From da6412717525d13b2de7486c6bb8f20794273654 Mon Sep 17 00:00:00 2001 From: sundowndev Date: Wed, 14 Apr 2021 17:04:33 +0200 Subject: [PATCH 1/3] test: strict mode --- pkg/driftctl_test.go | 229 ++++++++++++++++++++++++++++++++++++++----- 1 file changed, 205 insertions(+), 24 deletions(-) diff --git a/pkg/driftctl_test.go b/pkg/driftctl_test.go index 382673c7..5d333bd5 100644 --- a/pkg/driftctl_test.go +++ b/pkg/driftctl_test.go @@ -5,7 +5,6 @@ import ( "testing" awssdk "github.com/aws/aws-sdk-go/aws" - "github.com/jmespath/go-jmespath" "github.com/r3labs/diff/v2" "github.com/stretchr/testify/mock" "github.com/zclconf/go-cty/cty" @@ -13,7 +12,7 @@ import ( "github.com/cloudskiff/driftctl/pkg" "github.com/cloudskiff/driftctl/pkg/alerter" "github.com/cloudskiff/driftctl/pkg/analyser" - filter2 "github.com/cloudskiff/driftctl/pkg/filter" + "github.com/cloudskiff/driftctl/pkg/filter" "github.com/cloudskiff/driftctl/pkg/resource" "github.com/cloudskiff/driftctl/pkg/resource/aws" "github.com/cloudskiff/driftctl/pkg/terraform" @@ -25,9 +24,9 @@ type TestCase struct { name string stateResources []resource.Resource remoteResources []resource.Resource - filter string mocks func(factory resource.ResourceFactory) assert func(result *test.ScanResult, err error) + options func(t *testing.T) *pkg.ScanOptions } type TestCases []TestCase @@ -49,24 +48,13 @@ func runTest(t *testing.T, cases TestCases) { remoteSupplier := &resource.MockSupplier{} remoteSupplier.On("Resources").Return(c.remoteResources, nil) - var filter *jmespath.JMESPath - if c.filter != "" { - f, err := filter2.BuildExpression(c.filter) - if err != nil { - t.Fatalf("Unable to build filter expression: %s\n%s", c.filter, err) - } - filter = f - } - resourceFactory := &terraform.MockResourceFactory{} if c.mocks != nil { c.mocks(resourceFactory) } - driftctl := pkg.NewDriftCTL(remoteSupplier, stateSupplier, testAlerter, resourceFactory, &pkg.ScanOptions{ - Filter: filter, - }) + driftctl := pkg.NewDriftCTL(remoteSupplier, stateSupplier, testAlerter, resourceFactory, c.options(t)) analysis, err := driftctl.Run() @@ -98,6 +86,9 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { assert: func(result *test.ScanResult, err error) { result.AssertInfrastructureIsInSync() }, + options: func(t *testing.T) *pkg.ScanOptions { + return &pkg.ScanOptions{} + }, }, { name: "we should have deleted resource", @@ -108,6 +99,9 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { assert: func(result *test.ScanResult, err error) { result.AssertDeletedCount(1) }, + options: func(t *testing.T) *pkg.ScanOptions { + return &pkg.ScanOptions{} + }, }, { name: "we should have unmanaged resource", @@ -118,6 +112,9 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { assert: func(result *test.ScanResult, err error) { result.AssertUnmanagedCount(1) }, + options: func(t *testing.T) *pkg.ScanOptions { + return &pkg.ScanOptions{} + }, }, { name: "we should have changes of field update", @@ -145,6 +142,9 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { Computed: false, }) }, + options: func(t *testing.T) *pkg.ScanOptions { + return &pkg.ScanOptions{} + }, }, { name: "we should have changes on computed field", @@ -172,6 +172,9 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { Computed: true, }) }, + options: func(t *testing.T) *pkg.ScanOptions { + return &pkg.ScanOptions{} + }, }, { name: "we should have changes of deleted field", @@ -200,6 +203,9 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { Computed: false, }) }, + options: