driftctl/pkg/middlewares/s3_bucket_acl_test.go

package middlewares

import (
	"testing"

	"github.com/stretchr/testify/assert"

	awssdk "github.com/aws/aws-sdk-go/aws"
	"github.com/cloudskiff/driftctl/pkg/resource/aws"

	"github.com/cloudskiff/driftctl/pkg/resource"
)

func TestS3BucketAcl_Execute(t *testing.T) {
	type args struct {
		remoteResources    *[]resource.Resource
		resourcesFromState *[]resource.Resource
	}
	tests := []struct {
		name   string
		args   args
		assert func(assert *assert.Assertions, remoteResources, resourcesFromState *[]resource.Resource)
	}{
		{
			name: "grant field on remote resource must be reset if acl != private in state resource",
			args: args{
				remoteResources: &[]resource.Resource{
					&aws.AwsS3Bucket{
						Id: "testgrant",
						Grant: &[]struct {
							Id          string   `cty:"id"`
							Permissions []string `cty:"permissions"`
							Type        *string  `cty:"type"`
							Uri         *string  `cty:"uri"`
						}{
							{
								"356616ba70ebbea29732c95eef24f9ea326b9018c167651705348b5af406a6db",
								[]string{"FULL_CONTROL"},
								awssdk.String("CanonicalUser"),
								awssdk.String(""),
							},
						},
					},
				},
				resourcesFromState: &[]resource.Resource{
					&aws.AwsAmi{},
					&aws.AwsS3Bucket{
						Id:  "testgrant",
						Acl: awssdk.String("public-read"),
					},
				},
			},
			assert: func(assert *assert.Assertions, remoteResources, resourcesFromState *[]resource.Resource) {
				s3Bucket, _ := (*remoteResources)[0].(*aws.AwsS3Bucket)
				assert.Empty(s3Bucket.Grant)
			},
		},
		{
			name: "does not modify grant field on remote resource if acl field is private",
			args: args{
				remoteResources: &[]resource.Resource{
					&aws.AwsS3Bucket{
						Id: "testgrant",
						Grant: &[]struct {
							Id          string   `cty:"id"`
							Permissions []string `cty:"permissions"`
							Type        *string  `cty:"type"`
							Uri         *string  `cty:"uri"`
						}{
							{
								"356616ba70ebbea29732c95eef24f9ea326b9018c167651705348b5af406a6db",
								[]string{"FULL_CONTROL"},
								awssdk.String("CanonicalUser"),
								awssdk.String(""),
							},
						},
					},
				},
				resourcesFromState: &[]resource.Resource{
					&aws.AwsAmi{},
					&aws.AwsS3Bucket{
						Id:  "testgrant",
						Acl: awssdk.String("private"),
					},
				},
			},
			assert: func(assert *assert.Assertions, remoteResources, resourcesFromState *[]resource.Resource) {
				s3Bucket, _ := (*remoteResources)[0].(*aws.AwsS3Bucket)
				assert.Len(*s3Bucket.Grant, 1)
				expected := struct {
					Id          string   `cty:"id"`
					Permissions []string `cty:"permissions"`
					Type        *string  `cty:"type"`
					Uri         *string  `cty:"uri"`
				}{
					Id:          "356616ba70ebbea29732c95eef24f9ea326b9018c167651705348b5af406a6db",
					Permissions: []string{"FULL_CONTROL"},
					Type:        awssdk.String("CanonicalUser"),
					Uri:         awssdk.String(""),
				}
				assert.Equal(expected, (*s3Bucket.Grant)[0])
			},
		},
		{
			name: "does not modify grant field on remote resource if acl field is undefined",
			args: args{
				remoteResources: &[]resource.Resource{
					&aws.AwsS3Bucket{
						Id: "testgrant",
						Grant: &[]struct {
							Id          string   `cty:"id"`
							Permissions []string `cty:"permissions"`
							Type        *string  `cty:"type"`
							Uri         *string  `cty:"uri"`
						}{
							{
								"356616ba70ebbea29732c95eef24f9ea326b9018c167651705348b5af406a6db",
								[]string{"FULL_CONTROL"},
								awssdk.String("CanonicalUser"),
								awssdk.String(""),
							},
						},
					},
				},
				resourcesFromState: &[]resource.Resource{
					&aws.AwsAmi{},
					&aws.AwsS3Bucket{
						Id: "testgrant",
					},
				},
			},
			assert: func(assert *assert.Assertions, remoteResources, resourcesFromState *[]resource.Resource) {
				s3Bucket, _ := (*remoteResources)[0].(*aws.AwsS3Bucket)
				assert.Len(*s3Bucket.Grant, 1)
				expected := struct {
					Id          string   `cty:"id"`
					Permissions []string `cty:"permissions"`
					Type        *string  `cty:"type"`
					Uri         *string  `cty:"uri"`
				}{
					Id:          "356616ba70ebbea29732c95eef24f9ea326b9018c167651705348b5af406a6db",
					Permissions: []string{"FULL_CONTROL"},
					Type:        awssdk.String("CanonicalUser"),
					Uri:         awssdk.String(""),
				}
				assert.Equal(expected, (*s3Bucket.Grant)[0])
			},
		},
	}
	for _, c := range tests {
		t.Run(c.name, func(tt *testing.T) {
			assert := assert.New(tt)
			m := S3BucketAcl{}
			if err := m.Execute(c.args.remoteResources, c.args.resourcesFromState); err != nil {
				tt.Error(err)
			}
			c.assert(assert, c.args.remoteResources, c.args.resourcesFromState)
		})
	}
}
🍾 Initial release Co-authored-by: William BEUIL <william.beuil@cloudskiff.com> Co-authored-by: Martin GUIBERT <martin@cloudskiff.com> 2020-12-09 15:31:34 +00:00			`package middlewares`

