github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/pkg/scanners/cloudformation/parser/fn_find_in_map_test.go

github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/pkg/scanners/cloudformation/parser/fn_find_in_map_test.go (about)

     1  package parser
     2  
     3  import (
     4  	"github.com/stretchr/testify/assert"
     5  	"github.com/stretchr/testify/require"
     6  
     7  	"testing"
     8  )
     9  
    10  func Test_resolve_find_in_map_value(t *testing.T) {
    11  
    12  	source := `---
    13  Parameters:
    14    Environment: 
    15      Type: String
    16      Default: production
    17  Mappings:
    18    CacheNodeTypes:
    19      production:
    20        NodeType: cache.t2.large
    21      test:
    22        NodeType: cache.t2.small
    23      dev:
    24        NodeType: cache.t2.micro
    25  Resources:
    26      ElasticacheSecurityGroup:
    27        Type: 'AWS::EC2::SecurityGroup'
    28        Properties:
    29          GroupDescription: Elasticache Security Group
    30          SecurityGroupIngress:
    31            - IpProtocol: tcp
    32              FromPort: 11211
    33              ToPort: 11211
    34              SourceSecurityGroupName: !Ref InstanceSecurityGroup
    35      ElasticacheCluster:
    36        Type: 'AWS::ElastiCache::CacheCluster'
    37        Properties:    
    38          Engine: memcached
    39          CacheNodeType: !FindInMap [ CacheNodeTypes, production, NodeType ]
    40          NumCacheNodes: '1'
    41          VpcSecurityGroupIds:
    42            - !GetAtt 
    43              - ElasticacheSecurityGroup
    44              - GroupId
    45  `
    46  	ctx := createTestFileContext(t, source)
    47  	require.NotNil(t, ctx)
    48  
    49  	testRes := ctx.GetResourceByLogicalID("ElasticacheCluster")
    50  	assert.NotNil(t, testRes)
    51  
    52  	nodeTypeProp := testRes.GetStringProperty("CacheNodeType", "")
    53  	assert.Equal(t, "cache.t2.large", nodeTypeProp.Value())
    54  }
    55  
    56  func Test_resolve_find_in_map_with_nested_intrinsic_value(t *testing.T) {
    57  
    58  	source := `---
    59  Parameters:
    60    Environment: 
    61      Type: String
    62      Default: dev
    63  Mappings:
    64    CacheNodeTypes:
    65      production:
    66        NodeType: cache.t2.large
    67      test:
    68        NodeType: cache.t2.small
    69      dev:
    70        NodeType: cache.t2.micro
    71  Resources:
    72      ElasticacheSecurityGroup:
    73        Type: 'AWS::EC2::SecurityGroup'
    74        Properties:
    75          GroupDescription: Elasticache Security Group
    76          SecurityGroupIngress:
    77            - IpProtocol: tcp
    78              FromPort: 11211
    79              ToPort: 11211
    80              SourceSecurityGroupName: !Ref InstanceSecurityGroup
    81      ElasticacheCluster:
    82        Type: 'AWS::ElastiCache::CacheCluster'
    83        Properties:    
    84          Engine: memcached
    85          CacheNodeType: !FindInMap [ CacheNodeTypes, !Ref Environment, NodeType ]
    86          NumCacheNodes: '1'
    87          VpcSecurityGroupIds:
    88            - !GetAtt 
    89              - ElasticacheSecurityGroup
    90              - GroupId
    91  `
    92  	ctx := createTestFileContext(t, source)
    93  	require.NotNil(t, ctx)
    94  
    95  	testRes := ctx.GetResourceByLogicalID("ElasticacheCluster")
    96  	assert.NotNil(t, testRes)
    97  
    98  	nodeTypeProp := testRes.GetStringProperty("CacheNodeType", "")
    99  	assert.Equal(t, "cache.t2.micro", nodeTypeProp.Value())
   100  }