github.com/khulnasoft-lab/defsec@v1.0.5-0.20230827010352-5e9f46893d95/rules/cloud/policies/nifcloud/computing/add_security_group_to_instance_test.go (about) 1 package computing 2 3 import ( 4 "testing" 5 6 "github.com/khulnasoft-lab/defsec/pkg/providers/nifcloud/computing" 7 defsecTypes "github.com/khulnasoft-lab/defsec/pkg/types" 8 9 "github.com/khulnasoft-lab/defsec/pkg/state" 10 11 "github.com/khulnasoft-lab/defsec/pkg/scan" 12 13 "github.com/stretchr/testify/assert" 14 ) 15 16 func TestCheckAddSecurityGroupToInstance(t *testing.T) { 17 tests := []struct { 18 name string 19 input computing.Computing 20 expected bool 21 }{ 22 { 23 name: "NIFCLOUD instance with no security group provided", 24 input: computing.Computing{ 25 Instances: []computing.Instance{ 26 { 27 Metadata: defsecTypes.NewTestMetadata(), 28 SecurityGroup: defsecTypes.String("", defsecTypes.NewTestMetadata()), 29 }, 30 }, 31 }, 32 expected: true, 33 }, 34 { 35 name: "NIFCLOUD instance with security group", 36 input: computing.Computing{ 37 Instances: []computing.Instance{ 38 { 39 Metadata: defsecTypes.NewTestMetadata(), 40 SecurityGroup: defsecTypes.String("some security group", defsecTypes.NewTestMetadata()), 41 }, 42 }, 43 }, 44 expected: false, 45 }, 46 } 47 for _, test := range tests { 48 t.Run(test.name, func(t *testing.T) { 49 var testState state.State 50 testState.Nifcloud.Computing = test.input 51 results := CheckAddSecurityGroupToInstance.Evaluate(&testState) 52 var found bool 53 for _, result := range results { 54 if result.Status() == scan.StatusFailed && result.Rule().LongID() == CheckAddSecurityGroupToInstance.Rule().LongID() { 55 found = true 56 } 57 } 58 if test.expected { 59 assert.True(t, found, "Rule should have been found") 60 } else { 61 assert.False(t, found, "Rule should not have been found") 62 } 63 }) 64 } 65 }