updated testcases

tenable · Feb 9, 2022 · 50e3151 · 50e3151
1 parent 6f1dfe4
commit 50e3151
Show file tree

Hide file tree

Showing 4 changed files with 242 additions and 196 deletions.
diff --git a/pkg/cli/run_test.go b/pkg/cli/run_test.go
@@ -62,12 +62,12 @@ func TestRun(t *testing.T) {
 		log.SetOutput(ioutil.Discard)
 	}
 
-	// kustomizeTestDirPath := filepath.Join(runTestDir, "kustomize-test")
+	kustomizeTestDirPath := filepath.Join(runTestDir, "kustomize-test")
 	testTerraformFilePath := filepath.Join(runTestDir, "config-only.tf")
-	// testRemoteModuleFilePath := filepath.Join(runTestDir, "remote-modules.tf")
-	// testTFJSONFilePath := filepath.Join(runTestDir, "tf-plan.json")
+	testRemoteModuleFilePath := filepath.Join(runTestDir, "remote-modules.tf")
+	testTFJSONFilePath := filepath.Join(runTestDir, "tf-plan.json")
 
-	// ruleSlice := []string{"AWS.ECR.DataSecurity.High.0579", "AWS.SecurityGroup.NetworkPortsSecurity.Low.0561"}
+	ruleSlice := []string{"AWS.ECR.DataSecurity.High.0579", "AWS.SecurityGroup.NetworkPortsSecurity.Low.0561"}
 
