Test_e2e_system_382_test_vulnerability_detector.html

self = <test_vulnerability_detector.TestInitialScans object at 0x7fbf76331400>
request = <FixtureRequest for <Function test_first_syscollector_scan[vd_disabled_when_agents_registration]>>
host_manager = <wazuh_testing.tools.system.HostManager object at 0x7fbf763b4130>
save_indexer_credentials_keystore = None
vulnerability_detection_previously_enabled = False
configure_vulnerability_detection_test_environment = '2024-09-17T10:12:52'
record_property = <function record_property.<locals>.append_property at 0x7fbf75ff9ca0>
clean_environment_logs = None, delete_states_vulnerability_index = None

@pytest.mark.parametrize(
"vulnerability_detection_previously_enabled",
[False, True],
ids=[
"vd_disabled_when_agents_registration",
"vd_enabled_when_agents_registration",
],
)
def test_first_syscollector_scan(
self,
request,
host_manager,
save_indexer_credentials_keystore,
vulnerability_detection_previously_enabled,
configure_vulnerability_detection_test_environment,
record_property,
clean_environment_logs,
delete_states_vulnerability_index
):
"""
description: Validates the initiation of the first Syscollector scans across all agents in the environment.

This test ensures that Syscollector first scans are started in all agents in the environment.

tier: 0

parameters:
- request: pytest request object
- host_manager:
type: fixture
brief: Get the host manager of the environment
- vulnerability_detection_previously_enabled:
type: fixture
brief: Whether the vulnerability detection was previously enabled
- configure_environment:
type: fixture
brief: Configure the environment with the given configurations
- get_results: fixture to get the results of global class tests

assertions:
- Verify that all agents has been scanned
"""
global AGENTS_SCANNED_FIRST_SCAN
global FIRST_SCAN_TIME
global FIRST_SCAN_VULNERABILITIES_INDEX
global INITIAL_VULNERABILITIES

FIRST_SCAN_TIME = configure_vulnerability_detection_test_environment

test_result = TestResult(request.node.name)
test_result.add_check(self.all_agents_scanned_syscollector_first_scan_check)
test_result.add_check(self.all_agents_scanned_vulnerability_first_scan_check)
test_result.add_check(self.no_errors_check)

record_property("test_result", test_result)

# Store the agents scanned by syscollector in a global variable.
# Only the last test case result is retained for comparison with the second scan.
agents_not_scanned_first_scan = monitoring_syscollector_scan_agents(host_manager,
VD_E2E_TIMEOUT_SYSCOLLECTOR_SCAN)

AGENTS_SCANNED_FIRST_SCAN = [
agent
for agent in host_manager.get_group_hosts("agent")
if agent not in agents_not_scanned_first_scan
]

test_result.validate_check(
"all_agents_scanned_syscollector_first_scan",
[
Evidence(
"agents_not_scanned_syscollector_first_scan",
agents_not_scanned_first_scan,
)
],
)

if len(AGENTS_SCANNED_FIRST_SCAN) == 0:
logging.critical("Critical error. Test can not continue")
pytest.fail(
"Syscollector scan not started in any agent. Check agent logs for more information"
)

logging.critical("Waiting 30 minutes to avoid Indexer abuseControl.")
time.sleep(MINIMUM_TIMEOUT_RESCAN)

logging.critical("Waiting until agent all agents have been scanned.")
time.sleep(TIMEOUT_PER_AGENT_VULNERABILITY_FIRST_SCAN * len(AGENTS_SCANNED_FIRST_SCAN))

max_result_window(host_manager)
logging.critical("Checking vulnerabilities in the index")
vuln_by_agent_index = get_vulnerabilities_from_states_by_agent(
host_manager,
AGENTS_SCANNED_FIRST_SCAN,
greater_than_timestamp=FIRST_SCAN_TIME,
size=INDEXER_RESULT_WINDOWS_VULN_E2E
)

# Store the vulnerabilities in the global variable to make the comparision in test_consistency_initial_scans
if not vulnerability_detection_previously_enabled:
INITIAL_VULNERABILITIES["vd_disabled_when_agents_registration"] = (
vuln_by_agent_index
)
else:
INITIAL_VULNERABILITIES["vd_enabled_when_agents_registration"] = (
vuln_by_agent_index
)

FIRST_SCAN_VULNERABILITIES_INDEX = vuln_by_agent_index

logging.critical(
"Checking that all agents has been scanned and generated vulnerabilities in the index"
)

agent_not_scanned = []
# We expect at least one vulnerability in each agent
for agent, vulnerabilities in vuln_by_agent_index.items():
if len(vulnerabilities) == 0:
logging.critical(f"No vulnerabilities found for {agent}")
agent_not_scanned.append(agent)

# Validate that all agents has been scanned and generated vulnerabilities in the index
test_result.validate_check(
"all_agents_scanned_vulnerability_first_scan",
[
Evidence(
"agents_not_scanned_vulnerability_first_scan", agent_not_scanned
),
Evidence(
"vulnerabilities_index_first_scan", vuln_by_agent_index, debug=True
),
],
)

logging.critical("Checking for errors in the environment")
unexpected_errors = check_errors_in_environment(
host_manager, expected_errors=VULNERABILITY_DETECTION_E2E_EXPECTED_ERRORS, error_levels=TESTS_UNEXPECTED_ERRORS_LEVELS
)

test_result.validate_check(
"no_errors", [Evidence("error_level_messages", unexpected_errors)]
)

> assert test_result.get_test_result(), test_result.report()
E AssertionError:
E Test test_first_syscollector_scan[vd_disabled_when_agents_registration] failed
E
E Check all_agents_scanned_syscollector_first_scan succeeded
E Check all_agents_scanned_vulnerability_first_scan failed. Evidences (['agents_not_scanned_vulnerability_first_scan']) can be found in the report.
E Check no_errors failed. Evidences (['error_level_messages']) can be found in the report.
E -----
E
E assert False
E + where False = <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf75fca070>>()
E + where <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf75fca070>> = <wazuh_testing.end_to_end.TestResult object at 0x7fbf75fca070>.get_test_result

end_to_end/test_vulnerability_detector/test_vulnerability_detector.py:395: AssertionError
-------------------------------Captured log setup-------------------------------
ERROR root:conftest.py:278 Save the Wazuh indexer username and password into the Wazuh manager keystore ERROR root:test_vulnerability_detector.py:115 Configuring the environment: Vulnerability Detection Enabled: False ERROR root:test_vulnerability_detector.py:134 Restarting managers ERROR root:test_vulnerability_detector.py:148 Starting agents ERROR root:test_vulnerability_detector.py:151 Wait until agents are connected ERROR root:test_vulnerability_detector.py:115 Configuring the environment: Vulnerability Detection Enabled: True ERROR root:test_vulnerability_detector.py:134 Restarting managers ERROR root:test_vulnerability_detector.py:138 Wait until Vulnerability Detector has update all the feeds
-------------------------------Captured log call--------------------------------
ERROR root:__init__.py:237 Marked check all_agents_scanned_syscollector_first_scan result to True with evidences ['agents_not_scanned_syscollector_first_scan'] CRITICAL root:test_vulnerability_detector.py:335 Waiting 30 minutes to avoid Indexer abuseControl. CRITICAL root:test_vulnerability_detector.py:338 Waiting until agent all agents have been scanned. CRITICAL root:test_vulnerability_detector.py:342 Checking vulnerabilities in the index CRITICAL root:test_vulnerability_detector.py:362 Checking that all agents has been scanned and generated vulnerabilities in the index CRITICAL root:test_vulnerability_detector.py:370 No vulnerabilities found for agent2 ERROR root:__init__.py:237 Marked check all_agents_scanned_vulnerability_first_scan result to False with evidences ['agents_not_scanned_vulnerability_first_scan', 'vulnerabilities_index_first_scan'] CRITICAL root:test_vulnerability_detector.py:386 Checking for errors in the environment ERROR root:__init__.py:237 Marked check no_errors result to False with evidences ['error_level_messages']

self = <test_vulnerability_detector.TestInitialScans object at 0x7fbf763319a0>
request = <FixtureRequest for <Function test_first_syscollector_scan[vd_enabled_when_agents_registration]>>
host_manager = <wazuh_testing.tools.system.HostManager object at 0x7fbf763b4130>
save_indexer_credentials_keystore = None
vulnerability_detection_previously_enabled = True
configure_vulnerability_detection_test_environment = '2024-09-17T11:11:34'
record_property = <function record_property.<locals>.append_property at 0x7fbf481adaf0>
clean_environment_logs = None, delete_states_vulnerability_index = None

@pytest.mark.parametrize(
"vulnerability_detection_previously_enabled",
[False, True],
ids=[
"vd_disabled_when_agents_registration",
"vd_enabled_when_agents_registration",
],
)
def test_first_syscollector_scan(
self,
request,
host_manager,
save_indexer_credentials_keystore,
vulnerability_detection_previously_enabled,
configure_vulnerability_detection_test_environment,
record_property,
clean_environment_logs,
delete_states_vulnerability_index
):
"""
description: Validates the initiation of the first Syscollector scans across all agents in the environment.

This test ensures that Syscollector first scans are started in all agents in the environment.

tier: 0

parameters:
- request: pytest request object
- host_manager:
type: fixture
brief: Get the host manager of the environment
- vulnerability_detection_previously_enabled:
type: fixture
brief: Whether the vulnerability detection was previously enabled
- configure_environment:
type: fixture
brief: Configure the environment with the given configurations
- get_results: fixture to get the results of global class tests

assertions:
- Verify that all agents has been scanned
"""
global AGENTS_SCANNED_FIRST_SCAN
global FIRST_SCAN_TIME
global FIRST_SCAN_VULNERABILITIES_INDEX
global INITIAL_VULNERABILITIES

FIRST_SCAN_TIME = configure_vulnerability_detection_test_environment

test_result = TestResult(request.node.name)
test_result.add_check(self.all_agents_scanned_syscollector_first_scan_check)
test_result.add_check(self.all_agents_scanned_vulnerability_first_scan_check)
test_result.add_check(self.no_errors_check)

record_property("test_result", test_result)

# Store the agents scanned by syscollector in a global variable.
# Only the last test case result is retained for comparison with the second scan.
agents_not_scanned_first_scan = monitoring_syscollector_scan_agents(host_manager,
VD_E2E_TIMEOUT_SYSCOLLECTOR_SCAN)

