Closed damarisg closed 2 years ago
For this task, I watch a video that explains the basic Vulnerability Detector module and a video that explains how it works the status of vulnerabilities, and with that information and the official documentation, I write a personal documentation with the more important information about how vulnerability detector works.
For this task, I watch a video that explains the new structure applied to the Integration test. Issue related: https://github.com/wazuh/wazuh-qa/issues/2462 PR related: https://github.com/wazuh/wazuh-qa/pull/2499
In this task, I do a quick view of tests inside test_feed
.
Suite test feeds:
test_cpe_indexing: Check that the CPE helper
info related to the packages/system data is indexed.
test_dowload_feed: Check if modulesd
downloads successfully the feeds from different providers and os, and check that
the feed update date does not exceed a set limit.
test_duplicate_feed: Check that the vulnerabilities are not repeated in the database when they are indexed from the feeds.
test_import_invalid_feed_type: Check the vulnerability detector behavior when importing unexpected file types as feeds
test_validate_feed_content: Check if the downloaded XML/JSON
feeds have the expected format and are XML/JSON
parseable
In this task, I do a quick view of tests inside test_providers
modulesd
downloads/does not download
the feeds from different providers when enabled is set to yes/no
modulesd
starts downloading the feeds without specifying the os versionmodulesd
downloads the feeds for each os
.update_from_year
option<interval_update>
tag.I watch a video that explains the basic Vulnerability Detector functionality, how to configure it, and how it works. Also, watched another video explaining how alerts are generated based on during partial and full scans. Wrote some notes on how VD works with the data from the videos and the official documentation.
Watched a video that explains the new structure applied to the Integration test. Issue related: #2462 PR related: #2499
For this Task, I did a quick analysis of the files in the test_feeds suite, and tried to determine possible test cases that were missing.
Test feeds Suidt:
Possible coverage to Add:
This task consisted of a quick review of tests inside test_providers
modulesd
downloads the feeds from different providers according to the <enabled>
tag being set to yes/no
modulesd
starts downloading feeds without specifying the os version<path>
and <os path=...>
options work properly according to the configuration
and check there are no conflicts when reading the feeds and inserting them in the database.modulesd
downloads the feeds for each os
.update_from_year
option<interval_update>
tag.I do a quick view of tests inside test_feed
.
I do a quick view of tests inside test_providers
:
I do a quick view of tests inside test_scan_results
:
Description
As part of https://github.com/wazuh/wazuh-qa/issues/2792, it is necessary to investigate the development of the new structure in the Vulnerability Detector tests. In addition, we must learn about the coverage of Suites: test_feeds, test_providers, and test_scan_results that integration tests have.
To Do List