github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/aws/neptune/adapt_test.go (about) 1 package neptune 2 3 import ( 4 "testing" 5 6 defsecTypes "github.com/khulnasoft-lab/defsec/pkg/types" 7 8 "github.com/khulnasoft-lab/defsec/pkg/providers/aws/neptune" 9 10 "github.com/khulnasoft-lab/defsec/internal/adapters/terraform/tftestutil" 11 12 "github.com/khulnasoft-lab/defsec/test/testutil" 13 "github.com/stretchr/testify/assert" 14 "github.com/stretchr/testify/require" 15 ) 16 17 func Test_adaptCluster(t *testing.T) { 18 tests := []struct { 19 name string 20 terraform string 21 expected neptune.Cluster 22 }{ 23 { 24 name: "configured", 25 terraform: ` 26 resource "aws_neptune_cluster" "example" { 27 enable_cloudwatch_logs_exports = ["audit"] 28 storage_encrypted = true 29 kms_key_arn = "kms-key" 30 } 31 `, 32 expected: neptune.Cluster{ 33 Metadata: defsecTypes.NewTestMetadata(), 34 Logging: neptune.Logging{ 35 Metadata: defsecTypes.NewTestMetadata(), 36 Audit: defsecTypes.Bool(true, defsecTypes.NewTestMetadata()), 37 }, 38 StorageEncrypted: defsecTypes.Bool(true, defsecTypes.NewTestMetadata()), 39 KMSKeyID: defsecTypes.String("kms-key", defsecTypes.NewTestMetadata()), 40 }, 41 }, 42 { 43 name: "defaults", 44 terraform: ` 45 resource "aws_neptune_cluster" "example" { 46 } 47 `, 48 expected: neptune.Cluster{ 49 Metadata: defsecTypes.NewTestMetadata(), 50 Logging: neptune.Logging{ 51 Metadata: defsecTypes.NewTestMetadata(), 52 Audit: defsecTypes.Bool(false, defsecTypes.NewTestMetadata()), 53 }, 54 StorageEncrypted: defsecTypes.Bool(false, defsecTypes.NewTestMetadata()), 55 KMSKeyID: defsecTypes.String("", defsecTypes.NewTestMetadata()), 56 }, 57 }, 58 } 59 60 for _, test := range tests { 61 t.Run(test.name, func(t *testing.T) { 62 modules := tftestutil.CreateModulesFromSource(t, test.terraform, ".tf") 63 adapted := adaptCluster(modules.GetBlocks()[0]) 64 testutil.AssertDefsecEqual(t, test.expected, adapted) 65 }) 66 } 67 } 68 69 func TestLines(t *testing.T) { 70 src := ` 71 resource "aws_neptune_cluster" "example" { 72 enable_cloudwatch_logs_exports = ["audit"] 73 storage_encrypted = true 74 kms_key_arn = "kms-key" 75 }` 76 77 modules := tftestutil.CreateModulesFromSource(t, src, ".tf") 78 adapted := Adapt(modules) 79 80 require.Len(t, adapted.Clusters, 1) 81 cluster := adapted.Clusters[0] 82 83 assert.Equal(t, 2, cluster.Metadata.Range().GetStartLine()) 84 assert.Equal(t, 6, cluster.Metadata.Range().GetEndLine()) 85 86 assert.Equal(t, 3, cluster.Logging.Metadata.Range().GetStartLine()) 87 assert.Equal(t, 3, cluster.Logging.Metadata.Range().GetEndLine()) 88 89 assert.Equal(t, 3, cluster.Logging.Audit.GetMetadata().Range().GetStartLine()) 90 assert.Equal(t, 3, cluster.Logging.Audit.GetMetadata().Range().GetEndLine()) 91 92 assert.Equal(t, 4, cluster.StorageEncrypted.GetMetadata().Range().GetStartLine()) 93 assert.Equal(t, 4, cluster.StorageEncrypted.GetMetadata().Range().GetEndLine()) 94 95 assert.Equal(t, 5, cluster.KMSKeyID.GetMetadata().Range().GetStartLine()) 96 assert.Equal(t, 5, cluster.KMSKeyID.GetMetadata().Range().GetEndLine()) 97 }