-
Notifications
You must be signed in to change notification settings - Fork 509
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge pull request #399 from dev-gaur/issue_379
Added Unit test coverage for Kustomize V3 Iac-provider
- Loading branch information
Showing
23 changed files
with
458 additions
and
8 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,183 @@ | ||
package kustomizev3 | ||
|
||
import ( | ||
"fmt" | ||
"os" | ||
"reflect" | ||
"syscall" | ||
"testing" | ||
|
||
"github.com/accurics/terrascan/pkg/iac-providers/output" | ||
"github.com/accurics/terrascan/pkg/utils" | ||
) | ||
|
||
var errorReadKustomize = fmt.Errorf("unable to read the kustomization file in the directory : %s", utils.ErrYamlFileEmpty.Error()) | ||
|
||
func TestLoadIacDir(t *testing.T) { | ||
|
||
table := []struct { | ||
name string | ||
dirPath string | ||
kustomize KustomizeV3 | ||
want output.AllResourceConfigs | ||
wantErr error | ||
resourceCount int | ||
}{ | ||
{ | ||
name: "invalid dirPath", | ||
dirPath: "not-there", | ||
kustomize: KustomizeV3{}, | ||
wantErr: &os.PathError{Err: syscall.ENOENT, Op: "open", Path: "not-there"}, | ||
resourceCount: 0, | ||
}, | ||
{ | ||
name: "simple-deployment", | ||
dirPath: "./testdata/simple-deployment", | ||
kustomize: KustomizeV3{}, | ||
wantErr: nil, | ||
resourceCount: 4, | ||
}, | ||
{ | ||
name: "multibases", | ||
dirPath: "./testdata/multibases/base", | ||
kustomize: KustomizeV3{}, | ||
wantErr: nil, | ||
resourceCount: 2, | ||
}, | ||
{ | ||
name: "multibases", | ||
dirPath: "./testdata/multibases/dev", | ||
kustomize: KustomizeV3{}, | ||
wantErr: nil, | ||
resourceCount: 2, | ||
}, | ||
{ | ||
name: "multibases", | ||
dirPath: "./testdata/multibases/prod", | ||
kustomize: KustomizeV3{}, | ||
wantErr: nil, | ||
resourceCount: 2, | ||
}, | ||
|
||
{ | ||
name: "multibases", | ||
dirPath: "./testdata/multibases/stage", | ||
kustomize: KustomizeV3{}, | ||
wantErr: nil, | ||
resourceCount: 2, | ||
}, | ||
{ | ||
name: "multibases", | ||
dirPath: "./testdata/multibases", | ||
kustomize: KustomizeV3{}, | ||
wantErr: nil, | ||
resourceCount: 4, | ||
}, | ||
{ | ||
name: "no-kustomize-directory", | ||
dirPath: "./testdata/no-kustomizefile", | ||
kustomize: KustomizeV3{}, | ||
wantErr: errorKustomizeNotFound, | ||
resourceCount: 0, | ||
}, | ||
{ | ||
name: "kustomize-file-empty", | ||
dirPath: "./testdata/kustomize-file-empty", | ||
kustomize: KustomizeV3{}, | ||
wantErr: errorReadKustomize, | ||
resourceCount: 0, | ||
}, | ||
} | ||
|
||
for _, tt := range table { | ||
t.Run(tt.name, func(t *testing.T) { | ||
resourceMap, gotErr := tt.kustomize.LoadIacDir(tt.dirPath) | ||
if !reflect.DeepEqual(gotErr, tt.wantErr) { | ||
t.Errorf("unexpected error; gotErr: '%v', wantErr: '%v'", gotErr, tt.wantErr) | ||
} | ||
|
||
resCount := utils.GetResourceCount(resourceMap) | ||
if resCount != tt.resourceCount { | ||
t.Errorf("resource count (%d) does not match expected (%d)", resCount, tt.resourceCount) | ||
} | ||
}) | ||
} | ||
|
||
} | ||
|
||
func TestLoadKustomize(t *testing.T) { | ||
kustomizeYaml := "kustomization.yaml" | ||
kustomizeYml := "kustomization.yml" | ||
|
||
table := []struct { | ||
name string | ||
basepath string | ||
filename string | ||
want output.AllResourceConfigs | ||
wantErr error | ||
}{ | ||
{ | ||
name: "simple-deployment", | ||
basepath: "./testdata/simple-deployment", | ||
filename: kustomizeYaml, | ||
wantErr: nil, | ||
}, | ||
{ | ||
name: "multibases", | ||
basepath: "./testdata/multibases", | ||
filename: kustomizeYaml, | ||
wantErr: nil, | ||
}, | ||
{ | ||
name: "multibases/base", | ||
basepath: "./testdata/multibases/base", | ||
filename: kustomizeYml, | ||
wantErr: nil, | ||
}, | ||
{ | ||
name: "multibases/dev", | ||
basepath: "./testdata/multibases/dev", | ||
filename: kustomizeYaml, | ||
wantErr: nil, | ||
}, | ||
{ | ||
name: "multibases/prod", | ||
basepath: "./testdata/multibases/prod", | ||
filename: kustomizeYaml, | ||
wantErr: nil, | ||
}, | ||
{ | ||
name: "multibases/stage", | ||
basepath: "./testdata/multibases/stage", | ||
filename: kustomizeYaml, | ||
wantErr: nil, | ||
}, | ||
{ | ||
name: "multibases/zero-violation-base", | ||
basepath: "./testdata/multibases/zero-violation-base", | ||
filename: kustomizeYaml, | ||
wantErr: nil, | ||
}, | ||
{ | ||
name: "erroneous-pod", | ||
basepath: "./testdata/erroneous-pod", | ||