func(t *testing.T) *pkg.ScanOptions { + return &pkg.ScanOptions{} + }, }, { name: "we should have changes of added field", @@ -228,6 +234,109 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { Computed: false, }) }, + options: func(t *testing.T) *pkg.ScanOptions { + return &pkg.ScanOptions{} + }, + }, + { + name: "we should ignore default AWS IAM role when strict mode is disabled", + stateResources: []resource.Resource{ + testresource.FakeResource{ + Id: "fake", + }, + &aws.AwsIamPolicy{ + Id: "role-policy-test-1", + Arn: func(p string) *string { return &p }("policy-test-1"), + }, + }, + remoteResources: []resource.Resource{ + testresource.FakeResource{ + Id: "fake", + }, + &aws.AwsIamRole{ + Id: "role-test-1", + Path: func(p string) *string { return &p }("/aws-service-role/test"), + }, + &aws.AwsIamRolePolicy{ + Id: "role-policy-test-1", + Role: func(p string) *string { return &p }("role-test-1"), + }, + &aws.AwsIamPolicy{ + Id: "role-policy-test-1", + Arn: func(p string) *string { return &p }("policy-test-1"), + }, + &aws.AwsIamPolicyAttachment{ + Id: "policy-attachment-test-1", + PolicyArn: func(p string) *string { return &p }("policy-test-1"), + Users: func(p []string) *[]string { return &p }([]string{}), + Roles: func(p []string) *[]string { return &p }([]string{"role-test-1"}), + }, + &aws.AwsIamRole{ + Id: "role-test-2", + Path: func(p string) *string { return &p }("/not-aws-service-role/test"), + }, + }, + assert: func(result *test.ScanResult, err error) { + result.AssertManagedCount(2) + result.AssertUnmanagedCount(1) + result.AssertDeletedCount(0) + result.AssertDriftCountTotal(0) + }, + options: func(t *testing.T) *pkg.ScanOptions { + return &pkg.ScanOptions{ + StrictMode: false, + } + }, + }, + { + name: "we should not ignore default AWS IAM role when strict mode is enabled", + stateResources: []resource.Resource{ + testresource.FakeResource{ + Id: "fake", + }, + &aws.AwsIamPolicy{ + Id: "role-policy-test-1", + Arn: func(p string) *string { return &p }("policy-test-1"), + }, + }, + remoteResources: []resource.Resource{ + testresource.FakeResource{ + Id: "fake", + }, + &aws.AwsIamRole{ + Id: "role-test-1", + Path: func(p string) *string { return &p }("/aws-service-role/test"), + }, + &aws.AwsIamRolePolicy{ + Id: "role-policy-test-1", + Role: func(p string) *string { return &p }("role-test-1"), + }, + &aws.AwsIamPolicy{ + Id: "role-policy-test-1", + Arn: func(p string) *string { return &p }("policy-test-1"), + }, + &aws.AwsIamPolicyAttachment{ + Id: "policy-attachment-test-1", + PolicyArn: func(p string) *string { return &p }("policy-test-1"), + Users: func(p []string) *[]string { return &p }([]string{}), + Roles: func(p []string) *[]string { return &p }([]string{"role-test-1"}), + }, + &aws.AwsIamRole{ + Id: "role-test-2", + Path: func(p string) *string { return &p }("/not-aws-service-role/test"), + }, + }, + assert: func(result *test.ScanResult, err error) { + result.AssertManagedCount(2) + result.AssertUnmanagedCount(4) + result.AssertDeletedCount(0) + result.AssertDriftCountTotal(0) + }, + options: func(t *testing.T) *pkg.ScanOptions { + return &pkg.ScanOptions{ + StrictMode: true, + } + }, }, } @@ -249,11 +358,19 @@ func TestDriftctlRun_BasicFilter(t *testing.T) { Type: "filtered", }, }, - filter: "Type=='filtered'", assert: func(result *test.ScanResult, err error) { result.AssertUnmanagedCount(1) result.AssertResourceUnmanaged("res2", "filtered") }, + options: func(t *testing.T) *pkg.ScanOptions { + filterStr := "Type=='filtered'" + f, err := filter.BuildExpression(filterStr) + if err != nil { + t.Fatalf("Unable to build filter expression: %s\n%s", filterStr, err) + } + + return &pkg.ScanOptions{Filter: f} + }, }, { name: "test filtering on Id", @@ -268,11 +385,19 @@ func TestDriftctlRun_BasicFilter(t *testing.T) { Type: "filtered", }, }, - filter: "Id=='res2'", assert: func(result *test.ScanResult, err error) { result.AssertUnmanagedCount(1) result.AssertResourceUnmanaged("res2", "filtered") }, + options: func(t *testing.T) *pkg.ScanOptions { + filterStr := "Id=='res2'" + f, err := filter.BuildExpression(filterStr) + if err != nil { + t.Fatalf("Unable to build filter expression: %s\n%s", filterStr, err) + } + + return &pkg.ScanOptions{Filter: f} + }, }, { name: "test filtering on attribute", @@ -293,11 +418,19 @@ func TestDriftctlRun_BasicFilter(t *testing.T) { Type: "not-filtered", }, }, - filter: "Attr.test_field=='value to filter on'", assert: func(result *test.ScanResult, err error) { result.AssertUnmanagedCount(1) result.AssertResourceUnmanaged("res1", "filtered") }, + options: func(t *testing.T) *pkg.ScanOptions { + filterStr := "Attr.test_field=='value to filter on'" + f, err := filter.BuildExpression(filterStr) + if err != nil { + t.Fatalf("Unable to build filter expression: %s\n%s", filterStr, err) + } + + return &pkg.ScanOptions{Filter: f} + }, }, } @@ -344,7 +477,6 @@ func TestDriftctlRun_Middlewares(t *testing.T) { }) }), "aws_s3_bucket_policy").Times(1).Return(&foo, nil) }, - filter: "Type=='aws_s3_bucket_policy' && Attr.bucket=='foo'", assert: func(result *test.ScanResult, err error) { result.AssertManagedCount(1) result.AssertResourceHasDrift("foo", "aws_s3_bucket_policy", analyser.Change{ @@ -357,6 +489,15 @@ func TestDriftctlRun_Middlewares(t *testing.T) { Computed: false, }) }, + options: func(t *testing.T) *pkg.ScanOptions { + filterStr := "Type=='aws_s3_bucket_policy' && Attr.bucket=='foo'" + f, err := filter.BuildExpression(filterStr) + if err != nil { + t.Fatalf("Unable to build filter expression: %s\n%s", filterStr, err) + } + + return &pkg.ScanOptions{Filter: f} + }, }, { name: "test instance block device middleware", @@ -460,7 +601,6 @@ func TestDriftctlRun_Middlewares(t *testing.T) { }) }), "aws_ebs_volume").Times(1).Return(&bar, nil) }, - filter: "Type=='aws_ebs_volume' && Attr.availability_zone=='us-east-1'", assert: func(result *test.ScanResult, err error) { result.AssertManagedCount(2) result.AssertResourceHasDrift("vol-02862d9b39045a3a4", "aws_ebs_volume", analyser.Change{ @@ -482,6 +622,15 @@ func TestDriftctlRun_Middlewares(t *testing.T) { Computed: true, }) }, + options: func(t *testing.T) *pkg.ScanOptions { + filterStr := "Type=='aws_ebs_volume' && Attr.availability_zone=='us-east-1'" + f, err := filter.BuildExpression(filterStr) + if err != nil { + t.Fatalf("Unable to build filter expression: %s\n%s", filterStr, err) + } + + return &pkg.ScanOptions{Filter: f} + }, }, { name: "test route table expander middleware", @@ -595,11 +744,19 @@ func TestDriftctlRun_Middlewares(t *testing.T) { }) }), "aws_route").Times(1).Return(&bar, nil) }, - filter: "Type=='aws_route' && Attr.gateway_id=='igw-07b7844a8fd17a638'", assert: func(result *test.ScanResult, err error) { result.AssertManagedCount(2) result.AssertInfrastructureIsInSync() }, + options: func(t *testing.T) *pkg.ScanOptions { + filterStr := "Type=='aws_route' && Attr.gateway_id=='igw-07b7844a8fd17a638'" + f, err := filter.BuildExpression(filterStr) + if err != nil { + t.Fatalf("Unable to build filter expression: %s\n%s", filterStr, err) + } + + return &pkg.ScanOptions{Filter: f} + }, }, { name: "test sns topic policy expander middleware", @@ -639,7 +796,6 @@ func TestDriftctlRun_Middlewares(t *testing.T) { }) }), "aws_sns_topic_policy").Times(1).Return(&foo, nil) }, - filter: "Type=='aws_sns_topic_policy' && Attr.arn=='arn'", assert: func(result *test.ScanResult, err error) { result.AssertManagedCount(1) result.AssertResourceHasDrift("foo", "aws_sns_topic_policy", analyser.Change{ @@ -652,6 +808,15 @@ func TestDriftctlRun_Middlewares(t *testing.T) { Computed: false, }) }, + options: func(t *testing.T) *pkg.ScanOptions { + filterStr := "Type=='aws_sns_topic_policy' && Attr.arn=='arn'" + f, err := filter.BuildExpression(filterStr) + if err != nil { + t.Fatalf("Unable to build filter expression: %s\n%s", filterStr, err) + } + + return &pkg.ScanOptions{Filter: f} + }, }, { name: "test sqs queue policy expander middleware", @@ -690,7 +855,6 @@ func TestDriftctlRun_Middlewares(t *testing.T) { }) }), "aws_sqs_queue_policy").Times(1).Return(&foo, nil) }, - filter: "Type=='aws_sqs_queue_policy' && Attr.queue_url=='foo'", assert: func(result *test.ScanResult, err error) { result.AssertManagedCount(1) result.AssertResourceHasDrift("foo", "aws_sqs_queue_policy", analyser.Change{ @@ -703,6 +867,15 @@ func TestDriftctlRun_Middlewares(t *testing.T) { Computed: false, }) }, + options: func(t *testing.T) *pkg.ScanOptions { + filterStr := "Type=='aws_sqs_queue_policy' && Attr.queue_url=='foo'" + f, err := filter.BuildExpression(filterStr) + if err != nil { + t.Fatalf("Unable to build filter expression: %s\n%s", filterStr, err) + } + + return &pkg.ScanOptions{Filter: f} + }, }, { name: "test security group rule sanitizer middleware", @@ -1080,11 +1253,19 @@ func TestDriftctlRun_Middlewares(t *testing.T) { }) }), "aws_security_group_rule").Times(1).Return(&rule4, nil) }, - filter: "Type=='aws_security_group_rule' && Attr.security_group_id=='sg-0254c038e32f25530'", assert: func(result *test.ScanResult, err error) { result.AssertManagedCount(7) result.AssertInfrastructureIsInSync() }, + options: func(t *testing.T) *pkg.ScanOptions { + filterStr := "Type=='aws_security_group_rule' && Attr.security_group_id=='sg-0254c038e32f25530'" + f, err := filter.BuildExpression(filterStr) + if err != nil { + t.Fatalf("Unable to build filter expression: %s\n%s", filterStr, err) + } + + return &pkg.ScanOptions{Filter: f} + }, }, } From 1ce230d03ceebf29d47917cfd6a567bda3871947 Mon Sep 17 00:00:00 2001 From: sundowndev Date: Mon, 19 Apr 2021 15:42:10 +0200 Subject: [PATCH 2/3] test: add a test case for strict mode with filters --- pkg/driftctl_test.go | 63 ++++++++++++++++++++++++++++++++++++++++++-- test/result.go | 16 ++++++++++- 2 files changed, 76 insertions(+), 3 deletions(-) diff --git a/pkg/driftctl_test.go b/pkg/driftctl_test.go index 5d333bd5..116fccc0 100644 --- a/pkg/driftctl_test.go +++ b/pkg/driftctl_test.go @@ -295,7 +295,7 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { Id: "fake", }, &aws.AwsIamPolicy{ - Id: "role-policy-test-1", + Id: "policy-test-1", Arn: func(p string) *string { return &p }("policy-test-1"), }, }, @@ -312,7 +312,7 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { Role: func(p string) *string { return &p }("role-test-1"), }, &aws.AwsIamPolicy{ - Id: "role-policy-test-1", + Id: "policy-test-1", Arn: func(p string) *string { return &p }("policy-test-1"), }, &aws.AwsIamPolicyAttachment{ @@ -338,6 +338,65 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { } }, }, + { + name: "we