src/wazuh_modules/vulnerability_scanner/qa/Readme.md
This document is meant to describe the current component test behavior and the steps required for its maintenance.
The purpose of this test is to verify the scanner's accuracy when some specific inputs are applied. The results are verified by analyzing the logs written by the test tool.
The test_data folder is read in ascending order, and for each one of them, the corresponding inputs are sent. There is an output expected file that contains all the lines that should be found for those specific inputs. If the line isn't found after the timeout expires, the corresponding error message is printed. The test also verifies that the scan begins/ends properly, and that all the events are processed.
Consider also that folder 000 only verifies that the DB is properly decompressed, that's why it doesn't contain input files.
When a new test is being added, these are the general steps to follow:
input_xxx.json files that contain the sync/deltas messages that the vulnerability scanner test tool will processexpected_xxx.out file. The logs in the array will be looked for in the test output. If the inputs only prepares the tests and no output is expected (for example, agent OS information), the file can contain an empty array.