github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/google/bigquery/adapt_test.go (about) 1 package bigquery 2 3 import ( 4 "testing" 5 6 defsecTypes "github.com/khulnasoft-lab/defsec/pkg/types" 7 8 "github.com/khulnasoft-lab/defsec/pkg/providers/google/bigquery" 9 10 "github.com/khulnasoft-lab/defsec/internal/adapters/terraform/tftestutil" 11 12 "github.com/khulnasoft-lab/defsec/test/testutil" 13 "github.com/stretchr/testify/assert" 14 "github.com/stretchr/testify/require" 15 ) 16 17 func Test_Adapt(t *testing.T) { 18 tests := []struct { 19 name string 20 terraform string 21 expected bigquery.BigQuery 22 }{ 23 { 24 name: "basic", 25 terraform: ` 26 resource "google_bigquery_dataset" "my_dataset" { 27 access { 28 role = "OWNER" 29 special_group = "allAuthenticatedUsers" 30 } 31 32 access { 33 role = "READER" 34 domain = "hashicorp.com" 35 } 36 } 37 `, 38 expected: bigquery.BigQuery{ 39 Datasets: []bigquery.Dataset{ 40 { 41 Metadata: defsecTypes.NewTestMetadata(), 42 ID: defsecTypes.String("", defsecTypes.NewTestMetadata()), 43 AccessGrants: []bigquery.AccessGrant{ 44 { 45 Metadata: defsecTypes.NewTestMetadata(), 46 Role: defsecTypes.String("OWNER", defsecTypes.NewTestMetadata()), 47 Domain: defsecTypes.String("", defsecTypes.NewTestMetadata()), 48 SpecialGroup: defsecTypes.String(bigquery.SpecialGroupAllAuthenticatedUsers, defsecTypes.NewTestMetadata()), 49 }, 50 { 51 Metadata: defsecTypes.NewTestMetadata(), 52 Role: defsecTypes.String("READER", defsecTypes.NewTestMetadata()), 53 Domain: defsecTypes.String("hashicorp.com", defsecTypes.NewTestMetadata()), 54 SpecialGroup: defsecTypes.String("", defsecTypes.NewTestMetadata()), 55 }, 56 }, 57 }, 58 }, 59 }, 60 }, 61 { 62 name: "no access blocks", 63 terraform: ` 64 resource "google_bigquery_dataset" "my_dataset" { 65 dataset_id = "example_dataset" 66 } 67 `, 68 expected: bigquery.BigQuery{ 69 Datasets: []bigquery.Dataset{ 70 { 71 Metadata: defsecTypes.NewTestMetadata(), 72 ID: defsecTypes.String("example_dataset", defsecTypes.NewTestMetadata()), 73 }, 74 }, 75 }, 76 }, 77 { 78 name: "access block without fields", 79 terraform: ` 80 resource "google_bigquery_dataset" "my_dataset" { 81 access { 82 } 83 } 84 `, 85 expected: bigquery.BigQuery{ 86 Datasets: []bigquery.Dataset{ 87 { 88 Metadata: defsecTypes.NewTestMetadata(), 89 ID: defsecTypes.String("", defsecTypes.NewTestMetadata()), 90 AccessGrants: []bigquery.AccessGrant{ 91 { 92 Metadata: defsecTypes.NewTestMetadata(), 93 Role: defsecTypes.String("", defsecTypes.NewTestMetadata()), 94 Domain: defsecTypes.String("", defsecTypes.NewTestMetadata()), 95 SpecialGroup: defsecTypes.String("", defsecTypes.NewTestMetadata()), 96 }, 97 }, 98 }, 99 }, 100 }, 101 }, 102 } 103 104 for _, test := range tests { 105 t.Run(test.name, func(t *testing.T) { 106 modules := tftestutil.CreateModulesFromSource(t, test.terraform, ".tf") 107 adapted := Adapt(modules) 108 testutil.AssertDefsecEqual(t, test.expected, adapted) 109 }) 110 } 111 } 112 113 func TestLines(t *testing.T) { 114 src := ` 115 resource "google_bigquery_dataset" "my_dataset" { 116 dataset_id = "example_dataset" 117 friendly_name = "test" 118 description = "This is a test description" 119 location = "EU" 120 default_table_expiration_ms = 3600000 121 122 labels = { 123 env = "default" 124 } 125 126 access { 127 role = "OWNER" 128 special_group = "allAuthenticatedUsers" 129 } 130 131 access { 132 role = "READER" 133 domain = "hashicorp.com" 134 } 135 }` 136 137 modules := tftestutil.CreateModulesFromSource(t, src, ".tf") 138 adapted := Adapt(modules) 139 140 require.Len(t, adapted.Datasets, 1) 141 dataset := adapted.Datasets[0] 142 require.Len(t, dataset.AccessGrants, 2) 143 144 assert.Equal(t, 14, dataset.AccessGrants[0].Role.GetMetadata().Range().GetStartLine()) 145 assert.Equal(t, 14, dataset.AccessGrants[0].Role.GetMetadata().Range().GetEndLine()) 146 147 assert.Equal(t, 15, dataset.AccessGrants[0].SpecialGroup.GetMetadata().Range().GetStartLine()) 148 assert.Equal(t, 15, dataset.AccessGrants[0].SpecialGroup.GetMetadata().Range().GetEndLine()) 149 150 assert.Equal(t, 19, dataset.AccessGrants[1].Role.GetMetadata().Range().GetStartLine()) 151 assert.Equal(t, 19, dataset.AccessGrants[1].Role.GetMetadata().Range().GetEndLine()) 152 153 assert.Equal(t, 20, dataset.AccessGrants[1].Domain.GetMetadata().Range().GetStartLine()) 154 assert.Equal(t, 20, dataset.AccessGrants[1].Domain.GetMetadata().Range().GetEndLine()) 155 }