test(cloudformation): add CF tests

pkg/iac/adapters/cloudformation/aws/accessanalyzer/accessanalyzer_test.go

@@ -1,14 +1,11 @@
 package accessanalyzer
 
 import (
-	"context"
 	"testing"
 
-	"github.com/aquasecurity/trivy/internal/testutil"
+	"github.com/aquasecurity/trivy/pkg/iac/adapters/cloudformation/testutil"
 	"github.com/aquasecurity/trivy/pkg/iac/providers/aws/accessanalyzer"
-	"github.com/aquasecurity/trivy/pkg/iac/scanners/cloudformation/parser"
 	"github.com/aquasecurity/trivy/pkg/iac/types"
-	"github.com/stretchr/testify/require"
 )
 
 func TestAdapt(t *testing.T) {
@@ -51,15 +48,7 @@ Resources:
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			fsys := testutil.CreateFS(t, map[string]string{
-				"main.yaml": tt.source,
-			})
-
-			fctx, err := parser.New().ParseFile(context.TODO(), fsys, "main.yaml")
-			require.NoError(t, err)
-
-			adapted := Adapt(*fctx)
-			testutil.AssertDefsecEqual(t, tt.expected, adapted)
+			testutil.AdaptAndCompare(t, tt.source, tt.expected, Adapt)
 		})
 	}
 }

pkg/iac/adapters/cloudformation/aws/apigateway/apigateway_test.go

@@ -1,15 +1,12 @@
 package apigateway
 
 import (
-	"context"
 	"testing"
 
-	"github.com/aquasecurity/trivy/internal/testutil"
+	"github.com/aquasecurity/trivy/pkg/iac/adapters/cloudformation/testutil"
 	"github.com/aquasecurity/trivy/pkg/iac/providers/aws/apigateway"
 	v2 "github.com/aquasecurity/trivy/pkg/iac/providers/aws/apigateway/v2"
-	"github.com/aquasecurity/trivy/pkg/iac/scanners/cloudformation/parser"
 	"github.com/aquasecurity/trivy/pkg/iac/types"
-	"github.com/stretchr/testify/require"
 )
 
 func TestAdapt(t *testing.T) {
@@ -71,15 +68,7 @@ Resources:
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			fsys := testutil.CreateFS(t, map[string]string{
-				"main.yaml": tt.source,
-			})
-
-			fctx, err := parser.New().ParseFile(context.TODO(), fsys, "main.yaml")
-			require.NoError(t, err)
-
-			adapted := Adapt(*fctx)
-			testutil.AssertDefsecEqual(t, tt.expected, adapted)
+			testutil.AdaptAndCompare(t, tt.source, tt.expected, Adapt)
 		})
 	}
 }

pkg/iac/adapters/cloudformation/aws/apigateway/stage.go

@@ -2,11 +2,11 @@ package apigateway
 
 import (
 	v2 "github.com/aquasecurity/trivy/pkg/iac/providers/aws/apigateway/v2"
-	parser2 "github.com/aquasecurity/trivy/pkg/iac/scanners/cloudformation/parser"
+	"github.com/aquasecurity/trivy/pkg/iac/scanners/cloudformation/parser"
 	"github.com/aquasecurity/trivy/pkg/iac/types"
 )
 
-func getApis(cfFile parser2.FileContext) (apis []v2.API) {
+func getApis(cfFile parser.FileContext) (apis []v2.API) {
 
 	apiResources := cfFile.GetResourcesByType("AWS::ApiGatewayV2::Api")
 	for _, apiRes := range apiResources {
@@ -22,7 +22,7 @@ func getApis(cfFile parser2.FileContext) (apis []v2.API) {
 	return apis
 }
 
-func getStages(apiId string, cfFile parser2.FileContext) []v2.Stage {
+func getStages(apiId string, cfFile parser.FileContext) []v2.Stage {
 	var apiStages []v2.Stage
 
 	stageResources := cfFile.GetResourcesByType("AWS::ApiGatewayV2::Stage")
@@ -43,7 +43,7 @@ func getStages(apiId string, cfFile parser2.FileContext) []v2.Stage {
 	return apiStages
 }
 
