github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/pkg/scanners/toml/scanner_test.go (about) 1 package toml 2 3 import ( 4 "context" 5 "testing" 6 7 "github.com/aquasecurity/defsec/pkg/framework" 8 "github.com/aquasecurity/defsec/pkg/scan" 9 "github.com/aquasecurity/defsec/pkg/scanners/options" 10 "github.com/aquasecurity/trivy-iac/test/testutil" 11 "github.com/stretchr/testify/assert" 12 "github.com/stretchr/testify/require" 13 ) 14 15 func Test_BasicScan(t *testing.T) { 16 17 fs := testutil.CreateFS(t, map[string]string{ 18 "/code/code.toml": ` 19 [x] 20 y = 123 21 z = ["a", "b", "c"] 22 `, 23 "/rules/rule.rego": `package builtin.toml.lol 24 25 __rego_metadata__ := { 26 "id": "ABC123", 27 "avd_id": "AVD-AB-0123", 28 "title": "title", 29 "short_code": "short", 30 "severity": "CRITICAL", 31 "type": "TOML Check", 32 "description": "description", 33 "recommended_actions": "actions", 34 "url": "https://example.com", 35 } 36 37 __rego_input__ := { 38 "combine": false, 39 "selector": [{"type": "toml"}], 40 } 41 42 deny[res] { 43 input.x.y == 123 44 res := { 45 "msg": "oh no", 46 "startline": 1, 47 "endline": 2, 48 } 49 } 50 51 `, 52 }) 53 54 scanner := NewScanner(options.ScannerWithPolicyDirs("rules")) 55 56 results, err := scanner.ScanFS(context.TODO(), fs, "code") 57 require.NoError(t, err) 58 59 require.Len(t, results.GetFailed(), 1) 60 61 assert.Equal(t, scan.Rule{ 62 AVDID: "AVD-AB-0123", 63 Aliases: []string{"ABC123"}, 64 ShortCode: "short", 65 Summary: "title", 66 Explanation: "description", 67 Impact: "", 68 Resolution: "actions", 69 Provider: "toml", 70 Service: "general", 71 Links: []string{"https://example.com"}, 72 Severity: "CRITICAL", 73 Terraform: &scan.EngineMetadata{}, 74 CloudFormation: &scan.EngineMetadata{}, 75 CustomChecks: scan.CustomChecks{ 76 Terraform: (*scan.TerraformCustomCheck)(nil)}, 77 RegoPackage: "data.builtin.toml.lol", 78 Frameworks: map[framework.Framework][]string{}, 79 }, 80 results.GetFailed()[0].Rule(), 81 ) 82 }