Add test for bulk vulnerability analysis#20733
Add test for bulk vulnerability analysis#20733ColeHiggins2 wants to merge 6 commits intoSatelliteQE:masterfrom
Conversation
ColeHiggins2
added
No-CherryPick
Reviewer's GuideAdds a shared fixture to prepare a vulnerable RHEL host and introduces a new end-to-end UI test that validates bulk disabling of vulnerability analysis via the All Hosts page, while refactoring the existing vulnerability E2E test to reuse the new fixture. File-Level Changes
Tips and commandsInteracting with Sourcery
Customizing Your ExperienceAccess your dashboard to:
Getting Help
|
![sourcery-ai[bot]](https://avatars.githubusercontent.com/in/48477?s=60&v=4){kind=small}
There was a problem hiding this comment.
Hey - I've left some high level feedback:
- In the new
vulnerable_rhel_hostfixture, consider movingGLIBC_RPMto a module-level constant so it can be reused and not redefined inside the fixture body. - In
test_positive_bulk_disable_vulnerability_analysis, the initial call tosession.all_hosts.get_displayed_table_headers()beforemanage_table_columnsis unused and can be removed to keep the test focused and avoid redundant UI calls.
Prompt for AI Agents
Please address the comments from this code review:
## Overall Comments
- In the new `vulnerable_rhel_host` fixture, consider moving `GLIBC_RPM` to a module-level constant so it can be reused and not redefined inside the fixture body.
- In `test_positive_bulk_disable_vulnerability_analysis`, the initial call to `session.all_hosts.get_displayed_table_headers()` before `manage_table_columns` is unused and can be removed to keep the test focused and avoid redundant UI calls.Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.
|
|
|
||
| @pytest.mark.e2e | ||
| @pytest.mark.no_containers | ||
| @pytest.mark.rhel_ver_list([9, 10]) |
There was a problem hiding this comment.
| @pytest.mark.rhel_ver_list([9, 10]) | |
| @pytest.mark.rhel_ver_match('N-1') |
@ColeHiggins2 Could we use this instead?
chris1984
left a comment
chris1984
left a comment
There was a problem hiding this comment.
Overall looks good, left one comment and Lads has a few
|
|
||
| @pytest.mark.e2e | ||
| @pytest.mark.no_containers | ||
| @pytest.mark.rhel_ver_list([9, 10]) |
|
trigger: test-robottelo |
1 similar comment
|
trigger: test-robottelo |
Addresses code review feedback by: - Creating vulnerable_rhel_host fixture (matches pattern from PR SatelliteQE#20733) - Centralizing CVE_ID as module-level constant - Removing duplicate client setup code from each test - Updating all test signatures to use the fixture Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Addresses code review feedback by: - Creating vulnerable_rhel_host fixture (matches pattern from PR SatelliteQE#20733) - Centralizing CVE_ID as module-level constant - Removing duplicate client setup code from each test - Updating all test signatures to use the fixture Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
|
trigger: test-robottelo |
|
trigger: test-robottelo |
|
oops sorry, wrong PR 😳 |
|
@jeremylenz fun fact, if you are fast and remove the comment quickly, it will not spinup the PRT. :D |
| table_data = session.all_hosts.search(hostname) | ||
| assert len(table_data) > 0, f"Host {hostname} not found after search" | ||
| assert int(table_data[0]['Total CVEs']) > 1 | ||
| host_row = table_data[0] |
There was a problem hiding this comment.
Seems host_row is not fully used. Not a big deal.
There was a problem hiding this comment.
Good catch, could you please remove it @ColeHiggins2 as it is not used.
There was a problem hiding this comment.
oh it's used in the error message, I guess that's fine!
Addresses code review feedback by: - Creating vulnerable_rhel_host fixture (matches pattern from PR SatelliteQE#20733) - Centralizing CVE_ID as module-level constant - Removing duplicate client setup code from each test - Updating all test signatures to use the fixture Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
jnagare-redhat
left a comment
jnagare-redhat
left a comment
There was a problem hiding this comment.
