github.com/ouraigua/jenkins-library@v0.0.0-20231028010029-fbeaf2f3aa9b/pkg/cnbutils/privacy/privacy_test.go (about) 1 //go:build unit 2 // +build unit 3 4 package privacy_test 5 6 import ( 7 "testing" 8 9 "github.com/SAP/jenkins-library/pkg/cnbutils/privacy" 10 "github.com/stretchr/testify/assert" 11 "github.com/stretchr/testify/require" 12 ) 13 14 func TestCnbPrivacy_FilterBuildpacks(t *testing.T) { 15 t.Parallel() 16 17 t.Run("allows paketo", func(t *testing.T) { 18 aliases := []string{ 19 "paketobuildpacks/nodejs:v1", 20 "docker.io/paketobuildpacks/nodejs:v1", 21 "index.docker.io/paketobuildpacks/nodejs:v1", 22 "gcr.io/paketo-buildpacks/nodejs:v1", 23 } 24 25 filtered := privacy.FilterBuildpacks(aliases) 26 27 require.Len(t, filtered, len(aliases)) 28 for i := range filtered { 29 assert.Equal(t, aliases[i], filtered[i]) 30 } 31 }) 32 33 t.Run("allows heroku", func(t *testing.T) { 34 aliases := []string{ 35 "public.ecr.aws/heroku-buildpacks/heroku-jvm-buildpack@sha256:3a8ee9ebf88e47c5e30bc5712fb2794380aed75552499f92bd6773ec446421ef", 36 } 37 38 filtered := privacy.FilterBuildpacks(aliases) 39 40 require.Len(t, filtered, len(aliases)) 41 for i := range filtered { 42 assert.Equal(t, aliases[i], filtered[i]) 43 } 44 }) 45 46 t.Run("allows google buildpacks", func(t *testing.T) { 47 aliases := []string{ 48 "gcr.io/buildpacks/java:latest", 49 "gcr.io/buildpacks/java", 50 } 51 52 filtered := privacy.FilterBuildpacks(aliases) 53 54 require.Len(t, filtered, len(aliases)) 55 for i := range filtered { 56 assert.Equal(t, aliases[i], filtered[i]) 57 } 58 }) 59 60 t.Run("filters others", func(t *testing.T) { 61 images := []string{ 62 "test/nodejs:v1", 63 "test/nodejs:v1", // SHA should be the same for multiple occurences 64 "my-mirror.de/paketobuildpacks/nodejs:v1", 65 "gcr.io/my-project/paketo-buildpacks/nodejs:v1", 66 } 67 68 filtered := privacy.FilterBuildpacks(images) 69 70 require.Len(t, filtered, len(images)) 71 72 assert.ElementsMatch(t, filtered, []string{ 73 "6ea013d746199ccc0e48e0b4984a6d9357105b82f936ecf18d15786805ac892f", 74 "6ea013d746199ccc0e48e0b4984a6d9357105b82f936ecf18d15786805ac892f", 75 "66131ef922cf26b1500e54a74827f051b43857bcf8d0596593c182548f7d4bd6", 76 "4fd8f0a950aacd7e428c79fce6f51bb1fbf0ab15caf4aca7accc18609acd79b1", 77 }) 78 }) 79 80 t.Run("fails gracefully on parse error", func(t *testing.T) { 81 images := []string{ 82 "test/nodejs v1 spaces are not allowed", 83 } 84 85 filtered := privacy.FilterBuildpacks(images) 86 87 require.Len(t, filtered, len(images)) 88 for _, image := range filtered { 89 assert.Equal(t, "<error>", image) 90 } 91 }) 92 93 } 94 95 func TestCnbPrivacy_FilterEnv(t *testing.T) { 96 t.Parallel() 97 98 t.Run("copies only allow listed keys", func(t *testing.T) { 99 env := map[string]interface{}{ 100 "PRIVATE": "paketobuildpacks/nodejs:v1", 101 "BP_NODE_VERSION": "8", 102 "BP_JVM_VERSION": "11", 103 } 104 105 filteredEnv := privacy.FilterEnv(env) 106 107 assert.Equal(t, map[string]interface{}{ 108 "BP_NODE_VERSION": "8", 109 "BP_JVM_VERSION": "11", 110 }, filteredEnv) 111 }) 112 113 t.Run("works on nil map", func(t *testing.T) { 114 var env map[string]interface{} = nil 115 116 filteredEnv := privacy.FilterEnv(env) 117 118 assert.Empty(t, filteredEnv) 119 }) 120 } 121 122 func TestCnbPrivacy_FilterBuilder(t *testing.T) { 123 t.Parallel() 124 125 t.Run("allows paketo", func(t *testing.T) { 126 builder := []string{ 127 "paketobuildpacks/builder:tiny", 128 "paketobuildpacks/builder:base", 129 "paketobuildpacks/builder:full", 130 } 131 132 for _, b := range builder { 133 filteredBuilder := privacy.FilterBuilder(b) 134 assert.Equal(t, b, filteredBuilder) 135 } 136 137 }) 138 139 t.Run("filters unknown builders", func(t *testing.T) { 140 builder := "notpaketobuildpacks/builder:base" 141 142 filteredBuilder := privacy.FilterBuilder(builder) 143 144 assert.Equal(t, "70278d9360533fa4978e5c50aa79bc35a8c0167a353e00521202feeaa09a305b", filteredBuilder) 145 }) 146 147 }