driftctl/enumeration/remote/github_branch_protection_sc...

126 lines
4.5 KiB
Go
Raw Normal View History

2021-07-01 15:45:19 +00:00
package remote
import (
"testing"
"github.com/snyk/driftctl/enumeration"
"github.com/snyk/driftctl/enumeration/remote/alerts"
"github.com/snyk/driftctl/enumeration/remote/cache"
2022-07-06 08:44:42 +00:00
"github.com/snyk/driftctl/enumeration/remote/common"
remoteerr "github.com/snyk/driftctl/enumeration/remote/error"
github2 "github.com/snyk/driftctl/enumeration/remote/github"
"github.com/snyk/driftctl/enumeration/terraform"
2021-08-20 13:15:51 +00:00
"github.com/pkg/errors"
githubres "github.com/snyk/driftctl/enumeration/resource/github"
2021-12-06 13:29:39 +00:00
"github.com/snyk/driftctl/mocks"
2021-12-06 13:29:39 +00:00
testresource "github.com/snyk/driftctl/test/resource"
tftest "github.com/snyk/driftctl/test/terraform"
2021-07-26 09:55:59 +00:00
"github.com/stretchr/testify/mock"
2021-07-01 15:45:19 +00:00
"github.com/snyk/driftctl/enumeration/resource"
2021-12-06 13:29:39 +00:00
"github.com/snyk/driftctl/test"
"github.com/snyk/driftctl/test/goldenfile"
2021-07-01 15:45:19 +00:00
"github.com/stretchr/testify/assert"
)
func TestScanGithubBranchProtection(t *testing.T) {
cases := []struct {
test string
dirName string
mocks func(*github2.MockGithubRepository, *mocks.AlerterInterface)
2021-07-01 15:45:19 +00:00
err error
}{
{
test: "no branch protection",
dirName: "github_branch_protection_empty",
mocks: func(client *github2.MockGithubRepository, alerter *mocks.AlerterInterface) {
2021-07-01 15:45:19 +00:00
client.On("ListBranchProtection").Return([]string{}, nil)
},
err: nil,
},
{
test: "Multiple branch protections",
dirName: "github_branch_protection_multiples",
mocks: func(client *github2.MockGithubRepository, alerter *mocks.AlerterInterface) {
2021-07-01 15:45:19 +00:00
client.On("ListBranchProtection").Return([]string{
"MDIwOkJyYW5jaFByb3RlY3Rpb25SdWxlMTk1NDg0NzI=", // "repo0:main"
"MDIwOkJyYW5jaFByb3RlY3Rpb25SdWxlMTk1NDg0Nzg=", // "repo0:toto"
"MDIwOkJyYW5jaFByb3RlY3Rpb25SdWxlMTk1NDg0NzQ=", // "repo1:main"
"MDIwOkJyYW5jaFByb3RlY3Rpb25SdWxlMTk1NDg0ODA=", // "repo1:toto"
"MDIwOkJyYW5jaFByb3RlY3Rpb25SdWxlMTk1NDg0NzE=", // "repo2:main"
"MDIwOkJyYW5jaFByb3RlY3Rpb25SdWxlMTk1NDg0Nzc=", // "repo2:toto"
2021-07-01 15:45:19 +00:00
}, nil)
},
err: nil,
},
2021-08-20 13:15:51 +00:00
{
test: "cannot list branch protections",
dirName: "github_branch_protection_empty",
mocks: func(client *github2.MockGithubRepository, alerter *mocks.AlerterInterface) {
2021-08-20 13:15:51 +00:00
client.On("ListBranchProtection").Return(nil, errors.New("Your token has not been granted the required scopes to execute this query."))
2022-07-06 08:44:42 +00:00
alerter.On("SendAlert", githubres.GithubBranchProtectionResourceType, alerts.NewRemoteAccessDeniedAlert(common.RemoteGithubTerraform, remoteerr.NewResourceListingErrorWithType(errors.New("Your token has not been granted the required scopes to execute this query."), githubres.GithubBranchProtectionResourceType, githubres.GithubBranchProtectionResourceType), alerts.EnumerationPhase)).Return()
2021-08-20 13:15:51 +00:00
},
err: nil,
},
2021-07-01 15:45:19 +00:00
}
schemaRepository := testresource.InitFakeSchemaRepository("github", "4.4.0")
githubres.InitResourcesMetadata(schemaRepository)
factory := terraform.NewTerraformResourceFactory(schemaRepository)
2021-07-01 15:45:19 +00:00
deserializer := resource.NewDeserializer(factory)
for _, c := range cases {
t.Run(c.test, func(tt *testing.T) {
shouldUpdate := c.dirName == *goldenfile.Update
scanOptions := ScannerOptions{Deep: true}
providerLibrary := terraform.NewProviderLibrary()
2022-07-06 08:44:42 +00:00
remoteLibrary := common.NewRemoteLibrary()
2021-07-01 15:45:19 +00:00
2021-08-20 13:15:51 +00:00
// Initialize mocks
alerter := &mocks.AlerterInterface{}
mockedRepo := github2.MockGithubRepository{}
2021-08-20 13:15:51 +00:00
c.mocks(&mockedRepo, alerter)
var repo github2.GithubRepository = &mockedRepo
2021-07-01 15:45:19 +00:00
realProvider, err := tftest.InitTestGithubProvider(providerLibrary, "4.4.0")
if err != nil {
t.Fatal(err)
}
provider := tftest.NewFakeTerraformProvider(realProvider)
provider.WithResponse(c.dirName)
if shouldUpdate {
err := realProvider.Init()
if err != nil {
t.Fatal(err)
}
provider.ShouldUpdate()
repo = github2.NewGithubRepository(realProvider.GetConfig(), cache.New(0))
2021-07-01 15:45:19 +00:00
}
remoteLibrary.AddEnumerator(github2.NewGithubBranchProtectionEnumerator(repo, factory))
2022-07-06 08:44:42 +00:00
remoteLibrary.AddDetailsFetcher(githubres.GithubBranchProtectionResourceType, common.NewGenericDetailsFetcher(githubres.GithubBranchProtectionResourceType, provider, deserializer))
2021-07-01 15:45:19 +00:00
testFilter := &enumeration.MockFilter{}
2021-07-26 09:55:59 +00:00
testFilter.On("IsTypeIgnored", mock.Anything).Return(false)
s := NewScanner(remoteLibrary, alerter, scanOptions, testFilter)
2021-07-01 15:45:19 +00:00
got, err := s.Resources()
assert.Equal(tt, err, c.err)
if err != nil {
return
}
test.TestAgainstGoldenFile(got, githubres.GithubBranchProtectionResourceType, c.dirName, provider, deserializer, shouldUpdate, tt)
2021-08-20 13:15:51 +00:00
mockedRepo.AssertExpectations(tt)
alerter.AssertExpectations(tt)
2021-07-01 15:45:19 +00:00
})
}
}