			`import (`
			`"testing"`

			`"github.com/stretchr/testify/assert"`

			`awssdk "github.com/aws/aws-sdk-go/aws"`
			`"github.com/cloudskiff/driftctl/pkg/resource/aws"`

			`"github.com/cloudskiff/driftctl/pkg/resource"`
			`)`

			`func TestS3BucketAcl_Execute(t *testing.T) {`
			`type args struct {`
			`remoteResources *[]resource.Resource`
			`resourcesFromState *[]resource.Resource`
			`}`
			`tests := []struct {`
			`name string`
			`args args`
			`assert func(assert assert.Assertions, remoteResources, resourcesFromState []resource.Resource)`
			`}{`
			`{`
			`name: "grant field on remote resource must be reset if acl != private in state resource",`
			`args: args{`
			`remoteResources: &[]resource.Resource{`
			`&aws.AwsS3Bucket{`
			`Id: "testgrant",`
			`Grant: &[]struct {`
			Id string `cty:"id"`
			Permissions []string `cty:"permissions"`
			Type *string `cty:"type"`
			Uri *string `cty:"uri"`
			`}{`
			`{`
			`"356616ba70ebbea29732c95eef24f9ea326b9018c167651705348b5af406a6db",`
			`[]string{"FULL_CONTROL"},`
			`awssdk.String("CanonicalUser"),`
			`awssdk.String(""),`
			`},`
			`},`
			`},`
			`},`
			`resourcesFromState: &[]resource.Resource{`
			`&aws.AwsAmi{},`
			`&aws.AwsS3Bucket{`
			`Id: "testgrant",`
			`Acl: awssdk.String("public-read"),`
			`},`
			`},`
			`},`
			`assert: func(assert assert.Assertions, remoteResources, resourcesFromState []resource.Resource) {`
			`s3Bucket, _ := (remoteResources)[0].(aws.AwsS3Bucket)`
			`assert.Empty(s3Bucket.Grant)`
			`},`
			`},`
			`{`
			`name: "does not modify grant field on remote resource if acl field is private",`
			`args: args{`
			`remoteResources: &[]resource.Resource{`
			`&aws.AwsS3Bucket{`
			`Id: "testgrant",`
			`Grant: &[]struct {`
			Id string `cty:"id"`
			Permissions []string `cty:"permissions"`
			Type *string `cty:"type"`
			Uri *string `cty:"uri"`
			`}{`
			`{`
			`"356616ba70ebbea29732c95eef24f9ea326b9018c167651705348b5af406a6db",`
			`[]string{"FULL_CONTROL"},`
			`awssdk.String("CanonicalUser"),`
			`awssdk.String(""),`
			`},`
			`},`
			`},`
			`},`
			`resourcesFromState: &[]resource.Resource{`
			`&aws.AwsAmi{},`
			`&aws.AwsS3Bucket{`
			`Id: "testgrant",`
			`Acl: awssdk.String("private"),`
			`},`
			`},`
			`},`
