github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/aws/emr/adapt_test.go (about) 1 package emr 2 3 import ( 4 "testing" 5 6 defsecTypes "github.com/khulnasoft-lab/defsec/pkg/types" 7 8 "github.com/khulnasoft-lab/defsec/pkg/providers/aws/emr" 9 "github.com/stretchr/testify/assert" 10 "github.com/stretchr/testify/require" 11 12 "github.com/khulnasoft-lab/defsec/internal/adapters/terraform/tftestutil" 13 "github.com/khulnasoft-lab/defsec/test/testutil" 14 ) 15 16 func Test_adaptSecurityConfiguration(t *testing.T) { 17 tests := []struct { 18 name string 19 terraform string 20 expected emr.SecurityConfiguration 21 }{ 22 { 23 name: "test", 24 terraform: ` 25 resource "aws_emr_security_configuration" "foo" { 26 name = "emrsc_test" 27 configuration = <<EOF 28 { 29 "EncryptionConfiguration": { 30 "AtRestEncryptionConfiguration": { 31 "S3EncryptionConfiguration": { 32 "EncryptionMode": "SSE-S3" 33 }, 34 "LocalDiskEncryptionConfiguration": { 35 "EncryptionKeyProviderType": "AwsKms", 36 "AwsKmsKey": "arn:aws:kms:us-west-2:187416307283:alias/tf_emr_test_key" 37 } 38 }, 39 "EnableInTransitEncryption": false, 40 "EnableAtRestEncryption": true 41 } 42 } 43 EOF 44 }`, 45 expected: emr.SecurityConfiguration{ 46 Metadata: defsecTypes.NewTestMetadata(), 47 Name: defsecTypes.StringExplicit("emrsc_test", defsecTypes.NewTestMetadata()), 48 Configuration: defsecTypes.String( 49 ` { 50 "EncryptionConfiguration": { 51 "AtRestEncryptionConfiguration": { 52 "S3EncryptionConfiguration": { 53 "EncryptionMode": "SSE-S3" 54 }, 55 "LocalDiskEncryptionConfiguration": { 56 "EncryptionKeyProviderType": "AwsKms", 57 "AwsKmsKey": "arn:aws:kms:us-west-2:187416307283:alias/tf_emr_test_key" 58 } 59 }, 60 "EnableInTransitEncryption": false, 61 "EnableAtRestEncryption": true 62 } 63 } 64 `, defsecTypes.NewTestMetadata()), 65 }, 66 }, 67 } 68 69 for _, test := range tests { 70 t.Run(test.name, func(t *testing.T) { 71 modules := tftestutil.CreateModulesFromSource(t, test.terraform, ".tf") 72 adapted := adaptSecurityConfiguration(modules.GetBlocks()[0]) 73 testutil.AssertDefsecEqual(t, test.expected, adapted) 74 }) 75 } 76 } 77 78 func TestLines(t *testing.T) { 79 src := ` 80 resource "aws_emr_security_configuration" "foo" { 81 name = "emrsc_other" 82 83 configuration = <<EOF 84 { 85 "EncryptionConfiguration": { 86 "AtRestEncryptionConfiguration": { 87 "S3EncryptionConfiguration": { 88 "EncryptionMode": "SSE-S3" 89 }, 90 "LocalDiskEncryptionConfiguration": { 91 "EncryptionKeyProviderType": "AwsKms", 92 "AwsKmsKey": "arn:aws:kms:us-west-2:187416307283:alias/tf_emr_test_key" 93 } 94 }, 95 "EnableInTransitEncryption": false, 96 "EnableAtRestEncryption": true 97 } 98 } 99 EOF 100 }` 101 102 modules := tftestutil.CreateModulesFromSource(t, src, ".tf") 103 adapted := Adapt(modules) 104 105 require.Len(t, adapted.SecurityConfiguration, 1) 106 107 securityConfiguration := adapted.SecurityConfiguration[0] 108 109 assert.Equal(t, 2, securityConfiguration.Metadata.Range().GetStartLine()) 110 assert.Equal(t, 22, securityConfiguration.Metadata.Range().GetEndLine()) 111 112 assert.Equal(t, 5, securityConfiguration.Configuration.GetMetadata().Range().GetStartLine()) 113 assert.Equal(t, 21, securityConfiguration.Configuration.GetMetadata().Range().GetEndLine()) 114 115 // assert.Equal(t, 2, securityConfiguration.Configuration.Contains("EncryptionConfiguration")) 116 }