AGENTS_SCANNED_FIRST_SCAN = [
agent
for agent in host_manager.get_group_hosts("agent")
if agent not in agents_not_scanned_first_scan
]

test_result.validate_check(
"all_agents_scanned_syscollector_first_scan",
[
Evidence(
"agents_not_scanned_syscollector_first_scan",
agents_not_scanned_first_scan,
)
],
)

if len(AGENTS_SCANNED_FIRST_SCAN) == 0:
logging.critical("Critical error. Test can not continue")
pytest.fail(
"Syscollector scan not started in any agent. Check agent logs for more information"
)

logging.critical("Waiting 30 minutes to avoid Indexer abuseControl.")
time.sleep(MINIMUM_TIMEOUT_RESCAN)

logging.critical("Waiting until agent all agents have been scanned.")
time.sleep(TIMEOUT_PER_AGENT_VULNERABILITY_FIRST_SCAN * len(AGENTS_SCANNED_FIRST_SCAN))

max_result_window(host_manager)
logging.critical("Checking vulnerabilities in the index")
vuln_by_agent_index = get_vulnerabilities_from_states_by_agent(
host_manager,
AGENTS_SCANNED_FIRST_SCAN,
greater_than_timestamp=FIRST_SCAN_TIME,
size=INDEXER_RESULT_WINDOWS_VULN_E2E
)

# Store the vulnerabilities in the global variable to make the comparision in test_consistency_initial_scans
if not vulnerability_detection_previously_enabled:
INITIAL_VULNERABILITIES["vd_disabled_when_agents_registration"] = (
vuln_by_agent_index
)
else:
INITIAL_VULNERABILITIES["vd_enabled_when_agents_registration"] = (
vuln_by_agent_index
)

FIRST_SCAN_VULNERABILITIES_INDEX = vuln_by_agent_index

logging.critical(
"Checking that all agents has been scanned and generated vulnerabilities in the index"
)

agent_not_scanned = []
# We expect at least one vulnerability in each agent
for agent, vulnerabilities in vuln_by_agent_index.items():
if len(vulnerabilities) == 0:
logging.critical(f"No vulnerabilities found for {agent}")
agent_not_scanned.append(agent)

# Validate that all agents has been scanned and generated vulnerabilities in the index
test_result.validate_check(
"all_agents_scanned_vulnerability_first_scan",
[
Evidence(
"agents_not_scanned_vulnerability_first_scan", agent_not_scanned
),
Evidence(
"vulnerabilities_index_first_scan", vuln_by_agent_index, debug=True
),
],
)

logging.critical("Checking for errors in the environment")
unexpected_errors = check_errors_in_environment(
host_manager, expected_errors=VULNERABILITY_DETECTION_E2E_EXPECTED_ERRORS, error_levels=TESTS_UNEXPECTED_ERRORS_LEVELS
)

test_result.validate_check(
"no_errors", [Evidence("error_level_messages", unexpected_errors)]
)

> assert test_result.get_test_result(), test_result.report()
E AssertionError:
E Test test_first_syscollector_scan[vd_enabled_when_agents_registration] failed
E
E Check all_agents_scanned_syscollector_first_scan succeeded
E Check all_agents_scanned_vulnerability_first_scan succeeded
E Check no_errors failed. Evidences (['error_level_messages']) can be found in the report.
E -----
E
E assert False
E + where False = <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf764621c0>>()
E + where <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf764621c0>> = <wazuh_testing.end_to_end.TestResult object at 0x7fbf764621c0>.get_test_result

end_to_end/test_vulnerability_detector/test_vulnerability_detector.py:395: AssertionError
-------------------------------Captured log setup-------------------------------
ERROR root:test_vulnerability_detector.py:115 Configuring the environment: Vulnerability Detection Enabled: True ERROR root:test_vulnerability_detector.py:134 Restarting managers ERROR root:test_vulnerability_detector.py:138 Wait until Vulnerability Detector has update all the feeds ERROR root:test_vulnerability_detector.py:148 Starting agents ERROR root:test_vulnerability_detector.py:151 Wait until agents are connected
-------------------------------Captured log call--------------------------------
ERROR root:__init__.py:237 Marked check all_agents_scanned_syscollector_first_scan result to True with evidences ['agents_not_scanned_syscollector_first_scan'] CRITICAL root:test_vulnerability_detector.py:335 Waiting 30 minutes to avoid Indexer abuseControl. CRITICAL root:test_vulnerability_detector.py:338 Waiting until agent all agents have been scanned. CRITICAL root:test_vulnerability_detector.py:342 Checking vulnerabilities in the index CRITICAL root:test_vulnerability_detector.py:362 Checking that all agents has been scanned and generated vulnerabilities in the index ERROR root:__init__.py:237 Marked check all_agents_scanned_vulnerability_first_scan result to True with evidences ['agents_not_scanned_vulnerability_first_scan', 'vulnerabilities_index_first_scan'] CRITICAL root:test_vulnerability_detector.py:386 Checking for errors in the environment ERROR root:__init__.py:237 Marked check no_errors result to False with evidences ['error_level_messages']

self = <test_vulnerability_detector.TestInitialScans object at 0x7fbf76331ac0>
request = <FixtureRequest for <Function test_consistency_initial_scans>>
record_property = <function record_property.<locals>.append_property at 0x7fbf76047ca0>

def test_consistency_initial_scans(self, request, record_property):
"""
description: Ensure the consistency of the agent's vulnerabilities neither the agent was registered nor.

This test ensures that the agent's vulnerabilities are consistent with the initial scan.

tier: 0

parameters:
- request: pytest request object
- host_manager:
type: fixture
brief: Get the host manager of the environment

assertions:
- Verify that the number of vulnerabilities is the same between scans
"""
test_result = TestResult(request.node.name)
test_result.add_check(self.initial_vulnerabilities_consistent)

record_property("test_result", test_result)
test_result.validate_check(
"initial_vulnerabilities_consistent",
[
Evidence(
"vd_disabled_when_agents_registration",
INITIAL_VULNERABILITIES["vd_disabled_when_agents_registration"],
),
Evidence(
"vd_enabled_when_agents_registration",
INITIAL_VULNERABILITIES["vd_enabled_when_agents_registration"],
),
],
)

> assert test_result.get_test_result(), test_result.report()
E AssertionError:
E Test test_consistency_initial_scans failed
E
E Check initial_vulnerabilities_consistent failed. Evidences (['vd_disabled_when_agents_registration', 'vd_enabled_when_agents_registration']) can be found in the report.
E -----
E
E assert False
E + where False = <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf76603070>>()
E + where <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf76603070>> = <wazuh_testing.end_to_end.TestResult object at 0x7fbf76603070>.get_test_result

end_to_end/test_vulnerability_detector/test_vulnerability_detector.py:432: AssertionError
-------------------------------Captured log call--------------------------------
ERROR root:__init__.py:237 Marked check initial_vulnerabilities_consistent result to False with evidences ['vd_disabled_when_agents_registration', 'vd_enabled_when_agents_registration']

self = <test_vulnerability_detector.TestScanSyscollectorCases object at 0x7fbf763ab0d0>
host_manager = <wazuh_testing.tools.system.HostManager object at 0x7fbf763b4130>
request = <FixtureRequest for <Function test_install_vulnerable_package_when_agent_down[install_package]>>
record_property = <function record_property.<locals>.append_property at 0x7fbf481ad1f0>
preconditions = None
body = {'operation': 'install_package', 'package': {'centos': {'amd64': 'grafana-8.5.5-1', 'arm64v8': 'grafana-8.5.5-1'}, 'ma...proxy-0.5.9'}, 'ubuntu': {'amd64': 'grafana-8.5.5', 'arm64v8': 'grafana-8.5.5'}, 'windows': {'amd64': 'node-v17.0.1'}}}
teardown = {'operation': 'remove_package', 'package': {'centos': {'amd64': 'grafana-8.5.5-1', 'arm64v8': 'grafana-8.5.5-1'}, 'mac...proxy-0.5.9'}, 'ubuntu': {'amd64': 'grafana-8.5.5', 'arm64v8': 'grafana-8.5.5'}, 'windows': {'amd64': 'node-v17.0.1'}}}
setup = [], clean_environment_logs = None
delete_states_vulnerability_index = None, clean_environment_logs_function = None

@pytest.mark.parametrize("preconditions, body, teardown", single_vulnerable_case_complete_list,
ids=single_vulnerable_case_list_ids,)
def test_install_vulnerable_package_when_agent_down(self, host_manager, request, record_property, preconditions,
body, teardown, setup, clean_environment_logs,
delete_states_vulnerability_index,
clean_environment_logs_function):
"""
description: Install a vulnerable package when the agent is down.

This test ensures that the Vulnerability Detector detects the vulnerability when the agent is down.

tier: 0

parameters:
- request: pytest request object
- host_manager:
type: fixture
brief: Get the host manager of the environment
- configure_environment:
type: fixture
brief: Configure the environment with the given configurations
- get_results: fixture to get the results of global class tests

assertions:
"""
# Is mandatory to launch this test along with the first scan test'
global AGENTS_SCANNED_FIRST_SCAN
if len(AGENTS_SCANNED_FIRST_SCAN) == 0:
pytest.skip("No agent was scanned in the first scan. Skipping test.")

target_to_ignore = list(
set(host_manager.get_group_hosts("agent")) - set(AGENTS_SCANNED_FIRST_SCAN)
)

utc_now_timestamp = datetime.datetime.now(datetime.timezone.utc)
test_timestamp = utc_now_timestamp.strftime("%Y-%m-%dT%H:%M:%S")

test_result = TestResult(request.node.name)
test_result.add_check(self.no_errors_check)
test_result.add_check(self.operation_successfull_for_all_agents_check)
test_result.add_check(self.expected_vulnerabilities_found_in_index_check)
test_result.add_check(self.no_unexpected_vulnerabilities_found_in_index_check)
test_result.add_check(self.no_duplicated_vulnerabilities_check)

record_property("test_result", test_result)

host_manager.control_environment("stop", ["agent"], parallel=True)

# Install Vulnerable package
operations_result = launch_parallel_operations(
body, host_manager, target_to_ignore
)

logging.critical(f"Remote operation results: {operations_result}")
test_result.validate_check(
"operation_successfull_for_all_agents",
[Evidence("operation_results", operations_result)],
)

host_manager.control_environment("start", ["agent"], parallel=True)

time.sleep(AGENT_REGISTRATION_TIMEOUT * len(AGENTS_SCANNED_FIRST_SCAN))
time.sleep(VD_E2E_TIMEOUT_SYSCOLLECTOR_SCAN + PACKAGE_VULNERABILITY_SCAN_TIME * len(AGENTS_SCANNED_FIRST_SCAN))

package_data = [body["package"]]
max_result_window(host_manager)

vulnerabilities = get_vulnerabilities_index(host_manager, AGENTS_SCANNED_FIRST_SCAN, package_data,
size=INDEXER_RESULT_WINDOWS_VULN_E2E)
expected_vulnerabilities = get_expected_index(host_manager, AGENTS_SCANNED_FIRST_SCAN, body["operation"],
body["package"])
duplicated_vulnerabilities = get_duplicated_vulnerabilities(vulnerabilities)

logging.critical("Validating found vulnerabilities")
test_result.validate_check('no_duplicated_vulnerabilities',
[Evidence('duplicated_vulnerabilities', duplicated_vulnerabilities),
Evidence('vulnerabilities', vulnerabilities)
])

result = compare_expected_found_vulnerabilities(vulnerabilities, expected_vulnerabilities)

vulnerabilities_not_found = result["vulnerabilities_not_found"]
vulnerabilities_unexpected = result["vulnerabilities_unexpected"]

logging.critical("Validating found vulnerabilities")
test_result.validate_check(
"expected_vulnerabilities_found_in_index",
[
Evidence("missing_vulnerabilities", vulnerabilities_not_found),
Evidence("vulnerabilities_found_in_index", vulnerabilities),
Evidence("expected_vulnerabilities", expected_vulnerabilities),
],
)

logging.critical("Validating unexpected vulnerabilities")
test_result.validate_check(
"no_unexpected_vulnerabilities_found_in_index",
[
Evidence("unexpected_vulnerabilities", vulnerabilities_unexpected),
Evidence("vulnerabilities_found_in_index", vulnerabilities),
Evidence("expected_vulnerabilities", expected_vulnerabilities),
],
)

errors_environment = check_errors_in_environment(
host_manager,
expected_errors=VULNERABILITY_DETECTION_E2E_EXPECTED_ERRORS,
greater_than_timestamp=test_timestamp, error_levels=TESTS_UNEXPECTED_ERRORS_LEVELS
)
test_result.validate_check("no_errors", [Evidence("error_level_messages", errors_environment)])

