github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/google/iam/project_iam_test.go (about) 1 package iam 2 3 import ( 4 "testing" 5 6 defsecTypes "github.com/khulnasoft-lab/defsec/pkg/types" 7 8 "github.com/khulnasoft-lab/defsec/pkg/providers/google/iam" 9 10 "github.com/khulnasoft-lab/defsec/internal/adapters/terraform/tftestutil" 11 "github.com/khulnasoft-lab/defsec/test/testutil" 12 ) 13 14 func Test_AdaptBinding(t *testing.T) { 15 tests := []struct { 16 name string 17 terraform string 18 expected iam.Binding 19 }{ 20 { 21 name: "defined", 22 terraform: ` 23 resource "google_organization_iam_binding" "binding" { 24 org_id = data.google_organization.org.id 25 role = "roles/browser" 26 27 members = [ 28 "user:alice@gmail.com", 29 ] 30 }`, 31 expected: iam.Binding{ 32 Metadata: defsecTypes.NewTestMetadata(), 33 Members: []defsecTypes.StringValue{ 34 defsecTypes.String("user:alice@gmail.com", defsecTypes.NewTestMetadata())}, 35 Role: defsecTypes.String("roles/browser", defsecTypes.NewTestMetadata()), 36 IncludesDefaultServiceAccount: defsecTypes.Bool(false, defsecTypes.NewTestMetadata()), 37 }, 38 }, 39 { 40 name: "defaults", 41 terraform: ` 42 resource "google_organization_iam_binding" "binding" { 43 }`, 44 expected: iam.Binding{ 45 Metadata: defsecTypes.NewTestMetadata(), 46 Role: defsecTypes.String("", defsecTypes.NewTestMetadata()), 47 IncludesDefaultServiceAccount: defsecTypes.Bool(false, defsecTypes.NewTestMetadata()), 48 }, 49 }, 50 } 51 52 for _, test := range tests { 53 t.Run(test.name, func(t *testing.T) { 54 modules := tftestutil.CreateModulesFromSource(t, test.terraform, ".tf") 55 adapted := AdaptBinding(modules.GetBlocks()[0], modules) 56 testutil.AssertDefsecEqual(t, test.expected, adapted) 57 }) 58 } 59 }