-func getAccessLogging(r *parser2.Resource) v2.AccessLogging {
+func getAccessLogging(r *parser.Resource) v2.AccessLogging {
 
 	loggingProp := r.GetProperty("AccessLogSettings")
 	if loggingProp.IsNil() {

pkg/iac/adapters/cloudformation/aws/athena/athena_test.go

@@ -1,14 +1,11 @@
 package athena
 
 import (
-	"context"
 	"testing"
 
-	"github.com/aquasecurity/trivy/internal/testutil"
+	"github.com/aquasecurity/trivy/pkg/iac/adapters/cloudformation/testutil"
 	"github.com/aquasecurity/trivy/pkg/iac/providers/aws/athena"
-	"github.com/aquasecurity/trivy/pkg/iac/scanners/cloudformation/parser"
 	"github.com/aquasecurity/trivy/pkg/iac/types"
-	"github.com/stretchr/testify/require"
 )
 
 func TestAdapt(t *testing.T) {
@@ -57,15 +54,7 @@ Resources:
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			fsys := testutil.CreateFS(t, map[string]string{
-				"main.yaml": tt.source,
-			})
-
-			fctx, err := parser.New().ParseFile(context.TODO(), fsys, "main.yaml")
-			require.NoError(t, err)
-
-			adapted := Adapt(*fctx)
-			testutil.AssertDefsecEqual(t, tt.expected, adapted)
+			testutil.AdaptAndCompare(t, tt.source, tt.expected, Adapt)
 		})
 	}
 

pkg/iac/adapters/cloudformation/aws/cloudfront/cloudfront_test.go

@@ -1,14 +1,11 @@
 package cloudfront
 
 import (
-	"context"
 	"testing"
 
-	"github.com/aquasecurity/trivy/internal/testutil"
+	"github.com/aquasecurity/trivy/pkg/iac/adapters/cloudformation/testutil"
 	"github.com/aquasecurity/trivy/pkg/iac/providers/aws/cloudfront"
-	"github.com/aquasecurity/trivy/pkg/iac/scanners/cloudformation/parser"
 	"github.com/aquasecurity/trivy/pkg/iac/types"
-	"github.com/stretchr/testify/require"
 )
 
 func TestAdapt(t *testing.T) {
@@ -65,15 +62,7 @@ Resources:
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			fsys := testutil.CreateFS(t, map[string]string{
-				"main.yaml": tt.source,
-			})
-
-			fctx, err := parser.New().ParseFile(context.TODO(), fsys, "main.yaml")
-			require.NoError(t, err)
-
-			adapted := Adapt(*fctx)
-			testutil.AssertDefsecEqual(t, tt.expected, adapted)
+			testutil.AdaptAndCompare(t, tt.source, tt.expected, Adapt)
 		})
 	}
 }

pkg/iac/adapters/cloudformation/aws/cloudtrail/cloudtrail_test.go

@@ -1,14 +1,11 @@
 package cloudtrail
 
 import (
-	"context"
 	"testing"
 
-	"github.com/aquasecurity/trivy/internal/testutil"
+	"github.com/aquasecurity/trivy/pkg/iac/adapters/cloudformation/testutil"
 	"github.com/aquasecurity/trivy/pkg/iac/providers/aws/cloudtrail"
-	"github.com/aquasecurity/trivy/pkg/iac/scanners/cloudformation/parser"
 	"github.com/aquasecurity/trivy/pkg/iac/types"
-	"github.com/stretchr/testify/require"
 )
 
 func TestAdapt(t *testing.T) {
@@ -61,15 +58,7 @@ Resources:
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			fsys := testutil.CreateFS(t, map[string]string{
-				"main.yaml": tt.source,
-			})
-
-			fctx, err := parser.New().ParseFile(context.TODO(), fsys, "main.yaml")
-			require.NoError(t, err)
-
-			adapted := Adapt(*fctx)
-			testutil.AssertDefsecEqual(t, tt.expected, adapted)
+			testutil.AdaptAndCompare(t, tt.source, tt.expected, Adapt)
 		})
 	}
 }

pkg/iac/adapters/cloudformation/aws/cloudwatch/cloudwatch_test.go

@@ -1,14 +1,11 @@
 package cloudwatch
 
 import (
-	"context"
 	"testing"
 
