test: complete integration test for valid and invalid emails with deliverability

Signed-off-by: Carl Flottmann <carl.flottmann@oracle.com>

Author: art1f1c3R

tests/integration/cases/email_checking_pypi_malware_analyzer/check_emails.sh

@@ -0,0 +1,24 @@
+#!/bin/bash
+# Copyright (c) 2024 - 2025, Oracle and/or its affiliates. All rights reserved.
+# Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl/.
+if sqlite3 --json output/macaron.db "SELECT detect_malicious_metadata_check.detail_information
+    FROM detect_malicious_metadata_check JOIN check_facts on detect_malicious_metadata_check.id = check_facts.id
+    JOIN check_result on check_facts.check_result_id = check_result.id JOIN component
+    ON component.id = check_result.component_id WHERE check_result.check_id = 'mcn_detect_malicious_metadata_1'
+    AND component.name = 'smooth-operator'" | jq -r ".[0].detail_information | fromjson | .invalid_emails | length > 0"; then
+    exit 0
+else
+    echo "ERROR: the invalid_emails report for smooth-operator is empty" >&2
+    exit 1
+fi
+
+if sqlite3 --json output/macaron.db "SELECT detect_malicious_metadata_check.detail_information
+    FROM detect_malicious_metadata_check JOIN check_facts on detect_malicious_metadata_check.id = check_facts.id
+    JOIN check_result on check_facts.check_result_id = check_result.id JOIN component
+    ON component.id = check_result.component_id WHERE check_result.check_id = 'mcn_detect_malicious_metadata_1'
+    AND component.name = 'email-validator'" | jq -r ".[0].detail_information | fromjson | .valid_emails | length > 0"; then
+    exit 0
+else
+    echo "ERROR: the valid_emails report for email-validator is empty" >&2
+    exit 1
+fi

tests/integration/cases/email_checking_pypi_malware_analyzer/check_smooth_operator_email.sh

@@ -3,9 +3,16 @@
 
 #include "prelude.dl"
 
-Policy("check-smooth-operator", component_id, "Check clodd artifacts") :-
+Policy("check-smooth-operator", component_id, "Check smooth-operator artifacts") :-
     check_passed(component_id, "mcn_detect_malicious_metadata_1").
 
 apply_policy_to("check-smooth-operator", component_id) :-
     is_component(component_id, purl),
     match("pkg:pypi/smooth-operator", purl).
+
+Policy("check-email-validator", component_id, "Check email-validator artifacts") :-
+    check_passed(component_id, "mcn_detect_malicious_metadata_1").
+
+apply_policy_to("check-email-validator", component_id) :-
+    is_component(component_id, purl),
+    match("pkg:pypi/email-validator", purl).

tests/integration/cases/email_checking_pypi_malware_analyzer/policy.dl

@@ -3,7 +3,7 @@
 
 description: |
   Analyzing two python packages to check if the email address is deliverable and valid. The package smooth-operator is known
-  to use an invalid email address with an example.com domain.
+  to use an invalid email address with an example.com domain. email-validator is known to have a valid, deliverable, email address.
 
 tags:
 - macaron-python-package
@@ -15,11 +15,17 @@ steps:
     command_args:
     - -purl
     - pkg:pypi/smooth-operator
-- name: Query the output database to verify the smooth-operator email was invalid.
+- name: Run macaron analyze against email-validator
+  kind: analyze
+  options:
+    command_args:
+    - -purl
+    - pkg:pypi/email-validator
+- name: Query the output database to verify the emails were detected as invalid and valid respectively.
   kind: shell
   options:
-    cmd: ./check_smooth_operator_email.sh
-- name: Run macaron verify-policy to check the results of the packages
+    cmd: ./check_emails.sh
+- name: Run macaron verify-policy to check the results of the packages still passed.
   kind: verify
   options:
     policy: policy.dl