github.com/ishita82/trivy-gitaction@v0.0.0-20240206054925-e937cc05f8e3/integration/aws_cloud_test.go

github.com/ishita82/trivy-gitaction@v0.0.0-20240206054925-e937cc05f8e3/integration/aws_cloud_test.go (about)

     1  //go:build integration
     2  
     3  package integration
     4  
     5  import (
     6  	"context"
     7  	"fmt"
     8  	"testing"
     9  	"time"
    10  
    11  	awscommands "github.com/aquasecurity/trivy/pkg/cloud/aws/commands"
    12  	"github.com/aquasecurity/trivy/pkg/flag"
    13  	dockercontainer "github.com/docker/docker/api/types/container"
    14  	"github.com/stretchr/testify/assert"
    15  	"github.com/stretchr/testify/require"
    16  	testcontainers "github.com/testcontainers/testcontainers-go"
    17  	"github.com/testcontainers/testcontainers-go/modules/localstack"
    18  )
    19  
    20  func TestAwsCommandRun(t *testing.T) {
    21  	tests := []struct {
    22  		name    string
    23  		options flag.Options
    24  		envs    map[string]string
    25  		wantErr string
    26  	}{
    27  		{
    28  			name: "fail without region",
    29  			options: flag.Options{
    30  				RegoOptions: flag.RegoOptions{SkipPolicyUpdate: true},
    31  			},
    32  			envs: map[string]string{
    33  				"AWS_ACCESS_KEY_ID":     "test",
    34  				"AWS_SECRET_ACCESS_KEY": "test",
    35  			},
    36  			wantErr: "aws region is required",
    37  		},
    38  		{
    39  			name: "fail without creds",
    40  			envs: map[string]string{
    41  				"AWS_PROFILE": "non-existent-profile",
    42  			},
    43  			options: flag.Options{
    44  				RegoOptions: flag.RegoOptions{SkipPolicyUpdate: true},
    45  				AWSOptions: flag.AWSOptions{
    46  					Region: "us-east-1",
    47  				},
    48  			},
    49  			wantErr: "non-existent-profile",
    50  		},
    51  	}
    52  
    53  	ctx := context.Background()
    54  
    55  	localstackC, addr := setupLocalStack(t, ctx)
    56  	defer localstackC.Terminate(ctx)
    57  
    58  	for _, tt := range tests {
    59  		t.Run(tt.name, func(t *testing.T) {
    60  
    61  			tt.options.AWSOptions.Endpoint = addr
    62  			tt.options.GlobalOptions.Timeout = time.Minute
    63  
    64  			for k, v := range tt.envs {
    65  				t.Setenv(k, v)
    66  			}
    67  
    68  			err := awscommands.Run(context.Background(), tt.options)
    69  
    70  			if tt.wantErr != "" {
    71  				require.Error(t, err)
    72  				assert.Contains(t, err.Error(), tt.wantErr, tt.name)
    73  				return
    74  			}
    75  			assert.NoError(t, err)
    76  		})
    77  	}
    78  
    79  }
    80  
    81  func setupLocalStack(t *testing.T, ctx context.Context) (*localstack.LocalStackContainer, string) {
    82  	t.Helper()
    83  	t.Setenv("TESTCONTAINERS_RYUK_DISABLED", "true")
    84  	container, err := localstack.RunContainer(ctx, testcontainers.CustomizeRequest(
    85  		testcontainers.GenericContainerRequest{
    86  			ContainerRequest: testcontainers.ContainerRequest{
    87  				Image: "localstack/localstack:2.2.0",
    88  				HostConfigModifier: func(hostConfig *dockercontainer.HostConfig) {
    89  					hostConfig.AutoRemove = true
    90  				},
    91  			},
    92  		},
    93  	))
    94  	require.NoError(t, err)
    95  
    96  	p, err := container.MappedPort(ctx, "4566/tcp")
    97  	require.NoError(t, err)
    98  
    99  	provider, err := testcontainers.NewDockerProvider()
   100  	require.NoError(t, err)
   101  	defer provider.Close()
   102  
   103  	host, err := provider.DaemonHost(ctx)
   104  	require.NoError(t, err)
   105  
   106  	return container, fmt.Sprintf("http://%s:%d", host, p.Int())
   107  
   108  }