should not ignore default AWS IAM role when strict mode is enabled and a filter is specified", + stateResources: []resource.Resource{ + testresource.FakeResource{ + Id: "fake", + }, + &aws.AwsIamPolicy{ + Id: "policy-test-1", + Arn: func(p string) *string { return &p }("policy-test-1"), + }, + }, + remoteResources: []resource.Resource{ + testresource.FakeResource{ + Id: "fake", + }, + &aws.AwsIamRole{ + Id: "role-test-1", + Path: func(p string) *string { return &p }("/aws-service-role/test"), + }, + &aws.AwsIamRolePolicy{ + Id: "role-policy-test-1", + Role: func(p string) *string { return &p }("role-test-1"), + }, + &aws.AwsIamPolicy{ + Id: "policy-test-1", + Arn: func(p string) *string { return &p }("policy-test-1"), + }, + &aws.AwsIamPolicyAttachment{ + Id: "policy-attachment-test-1", + PolicyArn: func(p string) *string { return &p }("policy-test-1"), + Users: func(p []string) *[]string { return &p }([]string{}), + Roles: func(p []string) *[]string { return &p }([]string{"role-test-1"}), + }, + &aws.AwsIamRole{ + Id: "role-test-2", + Path: func(p string) *string { return &p }("/not-aws-service-role/test"), + }, + }, + assert: func(result *test.ScanResult, err error) { + result.AssertCoverage(0) + result.AssertInfrastructureIsNotSync() + result.AssertManagedCount(0) + result.AssertUnmanagedCount(1) + result.AssertDeletedCount(0) + result.AssertDriftCountTotal(0) + }, + options: func(t *testing.T) *pkg.ScanOptions { + filterStr := "Id=='role-test-1'" + f, err := filter.BuildExpression(filterStr) + if err != nil { + t.Fatalf("Unable to build filter expression: %s\n%s", filterStr, err) + } + + return &pkg.ScanOptions{ + Filter: f, + StrictMode: true, + } + }, + }, } runTest(t, cases) diff --git a/test/result.go b/test/result.go index 8601103f..ac6d5fb7 100644 --- a/test/result.go +++ b/test/result.go @@ -74,7 +74,7 @@ func (r *ScanResult) AssertResourceHasNoDrift(id, ty string) { } func (r *ScanResult) AssertCoverage(expected int) { - r.Equal(expected, r.Coverage) + r.Equal(expected, r.Coverage()) } func (r *ScanResult) AssertDriftCountTotal(count int) { @@ -110,3 +110,17 @@ func (r ScanResult) AssertInfrastructureIsInSync() { ), ) } + +func (r ScanResult) AssertInfrastructureIsNotSync() { + r.Equal( + false, + r.Analysis.IsSync(), + fmt.Sprintf( + "Infrastructure is in sync: %+v\nUnmanaged:\n%+v\nDeleted:\n%+v\nDifferences:\n%+v\n", + r.Analysis.Summary(), + r.Analysis.Unmanaged(), + r.Analysis.Deleted(), + r.Analysis.Differences(), + ), + ) +} From cc30029de330a90d9b79ef0cd266213488d48b83 Mon Sep 17 00:00:00 2001 From: sundowndev Date: Fri, 30 Apr 2021 13:46:31 +0200 Subject: [PATCH 3/3] refactor: simplify code --- pkg/driftctl_test.go | 42 +++++++++++++++++++++--------------------- 1 file changed, 21 insertions(+), 21 deletions(-) diff --git a/pkg/driftctl_test.go b/pkg/driftctl_test.go index 2367f299..e609138a 100644 --- a/pkg/driftctl_test.go +++ b/pkg/driftctl_test.go @@ -33,7 +33,7 @@ type TestCase struct { remoteResources []resource.Resource mocks func(factory resource.ResourceFactory) assert func(result *test.ScanResult, err error) - options func(t *testing.T) *pkg.ScanOptions + options *pkg.ScanOptions } type TestCases []TestCase @@ -72,7 +72,7 @@ func runTest(t *testing.T, cases TestCases) { c.mocks(resourceFactory) } - driftctl := pkg.NewDriftCTL(remoteSupplier, stateSupplier, testAlerter, resourceFactory, c.options(t), repo) + driftctl := pkg.NewDriftCTL(remoteSupplier, stateSupplier, testAlerter, resourceFactory, c.options, repo) analysis, err := driftctl.Run() @@ -106,7 +106,7 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { }, options: func(t *testing.T) *pkg.ScanOptions { return &pkg.ScanOptions{} - }, + }(t), }, { name: "we should have deleted resource", @@ -119,7 +119,7 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { }, options: func(t *testing.T) *pkg.ScanOptions { return &pkg.ScanOptions{} - }, + }(t), }, { name: "we should have unmanaged resource", @@ -132,7 +132,7 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { }, options: func(t *testing.T) *pkg.ScanOptions { return &pkg.ScanOptions{} - }, + }(t), }, { name: "we should have changes of field update", @@ -162,7 +162,7 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { }, options: func(t *testing.T) *pkg.ScanOptions { return &pkg.ScanOptions{} - }, + }(t), }, { name: "we should have changes on computed field", @@ -192,7 +192,7 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { }, options: func(t *testing.T) *pkg.ScanOptions { return &pkg.ScanOptions{} - }, + }(t), }, { name: "we should have changes of deleted field", @@ -223,7 +223,7 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { }, options: func(t *testing.T) *pkg.ScanOptions { return &pkg.ScanOptions{} - }, + }(t), }, { name: "we should have changes of added field", @@ -254,7 +254,7 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { }, options: func(t *testing.T) *pkg.ScanOptions { return &pkg.ScanOptions{} - }, + }(t), }, { name: "we should ignore default AWS IAM role when strict mode is disabled", @@ -304,7 +304,7 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { return &pkg.ScanOptions{ StrictMode: false, } - }, + }(t), }, { name: "we should not ignore default AWS IAM role when strict mode is enabled", @@ -354,7 +354,7 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { return &pkg.ScanOptions{ StrictMode: true, } - }, + }(t), }, { name: "we should not ignore default AWS IAM role when strict mode is enabled and a filter is specified", @@ -413,7 +413,7 @@ func TestDriftctlRun_BasicBehavior(t *testing.T) { Filter: f, StrictMode: true, } - }, + }(t), }, } @@ -447,7 +447,7 @@ func TestDriftctlRun_BasicFilter(t *testing.T) { } return &pkg.ScanOptions{Filter: f} - }, + }(t), }, { name: "test filtering on Id", @@ -474,7 +474,7 @@ func TestDriftctlRun_BasicFilter(t *testing.T) { } return &pkg.ScanOptions{Filter: f} - }, + }(t), }, { name: "test filtering on attribute", @@ -507,7 +507,7 @@ func TestDriftctlRun_BasicFilter(t *testing.T) { } return &pkg.ScanOptions{Filter: f} - }, + }(t), }, } @@ -574,7 +574,7 @@ func TestDriftctlRun_Middlewares(t *testing.T) { } return &pkg.ScanOptions{Filter: f} - }, + }(t), }, { name: "test instance block device middleware", @@ -707,7 +707,7 @@ func TestDriftctlRun_Middlewares(t *testing.T) { } return &pkg.ScanOptions{Filter: f} - }, + }(t), }, { name: "test route table expander middleware", @@ -833,7 +833,7 @@ func TestDriftctlRun_Middlewares(t *testing.T) { } return &pkg.ScanOptions{Filter: f} - }, + }(t), }, { name: "test sns topic policy expander middleware", @@ -893,7 +893,7 @@ func TestDriftctlRun_Middlewares(t *testing.T) { } return &pkg.ScanOptions{Filter: f} - }, + }(t), }, { name: "test sqs queue policy expander middleware", @@ -952,7 +952,7 @@ func TestDriftctlRun_Middlewares(t *testing.T) { } return &pkg.ScanOptions{Filter: f} - }, + }(t), }, { name: "test security group rule sanitizer middleware", @@ -1342,7 +1342,7 @@ func TestDriftctlRun_Middlewares(t *testing.T) { } return &pkg.ScanOptions{Filter: f} - }, + }(t), }, }