> assert test_result.get_test_result(), test_result.report()
E AssertionError:
E Test test_install_vulnerable_package_when_agent_down[install_package] failed
E
E Check no_errors succeeded
E Check operation_successfull_for_all_agents succeeded
E Check expected_vulnerabilities_found_in_index failed. Evidences (['missing_vulnerabilities']) can be found in the report.
E Check no_unexpected_vulnerabilities_found_in_index succeeded
E Check no_duplicated_vulnerabilities succeeded
E -----
E
E assert False
E + where False = <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf76349370>>()
E + where <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf76349370>> = <wazuh_testing.end_to_end.TestResult object at 0x7fbf76349370>.get_test_result

end_to_end/test_vulnerability_detector/test_vulnerability_detector.py:772: AssertionError
-------------------------------Captured log call--------------------------------
CRITICAL root:test_vulnerability_detector.py:714 Remote operation results: {'agent6': True, 'agent3': True, 'agent2': True, 'agent5': True, 'agent4': True, 'agent1': True} ERROR root:__init__.py:237 Marked check operation_successfull_for_all_agents result to True with evidences ['operation_results'] CRITICAL root:test_vulnerability_detector.py:734 Validating found vulnerabilities ERROR root:__init__.py:237 Marked check no_duplicated_vulnerabilities result to True with evidences ['duplicated_vulnerabilities', 'vulnerabilities'] CRITICAL root:check_validators.py:30 Vulnerability not found for agent2: Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64') CRITICAL root:check_validators.py:51 Vulnerabilities not found: {'agent2': [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64')]} CRITICAL root:check_validators.py:52 Vulnerabilities unexpected: {} CRITICAL root:test_vulnerability_detector.py:745 Validating found vulnerabilities CRITICAL root:check_validators.py:146 agent2 is not empty: [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64')] ERROR root:__init__.py:237 Marked check expected_vulnerabilities_found_in_index result to False with evidences ['missing_vulnerabilities', 'vulnerabilities_found_in_index', 'expected_vulnerabilities'] CRITICAL root:test_vulnerability_detector.py:755 Validating unexpected vulnerabilities ERROR root:__init__.py:237 Marked check no_unexpected_vulnerabilities_found_in_index result to True with evidences ['unexpected_vulnerabilities', 'vulnerabilities_found_in_index', 'expected_vulnerabilities'] ERROR root:__init__.py:237 Marked check no_errors result to True with evidences ['error_level_messages']
-----------------------------Captured log teardown------------------------------
ERROR root:conftest.py:152 Truncate managers and agents logs CRITICAL root:conftest.py:356 Running teardown for agent: ['agent1', 'agent3', 'agent4', 'agent5', 'agent6', 'agent2'] CRITICAL root:conftest.py:359 Teardown Results: {'agent6': True, 'agent4': True, 'agent1': True, 'agent5': True, 'agent3': True, 'agent2': True}

self = <test_vulnerability_detector.TestScanSyscollectorCases object at 0x7fbf763ab820>
permutate_agents_managers = None
request = <FixtureRequest for <Function test_change_agent_manager[install_package]>>
preconditions = None
body = {'operation': 'install_package', 'package': {'centos': {'amd64': 'grafana-8.5.5-1', 'arm64v8': 'grafana-8.5.5-1'}, 'ma...proxy-0.5.9'}, 'ubuntu': {'amd64': 'grafana-8.5.5', 'arm64v8': 'grafana-8.5.5'}, 'windows': {'amd64': 'node-v17.0.1'}}}
teardown = {'operation': 'remove_package', 'package': {'centos': {'amd64': 'grafana-8.5.5-1', 'arm64v8': 'grafana-8.5.5-1'}, 'mac...proxy-0.5.9'}, 'ubuntu': {'amd64': 'grafana-8.5.5', 'arm64v8': 'grafana-8.5.5'}, 'windows': {'amd64': 'node-v17.0.1'}}}
setup = []
host_manager = <wazuh_testing.tools.system.HostManager object at 0x7fbf763b4130>
record_property = <function record_property.<locals>.append_property at 0x7fbf75fa2940>
clean_environment_logs = None, delete_states_vulnerability_index = None
clean_environment_logs_function = None

@pytest.mark.parametrize("preconditions, body, teardown", test_cases_change_manager,
ids=list_ids_change_manager,)
def test_change_agent_manager(self, permutate_agents_managers, request, preconditions, body,
teardown, setup, host_manager, record_property, clean_environment_logs,
delete_states_vulnerability_index, clean_environment_logs_function):
# Is mandatory to launch this test along with the first scan test'
global AGENTS_SCANNED_FIRST_SCAN
if len(AGENTS_SCANNED_FIRST_SCAN) == 0:
pytest.skip("No agent was scanned in the first scan. Skipping test.")

target_to_ignore = list(
set(host_manager.get_group_hosts("agent")) - set(AGENTS_SCANNED_FIRST_SCAN)
)

utc_now_timestamp = datetime.datetime.now(datetime.timezone.utc)
test_timestamp = utc_now_timestamp.strftime("%Y-%m-%dT%H:%M:%S")

test_result = TestResult(request.node.name)
test_result.add_check(self.no_errors_check)
test_result.add_check(self.operation_successfull_for_all_agents_check)
test_result.add_check(self.expected_vulnerabilities_found_in_index_check)
test_result.add_check(self.no_unexpected_vulnerabilities_found_in_index_check)
test_result.add_check(self.expected_vulnerability_affected_alert_check)
test_result.add_check(self.expected_vulnerability_mitigated_alert_check)
test_result.add_check(self.no_duplicated_vulnerabilities_check)

record_property("test_result", test_result)

# Install Vulnerable package
operations_result = launch_parallel_operations(
body, host_manager, target_to_ignore
)

logging.critical(f"Remote operation results: {operations_result}")
test_result.validate_check(
"operation_successfull_for_all_agents",
[Evidence("operation_results", operations_result)],
)

# Wait for Syscollector and VD Scan
time.sleep(VD_E2E_TIMEOUT_SYSCOLLECTOR_SCAN + PACKAGE_VULNERABILITY_SCAN_TIME * len(AGENTS_SCANNED_FIRST_SCAN))

package_data = [body["package"]]
max_result_window(host_manager)

vulnerabilities = get_vulnerabilities_index(host_manager, AGENTS_SCANNED_FIRST_SCAN, package_data,
size=INDEXER_RESULT_WINDOWS_VULN_E2E)
expected_vulnerabilities = get_expected_index(host_manager, AGENTS_SCANNED_FIRST_SCAN, body["operation"],
body["package"])

result = compare_expected_found_vulnerabilities(vulnerabilities, expected_vulnerabilities)

vulnerabilities_not_found = result["vulnerabilities_not_found"]
vulnerabilities_unexpected = result["vulnerabilities_unexpected"]
duplicated_vulnerabilities = get_duplicated_vulnerabilities(vulnerabilities)

logging.critical("Validating found vulnerabilities")
test_result.validate_check('no_duplicated_vulnerabilities',
[Evidence('duplicated_vulnerabilities', duplicated_vulnerabilities),
Evidence('vulnerabilities', vulnerabilities)
])

test_result.validate_check(
"expected_vulnerabilities_found_in_index",
[
Evidence("missing_vulnerabilities", vulnerabilities_not_found),
Evidence("vulnerabilities_found_in_index", vulnerabilities),
Evidence("expected_vulnerabilities", expected_vulnerabilities),
],
)

logging.critical("Validating unexpected vulnerabilities")
test_result.validate_check(
"no_unexpected_vulnerabilities_found_in_index",
[
Evidence("unexpected_vulnerabilities", vulnerabilities_unexpected),
Evidence("vulnerabilities_found_in_index", vulnerabilities),
Evidence("expected_vulnerabilities", expected_vulnerabilities),
],
)

alerts = get_vulnerability_alerts(
host_manager, AGENTS_SCANNED_FIRST_SCAN, package_data, test_timestamp
)
expected_alerts = get_expected_alerts(
host_manager, AGENTS_SCANNED_FIRST_SCAN, body["operation"], body["package"]
)

result_alert = compare_expected_found_vulnerabilities_alerts(
alerts, expected_alerts
)

logging.critical("Validating found alerts")
test_result.validate_check(
"expected_vulnerability_affected_alert",
[
Evidence(
"missing_affected_alerts",
result_alert["vulnerabilities_affected_not_found"],
),
Evidence("alerts_found_in_index", alerts),
Evidence("expected_alerts", expected_alerts),
],
)

logging.critical("Validating unexpected alerts")
test_result.validate_check(
"expected_vulnerability_mitigated_alert",
[
Evidence(
"missing_mitigated_alerts",
result_alert["vulnerabilities_mitigated_not_found"],
),
Evidence("alerts_found_in_index", alerts),
Evidence("expected_alerts", expected_alerts),
],
)

errors_environment = check_errors_in_environment(
host_manager,
expected_errors=VULNERABILITY_DETECTION_E2E_EXPECTED_ERRORS,
greater_than_timestamp=test_timestamp, error_levels=TESTS_UNEXPECTED_ERRORS_LEVELS
)

test_result.validate_check("no_errors", [Evidence("error_level_messages", errors_environment)])

