github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/fanal/image/registry/ecr/ecr_test.go

github.com/devseccon/trivy@v0.47.1-0.20231123133102-bd902a0bd996/pkg/fanal/image/registry/ecr/ecr_test.go (about)

     1  package ecr
     2  
     3  import (
     4  	"context"
     5  	"errors"
     6  	"testing"
     7  
     8  	"github.com/aws/aws-sdk-go-v2/aws"
     9  	"github.com/aws/aws-sdk-go-v2/service/ecr"
    10  	awstypes "github.com/aws/aws-sdk-go-v2/service/ecr/types"
    11  
    12  	"github.com/devseccon/trivy/pkg/fanal/types"
    13  )
    14  
    15  func TestCheckOptions(t *testing.T) {
    16  	var tests = map[string]struct {
    17  		domain  string
    18  		wantErr error
    19  	}{
    20  		"InvalidURL": {
    21  			domain:  "alpine:3.9",
    22  			wantErr: types.InvalidURLPattern,
    23  		},
    24  		"NoOption": {
    25  			domain: "xxx.ecr.ap-northeast-1.amazonaws.com",
    26  		},
    27  	}
    28  
    29  	for testname, v := range tests {
    30  		a := &ECR{}
    31  		err := a.CheckOptions(v.domain, types.RegistryOptions{})
    32  		if err != nil {
    33  			if !errors.Is(err, v.wantErr) {
    34  				t.Errorf("[%s]\nexpected error based on %v\nactual : %v", testname, v.wantErr, err)
    35  			}
    36  			continue
    37  		}
    38  	}
    39  }
    40  
    41  type mockedECR struct {
    42  	Resp ecr.GetAuthorizationTokenOutput
    43  }
    44  
    45  func (m mockedECR) GetAuthorizationToken(ctx context.Context, params *ecr.GetAuthorizationTokenInput, optFns ...func(*ecr.Options)) (*ecr.GetAuthorizationTokenOutput, error) {
    46  	return &m.Resp, nil
    47  }
    48  
    49  func TestECRGetCredential(t *testing.T) {
    50  	cases := []struct {
    51  		Resp             ecr.GetAuthorizationTokenOutput
    52  		expectedUser     string
    53  		expectedPassword string
    54  	}{
    55  		{
    56  			Resp: ecr.GetAuthorizationTokenOutput{
    57  				AuthorizationData: []awstypes.AuthorizationData{
    58  					{AuthorizationToken: aws.String("YXdzOnBhc3N3b3Jk")},
    59  				},
    60  			},
    61  			expectedUser:     "aws",
    62  			expectedPassword: "password",
    63  		},
    64  		{
    65  			Resp: ecr.GetAuthorizationTokenOutput{
    66  				AuthorizationData: []awstypes.AuthorizationData{
    67  					{AuthorizationToken: aws.String("YXdzOnBhc3N3b3JkOmJhZA==")},
    68  				},
    69  			},
    70  			expectedUser:     "aws",
    71  			expectedPassword: "password:bad",
    72  		},
    73  		{
    74  			Resp: ecr.GetAuthorizationTokenOutput{
    75  				AuthorizationData: []awstypes.AuthorizationData{
    76  					{AuthorizationToken: aws.String("YXdzcGFzc3dvcmQ=")},
    77  				},
    78  			},
    79  			expectedUser:     "",
    80  			expectedPassword: "",
    81  		},
    82  	}
    83  
    84  	for i, c := range cases {
    85  		e := ECR{
    86  			Client: mockedECR{Resp: c.Resp},
    87  		}
    88  		username, password, err := e.GetCredential(context.Background())
    89  		if err != nil {
    90  			t.Fatalf("%d, unexpected error", err)
    91  		}
    92  		if username != c.expectedUser {
    93  			t.Fatalf("%d, username: expected %s, got %s", i, c.expectedUser, username)
    94  		}
    95  		if password != c.expectedPassword {
    96  			t.Fatalf("%d, password: expected %s, got %s", i, c.expectedPassword, password)
    97  		}
    98  	}
    99  }