From a4bee8a329c5c8880c81c22631e600f2aba35415 Mon Sep 17 00:00:00 2001
From: Steve Kolenich <kolenichsj@tutanota.com>
Date: Wed, 1 Sep 2021 16:00:01 -0400
Subject: Added two tests using apk (Alpine Package Keeper) to check for
 installed packages and packages that can be upgraded

---
 include/tests_ports_packages | 63 ++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 63 insertions(+)

(limited to 'include/tests_ports_packages')

diff --git a/include/tests_ports_packages b/include/tests_ports_packages
index 2f0b98da..ee606e7b 100644
--- a/include/tests_ports_packages
+++ b/include/tests_ports_packages
@@ -466,6 +466,34 @@
     fi
 #
 #################################################################################
+#
+    # Test        : PKGS-7346
+    # Description : Check Alpine Package Keeper (apk)
+    if [ -x ${ROOTDIR}/sbin/apk ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
+    Register --test-no PKGS-7346 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Querying apk"
+    if [ ${SKIPTEST} -eq 0 ]; then
+        COUNT=0
+        Display --indent 4 --text "- Searching apk package manager" --result "${STATUS_FOUND}" --color GREEN
+        LogText "Result: Found apk binary"
+        Report "package_manager[]=apk"
+        PACKAGE_MGR_PKG=1
+        LogText "Test: Querying apk info -v to get package list"
+        Display --indent 6 --text "- Querying package manager"
+        LogText "Output:"
+        SPACKAGES=$(apk info -v | ${SEDBINARY} -r -e 's/([a-z,A-Z,0-9,_,-,.]{1,250})-([a-z,A-Z,0-9,.]+-r[a-z,A-Z,0-9]+)/\1,\2/' | sort)
+        for J in ${SPACKAGES}; do
+            COUNT=$((COUNT + 1))
+            PACKAGE_NAME=$(echo ${J} | ${CUTBINARY} -d ',' -f1)
+            PACKAGE_VERSION=$(echo ${J} | ${CUTBINARY} -d ',' -f2)
+            LogText "Found package: ${PACKAGE_NAME} (version: ${PACKAGE_VERSION})"
+            INSTALLED_PACKAGES="${INSTALLED_PACKAGES}|${PACKAGE_NAME},${PACKAGE_VERSION}"
+        done
+        Report "installed_packages=${COUNT}"
+    else
+        LogText "Result: apk "${STATUS_NOT_FOUND}", test skipped"
+    fi
+#
+#################################################################################
 #
     # Test        : PKGS-7346
     # Description : Check packages which are removed, but still own configuration files, cron jobs etc
@@ -1235,6 +1263,41 @@
 
 #
 #################################################################################
+#
+    # Test        : PKGS-7395
+    # Description : Check Alpine upgradeable packages
+    if [ "${LINUX_VERSION}" = "Alpine Linux" ]  && [ -x "${ROOTDIR}sbin/apk" ]; then
+        PREQS_MET="YES"
+    else
+        PREQS_MET="NO"
+    fi
+
+    Register --test-no PKGS-7395 --os Linux --preqs-met ${PREQS_MET} --weight L --network YES --category security --description "Check for Alpine updates"
+    if [ ${SKIPTEST} -eq 0 ]; then
+        if [ ${REFRESH_REPOSITORIES} -eq 1 ]; then
+            LogText "Action: updating package repository with apk"
+            ${ROOTDIR}sbin/apk update
+            LogText "Result: apk finished"
+        else
+            LogText "Result: using a possibly outdated repository, as updating is disabled via configuration"
+        fi
+        LogText "Test: Checking packages which can be upgraded via apk version -l '<'"
+        FIND=$(${ROOTDIR}sbin/apk version -l '<' | ${GREPBINARY} '<' | ${SEDBINARY} 's/\s\+<\s/</g')
+        if [ -z "${FIND}" ]; then
+            LogText "Result: no packages found which can be upgraded"
+            Display --indent 2 --text "- Checking upgradeable packages" --result "${STATUS_NONE}" --color GREEN
+            AddHP 3 3
+        else
+            LogText "Result: found one or more packages which can be upgraded"
+            Display --indent 2 --text "- Checking upgradeable packages" --result "${STATUS_FOUND}" --color YELLOW
+            for ITEM in ${FIND}; do
+                ITEM=$(echo ${ITEM} | ${SEDBINARY}  -r -e 's/([a-z,A-Z,0-9,_,-,.]{1,250})-([a-z,A-Z,0-9,.]+-r[a-z,A-Z,0-9]+)<([a-z,A-Z,0-9,-,.]+)/\1 from \2 to \3/')
+                LogText "${ITEM}"
+            done
+        fi
+    fi
+#
+#################################################################################
 #
     # Test        : PKGS-7398
     # Description : Check package audit tool
-- 
cgit v1.2.3