fix(security): resolve TLS inventory in runtime image
This commit is contained in:
@@ -2,6 +2,7 @@ from __future__ import annotations
|
||||
|
||||
import asyncio
|
||||
import json
|
||||
from pathlib import Path
|
||||
|
||||
from src.jobs import asset_scanner_job
|
||||
|
||||
@@ -609,6 +610,17 @@ def test_domain_tls_inventory_projects_fingerprints_without_raw_paths() -> None:
|
||||
assert "privkey.pem" not in public_text
|
||||
|
||||
|
||||
def test_domain_tls_inventory_candidates_support_shallow_runtime_paths() -> None:
|
||||
candidates = asset_scanner_job._domain_tls_inventory_candidates(
|
||||
cwd=Path("/runtime"),
|
||||
source_path=Path("/app/src/jobs/asset_scanner_job.py"),
|
||||
)
|
||||
|
||||
assert Path(
|
||||
"/app/docs/security/domain-tls-certbot-inventory.snapshot.json"
|
||||
) in candidates
|
||||
|
||||
|
||||
def test_public_tls_expiry_classification_is_conservative() -> None:
|
||||
now_epoch = 1_700_000_000.0
|
||||
|
||||
|
||||
Reference in New Issue
Block a user