github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/pkg/scanners/cloudformation/parser/fn_get_attr_test.go

github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/pkg/scanners/cloudformation/parser/fn_get_attr_test.go (about)

     1  package parser
     2  
     3  import (
     4  	"github.com/stretchr/testify/assert"
     5  	"github.com/stretchr/testify/require"
     6  
     7  	"testing"
     8  )
     9  
    10  func Test_resolve_get_attr_value(t *testing.T) {
    11  
    12  	source := `---
    13  Resources:
    14      ElasticacheSecurityGroup:
    15        Type: 'AWS::EC2::SecurityGroup'
    16        Properties:
    17          GroupDescription: Elasticache Security Group
    18          SecurityGroupIngress:
    19            - IpProtocol: tcp
    20              FromPort: 11211
    21              ToPort: 11211
    22              SourceSecurityGroupName: !Ref InstanceSecurityGroup
    23      ElasticacheCluster:
    24        Type: 'AWS::ElastiCache::CacheCluster'
    25        Properties:    
    26          Engine: memcached
    27          CacheNodeType: cache.t2.micro
    28          NumCacheNodes: '1'
    29          VpcSecurityGroupIds:
    30            - !GetAtt 
    31              - ElasticacheSecurityGroup
    32              - GroupId
    33  `
    34  	ctx := createTestFileContext(t, source)
    35  	require.NotNil(t, ctx)
    36  
    37  	testRes := ctx.GetResourceByLogicalID("ElasticacheCluster")
    38  	assert.NotNil(t, testRes)
    39  
    40  	sgProp := testRes.GetProperty("VpcSecurityGroupIds")
    41  	require.True(t, sgProp.IsNotNil())
    42  	require.True(t, sgProp.IsList())
    43  
    44  	for _, property := range sgProp.AsList() {
    45  		resolved, success := ResolveIntrinsicFunc(property)
    46  		require.True(t, success)
    47  		assert.True(t, resolved.IsNotNil())
    48  	}
    49  
    50  }