			`assert: func(assert assert.Assertions, remoteResources, resourcesFromState []resource.Resource) {`
			`s3Bucket, _ := (remoteResources)[0].(aws.AwsS3Bucket)`
			`assert.Len(*s3Bucket.Grant, 1)`
			`expected := struct {`
			Id string `cty:"id"`
			Permissions []string `cty:"permissions"`
			Type *string `cty:"type"`
			Uri *string `cty:"uri"`
			`}{`
			`Id: "356616ba70ebbea29732c95eef24f9ea326b9018c167651705348b5af406a6db",`
			`Permissions: []string{"FULL_CONTROL"},`
			`Type: awssdk.String("CanonicalUser"),`
			`Uri: awssdk.String(""),`
			`}`
			`assert.Equal(expected, (*s3Bucket.Grant)[0])`
			`},`
			`},`
			`{`
			`name: "does not modify grant field on remote resource if acl field is undefined",`
			`args: args{`
			`remoteResources: &[]resource.Resource{`
			`&aws.AwsS3Bucket{`
			`Id: "testgrant",`
			`Grant: &[]struct {`
			Id string `cty:"id"`
			Permissions []string `cty:"permissions"`
			Type *string `cty:"type"`
			Uri *string `cty:"uri"`
			`}{`
			`{`
			`"356616ba70ebbea29732c95eef24f9ea326b9018c167651705348b5af406a6db",`
			`[]string{"FULL_CONTROL"},`
			`awssdk.String("CanonicalUser"),`
			`awssdk.String(""),`
			`},`
			`},`
			`},`
			`},`
			`resourcesFromState: &[]resource.Resource{`
			`&aws.AwsAmi{},`
			`&aws.AwsS3Bucket{`
			`Id: "testgrant",`
			`},`
			`},`
			`},`
			`assert: func(assert assert.Assertions, remoteResources, resourcesFromState []resource.Resource) {`
			`s3Bucket, _ := (remoteResources)[0].(aws.AwsS3Bucket)`
			`assert.Len(*s3Bucket.Grant, 1)`
			`expected := struct {`
			Id string `cty:"id"`
			Permissions []string `cty:"permissions"`
			Type *string `cty:"type"`
			Uri *string `cty:"uri"`
			`}{`
			`Id: "356616ba70ebbea29732c95eef24f9ea326b9018c167651705348b5af406a6db",`
			`Permissions: []string{"FULL_CONTROL"},`
			`Type: awssdk.String("CanonicalUser"),`
			`Uri: awssdk.String(""),`
			`}`
			`assert.Equal(expected, (*s3Bucket.Grant)[0])`
			`},`
			`},`
			`}`
			`for _, c := range tests {`
			`t.Run(c.name, func(tt *testing.T) {`
			`assert := assert.New(tt)`
			`m := S3BucketAcl{}`
			`if err := m.Execute(c.args.remoteResources, c.args.resourcesFromState); err != nil {`
			`tt.Error(err)`
			`}`
			`c.assert(assert, c.args.remoteResources, c.args.resourcesFromState)`
			`})`
			`}`
			`}`