github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/aws/ec2/subnet_test.go

github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/aws/ec2/subnet_test.go (about)

     1  package ec2
     2  
     3  import (
     4  	"testing"
     5  
     6  	defsecTypes "github.com/khulnasoft-lab/defsec/pkg/types"
     7  
     8  	"github.com/khulnasoft-lab/defsec/pkg/providers/aws/ec2"
     9  
    10  	"github.com/khulnasoft-lab/defsec/internal/adapters/terraform/tftestutil"
    11  
    12  	"github.com/khulnasoft-lab/defsec/test/testutil"
    13  	"github.com/stretchr/testify/assert"
    14  	"github.com/stretchr/testify/require"
    15  )
    16  
    17  func Test_adaptSubnet(t *testing.T) {
    18  	tests := []struct {
    19  		name      string
    20  		terraform string
    21  		expected  ec2.Subnet
    22  	}{
    23  		{
    24  			name: "map public ip on launch is true",
    25  			terraform: `
    26  			resource "aws_subnet" "example" {
    27  				vpc_id                  = "vpc-123456"
    28  				map_public_ip_on_launch = true
    29  			}
    30  `,
    31  			expected: ec2.Subnet{
    32  				Metadata:            defsecTypes.NewTestMetadata(),
    33  				MapPublicIpOnLaunch: defsecTypes.Bool(true, defsecTypes.NewTestMetadata()),
    34  			},
    35  		},
    36  		{
    37  			name: "map public ip on launch is false",
    38  			terraform: `
    39  			resource "aws_subnet" "example" {
    40  				vpc_id                  = "vpc-123456"
    41  				map_public_ip_on_launch = false
    42  			}
    43  `,
    44  			expected: ec2.Subnet{
    45  				Metadata:            defsecTypes.NewTestMetadata(),
    46  				MapPublicIpOnLaunch: defsecTypes.Bool(false, defsecTypes.NewTestMetadata()),
    47  			},
    48  		},
    49  		{
    50  			name: "defaults",
    51  			terraform: `
    52  			resource "aws_subnet" "example" {
    53  			    vpc_id = "vpc-123456"
    54  			}
    55  `,
    56  			expected: ec2.Subnet{
    57  				Metadata:            defsecTypes.NewTestMetadata(),
    58  				MapPublicIpOnLaunch: defsecTypes.Bool(false, defsecTypes.NewTestMetadata()),
    59  			},
    60  		},
    61  	}
    62  
    63  	for _, test := range tests {
    64  		t.Run(test.name, func(t *testing.T) {
    65  			modules := tftestutil.CreateModulesFromSource(t, test.terraform, ".tf")
    66  			adapted := adaptSubnet(modules.GetBlocks()[0], modules[0])
    67  			testutil.AssertDefsecEqual(t, test.expected, adapted)
    68  		})
    69  	}
    70  }
    71  
    72  func TestSubnetLines(t *testing.T) {
    73  	src := `
    74  	resource "aws_subnet" "example" {
    75  	    vpc_id                  = "vpc-123456"
    76  	    map_public_ip_on_launch = true
    77  	}`
    78  
    79  	modules := tftestutil.CreateModulesFromSource(t, src, ".tf")
    80  	adapted := Adapt(modules)
    81  
    82  	require.Len(t, adapted.Subnets, 1)
    83  	subnet := adapted.Subnets[0]
    84  
    85  	assert.Equal(t, 2, subnet.Metadata.Range().GetStartLine())
    86  	assert.Equal(t, 5, subnet.Metadata.Range().GetEndLine())
    87  
    88  	assert.Equal(t, 4, subnet.MapPublicIpOnLaunch.GetMetadata().Range().GetStartLine())
    89  	assert.Equal(t, 4, subnet.MapPublicIpOnLaunch.GetMetadata().Range().GetEndLine())
    90  }