forked from securego/gosec
-
Notifications
You must be signed in to change notification settings - Fork 0
/
config_test.go
138 lines (119 loc) · 4.06 KB
/
config_test.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
package gosec_test
import (
"bytes"
"strings"
. "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
"github.com/securego/gosec/v2"
)
var _ = Describe("Configuration", func() {
var configuration gosec.Config
BeforeEach(func() {
configuration = gosec.NewConfig()
})
Context("when loading from disk", func() {
It("should be possible to load configuration from a file", func() {
json := `{"G101": {}}`
buffer := bytes.NewBufferString(json)
nread, err := configuration.ReadFrom(buffer)
Expect(nread).Should(Equal(int64(len(json))))
Expect(err).ShouldNot(HaveOccurred())
})
It("should return an error if configuration file is invalid", func() {
var err error
invalidBuffer := bytes.NewBuffer([]byte{0xc0, 0xff, 0xee})
_, err = configuration.ReadFrom(invalidBuffer)
Expect(err).Should(HaveOccurred())
emptyBuffer := bytes.NewBuffer([]byte{})
_, err = configuration.ReadFrom(emptyBuffer)
Expect(err).Should(HaveOccurred())
})
})
Context("when saving to disk", func() {
It("should be possible to save an empty configuration to file", func() {
expected := `{"global":{}}`
buffer := bytes.NewBuffer([]byte{})
nbytes, err := configuration.WriteTo(buffer)
Expect(int(nbytes)).Should(Equal(len(expected)))
Expect(err).ShouldNot(HaveOccurred())
Expect(buffer.String()).Should(Equal(expected))
})
It("should be possible to save configuration to file", func() {
configuration.Set("G101", map[string]string{
"mode": "strict",
})
buffer := bytes.NewBuffer([]byte{})
nbytes, err := configuration.WriteTo(buffer)
Expect(int(nbytes)).ShouldNot(BeZero())
Expect(err).ShouldNot(HaveOccurred())
Expect(buffer.String()).Should(Equal(`{"G101":{"mode":"strict"},"global":{}}`))
})
})
Context("when configuring rules", func() {
It("should be possible to get configuration for a rule", func() {
settings := map[string]string{
"ciphers": "AES256-GCM",
}
configuration.Set("G101", settings)
retrieved, err := configuration.Get("G101")
Expect(err).ShouldNot(HaveOccurred())
Expect(retrieved).Should(HaveKeyWithValue("ciphers", "AES256-GCM"))
Expect(retrieved).ShouldNot(HaveKey("foobar"))
})
})
Context("when using global configuration options", func() {
It("should have a default global section", func() {
settings, err := configuration.Get("global")
Expect(err).ShouldNot(HaveOccurred())
expectedType := make(map[gosec.GlobalOption]string)
Expect(settings).Should(BeAssignableToTypeOf(expectedType))
})
It("should save global settings to correct section", func() {
configuration.SetGlobal(gosec.Nosec, "enabled")
settings, err := configuration.Get("global")
Expect(err).ShouldNot(HaveOccurred())
if globals, ok := settings.(map[gosec.GlobalOption]string); ok {
Expect(globals["nosec"]).Should(MatchRegexp("enabled"))
} else {
Fail("globals are not defined as map")
}
setValue, err := configuration.GetGlobal(gosec.Nosec)
Expect(err).ShouldNot(HaveOccurred())
Expect(setValue).Should(MatchRegexp("enabled"))
})
It("should find global settings which are enabled", func() {
configuration.SetGlobal(gosec.Nosec, "enabled")
enabled, err := configuration.IsGlobalEnabled(gosec.Nosec)
Expect(err).ShouldNot(HaveOccurred())
Expect(enabled).Should(BeTrue())
})
It("should parse the global settings of type string from file", func() {
config := `
{
"global": {
"nosec": "enabled"
}
}`
cfg := gosec.NewConfig()
_, err := cfg.ReadFrom(strings.NewReader(config))
Expect(err).ShouldNot(HaveOccurred())
value, err := cfg.GetGlobal(gosec.Nosec)
Expect(err).ShouldNot(HaveOccurred())
Expect(value).Should(Equal("enabled"))
})
It("should parse the global settings of other types from file", func() {
config := `
{
"global": {
"nosec": true
}
}`
cfg := gosec.NewConfig()
_, err := cfg.ReadFrom(strings.NewReader(config))
Expect(err).ShouldNot(HaveOccurred())
value, err := cfg.GetGlobal(gosec.Nosec)
Expect(err).ShouldNot(HaveOccurred())
Expect(value).Should(Equal("true"))
})
})
})