> assert test_result.get_test_result(), test_result.report()
E AssertionError:
E Test test_change_agent_manager[install_package] failed
E
E Check no_errors succeeded
E Check operation_successfull_for_all_agents succeeded
E Check expected_vulnerabilities_found_in_index failed. Evidences (['missing_vulnerabilities']) can be found in the report.
E Check no_unexpected_vulnerabilities_found_in_index succeeded
E Check expected_vulnerability_affected_alert failed. Evidences (['missing_affected_alerts']) can be found in the report.
E Check expected_vulnerability_mitigated_alert succeeded
E Check no_duplicated_vulnerabilities succeeded
E -----
E
E assert False
E + where False = <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf481a8160>>()
E + where <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf481a8160>> = <wazuh_testing.end_to_end.TestResult object at 0x7fbf481a8160>.get_test_result

end_to_end/test_vulnerability_detector/test_vulnerability_detector.py:900: AssertionError
-------------------------------Captured log setup-------------------------------
ERROR root:test_vulnerability_detector.py:643 Changing manager for agent agent1 to manager2 (172.31.0.100) ERROR root:test_vulnerability_detector.py:643 Changing manager for agent agent3 to manager2 (172.31.0.100) ERROR root:test_vulnerability_detector.py:643 Changing manager for agent agent4 to manager2 (172.31.0.100) ERROR root:test_vulnerability_detector.py:643 Changing manager for agent agent5 to manager1 (172.31.1.238) ERROR root:test_vulnerability_detector.py:643 Changing manager for agent agent6 to manager2 (18.209.228.221) ERROR root:test_vulnerability_detector.py:643 Changing manager for agent agent2 to manager1 (172.31.1.238) ERROR root:test_vulnerability_detector.py:649 Restarting agents
-------------------------------Captured log call--------------------------------
CRITICAL root:test_vulnerability_detector.py:807 Remote operation results: {'agent6': True, 'agent4': True, 'agent5': True, 'agent3': True, 'agent2': True, 'agent1': True} ERROR root:__init__.py:237 Marked check operation_successfull_for_all_agents result to True with evidences ['operation_results'] CRITICAL root:check_validators.py:30 Vulnerability not found for agent2: Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64') CRITICAL root:check_validators.py:51 Vulnerabilities not found: {'agent2': [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64')]} CRITICAL root:check_validators.py:52 Vulnerabilities unexpected: {} CRITICAL root:test_vulnerability_detector.py:830 Validating found vulnerabilities ERROR root:__init__.py:237 Marked check no_duplicated_vulnerabilities result to True with evidences ['duplicated_vulnerabilities', 'vulnerabilities'] CRITICAL root:check_validators.py:146 agent2 is not empty: [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64')] ERROR root:__init__.py:237 Marked check expected_vulnerabilities_found_in_index result to False with evidences ['missing_vulnerabilities', 'vulnerabilities_found_in_index', 'expected_vulnerabilities'] CRITICAL root:test_vulnerability_detector.py:845 Validating unexpected vulnerabilities ERROR root:__init__.py:237 Marked check no_unexpected_vulnerabilities_found_in_index result to True with evidences ['unexpected_vulnerabilities', 'vulnerabilities_found_in_index', 'expected_vulnerabilities'] CRITICAL root:check_validators.py:124 Vulnerabilities affected not found: {'agent2': [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64')]} CRITICAL root:check_validators.py:125 Vulnerabilities mitigated not found: {} CRITICAL root:test_vulnerability_detector.py:866 Validating found alerts CRITICAL root:check_validators.py:146 agent2 is not empty: [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64')] ERROR root:__init__.py:237 Marked check expected_vulnerability_affected_alert result to False with evidences ['missing_affected_alerts', 'alerts_found_in_index', 'expected_alerts'] CRITICAL root:test_vulnerability_detector.py:879 Validating unexpected alerts ERROR root:__init__.py:237 Marked check expected_vulnerability_mitigated_alert result to True with evidences ['missing_mitigated_alerts', 'alerts_found_in_index', 'expected_alerts'] ERROR root:__init__.py:237 Marked check no_errors result to True with evidences ['error_level_messages']
-----------------------------Captured log teardown------------------------------
ERROR root:conftest.py:152 Truncate managers and agents logs CRITICAL root:conftest.py:356 Running teardown for agent: ['agent1', 'agent3', 'agent4', 'agent5', 'agent6', 'agent2'] CRITICAL root:conftest.py:359 Teardown Results: {'agent6': True, 'agent4': True, 'agent1': True, 'agent5': True, 'agent3': True, 'agent2': True} ERROR root:test_vulnerability_detector.py:658 Restarting agents

self = <test_vulnerability_detector.TestScanSyscollectorCases object at 0x7fbf763ab0a0>
request = <FixtureRequest for <Function test_vulnerability_detector_scans_cases[install_package]>>
preconditions = None
body = {'operation': 'install_package', 'package': {'centos': {'amd64': 'grafana-8.5.5-1', 'arm64v8': 'grafana-8.5.5-1'}, 'ma...proxy-0.5.9'}, 'ubuntu': {'amd64': 'grafana-8.5.5', 'arm64v8': 'grafana-8.5.5'}, 'windows': {'amd64': 'node-v17.0.1'}}}
teardown = None, setup = []
host_manager = <wazuh_testing.tools.system.HostManager object at 0x7fbf763b4130>
record_property = <function record_property.<locals>.append_property at 0x7fbf65cd0550>
clean_environment_logs = None, delete_states_vulnerability_index = None
clean_environment_logs_function = None

@pytest.mark.parametrize("preconditions, body, teardown", complete_list, ids=list_ids)
def test_vulnerability_detector_scans_cases(self, request, preconditions, body, teardown, setup, host_manager,
record_property, clean_environment_logs,
delete_states_vulnerability_index,
clean_environment_logs_function):
# Is mandatory to launch this test along with the first scan test'
global AGENTS_SCANNED_FIRST_SCAN
if len(AGENTS_SCANNED_FIRST_SCAN) == 0:
pytest.skip("No agent was scanned in the first scan. Skipping test.")

target_to_ignore = list(
set(host_manager.get_group_hosts("agent")) - set(AGENTS_SCANNED_FIRST_SCAN)
)

utc_now_timestamp = datetime.datetime.now(datetime.timezone.utc)
test_timestamp = utc_now_timestamp.strftime("%Y-%m-%dT%H:%M:%S")

test_result = TestResult(request.node.name)
test_result.add_check(self.no_errors_check)
test_result.add_check(self.operation_successfull_for_all_agents_check)
test_result.add_check(self.expected_vulnerabilities_found_in_index_check)
test_result.add_check(self.no_unexpected_vulnerabilities_found_in_index_check)
test_result.add_check(self.expected_vulnerability_affected_alert_check)
test_result.add_check(self.expected_vulnerability_mitigated_alert_check)
test_result.add_check(self.setup_successfull_for_all_agents_check)
test_result.add_check(self.no_duplicated_vulnerabilities_check)

record_property("test_result", test_result)

agents_failed_setup = setup
test_result.validate_check("setup_operation_results", [Evidence("setup_failed_agents", agents_failed_setup)])

# Install Vulnerable package
operations_result = launch_parallel_operations(
body, host_manager, target_to_ignore
)

logging.critical(f"Remote operation results: {operations_result}")
test_result.validate_check(
"operation_successfull_for_all_agents",
[Evidence("operation_results", operations_result)],
)
# Wait for syscollector and VD scan
time.sleep(VD_E2E_TIMEOUT_SYSCOLLECTOR_SCAN + PACKAGE_VULNERABILITY_SCAN_TIME * len(AGENTS_SCANNED_FIRST_SCAN))

if "to" in body["package"]:
package_data = [body["package"]["to"], body["package"]["from"]]
else:
package_data = [body["package"]]
max_result_window(host_manager)

vulnerabilities = get_vulnerabilities_index(host_manager, AGENTS_SCANNED_FIRST_SCAN, package_data,
size=INDEXER_RESULT_WINDOWS_VULN_E2E)
expected_vulnerabilities = get_expected_index(host_manager, AGENTS_SCANNED_FIRST_SCAN,
body["operation"], body["package"])
duplicated_vulnerabilities = get_duplicated_vulnerabilities(vulnerabilities)

result = compare_expected_found_vulnerabilities(vulnerabilities, expected_vulnerabilities)
vulnerabilities_not_found = result["vulnerabilities_not_found"]
vulnerabilities_unexpected = result["vulnerabilities_unexpected"]

test_result.validate_check('no_duplicated_vulnerabilities',
[Evidence('duplicated_vulnerabilities', duplicated_vulnerabilities),
Evidence('vulnerabilities', vulnerabilities)
])

logging.critical("Validating found vulnerabilities")
test_result.validate_check(
"expected_vulnerabilities_found_in_index",
[
Evidence("missing_vulnerabilities", vulnerabilities_not_found),
Evidence("vulnerabilities_found_in_index", vulnerabilities),
Evidence("expected_vulnerabilities", expected_vulnerabilities),
],
)

logging.critical("Validating unexpected vulnerabilities")
test_result.validate_check(
"no_unexpected_vulnerabilities_found_in_index",
[
Evidence("unexpected_vulnerabilities", vulnerabilities_unexpected),
Evidence("vulnerabilities_found_in_index", vulnerabilities),
Evidence("expected_vulnerabilities", expected_vulnerabilities),
],
)

alerts = get_vulnerability_alerts(host_manager, AGENTS_SCANNED_FIRST_SCAN, package_data, test_timestamp)
expected_alerts = get_expected_alerts(
host_manager, AGENTS_SCANNED_FIRST_SCAN, body["operation"], body["package"]
)

result_alert = compare_expected_found_vulnerabilities_alerts(
alerts, expected_alerts
)

logging.critical("Validating found alerts")
test_result.validate_check(
"expected_vulnerability_affected_alert",
[
Evidence(
"missing_affected_alerts",
result_alert["vulnerabilities_affected_not_found"],
),
Evidence("alerts_found_in_index", alerts),
Evidence("expected_alerts", expected_alerts),
],
)

logging.critical("Validating unexpected alerts")
test_result.validate_check(
"expected_vulnerability_mitigated_alert",
[
Evidence(
"missing_mitigated_alerts",
result_alert["vulnerabilities_mitigated_not_found"],
),
Evidence("alerts_found_in_index", alerts),
Evidence("expected_alerts", expected_alerts),
],
)

errors_environment = check_errors_in_environment(
host_manager,
expected_errors=VULNERABILITY_DETECTION_E2E_EXPECTED_ERRORS,
greater_than_timestamp=test_timestamp, error_levels=TESTS_UNEXPECTED_ERRORS_LEVELS
)

test_result.validate_check("no_errors", [Evidence("error_level_messages", errors_environment)])

