2020-12-09 15:31:34 +00:00
|
|
|
package middlewares
|
|
|
|
|
|
|
|
import (
|
|
|
|
"testing"
|
|
|
|
|
2022-06-28 07:23:29 +00:00
|
|
|
"github.com/snyk/driftctl/enumeration/resource"
|
2022-07-21 08:37:03 +00:00
|
|
|
"github.com/snyk/driftctl/pkg/resource/aws"
|
2020-12-09 15:31:34 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
func TestDefaultVPCSecurityGroupShouldBeIgnored(t *testing.T) {
|
|
|
|
middleware := NewVPCDefaultSecurityGroupSanitizer()
|
2021-08-09 14:03:04 +00:00
|
|
|
remoteResources := []*resource.Resource{
|
|
|
|
{
|
2020-12-09 15:31:34 +00:00
|
|
|
Id: "sg-test",
|
2021-05-10 16:02:57 +00:00
|
|
|
Type: aws.AwsSecurityGroupResourceType,
|
|
|
|
Attrs: &resource.Attributes{
|
2021-05-24 15:19:06 +00:00
|
|
|
"name": "test",
|
2021-05-10 16:02:57 +00:00
|
|
|
},
|
2020-12-09 15:31:34 +00:00
|
|
|
},
|
2021-08-09 14:03:04 +00:00
|
|
|
{
|
2020-12-09 15:31:34 +00:00
|
|
|
Id: "sg-foo",
|
2021-05-10 16:02:57 +00:00
|
|
|
Type: aws.AwsSecurityGroupResourceType,
|
|
|
|
Attrs: &resource.Attributes{
|
2021-05-24 15:19:06 +00:00
|
|
|
"name": "foo",
|
2021-05-10 16:02:57 +00:00
|
|
|
},
|
2020-12-09 15:31:34 +00:00
|
|
|
},
|
2021-08-09 14:03:04 +00:00
|
|
|
{
|
2020-12-09 15:31:34 +00:00
|
|
|
Id: "sg-default",
|
2021-05-10 16:02:57 +00:00
|
|
|
Type: aws.AwsDefaultSecurityGroupResourceType,
|
|
|
|
Attrs: &resource.Attributes{
|
2021-05-24 15:19:06 +00:00
|
|
|
"name": "default",
|
2021-05-10 16:02:57 +00:00
|
|
|
},
|
2020-12-09 15:31:34 +00:00
|
|
|
},
|
|
|
|
}
|
2021-08-09 14:03:04 +00:00
|
|
|
stateResources := []*resource.Resource{
|
|
|
|
{
|
2020-12-09 15:31:34 +00:00
|
|
|
Id: "sg-bar",
|
2021-05-10 16:02:57 +00:00
|
|
|
Type: aws.AwsSecurityGroupResourceType,
|
|
|
|
Attrs: &resource.Attributes{
|
2021-05-24 15:19:06 +00:00
|
|
|
"name": "bar",
|
2021-05-10 16:02:57 +00:00
|
|
|
},
|
2020-12-09 15:31:34 +00:00
|
|
|
},
|
|
|
|
}
|
|
|
|
err := middleware.Execute(&remoteResources, &stateResources)
|
|
|
|
if err != nil {
|
|
|
|
t.Error(err)
|
|
|
|
}
|
|
|
|
if len(remoteResources) != 2 {
|
|
|
|
t.Error("Default security group was not ignored")
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func TestDefaultVPCSecurityGroupShouldNotBeIgnoredWhenManaged(t *testing.T) {
|
|
|
|
middleware := NewVPCDefaultSecurityGroupSanitizer()
|
2021-08-09 14:03:04 +00:00
|
|
|
remoteResources := []*resource.Resource{
|
|
|
|
{
|
2020-12-09 15:31:34 +00:00
|
|
|
Id: "sg-test",
|
2021-05-10 16:02:57 +00:00
|
|
|
Type: aws.AwsSecurityGroupResourceType,
|
|
|
|
Attrs: &resource.Attributes{
|
2021-05-24 15:19:06 +00:00
|
|
|
"name": "test",
|
2021-05-10 16:02:57 +00:00
|
|
|
},
|
2020-12-09 15:31:34 +00:00
|
|
|
},
|
2021-08-09 14:03:04 +00:00
|
|
|
{
|
2020-12-09 15:31:34 +00:00
|
|
|
Id: "sg-foo",
|
2021-05-10 16:02:57 +00:00
|
|
|
Type: aws.AwsSecurityGroupResourceType,
|
|
|
|
Attrs: &resource.Attributes{
|
2021-05-24 15:19:06 +00:00
|
|
|
"name": "foo",
|
2021-05-10 16:02:57 +00:00
|
|
|
},
|
2020-12-09 15:31:34 +00:00
|
|
|
},
|
2021-08-09 14:03:04 +00:00
|
|
|
{
|
2020-12-09 15:31:34 +00:00
|
|
|
Id: "sg-default",
|
2021-05-10 16:02:57 +00:00
|
|
|
Type: aws.AwsDefaultSecurityGroupResourceType,
|
|
|
|
Attrs: &resource.Attributes{
|
2021-05-24 15:19:06 +00:00
|
|
|
"name": "default",
|
2021-05-10 16:02:57 +00:00
|
|
|
},
|
2020-12-09 15:31:34 +00:00
|
|
|
},
|
|
|
|
}
|
2021-08-09 14:03:04 +00:00
|
|
|
stateResources := []*resource.Resource{
|
|
|
|
{
|
2020-12-09 15:31:34 +00:00
|
|
|
Id: "sg-default",
|
2021-05-10 16:02:57 +00:00
|
|
|
Type: aws.AwsDefaultSecurityGroupResourceType,
|
|
|
|
Attrs: &resource.Attributes{
|
2021-05-24 15:19:06 +00:00
|
|
|
"name": "default",
|
2021-05-10 16:02:57 +00:00
|
|
|
},
|
2020-12-09 15:31:34 +00:00
|
|
|
},
|
|
|
|
}
|
|
|
|
err := middleware.Execute(&remoteResources, &stateResources)
|
|
|
|
if err != nil {
|
|
|
|
t.Error(err)
|
|
|
|
}
|
|
|
|
if len(remoteResources) != 3 {
|
|
|
|
t.Error("Default security group was ignored")
|
|
|
|
}
|
2021-08-09 14:03:04 +00:00
|
|
|
managedDefaultSecurityGroup := remoteResources[2]
|
2021-05-24 15:19:06 +00:00
|
|
|
if *managedDefaultSecurityGroup.Attrs.GetString("name") != "default" {
|
2020-12-09 15:31:34 +00:00
|
|
|
t.Error("Default security group is ignored when it should not be")
|
|
|
|
}
|
|
|
|
}
|