garak/tests/test_report.py at main · NVIDIA/garak · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
import json
import os
import pytest
import pandas as pd

from garak.report import Report

# Helper functions


def validate_avid_report_structure(report):
    """Validate common AVID report structure"""
    assert "data_type" in report
    assert isinstance(report["data_type"], str)
    assert report["data_type"].lower() == "avid"

    assert "affects" in report
    assert "problemtype" in report
    assert "metrics" in report
    assert "impact" in report
    assert "references" in report


# Fixtures


@pytest.fixture
def sample_report():
    return "tests/_assets/report/report_test.report.jsonl"


@pytest.fixture
def sample_report_without_metadata(tmp_path):
    """Edge case: report file without metadata"""
    report_file = tmp_path / "test_no_metadata.report.jsonl"

    lines = [
        {
            "entry_type": "eval",
            "probe": "test.Test",
            "detector": "always.Pass",
            "passed": 5,
            "total_evaluated": 10,
        },
    ]

    with open(report_file, "w") as f:
        for line in lines:
            f.write(json.dumps(line, ensure_ascii=False) + "\n")

    return str(report_file)


@pytest.fixture
def exported_avid_report(sample_report, request):
    """Fixture that exports a report and returns AVID file path with auto-cleanup"""
    avid_file = sample_report.replace(".report", ".avid")

    # Register cleanup
    request.addfinalizer(lambda: os.path.exists(avid_file) and os.remove(avid_file))

    # Export the report
    Report(report_location=sample_report).load().get_evaluations().export()

    return avid_file


# Test __init__()


def test_init_creates_report_object():
    """Test Report object initialization"""
    r = Report(report_location="dummy_path")
    assert r.report_location == "dummy_path"
    assert r.records == []
    assert r.metadata is None
    assert r.evaluations is None
    assert r.scores is None


# Test .load()


def test_load_reads_report_file(sample_report):
    """Test loading a report file"""
    r = Report(report_location=sample_report).load()

    assert len(r.records) > 0


# Test .get_evaluations()


def test_get_evaluations_extracts_metadata(sample_report):
    """Test extracting metadata"""
    r = Report(report_location=sample_report).load().get_evaluations()

    # Check metadata was extracted
    assert (
        r.metadata is not None
    )  # this ensures proper entry_type (currently 'start_run setup') for metadata
    assert "plugins.target_type" in r.metadata
    assert "plugins.target_name" in r.metadata
    assert r.metadata["plugins.target_type"]
    assert r.metadata["plugins.target_name"]


def test_get_evaluations_extracts_evaluations_and_scores(sample_report):
    """Test evaluations and scores were extracted"""
    r = Report(report_location=sample_report).load().get_evaluations()

    # Check evaluations were extracted
    assert isinstance(r.evaluations, pd.DataFrame)
    assert r.evaluations.empty is False

    columns = r.evaluations.columns.tolist()
    # key columns used in the report
    for col in [
        "probe",
        "probe_tags",
        "detector",
        "passed",
        "total_evaluated",
        "score",
    ]:
        assert col in columns

    # Check scores were calculated
    assert isinstance(r.scores, pd.DataFrame)
    assert r.scores.empty is False
    assert r.scores.index.name == "probe"
    assert r.scores.index.tolist() == r.evaluations["probe"].unique().tolist()


def test_get_evaluations_raises_error_when_no_evals(tmp_path):
    """Test get_evaluations raises ValueError when no evaluations exist"""
    report_file = tmp_path / "no_evals.report.jsonl"

    lines = [
        {"entry_type": "start_run setup", "plugins.target_type": "test"},
    ]

    with open(report_file, "w") as f:
        for line in lines:
            f.write(json.dumps(line, ensure_ascii=False) + "\n")

    r = Report(report_location=str(report_file))
    r.load()

    with pytest.raises(ValueError, match="No evaluations to report"):
        r.get_evaluations()


