github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/fanal/analyzer/config/config_test.go

github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/fanal/analyzer/config/config_test.go (about)

     1  package config_test
     2  
     3  import (
     4  	"context"
     5  	"os"
     6  	"testing"
     7  
     8  	"github.com/stretchr/testify/assert"
     9  	"github.com/stretchr/testify/require"
    10  
    11  	"github.com/devseccon/trivy/internal/testutil"
    12  	"github.com/devseccon/trivy/pkg/fanal/analyzer"
    13  	"github.com/devseccon/trivy/pkg/fanal/analyzer/config"
    14  	"github.com/devseccon/trivy/pkg/fanal/types"
    15  	"github.com/devseccon/trivy/pkg/misconf"
    16  )
    17  
    18  func TestAnalyzer_PostAnalyze(t *testing.T) {
    19  	type fields struct {
    20  		typ        analyzer.Type
    21  		newScanner config.NewScanner
    22  		opts       analyzer.AnalyzerOptions
    23  	}
    24  	tests := []struct {
    25  		name    string
    26  		fields  fields
    27  		dir     string
    28  		want    *analyzer.AnalysisResult
    29  		wantErr string
    30  	}{
    31  		{
    32  			name: "dockerfile",
    33  			fields: fields{
    34  				typ:        analyzer.TypeDockerfile,
    35  				newScanner: misconf.NewDockerfileScanner,
    36  				opts: analyzer.AnalyzerOptions{
    37  					MisconfScannerOption: misconf.ScannerOption{
    38  						Namespaces:              []string{"user"},
    39  						PolicyPaths:             []string{"testdata/rego"},
    40  						DisableEmbeddedPolicies: true,
    41  					},
    42  				},
    43  			},
    44  			dir: "testdata/src",
    45  			want: &analyzer.AnalysisResult{
    46  				Misconfigurations: []types.Misconfiguration{
    47  					{
    48  						FileType: types.Dockerfile,
    49  						FilePath: "Dockerfile",
    50  						Successes: types.MisconfResults{
    51  							types.MisconfResult{
    52  								Namespace: "user.something",
    53  								Query:     "data.user.something.deny",
    54  								PolicyMetadata: types.PolicyMetadata{
    55  									ID:                 "TEST001",
    56  									AVDID:              "AVD-TEST-0001",
    57  									Type:               "Dockerfile Security Check",
    58  									Title:              "Test policy",
    59  									Description:        "This is a test policy.",
    60  									Severity:           "LOW",
    61  									RecommendedActions: "Have a cup of tea.",
    62  									References:         []string{"https://trivy.dev/"},
    63  								},
    64  								CauseMetadata: types.CauseMetadata{
    65  									Provider: "Generic",
    66  									Service:  "general",
    67  								},
    68  							},
    69  						},
    70  					},
    71  				},
    72  			},
    73  		},
    74  		{
    75  			name: "non-existent dir",
    76  			fields: fields{
    77  				typ:        analyzer.TypeDockerfile,
    78  				newScanner: misconf.NewDockerfileScanner,
    79  				opts: analyzer.AnalyzerOptions{
    80  					MisconfScannerOption: misconf.ScannerOption{
    81  						Namespaces:              []string{"user"},
    82  						PolicyPaths:             []string{"testdata/rego"},
    83  						DisableEmbeddedPolicies: true,
    84  					},
    85  				},
    86  			},
    87  			dir:     "testdata/non-existent",
    88  			wantErr: testutil.ErrNotExist,
    89  		},
    90  	}
    91  	for _, tt := range tests {
    92  		t.Run(tt.name, func(t *testing.T) {
    93  			a, err := config.NewAnalyzer(tt.fields.typ, 0, tt.fields.newScanner, tt.fields.opts)
    94  			require.NoError(t, err)
    95  
    96  			got, err := a.PostAnalyze(context.Background(), analyzer.PostAnalysisInput{
    97  				FS: os.DirFS(tt.dir),
    98  			})
    99  			if tt.wantErr != "" {
   100  				assert.ErrorContains(t, err, tt.wantErr)
   101  				return
   102  			}
   103  			assert.Equal(t, tt.want, got)
   104  		})
   105  	}
   106  }