github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/internal/adapters/terraform/google/kms/adapt_test.go (about) 1 package kms 2 3 import ( 4 "testing" 5 6 defsecTypes "github.com/khulnasoft-lab/defsec/pkg/types" 7 8 "github.com/khulnasoft-lab/defsec/pkg/providers/google/kms" 9 10 "github.com/khulnasoft-lab/defsec/internal/adapters/terraform/tftestutil" 11 12 "github.com/khulnasoft-lab/defsec/test/testutil" 13 "github.com/stretchr/testify/assert" 14 "github.com/stretchr/testify/require" 15 ) 16 17 func Test_adaptKeyRings(t *testing.T) { 18 tests := []struct { 19 name string 20 terraform string 21 expected []kms.KeyRing 22 }{ 23 { 24 name: "configured", 25 terraform: ` 26 resource "google_kms_key_ring" "keyring" { 27 name = "keyring-example" 28 } 29 30 resource "google_kms_crypto_key" "example-key" { 31 name = "crypto-key-example" 32 key_ring = google_kms_key_ring.keyring.id 33 rotation_period = "7776000s" 34 } 35 `, 36 expected: []kms.KeyRing{ 37 { 38 Metadata: defsecTypes.NewTestMetadata(), 39 Keys: []kms.Key{ 40 { 41 Metadata: defsecTypes.NewTestMetadata(), 42 RotationPeriodSeconds: defsecTypes.Int(7776000, defsecTypes.NewTestMetadata()), 43 }, 44 }, 45 }, 46 }, 47 }, 48 { 49 name: "no keys", 50 terraform: ` 51 resource "google_kms_key_ring" "keyring" { 52 name = "keyring-example" 53 } 54 55 `, 56 expected: []kms.KeyRing{ 57 { 58 Metadata: defsecTypes.NewTestMetadata(), 59 }, 60 }, 61 }, 62 { 63 name: "default rotation period", 64 terraform: ` 65 resource "google_kms_key_ring" "keyring" { 66 name = "keyring-example" 67 } 68 69 resource "google_kms_crypto_key" "example-key" { 70 name = "crypto-key-example" 71 key_ring = google_kms_key_ring.keyring.id 72 } 73 `, 74 expected: []kms.KeyRing{ 75 { 76 Metadata: defsecTypes.NewTestMetadata(), 77 Keys: []kms.Key{ 78 { 79 Metadata: defsecTypes.NewTestMetadata(), 80 RotationPeriodSeconds: defsecTypes.Int(-1, defsecTypes.NewTestMetadata()), 81 }, 82 }, 83 }, 84 }, 85 }, 86 } 87 88 for _, test := range tests { 89 t.Run(test.name, func(t *testing.T) { 90 modules := tftestutil.CreateModulesFromSource(t, test.terraform, ".tf") 91 adapted := adaptKeyRings(modules) 92 testutil.AssertDefsecEqual(t, test.expected, adapted) 93 }) 94 } 95 } 96 97 func TestLines(t *testing.T) { 98 src := ` 99 resource "google_kms_key_ring" "keyring" { 100 name = "keyring-example" 101 } 102 103 resource "google_kms_crypto_key" "example-key" { 104 name = "crypto-key-example" 105 key_ring = google_kms_key_ring.keyring.id 106 rotation_period = "7776000s" 107 }` 108 109 modules := tftestutil.CreateModulesFromSource(t, src, ".tf") 110 adapted := Adapt(modules) 111 112 require.Len(t, adapted.KeyRings, 1) 113 require.Len(t, adapted.KeyRings[0].Keys, 1) 114 115 key := adapted.KeyRings[0].Keys[0] 116 117 assert.Equal(t, 2, adapted.KeyRings[0].Metadata.Range().GetStartLine()) 118 assert.Equal(t, 4, adapted.KeyRings[0].Metadata.Range().GetEndLine()) 119 120 assert.Equal(t, 6, key.Metadata.Range().GetStartLine()) 121 assert.Equal(t, 10, key.Metadata.Range().GetEndLine()) 122 123 assert.Equal(t, 9, key.RotationPeriodSeconds.GetMetadata().Range().GetStartLine()) 124 assert.Equal(t, 9, key.RotationPeriodSeconds.GetMetadata().Range().GetEndLine()) 125 126 }