 	table := []struct {
 		name        string
@@ -77,178 +77,178 @@ func TestRun(t *testing.T) {
 		want        string
 		wantErr     bool
 	}{
-		// {
-		// 	name: "normal terraform run",
-		// 	scanOptions: &ScanOptions{
-		// 		// policy type terraform is not supported, error expected
-		// 		policyType: []string{"terraform"},
-		// 		iacDirPath: runTestDir,
-		// 	},
-		// 	wantErr: true,
-		// },
-		// {
-		// 	name: "normal terraform run with successful output",
-		// 	scanOptions: &ScanOptions{
-		// 		policyType: []string{"all"},
-		// 		iacDirPath: runTestDir,
-		// 		outputType: "json",
-		// 	},
-		// },
-		// {
-		// 	name: "terraform run with --non-recursive flag",
-		// 	scanOptions: &ScanOptions{
-		// 		iacType:      "terraform",
-		// 		policyType:   []string{"all"},
-		// 		iacDirPath:   testDataDir,
-		// 		outputType:   "json",
-		// 		nonRecursive: true,
-		// 	},
-		// 	wantErr: true,
-		// },
-		// {
-		// 	name: "normal k8s run",
-		// 	scanOptions: &ScanOptions{
-		// 		policyType: []string{"k8s"},
-		// 		// kustomization.y(a)ml file not present under the dir path, error expected
-		// 		iacDirPath: runTestDir,
-		// 	},
-		// 	wantErr: true,
-		// },
-		// {
-		// 	name: "normal k8s run with successful output",
-		// 	scanOptions: &ScanOptions{
-		// 		policyType: []string{"k8s"},
-		// 		iacDirPath: kustomizeTestDirPath,
-		// 		outputType: "human",
-		// 	},
-		// },
-		// {
-		// 	name: "normal k8s run with successful output for junit-xml with passed tests",
-		// 	scanOptions: &ScanOptions{
-		// 		policyType:      []string{"k8s"},
-		// 		iacDirPath:      kustomizeTestDirPath,
-		// 		outputType:      "junit-xml",
-		// 		showPassedRules: true,
-		// 	},
-		// },
-		// {
-		// 	name: "config-only flag terraform",
-		// 	scanOptions: &ScanOptions{
-		// 		policyType:  []string{"all"},
-		// 		iacFilePath: testTerraformFilePath,
-		// 		configOnly:  true,
-		// 		outputType:  "yaml",
-		// 	},
-		// },
-		// {
-		// 	// test for https://github.com/accurics/terrascan/issues/718
-		// 	// a valid tfplan file is supplied, error is not expected
-		// 	name: "iac type is tfplan and -f option used to specify the tfplan.json",
-		// 	scanOptions: &ScanOptions{
-		// 		policyType:  []string{"all"},
-		// 		iacType:     "tfplan",
-		// 		iacFilePath: testTFJSONFilePath,
-		// 		outputType:  "yaml",
-		// 	},
-		// 	wantErr: false,
-		// },
-		// {
-		// 	name: "config-only flag k8s",
-		// 	scanOptions: &ScanOptions{
-		// 		policyType: []string{"k8s"},
-		// 		iacDirPath: kustomizeTestDirPath,
-		// 		configOnly: true,
-		// 		outputType: "json",
-		// 	},
-		// },
-		// {
-		// 	// xml doesn't support config-only, error expected
-		// 	// modify the test results when xml supports config-only
-		// 	name: "config-only flag true with xml output format",
-		// 	scanOptions: &ScanOptions{
-		// 		policyType:  []string{"all"},
-		// 		iacFilePath: testTerraformFilePath,
-		// 		configOnly:  true,
-		// 		outputType:  "xml",
-		// 	},
-		// 	wantErr: true,
-		// },
-		// {
-		// 	name: "fail to download remote repository",
-		// 	scanOptions: &ScanOptions{
-		// 		policyType:  []string{"all"},
-		// 		iacFilePath: testTerraformFilePath,
-		// 		remoteURL:   "test",
-		// 		remoteType:  "test",
-		// 	},
-		// 	wantErr: true,
-		// },
-		// {
-		// 	name: "incorrect config file",
-		// 	scanOptions: &ScanOptions{
-		// 		policyType: []string{"all"},
-		// 		iacDirPath: testTerraformFilePath,
-		// 		outputType: "json",
-		// 		configFile: "invalidFile",
-		// 	},
-		// 	wantErr: true,
-		// },
-		// {
-		// 	name: "run with skip rules",
-		// 	scanOptions: &ScanOptions{
-		// 		policyType: []string{"all"},
-		// 		iacDirPath: runTestDir,
-		// 		outputType: "json",
-		// 		skipRules:  ruleSlice,
-		// 	},
-		// },
-		// {
-		// 	name: "run with scan rules",
-		// 	scanOptions: &ScanOptions{
-		// 		policyType: []string{"all"},
-		// 		iacDirPath: runTestDir,
-		// 		outputType: "yaml",
-		// 		scanRules:  ruleSlice,
-		// 	},
-		// },
-		// {
-		// 	name: "config file with rules",
-		// 	scanOptions: &ScanOptions{
-		// 		policyType: []string{"all"},
-		// 		iacDirPath: runTestDir,
-		// 		outputType: "yaml",
-		// 		configFile: filepath.Join(testDataDir, "configFile.toml"),
-		// 	},
-		// },
-		// {
-		// 	name: "scan file with remote module",
-		// 	scanOptions: &ScanOptions{
-		// 		policyType:  []string{"all"},
-		// 		iacFilePath: testRemoteModuleFilePath,
-		// 		outputType:  "human",
-		// 		configFile:  filepath.Join(testDataDir, "configFile.toml"),
-		// 	},
-		// },
-		// {
-		// 	name: "invalid remote type",
-		// 	scanOptions: &ScanOptions{
-		// 		policyType: []string{"all"},
-		// 		remoteType: "test",
-		// 		remoteURL:  "test",
-		// 		outputType: "human",
-		// 	},
-		// 	wantErr: true,
-		// },
-		// {
-		// 	name: "valid remote type with invalid remote url",
-		// 	scanOptions: &ScanOptions{
-		// 		policyType: []string{"all"},
-		// 		remoteType: "terraform-registry",
-		// 		remoteURL:  "terraform-aws-modules/eks",
-		// 		outputType: "human",
-		// 	},
-		// 	wantErr: true,