> assert test_result.get_test_result(), test_result.report()
E AssertionError:
E Test test_vulnerability_detector_scans_cases[install_package] failed
E
E Check no_errors succeeded
E Check operation_successfull_for_all_agents succeeded
E Check expected_vulnerabilities_found_in_index failed. Evidences (['missing_vulnerabilities']) can be found in the report.
E Check no_unexpected_vulnerabilities_found_in_index succeeded
E Check expected_vulnerability_affected_alert failed. Evidences (['missing_affected_alerts']) can be found in the report.
E Check expected_vulnerability_mitigated_alert succeeded
E Check setup_operation_results succeeded
E Check no_duplicated_vulnerabilities succeeded
E -----
E
E assert False
E + where False = <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf76a197c0>>()
E + where <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf76a197c0>> = <wazuh_testing.end_to_end.TestResult object at 0x7fbf76a197c0>.get_test_result

end_to_end/test_vulnerability_detector/test_vulnerability_detector.py:1031: AssertionError
-------------------------------Captured log call--------------------------------
ERROR root:__init__.py:237 Marked check setup_operation_results result to True with evidences ['setup_failed_agents'] CRITICAL root:test_vulnerability_detector.py:939 Remote operation results: {'agent6': True, 'agent5': True, 'agent4': True, 'agent1': True, 'agent3': True, 'agent2': True} ERROR root:__init__.py:237 Marked check operation_successfull_for_all_agents result to True with evidences ['operation_results'] CRITICAL root:check_validators.py:30 Vulnerability not found for agent2: Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64') CRITICAL root:check_validators.py:51 Vulnerabilities not found: {'agent2': [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64')]} CRITICAL root:check_validators.py:52 Vulnerabilities unexpected: {} ERROR root:__init__.py:237 Marked check no_duplicated_vulnerabilities result to True with evidences ['duplicated_vulnerabilities', 'vulnerabilities'] CRITICAL root:test_vulnerability_detector.py:968 Validating found vulnerabilities CRITICAL root:check_validators.py:146 agent2 is not empty: [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64')] ERROR root:__init__.py:237 Marked check expected_vulnerabilities_found_in_index result to False with evidences ['missing_vulnerabilities', 'vulnerabilities_found_in_index', 'expected_vulnerabilities'] CRITICAL root:test_vulnerability_detector.py:978 Validating unexpected vulnerabilities ERROR root:__init__.py:237 Marked check no_unexpected_vulnerabilities_found_in_index result to True with evidences ['unexpected_vulnerabilities', 'vulnerabilities_found_in_index', 'expected_vulnerabilities'] CRITICAL root:check_validators.py:124 Vulnerabilities affected not found: {'agent2': [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64')]} CRITICAL root:check_validators.py:125 Vulnerabilities mitigated not found: {} CRITICAL root:test_vulnerability_detector.py:997 Validating found alerts CRITICAL root:check_validators.py:146 agent2 is not empty: [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64')] ERROR root:__init__.py:237 Marked check expected_vulnerability_affected_alert result to False with evidences ['missing_affected_alerts', 'alerts_found_in_index', 'expected_alerts'] CRITICAL root:test_vulnerability_detector.py:1010 Validating unexpected alerts ERROR root:__init__.py:237 Marked check expected_vulnerability_mitigated_alert result to True with evidences ['missing_mitigated_alerts', 'alerts_found_in_index', 'expected_alerts'] ERROR root:__init__.py:237 Marked check no_errors result to True with evidences ['error_level_messages']
-----------------------------Captured log teardown------------------------------
ERROR root:conftest.py:152 Truncate managers and agents logs

self = <test_vulnerability_detector.TestScanSyscollectorCases object at 0x7fbf763abb20>
request = <FixtureRequest for <Function test_vulnerability_detector_scans_cases[remove_package]>>
preconditions = None
body = {'operation': 'remove_package', 'package': {'centos': {'amd64': 'grafana-8.5.5-1', 'arm64v8': 'grafana-8.5.5-1'}, 'mac...proxy-0.5.9'}, 'ubuntu': {'amd64': 'grafana-8.5.5', 'arm64v8': 'grafana-8.5.5'}, 'windows': {'amd64': 'node-v17.0.1'}}}
teardown = None, setup = []
host_manager = <wazuh_testing.tools.system.HostManager object at 0x7fbf763b4130>
record_property = <function record_property.<locals>.append_property at 0x7fbf75fb0ee0>
clean_environment_logs = None, delete_states_vulnerability_index = None
clean_environment_logs_function = None

@pytest.mark.parametrize("preconditions, body, teardown", complete_list, ids=list_ids)
def test_vulnerability_detector_scans_cases(self, request, preconditions, body, teardown, setup, host_manager,
record_property, clean_environment_logs,
delete_states_vulnerability_index,
clean_environment_logs_function):
# Is mandatory to launch this test along with the first scan test'
global AGENTS_SCANNED_FIRST_SCAN
if len(AGENTS_SCANNED_FIRST_SCAN) == 0:
pytest.skip("No agent was scanned in the first scan. Skipping test.")

target_to_ignore = list(
set(host_manager.get_group_hosts("agent")) - set(AGENTS_SCANNED_FIRST_SCAN)
)

utc_now_timestamp = datetime.datetime.now(datetime.timezone.utc)
test_timestamp = utc_now_timestamp.strftime("%Y-%m-%dT%H:%M:%S")

test_result = TestResult(request.node.name)
test_result.add_check(self.no_errors_check)
test_result.add_check(self.operation_successfull_for_all_agents_check)
test_result.add_check(self.expected_vulnerabilities_found_in_index_check)
test_result.add_check(self.no_unexpected_vulnerabilities_found_in_index_check)
test_result.add_check(self.expected_vulnerability_affected_alert_check)
test_result.add_check(self.expected_vulnerability_mitigated_alert_check)
test_result.add_check(self.setup_successfull_for_all_agents_check)
test_result.add_check(self.no_duplicated_vulnerabilities_check)

record_property("test_result", test_result)

agents_failed_setup = setup
test_result.validate_check("setup_operation_results", [Evidence("setup_failed_agents", agents_failed_setup)])

# Install Vulnerable package
operations_result = launch_parallel_operations(
body, host_manager, target_to_ignore
)

logging.critical(f"Remote operation results: {operations_result}")
test_result.validate_check(
"operation_successfull_for_all_agents",
[Evidence("operation_results", operations_result)],
)
# Wait for syscollector and VD scan
time.sleep(VD_E2E_TIMEOUT_SYSCOLLECTOR_SCAN + PACKAGE_VULNERABILITY_SCAN_TIME * len(AGENTS_SCANNED_FIRST_SCAN))

if "to" in body["package"]:
package_data = [body["package"]["to"], body["package"]["from"]]
else:
package_data = [body["package"]]
max_result_window(host_manager)

vulnerabilities = get_vulnerabilities_index(host_manager, AGENTS_SCANNED_FIRST_SCAN, package_data,
size=INDEXER_RESULT_WINDOWS_VULN_E2E)
expected_vulnerabilities = get_expected_index(host_manager, AGENTS_SCANNED_FIRST_SCAN,
body["operation"], body["package"])
duplicated_vulnerabilities = get_duplicated_vulnerabilities(vulnerabilities)

result = compare_expected_found_vulnerabilities(vulnerabilities, expected_vulnerabilities)
vulnerabilities_not_found = result["vulnerabilities_not_found"]
vulnerabilities_unexpected = result["vulnerabilities_unexpected"]

test_result.validate_check('no_duplicated_vulnerabilities',
[Evidence('duplicated_vulnerabilities', duplicated_vulnerabilities),
Evidence('vulnerabilities', vulnerabilities)
])

logging.critical("Validating found vulnerabilities")
test_result.validate_check(
"expected_vulnerabilities_found_in_index",
[
Evidence("missing_vulnerabilities", vulnerabilities_not_found),
Evidence("vulnerabilities_found_in_index", vulnerabilities),
Evidence("expected_vulnerabilities", expected_vulnerabilities),
],
)

logging.critical("Validating unexpected vulnerabilities")
test_result.validate_check(
"no_unexpected_vulnerabilities_found_in_index",
[
Evidence("unexpected_vulnerabilities", vulnerabilities_unexpected),
Evidence("vulnerabilities_found_in_index", vulnerabilities),
Evidence("expected_vulnerabilities", expected_vulnerabilities),
],
)

alerts = get_vulnerability_alerts(host_manager, AGENTS_SCANNED_FIRST_SCAN, package_data, test_timestamp)
expected_alerts = get_expected_alerts(
host_manager, AGENTS_SCANNED_FIRST_SCAN, body["operation"], body["package"]
)

result_alert = compare_expected_found_vulnerabilities_alerts(
alerts, expected_alerts
)

logging.critical("Validating found alerts")
test_result.validate_check(
"expected_vulnerability_affected_alert",
[
Evidence(
"missing_affected_alerts",
result_alert["vulnerabilities_affected_not_found"],
),
Evidence("alerts_found_in_index", alerts),
Evidence("expected_alerts", expected_alerts),
],
)

logging.critical("Validating unexpected alerts")
test_result.validate_check(
"expected_vulnerability_mitigated_alert",
[
Evidence(
"missing_mitigated_alerts",
result_alert["vulnerabilities_mitigated_not_found"],
),
Evidence("alerts_found_in_index", alerts),
Evidence("expected_alerts", expected_alerts),
],
)

errors_environment = check_errors_in_environment(
host_manager,
expected_errors=VULNERABILITY_DETECTION_E2E_EXPECTED_ERRORS,
greater_than_timestamp=test_timestamp, error_levels=TESTS_UNEXPECTED_ERRORS_LEVELS
)

test_result.validate_check("no_errors", [Evidence("error_level_messages", errors_environment)])

> assert test_result.get_test_result(), test_result.report()
E AssertionError:
E Test test_vulnerability_detector_scans_cases[remove_package] failed
E
E Check no_errors succeeded
E Check operation_successfull_for_all_agents succeeded
E Check expected_vulnerabilities_found_in_index succeeded
E Check no_unexpected_vulnerabilities_found_in_index succeeded
E Check expected_vulnerability_affected_alert succeeded
E Check expected_vulnerability_mitigated_alert failed. Evidences (['missing_mitigated_alerts']) can be found in the report.
E Check setup_operation_results succeeded
E Check no_duplicated_vulnerabilities succeeded
E -----
E
E assert False
E + where False = <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf76626640>>()
E + where <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf76626640>> = <wazuh_testing.end_to_end.TestResult object at 0x7fbf76626640>.get_test_result

end_to_end/test_vulnerability_detector/test_vulnerability_detector.py:1031: AssertionError
-------------------------------Captured log call--------------------------------
ERROR root:__init__.py:237 Marked check setup_operation_results result to True with evidences ['setup_failed_agents'] CRITICAL root:test_vulnerability_detector.py:939 Remote operation results: {'agent6': True, 'agent4': True, 'agent1': True, 'agent3': True, 'agent2': True, 'agent5': True} ERROR root:__init__.py:237 Marked check operation_successfull_for_all_agents result to True with evidences ['operation_results'] ERROR root:__init__.py:237 Marked check no_duplicated_vulnerabilities result to True with evidences ['duplicated_vulnerabilities', 'vulnerabilities'] CRITICAL root:test_vulnerability_detector.py:968 Validating found vulnerabilities ERROR root:__init__.py:237 Marked check expected_vulnerabilities_found_in_index result to True with evidences ['missing_vulnerabilities', 'vulnerabilities_found_in_index', 'expected_vulnerabilities'] CRITICAL root:test_vulnerability_detector.py:978 Validating unexpected vulnerabilities ERROR root:__init__.py:237 Marked check no_unexpected_vulnerabilities_found_in_index result to True with evidences ['unexpected_vulnerabilities', 'vulnerabilities_found_in_index', 'expected_vulnerabilities'] CRITICAL root:check_validators.py:124 Vulnerabilities affected not found: {} CRITICAL root:check_validators.py:125 Vulnerabilities mitigated not found: {'agent2': [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64')]} CRITICAL root:test_vulnerability_detector.py:997 Validating found alerts ERROR root:__init__.py:237 Marked check expected_vulnerability_affected_alert result to True with evidences ['missing_affected_alerts', 'alerts_found_in_index', 'expected_alerts'] CRITICAL root:test_vulnerability_detector.py:1010 Validating unexpected alerts CRITICAL root:check_validators.py:146 agent2 is not empty: [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64')] ERROR root:__init__.py:237 Marked check expected_vulnerability_mitigated_alert result to False with evidences ['missing_mitigated_alerts', 'alerts_found_in_index', 'expected_alerts'] ERROR root:__init__.py:237 Marked check no_errors result to True with evidences ['error_level_messages']
-----------------------------Captured log teardown------------------------------
ERROR root:conftest.py:152 Truncate managers and agents logs