filename: kustomizeYaml, | ||
wantErr: errorFromKustomize, | ||
}, | ||
{ | ||
name: "erroneous-deployment", | ||
basepath: "./testdata/erroneous-deployment/", | ||
filename: kustomizeYaml, | ||
wantErr: errorFromKustomize, | ||
}, | ||
} | ||
|
||
for _, tt := range table { | ||
t.Run(tt.name, func(t *testing.T) { | ||
_, gotErr := LoadKustomize(tt.basepath, tt.filename) | ||
if !reflect.DeepEqual(gotErr, tt.wantErr) { | ||
t.Errorf("unexpected error; gotErr: '%v', wantErr: '%v'", gotErr, tt.wantErr) | ||
} | ||
}) | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,38 @@ | ||
package kustomizev3 | ||
|
||
import ( | ||
"reflect" | ||
"testing" | ||
|
||
"github.com/accurics/terrascan/pkg/iac-providers/output" | ||
) | ||
|
||
func TestLoadIacFile(t *testing.T) { | ||
|
||
table := []struct { | ||
name string | ||
filePath string | ||
kustomize KustomizeV3 | ||
typeOnly bool | ||
want output.AllResourceConfigs | ||
wantErr error | ||
}{ | ||
{ | ||
name: "load iac file is not supported for kustomize", | ||
filePath: "/dummyfilepath.yaml", | ||
kustomize: KustomizeV3{}, | ||
wantErr: errLoadIacFileNotSupported, | ||
}, | ||
} | ||
|
||
for _, tt := range table { | ||
t.Run(tt.name, func(t *testing.T) { | ||
_, gotErr := tt.kustomize.LoadIacFile(tt.filePath) | ||
if !reflect.DeepEqual(gotErr, tt.wantErr) { | ||
t.Errorf("unexpected error; gotErr: '%v', wantErr: '%v'", gotErr, tt.wantErr) | ||
} else if tt.typeOnly && (reflect.TypeOf(gotErr)) != reflect.TypeOf(tt.wantErr) { | ||
t.Errorf("unexpected error; gotErr: '%v', wantErr: '%v'", reflect.TypeOf(gotErr), reflect.TypeOf(tt.wantErr)) | ||
} | ||
}) | ||
} | ||
} |
16 changes: 16 additions & 0 deletions
16
pkg/iac-providers/kustomize/v3/testdata/erroneous-deployment/deployment.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,16 @@ | ||
apiVersion: apps/v1beta1 | ||
kind: Deployment | ||
metadata: | ||
labels: | ||
app: myapp | ||
test: someupdate | ||
test2: someupdate3 | ||
spec: | ||
template: | ||
spec: | ||
containers: | ||
- name: myapp-container2 | ||
image: busybox | ||
command: ['sh', '-c', 'echo Hello Kubernetes! && sleep 3600'] | ||
securityContext: | ||
allowPrivilegeEscalation: true |
5 changes: 5 additions & 0 deletions
5
pkg/iac-providers/kustomize/v3/testdata/erroneous-deployment/kustomization.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
commonLabels: | ||
app: hello | ||
|
||
resources: | ||
- deployment.yaml |
5 changes: 5 additions & 0 deletions
5
pkg/iac-providers/kustomize/v3/testdata/erroneous-pod/kustomization.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,5 @@ | ||
commonLabels: | ||
app: hello | ||
|
||
resources: | ||
- pod.yaml |
14 changes: 14 additions & 0 deletions
14
pkg/iac-providers/kustomize/v3/testdata/erroneous-pod/pod.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,14 @@ | ||
apiVersion: v1 | ||
metadata: | ||
name: myapp-pod | ||
labels: | ||
app: myapp | ||
test: someupdate | ||
test2: someupdate3 | ||
spec: | ||
containers: | ||
- name: myapp-container | ||
image: busybox | ||
command: ['sh', '-c', 'echo Hello Kubernetes! && sleep 3600'] | ||
securityContext: | ||
allowPrivilegeEscalation: true |
7 changes: 7 additions & 0 deletions
7
pkg/iac-providers/kustomize/v3/testdata/kustomize-file-empty/configMap.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,7 @@ | ||
apiVersion: v1 | ||
kind: ConfigMap | ||
metadata: | ||
name: the-map | ||
data: | ||
altGreeting: "Good Morning!" | ||
enableRisky: "false" |
33 changes: 33 additions & 0 deletions
33
pkg/iac-providers/kustomize/v3/testdata/kustomize-file-empty/deployment.yaml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
apiVersion: apps/v1 | ||
kind: Deployment | ||
metadata: | ||
name: the-deployment | ||
spec: | ||
replicas: 3 | ||
selector: | ||
matchLabels: | ||
deployment: hello | ||
template: | ||
metadata: | ||
labels: | ||
deployment: hello | ||
spec: | ||
containers: | ||
- name: the-container | ||
image: monopole/hello:1 | ||
command: ["/hello", | ||
"--port=8080", | ||
"--enableRiskyFeature=$(ENABLE_RISKY)"] | ||
ports: | ||
- containerPort: 8080 | ||
env: | ||
- name: ALT_GREETING | ||
valueFrom: | ||
configMapKeyRef: | ||
name: the-map | ||
key: altGreeting | ||
- name: ENABLE_RISKY | ||
valueFrom: | ||
configMapKeyRef: | ||
name: the-map | ||
key: enableRisky |
Empty file.
Oops, something went wrong.