generated from coulomb/repo-seed
130 lines
4.1 KiB
Go
130 lines
4.1 KiB
Go
package markitect_test
|
|
|
|
import (
|
|
"os"
|
|
"path/filepath"
|
|
"testing"
|
|
|
|
"gopkg.in/yaml.v3"
|
|
|
|
"github.com/netkingdom/flex-auth/internal/markitect"
|
|
"github.com/netkingdom/flex-auth/internal/registry"
|
|
"github.com/netkingdom/flex-auth/pkg/api"
|
|
)
|
|
|
|
func TestImportResourceManifestLoadsPinnedMarkitectShape(t *testing.T) {
|
|
var manifest api.ResourceManifest
|
|
loadYAML(t, filepath.Join("..", "..", "examples", "markitect", "resource_manifest.yaml"), &manifest)
|
|
|
|
store := registry.NewStore()
|
|
result, err := markitect.ImportResourceManifest(store, manifest)
|
|
if err != nil {
|
|
t.Fatalf("ImportResourceManifest: %v", err)
|
|
}
|
|
|
|
if result.Manifest.CaringProfile != api.CaringProfileCaring040RC2 {
|
|
t.Fatalf("CaringProfile = %q; want %q", result.Manifest.CaringProfile, api.CaringProfileCaring040RC2)
|
|
}
|
|
if !hasDiagnostic(result.Diagnostics, "MARKITECT-CARING-PROFILE", "warning") {
|
|
t.Fatalf("diagnostics = %+v; want missing CARING profile warning", result.Diagnostics)
|
|
}
|
|
|
|
resource, ok := store.Resource(markitect.SystemID, "document:internal-note")
|
|
if !ok {
|
|
t.Fatal("document:internal-note was not imported")
|
|
}
|
|
if resource.Attributes["caring_scope_level"] != api.ScopeLevelResource {
|
|
t.Fatalf("caring_scope_level = %v; want Resource", resource.Attributes["caring_scope_level"])
|
|
}
|
|
}
|
|
|
|
func TestImportNamespaceResourceManifestClassifiesAllResources(t *testing.T) {
|
|
var manifest api.ResourceManifest
|
|
loadYAML(t, filepath.Join("..", "..", "examples", "markitect", "namespace_resource_manifest.yaml"), &manifest)
|
|
|
|
store := registry.NewStore()
|
|
result, err := markitect.ImportResourceManifest(store, manifest)
|
|
if err != nil {
|
|
t.Fatalf("ImportResourceManifest: %v\n%+v", err, result.Diagnostics)
|
|
}
|
|
if hasSeverity(result.Diagnostics, "error") {
|
|
t.Fatalf("diagnostics = %+v; did not expect errors", result.Diagnostics)
|
|
}
|
|
|
|
span, ok := store.Resource(markitect.SystemID, "span:internal-note#risk:customer-email")
|
|
if !ok {
|
|
t.Fatal("span resource was not imported")
|
|
}
|
|
if span.Attributes["caring_scope_level"] != api.ScopeLevelField {
|
|
t.Fatalf("span caring_scope_level = %v; want Field", span.Attributes["caring_scope_level"])
|
|
}
|
|
if span.TrustZone != "restricted" {
|
|
t.Fatalf("span.TrustZone = %q; want restricted", span.TrustZone)
|
|
}
|
|
}
|
|
|
|
func TestImportAmbiguousManifestReportsClassificationWarnings(t *testing.T) {
|
|
var manifest api.ResourceManifest
|
|
loadYAML(t, filepath.Join("..", "..", "examples", "markitect", "ambiguous_resource_manifest.yaml"), &manifest)
|
|
|
|
store := registry.NewStore()
|
|
result, err := markitect.ImportResourceManifest(store, manifest)
|
|
if err != nil {
|
|
t.Fatalf("ImportResourceManifest: %v", err)
|
|
}
|
|
|
|
if !hasDiagnostic(result.Diagnostics, "MARKITECT-LABELS-MISSING", "warning") {
|
|
t.Fatalf("diagnostics = %+v; want labels warning", result.Diagnostics)
|
|
}
|
|
if !hasDiagnostic(result.Diagnostics, "MARKITECT-TRUST-ZONE-MISSING", "warning") {
|
|
t.Fatalf("diagnostics = %+v; want trust zone warning", result.Diagnostics)
|
|
}
|
|
}
|
|
|
|
func TestImportRejectsUnknownMarkitectResourceType(t *testing.T) {
|
|
manifest := api.ResourceManifest{
|
|
ID: "bad",
|
|
System: markitect.SystemID,
|
|
CaringProfile: api.CaringProfileCaring040RC2,
|
|
Resources: []api.Resource{
|
|
{ID: "unknown:1", Type: "unknown_type", Labels: []string{"internal"}, TrustZone: "internal"},
|
|
},
|
|
Metadata: map[string]any{"flex_auth_contract": api.FlexAuthContractV0},
|
|
}
|
|
|
|
_, err := markitect.ImportResourceManifest(registry.NewStore(), manifest)
|
|
if err == nil {
|
|
t.Fatal("ImportResourceManifest accepted unknown resource type")
|
|
}
|
|
}
|
|
|
|
func hasDiagnostic(diagnostics []markitect.Diagnostic, code, severity string) bool {
|
|
for _, diagnostic := range diagnostics {
|
|
if diagnostic.Code == code && diagnostic.Severity == severity {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|
|
|
|
func hasSeverity(diagnostics []markitect.Diagnostic, severity string) bool {
|
|
for _, diagnostic := range diagnostics {
|
|
if diagnostic.Severity == severity {
|
|
return true
|
|
}
|
|
}
|
|
return false
|
|
}
|
|
|
|
func loadYAML(t *testing.T, path string, out any) {
|
|
t.Helper()
|
|
|
|
data, err := os.ReadFile(path)
|
|
if err != nil {
|
|
t.Fatalf("read %s: %v", path, err)
|
|
}
|
|
if err := yaml.Unmarshal(data, out); err != nil {
|
|
t.Fatalf("unmarshal %s: %v", path, err)
|
|
}
|
|
}
|