self = <test_vulnerability_detector.TestScanSyscollectorCases object at 0x7fbf763ab730>
request = <FixtureRequest for <Function test_vulnerability_detector_scans_cases[upgrade_package_maintain_vulnerability]>>
preconditions = {'operation': 'install_package', 'package': {'centos': {'amd64': 'grafana-8.5.5-1', 'arm64v8': 'grafana-8.5.5-1'}, 'ma...m64v8': 'grafana-8.5.5'}, 'windows': {'amd64': 'node-v17.0.1'}}, 'target_os': ['centos', 'ubuntu', 'windows', 'macos']}
body = {'operation': 'update_package', 'package': {'from': {'centos': {'amd64': 'grafana-8.5.5-1', 'arm64v8': 'grafana-8.5.5-...oxy-0.5.10'}, 'ubuntu': {'amd64': 'grafana-8.5.6', 'arm64v8': 'grafana-8.5.6'}, 'windows': {'amd64': 'node-v17.1.0'}}}}
teardown = None, setup = ['agent2']
host_manager = <wazuh_testing.tools.system.HostManager object at 0x7fbf763b4130>
record_property = <function record_property.<locals>.append_property at 0x7fbf75fa25e0>
clean_environment_logs = None, delete_states_vulnerability_index = None
clean_environment_logs_function = None

@pytest.mark.parametrize("preconditions, body, teardown", complete_list, ids=list_ids)
def test_vulnerability_detector_scans_cases(self, request, preconditions, body, teardown, setup, host_manager,
record_property, clean_environment_logs,
delete_states_vulnerability_index,
clean_environment_logs_function):
# Is mandatory to launch this test along with the first scan test'
global AGENTS_SCANNED_FIRST_SCAN
if len(AGENTS_SCANNED_FIRST_SCAN) == 0:
pytest.skip("No agent was scanned in the first scan. Skipping test.")

target_to_ignore = list(
set(host_manager.get_group_hosts("agent")) - set(AGENTS_SCANNED_FIRST_SCAN)
)

utc_now_timestamp = datetime.datetime.now(datetime.timezone.utc)
test_timestamp = utc_now_timestamp.strftime("%Y-%m-%dT%H:%M:%S")

test_result = TestResult(request.node.name)
test_result.add_check(self.no_errors_check)
test_result.add_check(self.operation_successfull_for_all_agents_check)
test_result.add_check(self.expected_vulnerabilities_found_in_index_check)
test_result.add_check(self.no_unexpected_vulnerabilities_found_in_index_check)
test_result.add_check(self.expected_vulnerability_affected_alert_check)
test_result.add_check(self.expected_vulnerability_mitigated_alert_check)
test_result.add_check(self.setup_successfull_for_all_agents_check)
test_result.add_check(self.no_duplicated_vulnerabilities_check)

record_property("test_result", test_result)

agents_failed_setup = setup
test_result.validate_check("setup_operation_results", [Evidence("setup_failed_agents", agents_failed_setup)])

# Install Vulnerable package
operations_result = launch_parallel_operations(
body, host_manager, target_to_ignore
)

logging.critical(f"Remote operation results: {operations_result}")
test_result.validate_check(
"operation_successfull_for_all_agents",
[Evidence("operation_results", operations_result)],
)
# Wait for syscollector and VD scan
time.sleep(VD_E2E_TIMEOUT_SYSCOLLECTOR_SCAN + PACKAGE_VULNERABILITY_SCAN_TIME * len(AGENTS_SCANNED_FIRST_SCAN))

if "to" in body["package"]:
package_data = [body["package"]["to"], body["package"]["from"]]
else:
package_data = [body["package"]]
max_result_window(host_manager)

vulnerabilities = get_vulnerabilities_index(host_manager, AGENTS_SCANNED_FIRST_SCAN, package_data,
size=INDEXER_RESULT_WINDOWS_VULN_E2E)
expected_vulnerabilities = get_expected_index(host_manager, AGENTS_SCANNED_FIRST_SCAN,
body["operation"], body["package"])
duplicated_vulnerabilities = get_duplicated_vulnerabilities(vulnerabilities)

result = compare_expected_found_vulnerabilities(vulnerabilities, expected_vulnerabilities)
vulnerabilities_not_found = result["vulnerabilities_not_found"]
vulnerabilities_unexpected = result["vulnerabilities_unexpected"]

test_result.validate_check('no_duplicated_vulnerabilities',
[Evidence('duplicated_vulnerabilities', duplicated_vulnerabilities),
Evidence('vulnerabilities', vulnerabilities)
])

logging.critical("Validating found vulnerabilities")
test_result.validate_check(
"expected_vulnerabilities_found_in_index",
[
Evidence("missing_vulnerabilities", vulnerabilities_not_found),
Evidence("vulnerabilities_found_in_index", vulnerabilities),
Evidence("expected_vulnerabilities", expected_vulnerabilities),
],
)

logging.critical("Validating unexpected vulnerabilities")
test_result.validate_check(
"no_unexpected_vulnerabilities_found_in_index",
[
Evidence("unexpected_vulnerabilities", vulnerabilities_unexpected),
Evidence("vulnerabilities_found_in_index", vulnerabilities),
Evidence("expected_vulnerabilities", expected_vulnerabilities),
],
)

alerts = get_vulnerability_alerts(host_manager, AGENTS_SCANNED_FIRST_SCAN, package_data, test_timestamp)
expected_alerts = get_expected_alerts(
host_manager, AGENTS_SCANNED_FIRST_SCAN, body["operation"], body["package"]
)

result_alert = compare_expected_found_vulnerabilities_alerts(
alerts, expected_alerts
)

logging.critical("Validating found alerts")
test_result.validate_check(
"expected_vulnerability_affected_alert",
[
Evidence(
"missing_affected_alerts",
result_alert["vulnerabilities_affected_not_found"],
),
Evidence("alerts_found_in_index", alerts),
Evidence("expected_alerts", expected_alerts),
],
)

logging.critical("Validating unexpected alerts")
test_result.validate_check(
"expected_vulnerability_mitigated_alert",
[
Evidence(
"missing_mitigated_alerts",
result_alert["vulnerabilities_mitigated_not_found"],
),
Evidence("alerts_found_in_index", alerts),
Evidence("expected_alerts", expected_alerts),
],
)

errors_environment = check_errors_in_environment(
host_manager,
expected_errors=VULNERABILITY_DETECTION_E2E_EXPECTED_ERRORS,
greater_than_timestamp=test_timestamp, error_levels=TESTS_UNEXPECTED_ERRORS_LEVELS
)

test_result.validate_check("no_errors", [Evidence("error_level_messages", errors_environment)])

> assert test_result.get_test_result(), test_result.report()
E AssertionError:
E Test test_vulnerability_detector_scans_cases[upgrade_package_maintain_vulnerability] failed
E
E Check no_errors succeeded
E Check operation_successfull_for_all_agents succeeded
E Check expected_vulnerabilities_found_in_index failed. Evidences (['missing_vulnerabilities']) can be found in the report.
E Check no_unexpected_vulnerabilities_found_in_index succeeded
E Check expected_vulnerability_affected_alert failed. Evidences (['missing_affected_alerts']) can be found in the report.
E Check expected_vulnerability_mitigated_alert failed. Evidences (['missing_mitigated_alerts']) can be found in the report.
E Check setup_operation_results failed. Evidences (['setup_failed_agents']) can be found in the report.
E Check no_duplicated_vulnerabilities succeeded
E -----
E
E assert False
E + where False = <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf76462910>>()
E + where <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf76462910>> = <wazuh_testing.end_to_end.TestResult object at 0x7fbf76462910>.get_test_result

end_to_end/test_vulnerability_detector/test_vulnerability_detector.py:1031: AssertionError
-------------------------------Captured log setup-------------------------------
CRITICAL root:conftest.py:312 Preconditions finished. Results: {'agent6': True, 'agent5': True, 'agent4': True, 'agent3': True, 'agent1': True, 'agent2': True} CRITICAL root:check_validators.py:124 Vulnerabilities affected not found: {'agent2': [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64')]} CRITICAL root:check_validators.py:125 Vulnerabilities mitigated not found: {} CRITICAL root:check_validators.py:30 Vulnerability not found for agent2: Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64') CRITICAL root:check_validators.py:51 Vulnerabilities not found: {'agent2': [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64')]} CRITICAL root:check_validators.py:52 Vulnerabilities unexpected: {}
-------------------------------Captured log call--------------------------------
ERROR root:__init__.py:237 Marked check setup_operation_results result to False with evidences ['setup_failed_agents'] CRITICAL root:test_vulnerability_detector.py:939 Remote operation results: {'agent6': True, 'agent4': True, 'agent3': True, 'agent5': True, 'agent1': True, 'agent2': True} ERROR root:__init__.py:237 Marked check operation_successfull_for_all_agents result to True with evidences ['operation_results'] CRITICAL root:check_validators.py:30 Vulnerability not found for agent2: Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.1.0', architecture='x86_64') CRITICAL root:check_validators.py:51 Vulnerabilities not found: {'agent2': [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.1.0', architecture='x86_64')]} CRITICAL root:check_validators.py:52 Vulnerabilities unexpected: {} ERROR root:__init__.py:237 Marked check no_duplicated_vulnerabilities result to True with evidences ['duplicated_vulnerabilities', 'vulnerabilities'] CRITICAL root:test_vulnerability_detector.py:968 Validating found vulnerabilities CRITICAL root:check_validators.py:146 agent2 is not empty: [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.1.0', architecture='x86_64')] ERROR root:__init__.py:237 Marked check expected_vulnerabilities_found_in_index result to False with evidences ['missing_vulnerabilities', 'vulnerabilities_found_in_index', 'expected_vulnerabilities'] CRITICAL root:test_vulnerability_detector.py:978 Validating unexpected vulnerabilities ERROR root:__init__.py:237 Marked check no_unexpected_vulnerabilities_found_in_index result to True with evidences ['unexpected_vulnerabilities', 'vulnerabilities_found_in_index', 'expected_vulnerabilities'] CRITICAL root:check_validators.py:124 Vulnerabilities affected not found: {'agent2': [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.1.0', architecture='x86_64')]} CRITICAL root:check_validators.py:125 Vulnerabilities mitigated not found: {'agent2': [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64')]} CRITICAL root:test_vulnerability_detector.py:997 Validating found alerts CRITICAL root:check_validators.py:146 agent2 is not empty: [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.1.0', architecture='x86_64')] ERROR root:__init__.py:237 Marked check expected_vulnerability_affected_alert result to False with evidences ['missing_affected_alerts', 'alerts_found_in_index', 'expected_alerts'] CRITICAL root:test_vulnerability_detector.py:1010 Validating unexpected alerts CRITICAL root:check_validators.py:146 agent2 is not empty: [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.0.1', architecture='x86_64')] ERROR root:__init__.py:237 Marked check expected_vulnerability_mitigated_alert result to False with evidences ['missing_mitigated_alerts', 'alerts_found_in_index', 'expected_alerts'] ERROR root:__init__.py:237 Marked check no_errors result to True with evidences ['error_level_messages']
-----------------------------Captured log teardown------------------------------
ERROR root:conftest.py:152 Truncate managers and agents logs

