]> git.madduck.net Git - etc/vim.git/blobdiff - .vim/bundle/ale/test/handler/test_tfsec_handler.vader

madduck's git repository

Every one of the projects in this repository is available at the canonical URL git://git.madduck.net/madduck/pub/<projectpath> — see each project's metadata for the exact URL.

All patches and comments are welcome. Please squash your changes to logical commits before using git-format-patch and git-send-email to patches@git.madduck.net. If you'd read over the Git project's submission guidelines and adhered to them, I'd be especially grateful.

SSH access, as well as push access can be individually arranged.

If you use my repositories frequently, consider adding the following snippet to ~/.gitconfig and using the third clone URL listed for each project:

[url "git://git.madduck.net/madduck/"]
  insteadOf = madduck:

projects / etc / vim.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Merge commit '76265755a1add77121c8f9dabb3e9bb70fe9a972' as '.vim/bundle/ale'
[etc/vim.git] / .vim / bundle / ale / test / handler / test_tfsec_handler.vader
diff --git a/.vim/bundle/ale/test/handler/test_tfsec_handler.vader b/.vim/bundle/ale/test/handler/test_tfsec_handler.vader
new file mode 100644 (file)
index 0000000..f656698
--- /dev/null
+++ b/.vim/bundle/ale/test/handler/test_tfsec_handler.vader
@@ -0,0 +1,52 @@
+Before:
+  runtime ale_linters/terraform/tfsec.vim
+
+After:
+  call ale#linter#Reset()
+
+Execute(The tfsec handler should handle empty output):
+  AssertEqual
+  \ [],
+  \ ale_linters#terraform#tfsec#Handle(bufnr(''), ['{"results": null}'])
+
+Execute(The tfsec handler should parse results correctly):
+  AssertEqual
+  \ [
+  \   {
+  \     'filename': '/test/main.tf',
+  \     'lnum': 10,
+  \     'end_lnum': 12,
+  \     'text': "IAM policy document uses sensitive action 'iam:PassRole' on wildcarded resource '*'",
+  \     'code': 'aws-iam-no-policy-wildcards',
+  \     'type': 'W',
+  \   },
+  \],
+  \ ale_linters#terraform#tfsec#Handle(bufnr(''), json_encode(
+  \ {
+  \   "results": [
+  \     {
+  \       "rule_id": "AVD-AWS-0057",
+  \       "long_id": "aws-iam-no-policy-wildcards",
+  \       "rule_description": "IAM policy should avoid use of wildcards and instead apply the principle of least privilege",
+  \       "rule_provider": "aws",
+  \       "rule_service": "iam",
+  \       "impact": "Overly permissive policies may grant access to sensitive resources",
+  \       "resolution": "Specify the exact permissions required, and to which resources they should apply instead of using wildcards.",
+  \       "links": [
+  \         "https://aquasecurity.github.io/tfsec/v1.28.0/checks/aws/iam/no-policy-wildcards/",
+  \         "https://registry.terraform.io/providers/hashicorp/aws/latest/docs/data-sources/iam_policy_document"
+  \       ],
+  \       "description": "IAM policy document uses sensitive action 'iam:PassRole' on wildcarded resource '*'",
+  \       "severity": "HIGH",
+  \       "warning": v:false,
+  \       "status": 0,
+  \       "resource": "data.aws_iam_policy_document.default",
+  \       "location": {
+  \          "filename": "/test/main.tf",
+  \          "start_line": 10,
+  \          "end_line": 12
+  \       }
+  \     }
+  \   ]
+  \ }
+  \))
vim configuration

Legalese

All content available in this repository is copyright © martin f. krafft, unless otherwise noted.

All files and their content are released under the terms of the Artistic Licence 2.0, unless otherwise noted.

The operator of this repository shall not be held liable for offending content in pages linking to or linked from these page, nor does he endorse their content unless stated otherwise.