-		// },
+		{
+			name: "normal terraform run",
+			scanOptions: &ScanOptions{
+				// policy type terraform is not supported, error expected
+				policyType: []string{"terraform"},
+				iacDirPath: runTestDir,
+			},
+			wantErr: true,
+		},
+		{
+			name: "normal terraform run with successful output",
+			scanOptions: &ScanOptions{
+				policyType: []string{"all"},
+				iacDirPath: runTestDir,
+				outputType: "json",
+			},
+		},
+		{
+			name: "terraform run with --non-recursive flag",
+			scanOptions: &ScanOptions{
+				iacType:      "terraform",
+				policyType:   []string{"all"},
+				iacDirPath:   testDataDir,
+				outputType:   "json",
+				nonRecursive: true,
+			},
+			wantErr: true,
+		},
+		{
+			name: "normal k8s run",
+			scanOptions: &ScanOptions{
+				policyType: []string{"k8s"},
+				// kustomization.y(a)ml file not present under the dir path, error expected
+				iacDirPath: runTestDir,
+			},
+			wantErr: true,
+		},
+		{
+			name: "normal k8s run with successful output",
+			scanOptions: &ScanOptions{
+				policyType: []string{"k8s"},
+				iacDirPath: kustomizeTestDirPath,
+				outputType: "human",
+			},
+		},
+		{
+			name: "normal k8s run with successful output for junit-xml with passed tests",
+			scanOptions: &ScanOptions{
+				policyType:      []string{"k8s"},
+				iacDirPath:      kustomizeTestDirPath,
+				outputType:      "junit-xml",
+				showPassedRules: true,
+			},
+		},
+		{
+			name: "config-only flag terraform",
+			scanOptions: &ScanOptions{
+				policyType:  []string{"all"},
+				iacFilePath: testTerraformFilePath,
+				configOnly:  true,
+				outputType:  "yaml",
+			},
+		},
+		{
+			// test for https://github.com/accurics/terrascan/issues/718
+			// a valid tfplan file is supplied, error is not expected
+			name: "iac type is tfplan and -f option used to specify the tfplan.json",
+			scanOptions: &ScanOptions{
+				policyType:  []string{"all"},
+				iacType:     "tfplan",
+				iacFilePath: testTFJSONFilePath,
+				outputType:  "yaml",
+			},
+			wantErr: false,
+		},
+		{
+			name: "config-only flag k8s",
+			scanOptions: &ScanOptions{
+				policyType: []string{"k8s"},
+				iacDirPath: kustomizeTestDirPath,
+				configOnly: true,
+				outputType: "json",
+			},
+		},
+		{
+			// xml doesn't support config-only, error expected
+			// modify the test results when xml supports config-only
+			name: "config-only flag true with xml output format",
+			scanOptions: &ScanOptions{
+				policyType:  []string{"all"},
+				iacFilePath: testTerraformFilePath,
+				configOnly:  true,
+				outputType:  "xml",
+			},
+			wantErr: true,
+		},
+		{
+			name: "fail to download remote repository",
+			scanOptions: &ScanOptions{
+				policyType:  []string{"all"},
+				iacFilePath: testTerraformFilePath,
+				remoteURL:   "test",
+				remoteType:  "test",
+			},
+			wantErr: true,
+		},
+		{
+			name: "incorrect config file",
+			scanOptions: &ScanOptions{
+				policyType: []string{"all"},
+				iacDirPath: testTerraformFilePath,
+				outputType: "json",
+				configFile: "invalidFile",
+			},
+			wantErr: true,
+		},
+		{
+			name: "run with skip rules",
+			scanOptions: &ScanOptions{
+				policyType: []string{"all"},
+				iacDirPath: runTestDir,
+				outputType: "json",
+				skipRules:  ruleSlice,
+			},
+		},
+		{
+			name: "run with scan rules",
+			scanOptions: &ScanOptions{
+				policyType: []string{"all"},
+				iacDirPath: runTestDir,
+				outputType: "yaml",
+				scanRules:  ruleSlice,
+			},
+		},
+		{
+			name: "config file with rules",
+			scanOptions: &ScanOptions{
+				policyType: []string{"all"},
+				iacDirPath: runTestDir,
+				outputType: "yaml",
+				configFile: filepath.Join(testDataDir, "configFile.toml"),
+			},
+		},
+		{
+			name: "scan file with remote module",
+			scanOptions: &ScanOptions{
+				policyType:  []string{"all"},
+				iacFilePath: testRemoteModuleFilePath,
+				outputType:  "human",
+				configFile:  filepath.Join(testDataDir, "configFile.toml"),
+			},
+		},
+		{
+			name: "invalid remote type",
+			scanOptions: &ScanOptions{
+				policyType: []string{"all"},
+				remoteType: "test",
+				remoteURL:  "test",
+				outputType: "human",
+			},
+			wantErr: true,
+		},
+		{
+			name: "valid remote type with invalid remote url",
+			scanOptions: &ScanOptions{
+				policyType: []string{"all"},
+				remoteType: "terraform-registry",
+				remoteURL:  "terraform-aws-modules/eks",
+				outputType: "human",
+			},
+			wantErr: true,
+		},
 		{
 			name: "config-with-error flag terraform",
 			scanOptions: &ScanOptions{

diff --git a/pkg/http-server/file-scan.go b/pkg/http-server/file-scan.go
@@ -139,7 +139,7 @@ func (g *APIHandler) scanFile(w http.ResponseWriter, r *http.Request) {
 	if configWithErrorValue != "" {
 		configWithError, err = strconv.ParseBool(configWithErrorValue)
 		if err != nil {
-			errMsg := fmt.Sprintf("error while reading 'config_only' value. error: '%v'", err)
+			errMsg := fmt.Sprintf("error while reading 'config_with_error' value. error: '%v'", err)
 			zap.S().Error(errMsg)
 			apiErrorResponse(w, errMsg, http.StatusBadRequest)
 			return