self = <test_vulnerability_detector.TestScanSyscollectorCases object at 0x7fbf763b4a60>
request = <FixtureRequest for <Function test_vulnerability_detector_scans_cases[upgrade_package_add_vulnerability]>>
preconditions = {'operation': 'install_package', 'package': {'macos': {'amd64': 'axios-0.6.0', 'arm64v8': 'axios-0.6.0'}}, 'target_os': ['macos']}
body = {'operation': 'update_package', 'package': {'from': {'centos': {'amd64': 'grafana-8.5.6-1', 'arm64v8': 'grafana-8.5.6-...ios-0.10.0'}, 'ubuntu': {'amd64': 'grafana-9.1.1', 'arm64v8': 'grafana-9.1.1'}, 'windows': {'amd64': 'node-v18.0.0'}}}}
teardown = None, setup = []
host_manager = <wazuh_testing.tools.system.HostManager object at 0x7fbf763b4130>
record_property = <function record_property.<locals>.append_property at 0x7fbf645cdca0>
clean_environment_logs = None, delete_states_vulnerability_index = None
clean_environment_logs_function = None

@pytest.mark.parametrize("preconditions, body, teardown", complete_list, ids=list_ids)
def test_vulnerability_detector_scans_cases(self, request, preconditions, body, teardown, setup, host_manager,
record_property, clean_environment_logs,
delete_states_vulnerability_index,
clean_environment_logs_function):
# Is mandatory to launch this test along with the first scan test'
global AGENTS_SCANNED_FIRST_SCAN
if len(AGENTS_SCANNED_FIRST_SCAN) == 0:
pytest.skip("No agent was scanned in the first scan. Skipping test.")

target_to_ignore = list(
set(host_manager.get_group_hosts("agent")) - set(AGENTS_SCANNED_FIRST_SCAN)
)

utc_now_timestamp = datetime.datetime.now(datetime.timezone.utc)
test_timestamp = utc_now_timestamp.strftime("%Y-%m-%dT%H:%M:%S")

test_result = TestResult(request.node.name)
test_result.add_check(self.no_errors_check)
test_result.add_check(self.operation_successfull_for_all_agents_check)
test_result.add_check(self.expected_vulnerabilities_found_in_index_check)
test_result.add_check(self.no_unexpected_vulnerabilities_found_in_index_check)
test_result.add_check(self.expected_vulnerability_affected_alert_check)
test_result.add_check(self.expected_vulnerability_mitigated_alert_check)
test_result.add_check(self.setup_successfull_for_all_agents_check)
test_result.add_check(self.no_duplicated_vulnerabilities_check)

record_property("test_result", test_result)

agents_failed_setup = setup
test_result.validate_check("setup_operation_results", [Evidence("setup_failed_agents", agents_failed_setup)])

# Install Vulnerable package
operations_result = launch_parallel_operations(
body, host_manager, target_to_ignore
)

logging.critical(f"Remote operation results: {operations_result}")
test_result.validate_check(
"operation_successfull_for_all_agents",
[Evidence("operation_results", operations_result)],
)
# Wait for syscollector and VD scan
time.sleep(VD_E2E_TIMEOUT_SYSCOLLECTOR_SCAN + PACKAGE_VULNERABILITY_SCAN_TIME * len(AGENTS_SCANNED_FIRST_SCAN))

if "to" in body["package"]:
package_data = [body["package"]["to"], body["package"]["from"]]
else:
package_data = [body["package"]]
max_result_window(host_manager)

vulnerabilities = get_vulnerabilities_index(host_manager, AGENTS_SCANNED_FIRST_SCAN, package_data,
size=INDEXER_RESULT_WINDOWS_VULN_E2E)
expected_vulnerabilities = get_expected_index(host_manager, AGENTS_SCANNED_FIRST_SCAN,
body["operation"], body["package"])
duplicated_vulnerabilities = get_duplicated_vulnerabilities(vulnerabilities)

result = compare_expected_found_vulnerabilities(vulnerabilities, expected_vulnerabilities)
vulnerabilities_not_found = result["vulnerabilities_not_found"]
vulnerabilities_unexpected = result["vulnerabilities_unexpected"]

test_result.validate_check('no_duplicated_vulnerabilities',
[Evidence('duplicated_vulnerabilities', duplicated_vulnerabilities),
Evidence('vulnerabilities', vulnerabilities)
])

logging.critical("Validating found vulnerabilities")
test_result.validate_check(
"expected_vulnerabilities_found_in_index",
[
Evidence("missing_vulnerabilities", vulnerabilities_not_found),
Evidence("vulnerabilities_found_in_index", vulnerabilities),
Evidence("expected_vulnerabilities", expected_vulnerabilities),
],
)

logging.critical("Validating unexpected vulnerabilities")
test_result.validate_check(
"no_unexpected_vulnerabilities_found_in_index",
[
Evidence("unexpected_vulnerabilities", vulnerabilities_unexpected),
Evidence("vulnerabilities_found_in_index", vulnerabilities),
Evidence("expected_vulnerabilities", expected_vulnerabilities),
],
)

alerts = get_vulnerability_alerts(host_manager, AGENTS_SCANNED_FIRST_SCAN, package_data, test_timestamp)
expected_alerts = get_expected_alerts(
host_manager, AGENTS_SCANNED_FIRST_SCAN, body["operation"], body["package"]
)

result_alert = compare_expected_found_vulnerabilities_alerts(
alerts, expected_alerts
)

logging.critical("Validating found alerts")
test_result.validate_check(
"expected_vulnerability_affected_alert",
[
Evidence(
"missing_affected_alerts",
result_alert["vulnerabilities_affected_not_found"],
),
Evidence("alerts_found_in_index", alerts),
Evidence("expected_alerts", expected_alerts),
],
)

logging.critical("Validating unexpected alerts")
test_result.validate_check(
"expected_vulnerability_mitigated_alert",
[
Evidence(
"missing_mitigated_alerts",
result_alert["vulnerabilities_mitigated_not_found"],
),
Evidence("alerts_found_in_index", alerts),
Evidence("expected_alerts", expected_alerts),
],
)

errors_environment = check_errors_in_environment(
host_manager,
expected_errors=VULNERABILITY_DETECTION_E2E_EXPECTED_ERRORS,
greater_than_timestamp=test_timestamp, error_levels=TESTS_UNEXPECTED_ERRORS_LEVELS
)

test_result.validate_check("no_errors", [Evidence("error_level_messages", errors_environment)])

> assert test_result.get_test_result(), test_result.report()
E AssertionError:
E Test test_vulnerability_detector_scans_cases[upgrade_package_add_vulnerability] failed
E
E Check no_errors succeeded
E Check operation_successfull_for_all_agents succeeded
E Check expected_vulnerabilities_found_in_index failed. Evidences (['missing_vulnerabilities']) can be found in the report.
E Check no_unexpected_vulnerabilities_found_in_index succeeded
E Check expected_vulnerability_affected_alert failed. Evidences (['missing_affected_alerts']) can be found in the report.
E Check expected_vulnerability_mitigated_alert failed. Evidences (['missing_mitigated_alerts']) can be found in the report.
E Check setup_operation_results succeeded
E Check no_duplicated_vulnerabilities succeeded
E -----
E
E assert False
E + where False = <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf76349790>>()
E + where <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf76349790>> = <wazuh_testing.end_to_end.TestResult object at 0x7fbf76349790>.get_test_result

end_to_end/test_vulnerability_detector/test_vulnerability_detector.py:1031: AssertionError
-------------------------------Captured log setup-------------------------------
CRITICAL root:conftest.py:312 Preconditions finished. Results: {'agent6': True}
-------------------------------Captured log call--------------------------------
ERROR root:__init__.py:237 Marked check setup_operation_results result to True with evidences ['setup_failed_agents'] CRITICAL root:test_vulnerability_detector.py:939 Remote operation results: {'agent6': True, 'agent4': True, 'agent3': True, 'agent5': True, 'agent1': True, 'agent2': True} ERROR root:__init__.py:237 Marked check operation_successfull_for_all_agents result to True with evidences ['operation_results'] CRITICAL root:check_validators.py:30 Vulnerability not found for agent2: Vulnerability(cve='CVE-2022-32223', package_name='Node.js', package_version='18.0.0', architecture='x86_64') CRITICAL root:check_validators.py:51 Vulnerabilities not found: {'agent2': [Vulnerability(cve='CVE-2022-32223', package_name='Node.js', package_version='18.0.0', architecture='x86_64')]} CRITICAL root:check_validators.py:52 Vulnerabilities unexpected: {} ERROR root:__init__.py:237 Marked check no_duplicated_vulnerabilities result to True with evidences ['duplicated_vulnerabilities', 'vulnerabilities'] CRITICAL root:test_vulnerability_detector.py:968 Validating found vulnerabilities CRITICAL root:check_validators.py:146 agent2 is not empty: [Vulnerability(cve='CVE-2022-32223', package_name='Node.js', package_version='18.0.0', architecture='x86_64')] ERROR root:__init__.py:237 Marked check expected_vulnerabilities_found_in_index result to False with evidences ['missing_vulnerabilities', 'vulnerabilities_found_in_index', 'expected_vulnerabilities'] CRITICAL root:test_vulnerability_detector.py:978 Validating unexpected vulnerabilities ERROR root:__init__.py:237 Marked check no_unexpected_vulnerabilities_found_in_index result to True with evidences ['unexpected_vulnerabilities', 'vulnerabilities_found_in_index', 'expected_vulnerabilities'] CRITICAL root:check_validators.py:124 Vulnerabilities affected not found: {'agent2': [Vulnerability(cve='CVE-2022-32223', package_name='Node.js', package_version='18.0.0', architecture='x86_64')]} CRITICAL root:check_validators.py:125 Vulnerabilities mitigated not found: {'agent2': [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.1.0', architecture='x86_64')]} CRITICAL root:test_vulnerability_detector.py:997 Validating found alerts CRITICAL root:check_validators.py:146 agent2 is not empty: [Vulnerability(cve='CVE-2022-32223', package_name='Node.js', package_version='18.0.0', architecture='x86_64')] ERROR root:__init__.py:237 Marked check expected_vulnerability_affected_alert result to False with evidences ['missing_affected_alerts', 'alerts_found_in_index', 'expected_alerts'] CRITICAL root:test_vulnerability_detector.py:1010 Validating unexpected alerts CRITICAL root:check_validators.py:146 agent2 is not empty: [Vulnerability(cve='CVE-2022-0778', package_name='Node.js', package_version='17.1.0', architecture='x86_64')] ERROR root:__init__.py:237 Marked check expected_vulnerability_mitigated_alert result to False with evidences ['missing_mitigated_alerts', 'alerts_found_in_index', 'expected_alerts'] ERROR root:__init__.py:237 Marked check no_errors result to True with evidences ['error_level_messages']
-----------------------------Captured log teardown------------------------------
ERROR root:conftest.py:152 Truncate managers and agents logs

