github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/aws/efs/enable_at_rest_encryption_test.go (about) 1 package efs 2 3 import ( 4 "testing" 5 6 defsecTypes "github.com/khulnasoft-lab/defsec/pkg/types" 7 8 "github.com/khulnasoft-lab/defsec/pkg/state" 9 10 "github.com/khulnasoft-lab/defsec/pkg/providers/aws/efs" 11 "github.com/khulnasoft-lab/defsec/pkg/scan" 12 13 "github.com/stretchr/testify/assert" 14 ) 15 16 func TestCheckEnableAtRestEncryption(t *testing.T) { 17 tests := []struct { 18 name string 19 input efs.EFS 20 expected bool 21 }{ 22 { 23 name: "positive result", 24 input: efs.EFS{ 25 FileSystems: []efs.FileSystem{ 26 { 27 Metadata: defsecTypes.NewTestMetadata(), 28 Encrypted: defsecTypes.Bool(false, defsecTypes.NewTestMetadata()), 29 }}, 30 }, 31 expected: true, 32 }, 33 { 34 name: "negative result", 35 input: efs.EFS{ 36 FileSystems: []efs.FileSystem{ 37 { 38 Metadata: defsecTypes.NewTestMetadata(), 39 Encrypted: defsecTypes.Bool(true, defsecTypes.NewTestMetadata()), 40 }}, 41 }, 42 expected: false, 43 }, 44 } 45 for _, test := range tests { 46 t.Run(test.name, func(t *testing.T) { 47 var testState state.State 48 testState.AWS.EFS = test.input 49 results := CheckEnableAtRestEncryption.Evaluate(&testState) 50 var found bool 51 for _, result := range results { 52 if result.Status() == scan.StatusFailed && result.Rule().LongID() == CheckEnableAtRestEncryption.Rule().LongID() { 53 found = true 54 } 55 } 56 if test.expected { 57 assert.True(t, found, "Rule should have been found") 58 } else { 59 assert.False(t, found, "Rule should not have been found") 60 } 61 }) 62 } 63 }