_db,
+def test_amazon_linux_vulnerabilities_report(configure_local_internal_options_module, get_configuration,
+ configure_environment, restart_modulesd, check_cve_db,
  mock_vulnerability_scan, file_monitoring):
- """Check if inserted vulnerable packages are reported by vulnerability detector.
-
- Args:
- get_configuration (fixture): Get configurations from the module.
- configure_environment (fixture): Configure a custom environment for testing.
- restart_modulesd (fixture): Reset the logs file and start a new monitor.
- check_cve_db (fixture): Check if the CVE database exists and its tables are created.
- mock_vulnerability_scan (fixture): It allows to mock the vulnerability scan inserting custom packages,
- feeds and changing the host system.
- """
+ '''
+ description: Check if inserted vulnerable packages are reported by vulnerability detector. To do this, it checks a
+ report of the corresponding vulnerabilities are generated in the logs file.
+
+ wazuh_min_version: 4.3.0
+
+ parameters:
+ - configure_local_internal_options_module:
+ type: fixture
+ brief: Configure the local internal options file.
+ - get_configuration:
+ type: fixture
+ brief: Get configurations from the module.
+ - configure_environment:
+ type: fixture
+ brief: Configure a custom environment for testing.
+ - restart_modulesd:
+ type: fixture
+ brief: Reset the logs file and start a new monitor.
+ - check_cve_db:
+ type: fixture
+ brief: Check if the CVE database exists and its tables are created.
+ - mock_vulnerability_scan:
+ type: fixture
+ brief: It allows to mock the vulnerability scan inserting custom packages, feeds and changing the host
+ system.
+
+ assertions:
+ - Verify that the number of OVAL vulnerabilities is the expected.
+ - Verify the vulnerabilities of inserted packages.
+ - Verify that the modulesd daemon is running.
+
+ input_description:
+ - Test cases are found in the test module. The `wazuh_alas_inventory.yaml` file provides the configuration of
+ this module for this test. Feeds are got from custom_alas_feed.json, and custom_alas2_feed.json files.
+ Vulnerabilities are got from alas_vulnerabilities.json file.
+
+ expected_output:
+ - r'The .* found a total of .* potential vulnerabilities for agent .*'
+ - r'The .* package .* from agent .* is vulnerable to .*'
+ '''
  vulnerabilities_number = 0
  for item in mock_vulnerability_scan['vulnerabilities']:
  vulnerabilities_number += len(item['cve']['cveid'])

tests/integration/test_vulnerability_detector/test_scan_results/test_archliux_inventory_archlinux_feed.py

@@ -1,7 +1,59 @@
-# Copyright (C) 2015-2021, Wazuh Inc.
-# Created by Wazuh, Inc. <[email protected]>.
-# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
-
+'''
+copyright: Copyright (C) 2015-2021, Wazuh Inc.
+
+ Created by Wazuh, Inc. <[email protected]>.
+
+ This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+
+type: integration
+
+brief: Wazuh is able to detect vulnerabilities in the applications installed in agents using the Vulnerability Detector
+ module. This software audit is performed through the integration of vulnerability feeds indexed by Redhat,
+ Canonical, Debian, Amazon Linux and NVD Database.
+
+tier: 1
+
+modules:
+ - vulnerability_detector
+
+components:
+ - manager
+
+daemons:
+ - wazuh-modulesd
+ - wazuh-db
+ - wazuh-analysisd
+
+os_platform:
+ - linux
+
+os_version:
+ - Arch Linux
+ - Amazon Linux 2
+ - Amazon Linux 1
+ - CentOS 8
+ - CentOS 7
+ - CentOS 6
+ - Ubuntu Focal
+ - Ubuntu Bionic
+ - Ubuntu Xenial
+ - Ubuntu Trusty
+ - Debian Buster
+ - Debian Stretch
+ - Debian Jessie
+ - Debian Wheezy
+ - Red Hat 8
+ - Red Hat 7
+ - Red Hat 6
+
+references:
+ - https://documentation.wazuh.com/current/user-manual/capabilities/vulnerability-detection/index.html
+
+tags:
+ - settings
+ - vulnerability
+ - vulnerability_detector
+'''
 import os
 import pytest
 
@@ -67,16 +119,43 @@ def mock_vulnerability_scan(request, mock_agent):
 
