github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/test/deterministic_test.go

github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/test/deterministic_test.go (about)

     1  package test
     2  
     3  import (
     4  	"context"
     5  	"testing"
     6  
     7  	"github.com/aquasecurity/defsec/pkg/rules"
     8  	"github.com/stretchr/testify/require"
     9  
    10  	"github.com/aquasecurity/trivy-iac/pkg/scanners/terraform/executor"
    11  	"github.com/aquasecurity/trivy-iac/pkg/scanners/terraform/parser"
    12  	"github.com/aquasecurity/trivy-iac/test/testutil"
    13  )
    14  
    15  func Test_DeterministicResults(t *testing.T) {
    16  
    17  	reg := rules.Register(badRule)
    18  	defer rules.Deregister(reg)
    19  
    20  	fs := testutil.CreateFS(t, map[string]string{
    21  		"first.tf": `
    22  resource "problem" "uhoh" {
    23  	bad = true
    24  	for_each = other.thing
    25  }
    26  		`,
    27  		"second.tf": `
    28  resource "other" "thing" {
    29  	for_each = local.list
    30  }
    31  		`,
    32  		"third.tf": `
    33  locals {
    34  	list = {
    35  		a = 1,
    36  		b = 2,
    37  	}
    38  }
    39  		`,
    40  	})
    41  
    42  	for i := 0; i < 100; i++ {
    43  		p := parser.New(fs, "", parser.OptionStopOnHCLError(true))
    44  		err := p.ParseFS(context.TODO(), ".")
    45  		require.NoError(t, err)
    46  		modules, _, err := p.EvaluateAll(context.TODO())
    47  		require.NoError(t, err)
    48  		results, _, _ := executor.New().Execute(modules)
    49  		require.Len(t, results.GetFailed(), 2)
    50  	}
    51  }