github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/pkg/scanners/cloudformation/parser/fn_and_test.go (about) 1 package parser 2 3 import ( 4 "testing" 5 6 "github.com/aquasecurity/defsec/pkg/types" 7 8 "github.com/aquasecurity/trivy-iac/pkg/scanners/cloudformation/cftypes" 9 10 "github.com/stretchr/testify/assert" 11 "github.com/stretchr/testify/require" 12 ) 13 14 func Test_resolve_and_value(t *testing.T) { 15 16 property1 := &Property{ 17 ctx: &FileContext{}, 18 name: "BucketName", 19 rng: types.NewRange("testfile", 1, 1, "", nil), 20 Inner: PropertyInner{ 21 Type: cftypes.Map, 22 Value: map[string]*Property{ 23 "Fn::Equals": { 24 Inner: PropertyInner{ 25 Type: cftypes.List, 26 Value: []*Property{ 27 { 28 Inner: PropertyInner{ 29 Type: cftypes.String, 30 Value: "foo", 31 }, 32 }, 33 { 34 Inner: PropertyInner{ 35 Type: cftypes.String, 36 Value: "foo", 37 }, 38 }, 39 }, 40 }, 41 }, 42 }, 43 }, 44 } 45 46 property2 := &Property{ 47 ctx: &FileContext{}, 48 name: "BucketName", 49 rng: types.NewRange("testfile", 1, 1, "", nil), 50 Inner: PropertyInner{ 51 Type: cftypes.Map, 52 Value: map[string]*Property{ 53 "Fn::Equals": { 54 Inner: PropertyInner{ 55 Type: cftypes.List, 56 Value: []*Property{ 57 { 58 Inner: PropertyInner{ 59 Type: cftypes.String, 60 Value: "foo", 61 }, 62 }, 63 { 64 Inner: PropertyInner{ 65 Type: cftypes.String, 66 Value: "foo", 67 }, 68 }, 69 }, 70 }, 71 }, 72 }, 73 }, 74 } 75 andProperty := &Property{ 76 ctx: &FileContext{}, 77 name: "BucketName", 78 rng: types.NewRange("testfile", 1, 1, "", nil), 79 Inner: PropertyInner{ 80 Type: cftypes.Map, 81 Value: map[string]*Property{ 82 "Fn::And": { 83 Inner: PropertyInner{ 84 Type: cftypes.List, 85 Value: []*Property{ 86 property1, 87 property2, 88 }, 89 }, 90 }, 91 }, 92 }, 93 } 94 95 resolvedProperty, success := ResolveIntrinsicFunc(andProperty) 96 require.True(t, success) 97 98 assert.True(t, resolvedProperty.IsTrue()) 99 } 100 101 func Test_resolve_and_value_not_the_same(t *testing.T) { 102 103 property1 := &Property{ 104 ctx: &FileContext{}, 105 name: "BucketName", 106 rng: types.NewRange("testfile", 1, 1, "", nil), 107 Inner: PropertyInner{ 108 Type: cftypes.Map, 109 Value: map[string]*Property{ 110 "Fn::Equals": { 111 Inner: PropertyInner{ 112 Type: cftypes.List, 113 Value: []*Property{ 114 { 115 Inner: PropertyInner{ 116 Type: cftypes.String, 117 Value: "foo", 118 }, 119 }, 120 { 121 Inner: PropertyInner{ 122 Type: cftypes.String, 123 Value: "bar", 124 }, 125 }, 126 }, 127 }, 128 }, 129 }, 130 }, 131 } 132 133 property2 := &Property{ 134 ctx: &FileContext{}, 135 name: "BucketName", 136 rng: types.NewRange("testfile", 1, 1, "", nil), 137 Inner: PropertyInner{ 138 Type: cftypes.Map, 139 Value: map[string]*Property{ 140 "Fn::Equals": { 141 Inner: PropertyInner{ 142 Type: cftypes.List, 143 Value: []*Property{ 144 { 145 Inner: PropertyInner{ 146 Type: cftypes.String, 147 Value: "foo", 148 }, 149 }, 150 { 151 Inner: PropertyInner{ 152 Type: cftypes.String, 153 Value: "foo", 154 }, 155 }, 156 }, 157 }, 158 }, 159 }, 160 }, 161 } 162 andProperty := &Property{ 163 ctx: &FileContext{}, 164 name: "BucketName", 165 rng: types.NewRange("testfile", 1, 1, "", nil), 166 Inner: PropertyInner{ 167 Type: cftypes.Map, 168 Value: map[string]*Property{ 169 "Fn::And": { 170 Inner: PropertyInner{ 171 Type: cftypes.List, 172 Value: []*Property{ 173 property1, 174 property2, 175 }, 176 }, 177 }, 178 }, 179 }, 180 } 181 182 resolvedProperty, success := ResolveIntrinsicFunc(andProperty) 183 require.True(t, success) 184 185 assert.False(t, resolvedProperty.IsTrue()) 186 }