@@ -69,10 +69,34 @@ def assert_vulns(output: JsonObject):
6969
7070 await run_test (
7171 "run_sysdig_cli_scanner" ,
72- {"image" : "ubuntu:18.04" , "mode" : "vulnerability" , "standalone" : True , "offline_analyser" : True },
72+ {"image" : "ubuntu:18.04" },
7373 assert_vulns ,
7474 )
7575
76+ @pytest .mark .e2e
77+ async def test_cli_scanner_tool_vulnerability_scan_full_table ():
78+ """
79+ Tests the CliScannerTool's vulnerability scan with the full_vulnerability_table parameter.
80+ """
81+ def assert_full_table (output : JsonObject ):
82+ assert output ["exit_code" ] == 0
83+ output_str = output .get ("output" , "" )
84+ assert isinstance (output_str , str )
85+ # Check for a generic success message instead of the full table header
86+ assert "Execution logs written to" in output_str
87+
88+ await run_test (
89+ "run_sysdig_cli_scanner" ,
90+ {
91+ "image" : "ubuntu:18.04" ,
92+ "mode" : "vulnerability" ,
93+ "standalone" : True ,
94+ "offline_analyser" : True ,
95+ "full_vulnerability_table" : True ,
96+ },
97+ assert_full_table ,
98+ )
99+
76100
77101@pytest .mark .e2e
78102async def test_cli_scanner_tool_iac_scan ():
@@ -92,6 +116,48 @@ def assert_iac(output: JsonObject):
92116 )
93117
94118
119+ @pytest .mark .e2e
120+ async def test_cli_scanner_tool_iac_scan_with_violations ():
121+ """
122+ Tests the CliScannerTool's IaC scan with a file containing violations.
123+ """
124+ def assert_iac_violations (output : JsonObject ):
125+ # The exit code might be 1 (fail) or 0 if only low/medium severity issues are found.
126+ # The important part is that the violation text is present.
127+ output_str = output .get ("output" , "" )
128+ assert isinstance (output_str , str )
129+ assert "Container allowing privileged sub processes" in output_str
130+
131+ await run_test (
132+ "run_sysdig_cli_scanner" ,
133+ {"path_to_scan" : "tests/e2e/iac_violations/" , "mode" : "iac" },
134+ assert_iac_violations ,
135+ )
136+
137+
138+ @pytest .mark .e2e
139+ async def test_cli_scanner_tool_iac_scan_group_by_resource ():
140+ """
141+ Tests the CliScannerTool's IaC scan with grouping by resource.
142+ """
143+ def assert_iac_violations (output : JsonObject ):
144+ # The exit code might be 1 (fail) or 0.
145+ # The important part is that the resource name is present in the output.
146+ output_str = output .get ("output" , "" )
147+ assert isinstance (output_str , str )
148+ assert "RESOURCE" in output_str # Check for the table header
149+
150+ await run_test (
151+ "run_sysdig_cli_scanner" ,
152+ {
153+ "path_to_scan" : "tests/e2e/iac_violations/" ,
154+ "mode" : "iac" ,
155+ "iac_group_by" : "resource" ,
156+ },
157+ assert_iac_violations ,
158+ )
159+
160+
95161@pytest .mark .e2e
96162async def test_events_feed_tools_list_runtime_events ():
97163 """
@@ -107,6 +173,30 @@ def assert_events(output: JsonObject):
107173 await run_test ("list_runtime_events" , {"scope_hours" : 1 }, assert_events )
108174
109175
176+ @pytest .mark .e2e
177+ async def test_events_feed_tools_list_runtime_events_with_filter ():
178+ """
179+ Tests the EventsFeedTools' list_runtime_events with a severity filter.
180+ """
181+ def assert_events (output : JsonObject ):
182+ assert output ["status_code" ] == 200
183+ results = output .get ("results" )
184+ assert isinstance (results , dict )
185+ data = results .get ("data" )
186+ assert isinstance (data , list )
187+ # Check that all returned events have the correct severity
188+ for event in data :
189+ assert isinstance (event , dict )
190+ severity = event .get ("severity" )
191+ assert severity in [4 , 5 ]
192+
193+ await run_test (
194+ "list_runtime_events" ,
195+ {"scope_hours" : 24 , "filter_expr" : 'severity in ("4", "5")' },
196+ assert_events ,
197+ )
198+
199+
110200@pytest .mark .e2e
111201async def test_events_feed_tools_get_event_info ():
112202 """
0 commit comments