github.com/ishita82/trivy-gitaction@v0.0.0-20240206054925-e937cc05f8e3/integration/aws_cloud_test.go (about) 1 //go:build integration 2 3 package integration 4 5 import ( 6 "context" 7 "fmt" 8 "testing" 9 "time" 10 11 awscommands "github.com/aquasecurity/trivy/pkg/cloud/aws/commands" 12 "github.com/aquasecurity/trivy/pkg/flag" 13 dockercontainer "github.com/docker/docker/api/types/container" 14 "github.com/stretchr/testify/assert" 15 "github.com/stretchr/testify/require" 16 testcontainers "github.com/testcontainers/testcontainers-go" 17 "github.com/testcontainers/testcontainers-go/modules/localstack" 18 ) 19 20 func TestAwsCommandRun(t *testing.T) { 21 tests := []struct { 22 name string 23 options flag.Options 24 envs map[string]string 25 wantErr string 26 }{ 27 { 28 name: "fail without region", 29 options: flag.Options{ 30 RegoOptions: flag.RegoOptions{SkipPolicyUpdate: true}, 31 }, 32 envs: map[string]string{ 33 "AWS_ACCESS_KEY_ID": "test", 34 "AWS_SECRET_ACCESS_KEY": "test", 35 }, 36 wantErr: "aws region is required", 37 }, 38 { 39 name: "fail without creds", 40 envs: map[string]string{ 41 "AWS_PROFILE": "non-existent-profile", 42 }, 43 options: flag.Options{ 44 RegoOptions: flag.RegoOptions{SkipPolicyUpdate: true}, 45 AWSOptions: flag.AWSOptions{ 46 Region: "us-east-1", 47 }, 48 }, 49 wantErr: "non-existent-profile", 50 }, 51 } 52 53 ctx := context.Background() 54 55 localstackC, addr := setupLocalStack(t, ctx) 56 defer localstackC.Terminate(ctx) 57 58 for _, tt := range tests { 59 t.Run(tt.name, func(t *testing.T) { 60 61 tt.options.AWSOptions.Endpoint = addr 62 tt.options.GlobalOptions.Timeout = time.Minute 63 64 for k, v := range tt.envs { 65 t.Setenv(k, v) 66 } 67 68 err := awscommands.Run(context.Background(), tt.options) 69 70 if tt.wantErr != "" { 71 require.Error(t, err) 72 assert.Contains(t, err.Error(), tt.wantErr, tt.name) 73 return 74 } 75 assert.NoError(t, err) 76 }) 77 } 78 79 } 80 81 func setupLocalStack(t *testing.T, ctx context.Context) (*localstack.LocalStackContainer, string) { 82 t.Helper() 83 t.Setenv("TESTCONTAINERS_RYUK_DISABLED", "true") 84 container, err := localstack.RunContainer(ctx, testcontainers.CustomizeRequest( 85 testcontainers.GenericContainerRequest{ 86 ContainerRequest: testcontainers.ContainerRequest{ 87 Image: "localstack/localstack:2.2.0", 88 HostConfigModifier: func(hostConfig *dockercontainer.HostConfig) { 89 hostConfig.AutoRemove = true 90 }, 91 }, 92 }, 93 )) 94 require.NoError(t, err) 95 96 p, err := container.MappedPort(ctx, "4566/tcp") 97 require.NoError(t, err) 98 99 provider, err := testcontainers.NewDockerProvider() 100 require.NoError(t, err) 101 defer provider.Close() 102 103 host, err := provider.DaemonHost(ctx) 104 require.NoError(t, err) 105 106 return container, fmt.Sprintf("http://%s:%d", host, p.Int()) 107 108 }