self = <test_vulnerability_detector.TestScanSyscollectorCases object at 0x7fbf763b4d00>
request = <FixtureRequest for <Function test_vulnerability_detector_scans_cases[upgrade_package_maintain_add_vulnerability]>>
preconditions = {'operation': 'install_package', 'package': {'macos': {'amd64': 'systeminformation-4.34.23', 'arm64v8': 'systeminformation-4.34.23'}}, 'target_os': ['macos']}
body = {'operation': 'update_package', 'package': {'from': {'centos': {'amd64': 'grafana-9.1.1-1', 'arm64v8': 'grafana-9.1.1-...tion-5.0.0'}, 'ubuntu': {'amd64': 'grafana-9.2.0', 'arm64v8': 'grafana-9.2.0'}, 'windows': {'amd64': 'node-v18.1.0'}}}}
teardown = None, setup = []
host_manager = <wazuh_testing.tools.system.HostManager object at 0x7fbf763b4130>
record_property = <function record_property.<locals>.append_property at 0x7fbf7606ac10>
clean_environment_logs = None, delete_states_vulnerability_index = None
clean_environment_logs_function = None

@pytest.mark.parametrize("preconditions, body, teardown", complete_list, ids=list_ids)
def test_vulnerability_detector_scans_cases(self, request, preconditions, body, teardown, setup, host_manager,
record_property, clean_environment_logs,
delete_states_vulnerability_index,
clean_environment_logs_function):
# Is mandatory to launch this test along with the first scan test'
global AGENTS_SCANNED_FIRST_SCAN
if len(AGENTS_SCANNED_FIRST_SCAN) == 0:
pytest.skip("No agent was scanned in the first scan. Skipping test.")

target_to_ignore = list(
set(host_manager.get_group_hosts("agent")) - set(AGENTS_SCANNED_FIRST_SCAN)
)

utc_now_timestamp = datetime.datetime.now(datetime.timezone.utc)
test_timestamp = utc_now_timestamp.strftime("%Y-%m-%dT%H:%M:%S")

test_result = TestResult(request.node.name)
test_result.add_check(self.no_errors_check)
test_result.add_check(self.operation_successfull_for_all_agents_check)
test_result.add_check(self.expected_vulnerabilities_found_in_index_check)
test_result.add_check(self.no_unexpected_vulnerabilities_found_in_index_check)
test_result.add_check(self.expected_vulnerability_affected_alert_check)
test_result.add_check(self.expected_vulnerability_mitigated_alert_check)
test_result.add_check(self.setup_successfull_for_all_agents_check)
test_result.add_check(self.no_duplicated_vulnerabilities_check)

record_property("test_result", test_result)

agents_failed_setup = setup
test_result.validate_check("setup_operation_results", [Evidence("setup_failed_agents", agents_failed_setup)])

# Install Vulnerable package
operations_result = launch_parallel_operations(
body, host_manager, target_to_ignore
)

logging.critical(f"Remote operation results: {operations_result}")
test_result.validate_check(
"operation_successfull_for_all_agents",
[Evidence("operation_results", operations_result)],
)
# Wait for syscollector and VD scan
time.sleep(VD_E2E_TIMEOUT_SYSCOLLECTOR_SCAN + PACKAGE_VULNERABILITY_SCAN_TIME * len(AGENTS_SCANNED_FIRST_SCAN))

if "to" in body["package"]:
package_data = [body["package"]["to"], body["package"]["from"]]
else:
package_data = [body["package"]]
max_result_window(host_manager)

vulnerabilities = get_vulnerabilities_index(host_manager, AGENTS_SCANNED_FIRST_SCAN, package_data,
size=INDEXER_RESULT_WINDOWS_VULN_E2E)
expected_vulnerabilities = get_expected_index(host_manager, AGENTS_SCANNED_FIRST_SCAN,
body["operation"], body["package"])
duplicated_vulnerabilities = get_duplicated_vulnerabilities(vulnerabilities)

result = compare_expected_found_vulnerabilities(vulnerabilities, expected_vulnerabilities)
vulnerabilities_not_found = result["vulnerabilities_not_found"]
vulnerabilities_unexpected = result["vulnerabilities_unexpected"]

test_result.validate_check('no_duplicated_vulnerabilities',
[Evidence('duplicated_vulnerabilities', duplicated_vulnerabilities),
Evidence('vulnerabilities', vulnerabilities)
])

logging.critical("Validating found vulnerabilities")
test_result.validate_check(
"expected_vulnerabilities_found_in_index",
[
Evidence("missing_vulnerabilities", vulnerabilities_not_found),
Evidence("vulnerabilities_found_in_index", vulnerabilities),
Evidence("expected_vulnerabilities", expected_vulnerabilities),
],
)

logging.critical("Validating unexpected vulnerabilities")
test_result.validate_check(
"no_unexpected_vulnerabilities_found_in_index",
[
Evidence("unexpected_vulnerabilities", vulnerabilities_unexpected),
Evidence("vulnerabilities_found_in_index", vulnerabilities),
Evidence("expected_vulnerabilities", expected_vulnerabilities),
],
)

alerts = get_vulnerability_alerts(host_manager, AGENTS_SCANNED_FIRST_SCAN, package_data, test_timestamp)
expected_alerts = get_expected_alerts(
host_manager, AGENTS_SCANNED_FIRST_SCAN, body["operation"], body["package"]
)

result_alert = compare_expected_found_vulnerabilities_alerts(
alerts, expected_alerts
)

logging.critical("Validating found alerts")
test_result.validate_check(
"expected_vulnerability_affected_alert",
[
Evidence(
"missing_affected_alerts",
result_alert["vulnerabilities_affected_not_found"],
),
Evidence("alerts_found_in_index", alerts),
Evidence("expected_alerts", expected_alerts),
],
)

logging.critical("Validating unexpected alerts")
test_result.validate_check(
"expected_vulnerability_mitigated_alert",
[
Evidence(
"missing_mitigated_alerts",
result_alert["vulnerabilities_mitigated_not_found"],
),
Evidence("alerts_found_in_index", alerts),
Evidence("expected_alerts", expected_alerts),
],
)

errors_environment = check_errors_in_environment(
host_manager,
expected_errors=VULNERABILITY_DETECTION_E2E_EXPECTED_ERRORS,
greater_than_timestamp=test_timestamp, error_levels=TESTS_UNEXPECTED_ERRORS_LEVELS
)

test_result.validate_check("no_errors", [Evidence("error_level_messages", errors_environment)])

> assert test_result.get_test_result(), test_result.report()
E AssertionError:
E Test test_vulnerability_detector_scans_cases[upgrade_package_maintain_add_vulnerability] failed
E
E Check no_errors succeeded
E Check operation_successfull_for_all_agents succeeded
E Check expected_vulnerabilities_found_in_index succeeded
E Check no_unexpected_vulnerabilities_found_in_index succeeded
E Check expected_vulnerability_affected_alert succeeded
E Check expected_vulnerability_mitigated_alert failed. Evidences (['missing_mitigated_alerts']) can be found in the report.
E Check setup_operation_results succeeded
E Check no_duplicated_vulnerabilities succeeded
E -----
E
E assert False
E + where False = <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf75ff0ca0>>()
E + where <bound method TestResult.get_test_result of <wazuh_testing.end_to_end.TestResult object at 0x7fbf75ff0ca0>> = <wazuh_testing.end_to_end.TestResult object at 0x7fbf75ff0ca0>.get_test_result

end_to_end/test_vulnerability_detector/test_vulnerability_detector.py:1031: AssertionError
-------------------------------Captured log setup-------------------------------
CRITICAL root:conftest.py:312 Preconditions finished. Results: {'agent6': True}
-------------------------------Captured log call--------------------------------
ERROR root:__init__.py:237 Marked check setup_operation_results result to True with evidences ['setup_failed_agents'] CRITICAL root:test_vulnerability_detector.py:939 Remote operation results: {'agent6': True, 'agent5': True, 'agent4': True, 'agent3': True, 'agent1': True, 'agent2': True} ERROR root:__init__.py:237 Marked check operation_successfull_for_all_agents result to True with evidences ['operation_results'] ERROR root:__init__.py:237 Marked check no_duplicated_vulnerabilities result to True with evidences ['duplicated_vulnerabilities', 'vulnerabilities'] CRITICAL root:test_vulnerability_detector.py:968 Validating found vulnerabilities ERROR root:__init__.py:237 Marked check expected_vulnerabilities_found_in_index result to True with evidences ['missing_vulnerabilities', 'vulnerabilities_found_in_index', 'expected_vulnerabilities'] CRITICAL root:test_vulnerability_detector.py:978 Validating unexpected vulnerabilities ERROR root:__init__.py:237 Marked check no_unexpected_vulnerabilities_found_in_index result to True with evidences ['unexpected_vulnerabilities', 'vulnerabilities_found_in_index', 'expected_vulnerabilities'] CRITICAL root:check_validators.py:124 Vulnerabilities affected not found: {} CRITICAL root:check_validators.py:125 Vulnerabilities mitigated not found: {'agent2': [Vulnerability(cve='CVE-2022-32223', package_name='Node.js', package_version='18.0.0', architecture='x86_64')]} CRITICAL root:test_vulnerability_detector.py:997 Validating found alerts ERROR root:__init__.py:237 Marked check expected_vulnerability_affected_alert result to True with evidences ['missing_affected_alerts', 'alerts_found_in_index', 'expected_alerts'] CRITICAL root:test_vulnerability_detector.py:1010 Validating unexpected alerts CRITICAL root:check_validators.py:146 agent2 is not empty: [Vulnerability(cve='CVE-2022-32223', package_name='Node.js', package_version='18.0.0', architecture='x86_64')] ERROR root:__init__.py:237 Marked check expected_vulnerability_mitigated_alert result to False with evidences ['missing_mitigated_alerts', 'alerts_found_in_index', 'expected_alerts'] ERROR root:__init__.py:237 Marked check no_errors result to True with evidences ['error_level_messages']
-----------------------------Captured log teardown------------------------------
ERROR root:conftest.py:152 Truncate managers and agents logs