Looks good. Waiting for PRT
Addresses code review feedback by: - Creating vulnerable_rhel_host fixture (matches pattern from PR SatelliteQE#20733) - Centralizing CVE_ID as module-level constant - Removing duplicate client setup code from each test - Updating all test signatures to use the fixture Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Addresses code review feedback by: - Creating vulnerable_rhel_host fixture (matches pattern from PR SatelliteQE#20733) - Centralizing CVE_ID as module-level constant - Removing duplicate client setup code from each test - Updating all test signatures to use the fixture Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Addresses code review feedback by: - Creating vulnerable_rhel_host fixture (matches pattern from PR SatelliteQE#20733) - Centralizing CVE_ID as module-level constant - Removing duplicate client setup code from each test - Updating all test signatures to use the fixture Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
ColeHiggins2
force-pushed
the
bulk-vulnerability-analysis
branch
from
8611f9a to
801e4c1
Compare
…rsion (#20743) * feat: Add UI tests for CVE business risk and status editing Add end-to-end tests for editing CVE business risk and status fields in the Insights Vulnerability UI. Tests added: - test_bulk_edit_business_risk_and_status - Bulk editing for multiple CVEs - test_edit_from_cve_details_page - Editing from CVE details page - test_filter_by_os_version - Filtering vulnerabilities by OS version Each test: - Provisions RHEL 10 host with IoP configured - Downgrades glibc to create CVE-2025-8058 - Verifies edit functionality via Airgun entity methods - Confirms changes persist in the vulnerabilities table Depends on: SatelliteQE/airgun#2303 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * refactor: Use vulnerable_rhel_host fixture and centralize constants Addresses code review feedback by: - Creating vulnerable_rhel_host fixture (matches pattern from PR #20733) - Centralizing CVE_ID as module-level constant - Removing duplicate client setup code from each test - Updating all test signatures to use the fixture Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * refactor: Address PR review comments for vulnerability edit tests - Move CVE and RPM constants to robottelo/constants/__init__.py for reusability - Change rhel_ver_list([10]) to rhel_ver_match('10') for exact version matching - Remove CaseImportance metadata (not used for test selection) - Convert double quotes to single quotes for consistency with project style Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * refactor: Replace glibc with mariadb for vulnerability testing glibc downgrade is not supported on RHEL10. Switch to mariadb package which creates 3 deterministic CVEs (CVE-2023-52969, CVE-2023-52970, CVE-2023-52971). This addresses PR review feedback to make bulk edit tests deterministic rather than relying on finding random CVEs. Also adds insights-client call to ensure vulnerabilities are reported to Satellite. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * refactor: Simplify to use single dnf install command dnf install with full NEVRA handles install/upgrade/downgrade automatically, so no need for separate install + downgrade commands. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * fix: Add CaseImportance High marker to vulnerability tests This marker is required at the module level for CI checks to pass. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> * fix: Restore assert any pattern for vulnerability checks During the rebase, the assertion pattern was incorrectly changed from using `assert any()` to direct index access with `[0]`. This reverts to the more robust `assert any()` pattern while keeping the constant reference. The `assert any()` pattern is preferred because: - It's more resilient when the CVE isn't the first in the list - It handles empty lists gracefully - It better expresses the intent to find the CVE anywhere in the list Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Sonnet 4.5 <noreply@anthropic.com>
ColeHiggins2
force-pushed
the
bulk-vulnerability-analysis
branch
from
801e4c1 to
a03df74
Compare
|
trigger: test-robottelo |
|
trigger: test-robottelo |
|
trigger: test-robottelo |
|
trigger: test-robottelo |
1 similar comment
|
trigger: test-robottelo |
ColeHiggins2
added
CherryPick
6 participants
Test for SAT-40203
Bulk Vulnerability Analysis toggle
SatelliteQE/airgun#2299