# Test .export() resulting file


def test_export_creates_avid_report_file(exported_avid_report):
    """Test exporting creates an AVID report file"""
    # Check that output file was created
    assert os.path.exists(exported_avid_report)


def test_export_creates_avid_report_file_with_proper_structure(exported_avid_report):
    """Test exporting creates an AVID report file with proper structure"""
    with open(exported_avid_report, "r") as f:
        avid_reports = [json.loads(line) for line in f]

    assert len(avid_reports) > 0

    for report in avid_reports:
        # Validate basic AVID structure
        validate_avid_report_structure(report)

        # Additional checks
        assert "avid" in report["impact"]
        assert isinstance(report["references"], list)
        assert len(report["references"]) > 0


def test_export_includes_model_metadata_in_affects(exported_avid_report):
    """Test export includes model type and name in affects section"""
    with open(exported_avid_report, "r") as f:
        avid_reports = [json.loads(line) for line in f]

    for report in avid_reports:
        assert "affects" in report

        assert "deployer" in report["affects"]
        assert isinstance(report["affects"]["deployer"], list)
        assert len(report["affects"]["deployer"]) > 0

        assert "artifacts" in report["affects"]
        assert isinstance(report["affects"]["artifacts"], list)
        assert len(report["affects"]["artifacts"]) > 0


def test_export_includes_problemtype_in_report(exported_avid_report):
    """Test export includes problemtype in report"""
    with open(exported_avid_report, "r") as f:
        avid_reports = [json.loads(line) for line in f]

    for report in avid_reports:
        assert "problemtype" in report
        assert isinstance(report["problemtype"], dict)

        assert "classof" in report["problemtype"]
        assert report["problemtype"]["classof"] is not None

        assert "type" in report["problemtype"]
        assert report["problemtype"]["type"] is not None

        assert "description" in report["problemtype"]
        assert isinstance(report["problemtype"]["description"], dict)
        assert "value" in report["problemtype"]["description"]
        assert report["problemtype"]["description"]["value"] is not None
        assert "lang" in report["problemtype"]["description"]
        assert report["problemtype"]["description"]["lang"] is not None


def test_export_includes_metrics_in_report(exported_avid_report):
    """Test export includes metrics in report"""
    with open(exported_avid_report, "r") as f:
        avid_reports = [json.loads(line) for line in f]

    for report in avid_reports:
        assert "metrics" in report
        assert isinstance(report["metrics"], list)
        assert len(report["metrics"]) > 0

        metric = report["metrics"][0]
        assert metric.get("name") is not None
        assert metric.get("detection_method") is not None

        assert "results" in metric
        assert isinstance(metric["results"], dict)
        assert len(metric["results"]) > 0
        assert "index" in metric["results"]

        for key in ["detector", "passed", "total_evaluated", "score"]:
            assert key in metric["results"]
            assert len(metric["results"][key]) == len(metric["results"]["index"])


def test_export_includes_vuln_id_in_avid_taxonomy(exported_avid_report):
    """Test export includes vuln_id field in AVID taxonomy (regression test)"""
    with open(exported_avid_report, "r") as f:
        avid_reports = [json.loads(line) for line in f]

    for report in avid_reports:
        assert "impact" in report
        assert "avid" in report["impact"]
        assert "vuln_id" in report["impact"]["avid"]

        assert "risk_domain" in report["impact"]["avid"]
        assert isinstance(report["impact"]["avid"]["risk_domain"], list)

        assert "sep_view" in report["impact"]["avid"]
        assert isinstance(report["impact"]["avid"]["sep_view"], list)

        assert "lifecycle_view" in report["impact"]["avid"]
        assert isinstance(report["impact"]["avid"]["lifecycle_view"], list)

        assert "taxonomy_version" in report["impact"]["avid"]


def test_export_works_without_metadata(sample_report_without_metadata):
    """Test export works when metadata is missing"""
    r = Report(report_location=sample_report_without_metadata).load().get_evaluations()

    # Should not crash even without metadata
    r.export()

    # Check that output file was created
    avid_file = sample_report_without_metadata.replace(".report", ".avid")
    assert os.path.exists(avid_file)

    os.remove(avid_file)