github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/test/block_test.go (about) 1 package test 2 3 import ( 4 "testing" 5 6 "github.com/stretchr/testify/assert" 7 ) 8 9 func Test_IsPresentCheckOnBlock(t *testing.T) { 10 var tests = []struct { 11 name string 12 source string 13 expectedAttribute string 14 }{ 15 { 16 name: "expected attribute is present", 17 source: ` 18 resource "aws_s3_bucket" "my-bucket" { 19 bucket_name = "bucketName" 20 }`, 21 expectedAttribute: "bucket_name", 22 }, 23 { 24 name: "expected acl attribute is present", 25 source: ` 26 resource "aws_s3_bucket" "my-bucket" { 27 bucket_name = "bucketName" 28 acl = "public-read" 29 }`, 30 expectedAttribute: "acl", 31 }, 32 { 33 name: "expected acl attribute is present", 34 source: ` 35 resource "aws_s3_bucket" "my-bucket" { 36 bucket_name = "bucketName" 37 acl = "public-read" 38 logging { 39 target_bucket = aws_s3_bucket.log_bucket.id 40 target_prefix = "log/" 41 } 42 }`, 43 expectedAttribute: "logging", 44 }, 45 } 46 47 for _, test := range tests { 48 t.Run(test.name, func(t *testing.T) { 49 modules := createModulesFromSource(t, test.source, ".tf") 50 for _, module := range modules { 51 for _, block := range module.GetBlocks() { 52 assert.Equal(t, block.HasChild(test.expectedAttribute), true) 53 assert.Equal(t, !block.HasChild(test.expectedAttribute), false) 54 } 55 } 56 }) 57 } 58 } 59 60 func Test_IsNotPresentCheckOnBlock(t *testing.T) { 61 var tests = []struct { 62 name string 63 source string 64 expectedAttribute string 65 }{ 66 { 67 name: "expected attribute is not present", 68 source: ` 69 resource "aws_s3_bucket" "my-bucket" { 70 bucket_name = "bucketName" 71 72 }`, 73 expectedAttribute: "acl", 74 }, 75 { 76 name: "expected acl attribute is not present", 77 source: ` 78 resource "aws_s3_bucket" "my-bucket" { 79 bucket_name = "bucketName" 80 acl = "public-read" 81 82 }`, 83 expectedAttribute: "logging", 84 }, 85 } 86 87 for _, test := range tests { 88 t.Run(test.name, func(t *testing.T) { 89 modules := createModulesFromSource(t, test.source, ".tf") 90 for _, module := range modules { 91 for _, block := range module.GetBlocks() { 92 assert.Equal(t, block.HasChild(test.expectedAttribute), false) 93 assert.Equal(t, !block.HasChild(test.expectedAttribute), true) 94 } 95 } 96 }) 97 } 98 } 99 100 func Test_MissingChildNotFoundOnBlock(t *testing.T) { 101 var tests = []struct { 102 name string 103 source string 104 expectedAttribute string 105 }{ 106 { 107 name: "expected attribute is not present", 108 source: ` 109 resource "aws_s3_bucket" "my-bucket" { 110 bucket_name = "bucketName" 111 112 }`, 113 expectedAttribute: "acl", 114 }, 115 { 116 name: "expected acl attribute is not present", 117 source: ` 118 resource "aws_s3_bucket" "my-bucket" { 119 bucket_name = "bucketName" 120 acl = "public-read" 121 122 }`, 123 expectedAttribute: "logging", 124 }, 125 } 126 127 for _, test := range tests { 128 t.Run(test.name, func(t *testing.T) { 129 modules := createModulesFromSource(t, test.source, ".tf") 130 for _, module := range modules { 131 for _, block := range module.GetBlocks() { 132 assert.Equal(t, block.MissingChild(test.expectedAttribute), true) 133 assert.Equal(t, !block.HasChild(test.expectedAttribute), true) 134 } 135 } 136 }) 137 } 138 }