mirror of
https://github.com/kubescape/kubescape.git
synced 2026-04-15 06:58:11 +00:00
8257e31232
* store scan results in storage Signed-off-by: Amir Malka <amirm@armosec.io> * store scan results in storage Signed-off-by: Amir Malka <amirm@armosec.io> * save resources in their namespaces, load namespace from env var, extend the config obj Signed-off-by: Amir Malka <amirm@armosec.io> * setting context name Signed-off-by: Amir Malka <amirm@armosec.io> * updated k8s-interface Signed-off-by: Amir Malka <amirm@armosec.io> * scanning a deleted resource Signed-off-by: Amir Malka <amirm@armosec.io> * cr changes Signed-off-by: Amir Malka <amirm@armosec.io> * cr changes Signed-off-by: Amir Malka <amirm@armosec.io> * fix Signed-off-by: Amir Malka <amirm@armosec.io> * remove unused constants Signed-off-by: Amir Malka <amirm@armosec.io> * use t.Setenv Signed-off-by: Amir Malka <amirm@armosec.io> * added tests for rbac triplet slugs Signed-off-by: Amir Malka <amirm@armosec.io> * updated namespace logic Signed-off-by: Amir Malka <amirm@armosec.io> * fix test Signed-off-by: Amir Malka <amirm@armosec.io> --------- Signed-off-by: Amir Malka <amirm@armosec.io>
58 lines
1.8 KiB
Go
58 lines
1.8 KiB
Go
package resourcehandler
|
|
|
|
import (
|
|
"github.com/kubescape/kubescape/v2/core/cautils"
|
|
"github.com/kubescape/opa-utils/objectsenvelopes"
|
|
"github.com/stretchr/testify/assert"
|
|
|
|
"testing"
|
|
)
|
|
|
|
func TestSsEmptyImgVulns(t *testing.T) {
|
|
externalResourcesMap := make(cautils.ExternalResources, 0)
|
|
externalResourcesMap["container.googleapis.com/v1"] = []string{"fsdfds"}
|
|
assert.Equal(t, true, isEmptyImgVulns(externalResourcesMap))
|
|
|
|
externalResourcesMap["armo.vuln.images/v1/ImageVulnerabilities"] = []string{"dada"}
|
|
assert.Equal(t, false, isEmptyImgVulns(externalResourcesMap))
|
|
|
|
externalResourcesMap["armo.vuln.images/v1/ImageVulnerabilities"] = []string{}
|
|
externalResourcesMap["bla"] = []string{"blu"}
|
|
assert.Equal(t, true, isEmptyImgVulns(externalResourcesMap))
|
|
}
|
|
|
|
func Test_getWorkloadFromScanObject(t *testing.T) {
|
|
// nil input returns nil without error
|
|
workload, err := getWorkloadFromScanObject(nil)
|
|
assert.NoError(t, err)
|
|
assert.Nil(t, workload)
|
|
|
|
// valid input returns workload without error
|
|
workload, err = getWorkloadFromScanObject(&objectsenvelopes.ScanObject{
|
|
ApiVersion: "apps/v1",
|
|
Kind: "Deployment",
|
|
Metadata: objectsenvelopes.ScanObjectMetadata{
|
|
Name: "test-deployment",
|
|
Namespace: "test-ns",
|
|
},
|
|
})
|
|
assert.NoError(t, err)
|
|
assert.NotNil(t, workload)
|
|
assert.Equal(t, "test-ns", workload.GetNamespace())
|
|
assert.Equal(t, "test-deployment", workload.GetName())
|
|
assert.Equal(t, "Deployment", workload.GetKind())
|
|
assert.Equal(t, "apps/v1", workload.GetApiVersion())
|
|
|
|
// invalid input returns an error
|
|
workload, err = getWorkloadFromScanObject(&objectsenvelopes.ScanObject{
|
|
ApiVersion: "apps/v1",
|
|
// missing kind
|
|
Metadata: objectsenvelopes.ScanObjectMetadata{
|
|
Name: "test-deployment",
|
|
Namespace: "test-ns",
|
|
},
|
|
})
|
|
assert.Error(t, err)
|
|
assert.Nil(t, workload)
|
|
}
|