def test_handle_empty(self):
hcl_res = hcl2.loads("""
resource "google_compute_instance" "broken" {
}
""")
resource_conf = hcl_res['resource'][0]['google_compute_instance']['broken']
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.PASSED, scan_result)
def test_unknown(self):
hcl_res = hcl2.loads("""
resource "google_compute_instance_from_template" "default" {
name = "test"
source_instance_template = google_compute_instance_template.tpl.id
}
""")
resource_conf = hcl_res['resource'][0]['google_compute_instance_from_template']['default']
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.UNKNOWN, scan_result)
def test_failure_1(self):
hcl_res = hcl2.loads("""
resource "google_compute_instance" "default" {
name = "test"
machine_type = "n1-standard-1"
zone = "us-central1-a"
service_account {
scopes = ["https://www.googleapis.com/auth/cloud-platform", "compute-ro", "storage-ro"]
}
}
""")
resource_conf = hcl_res['resource'][0]['google_compute_instance']['default']
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.FAILED, scan_result)
def test_success_2(self):
hcl_res = hcl2.loads("""
resource "google_compute_instance" "default" {
name = "gke-account"
machine_type = "n1-standard-1"
zone = "us-central1-a"
service_account {
scopes = ["https://www.googleapis.com/auth/cloud-platform", "compute-ro", "storage-ro"]
email = "*****@*****.**"
}
}
""")
resource_conf = hcl_res['resource'][0]['google_compute_instance']['default']
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.PASSED, scan_result)
def test_failure_4(self):
hcl_res = hcl2.loads("""
resource "google_compute_instance_from_template" "default" {
name = "test"
source_instance_template = google_compute_instance_template.tpl.id
service_account {
scopes = ["https://www.googleapis.com/auth/cloud-platform", "compute-ro", "storage-ro"]
email = "*****@*****.**"
}
}
""")
resource_conf = hcl_res['resource'][0]['google_compute_instance_from_template']['default']
scan_result = check.scan_resource_conf(conf=resource_conf)
self.assertEqual(CheckResult.FAILED, scan_result)