 def test_arch_linux_vulnerabilities_report(get_configuration, configure_environment, restart_modulesd, check_cve_db,
  mock_vulnerability_scan):
- """Check if inserted vulnerable packages are reported by vulnerability detector.
-
- Args:
- get_configuration (fixture): Get configurations from the module.
- configure_environment (fixture): Configure a custom environment for testing.
- restart_modulesd (fixture): Reset the logs file and start a new monitor.
- check_cve_db (fixture): Check if the CVE database exists and its tables are created.
- mock_vulnerability_scan (fixture): It allows to mock the vulnerability scan inserting custom packages,
- feeds and changing the host system.
- """
+ '''
+ description: Check if inserted vulnerable packages are reported by vulnerability detector. To do this, it checks a
+ report of the corresponding vulnerabilities are generated in the logs file.
+
+ wazuh_min_version: 4.3.0
+
+ parameters:
+ - get_configuration:
+ type: fixture
+ brief: Get configurations from the module.
+ - configure_environment:
+ type: fixture
+ brief: Configure a custom environment for testing.
+ - restart_modulesd:
+ type: fixture
+ brief: Reset the logs file and start a new monitor.
+ - check_cve_db:
+ type: fixture
+ brief: Check if the CVE database exists and its tables are created.
+ - mock_vulnerability_scan:
+ type: fixture
+ brief: It allows to mock the vulnerability scan inserting custom packages, feeds and changing the host
+ system.
+
+ assertions:
+ - Verify that the number of OVAL vulnerabilities is the expected.
+ - Verify the vulnerabilities of inserted packages.
+ - Verify that the modulesd daemon is running.
+
+ input_description:
+ - Test cases are found in the test module. The `wazuh_archlinux_inventory.yaml` file provides the configuration
+ of this module for this test. Feeds are got from custom_archlinux_feed.json file.
+
+ expected_output:
+ - r'The .* found a total of .* potential vulnerabilities for agent .*'
+ - r'The .* package .* from agent .* is vulnerable to .*'
+ '''
  vulnerabilities_number = len(mock_vulnerability_scan['issues'])
 
  # Check that the number of OVAL vulnerabilities is the expected

tests/integration/test_vulnerability_detector/test_scan_results/test_debian_inventory_debian_feed.py

@@ -1,7 +1,59 @@
-# Copyright (C) 2015-2021, Wazuh Inc.
-# Created by Wazuh, Inc. <[email protected]>.
-# This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
-
+'''
+copyright: Copyright (C) 2015-2021, Wazuh Inc.
+
+ Created by Wazuh, Inc. <[email protected]>.
+
+ This program is free software; you can redistribute it and/or modify it under the terms of GPLv2
+
+type: integration
+
+brief: Wazuh is able to detect vulnerabilities in the applications installed in agents using the Vulnerability Detector
+ module. This software audit is performed through the integration of vulnerability feeds indexed by Redhat,
+ Canonical, Debian, Amazon Linux and NVD Database.
+
+tier: 0
+
+modules:
+ - vulnerability_detector
+
+components:
+ - manager
+
+daemons:
+ - wazuh-modulesd
+ - wazuh-db
+ - wazuh-analysisd
+
+os_platform:
+ - linux
+
+os_version:
+ - Arch Linux
+ - Amazon Linux 2
+ - Amazon Linux 1
+ - CentOS 8
+ - CentOS 7
+ - CentOS 6
+ - Ubuntu Focal
+ - Ubuntu Bionic
+ - Ubuntu Xenial
+ - Ubuntu Trusty
+ - Debian Buster
+ - Debian Stretch
+ - Debian Jessie
+ - Debian Wheezy
+ - Red Hat 8
+ - Red Hat 7
+ - Red Hat 6
+
+references:
+ - https://documentation.wazuh.com/current/user-manual/capabilities/vulnerability-detection/index.html
+
+tags:
+ - settings
+ - vulnerability
+ - vulnerability_detector
+'''
 import os
 import pytest
 
@@ -63,16 +115,43 @@ def mock_vulnerability_scan(request, mock_agent):
 @pytest.mark.skip(reason="It will be blocked by wazuh-qa#2178, when it was solve we can enable again this test")
 def test_debian_vulnerabilities_report(get_configuration, configure_environment, restart_modulesd, check_cve_db,
  mock_vulnerability_scan):
- """Check if inserted vulnerable packages are reported by vulnerability detector.
-
- Args:
- get_configuration (fixture): Get configurations from the module.
- configure_environment (fixture): Configure a custom environment for testing.
- restart_modulesd (fixture): Reset the logs file and start a new monitor.
- check_cve_db (fixture): Check if the CVE database exists and its tables are created.
- mock_vulnerability_scan (fixture): It allows to mock the vulnerability scan inserting custom packages,
- feeds and changing the host system.
- """
+ '''
+ description: Check if inserted vulnerable packages are reported by vulnerability detector. To do this, it checks a
+ report of the corresponding vulnerabilities are generated in the logs file.
+
+ wazuh_min_version: 4.2.0
+
+ parameters:
+ - get_configuration:
+ type: fixture
+ brief: Get configurations from the module.
+ - configure_environment:
+ type: fixture
+ brief: Configure a custom environment for testing.
+ - restart_modulesd:
+ type: fixture
+ brief: Reset the logs file and start a new monitor.
+ - check_cve_db:
+ type: fixture
+ brief: Check if the CVE database exists and its tables are created.
+ - mock_vulnerability_scan:
+ type: fixture
+ brief: It allows to mock the vulnerability scan inserting custom packages, feeds and changing the host
+ system.
+
+ assertions:
+ - Verify that the number of OVAL vulnerabilities is the expected.
+ - Verify the vulnerabilities of inserted packages.
+ - Verify that the modulesd daemon is running.
+
+ input_description:
+ - Test cases are found in the test module. The `wazuh_debian_inventory.yaml` file provides the configuration of
+ this module for this test. Vulnerabilities are got from debian_vulnerabilities.json file.
+
+ expected_output:
+ - r'The .* found a total of .* potential vulnerabilities for agent .*'
+ - r'The .* package .* from agent .* is vulnerable to .*'
+ '''
  vulnerabilities_number = len(mock_vulnerability_scan['vulnerabilities'])
 
  # Check that the number of OVAL vulnerabilities is the expected