-	"github.com/aquasecurity/trivy/internal/testutil"
+	"github.com/aquasecurity/trivy/pkg/iac/adapters/cloudformation/testutil"
 	"github.com/aquasecurity/trivy/pkg/iac/providers/aws/cloudwatch"
-	"github.com/aquasecurity/trivy/pkg/iac/scanners/cloudformation/parser"
 	"github.com/aquasecurity/trivy/pkg/iac/types"
-	"github.com/stretchr/testify/require"
 )
 
 func TestAdapt(t *testing.T) {
@@ -54,15 +51,7 @@ Resources:
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			fsys := testutil.CreateFS(t, map[string]string{
-				"main.yaml": tt.source,
-			})
-
-			fctx, err := parser.New().ParseFile(context.TODO(), fsys, "main.yaml")
-			require.NoError(t, err)
-
-			adapted := Adapt(*fctx)
-			testutil.AssertDefsecEqual(t, tt.expected, adapted)
+			testutil.AdaptAndCompare(t, tt.source, tt.expected, Adapt)
 		})
 	}
 }

pkg/iac/adapters/cloudformation/aws/codebuild/codebuild_test.go

@@ -1,14 +1,11 @@
 package codebuild
 
 import (
-	"context"
 	"testing"
 
-	"github.com/aquasecurity/trivy/internal/testutil"
+	"github.com/aquasecurity/trivy/pkg/iac/adapters/cloudformation/testutil"
 	"github.com/aquasecurity/trivy/pkg/iac/providers/aws/codebuild"
-	"github.com/aquasecurity/trivy/pkg/iac/scanners/cloudformation/parser"
 	"github.com/aquasecurity/trivy/pkg/iac/types"
-	"github.com/stretchr/testify/require"
 )
 
 func TestAdapt(t *testing.T) {
@@ -65,15 +62,7 @@ Resources:
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			fsys := testutil.CreateFS(t, map[string]string{
-				"main.yaml": tt.source,
-			})
-
-			fctx, err := parser.New().ParseFile(context.TODO(), fsys, "main.yaml")
-			require.NoError(t, err)
-
-			adapted := Adapt(*fctx)
-			testutil.AssertDefsecEqual(t, tt.expected, adapted)
+			testutil.AdaptAndCompare(t, tt.source, tt.expected, Adapt)
 		})
 	}
 }

pkg/iac/adapters/cloudformation/aws/config/adapt_test.go

@@ -1,14 +1,11 @@
 package config
 
 import (
-	"context"
 	"testing"
 
-	"github.com/aquasecurity/trivy/internal/testutil"
+	"github.com/aquasecurity/trivy/pkg/iac/adapters/cloudformation/testutil"
 	"github.com/aquasecurity/trivy/pkg/iac/providers/aws/config"
-	"github.com/aquasecurity/trivy/pkg/iac/scanners/cloudformation/parser"
 	"github.com/aquasecurity/trivy/pkg/iac/types"
-	"github.com/stretchr/testify/require"
 )
 
 func TestAdapt(t *testing.T) {
@@ -55,15 +52,7 @@ Resources:
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			fs := testutil.CreateFS(t, map[string]string{
-				"template.yaml": tt.source,
-			})
-
-			p := parser.New()
-			fctx, err := p.ParseFile(context.TODO(), fs, "template.yaml")
-			require.NoError(t, err)
-
-			testutil.AssertDefsecEqual(t, tt.expected, Adapt(*fctx))
+			testutil.AdaptAndCompare(t, tt.source, tt.expected, Adapt)
 		})
 	}
 

pkg/iac/adapters/cloudformation/aws/documentdb/cluster.go

@@ -2,11 +2,11 @@ package documentdb
 
 import (
 	"github.com/aquasecurity/trivy/pkg/iac/providers/aws/documentdb"
-	parser2 "github.com/aquasecurity/trivy/pkg/iac/scanners/cloudformation/parser"
+	"github.com/aquasecurity/trivy/pkg/iac/scanners/cloudformation/parser"
 	"github.com/aquasecurity/trivy/pkg/iac/types"
 )
 
-func getClusters(ctx parser2.FileContext) (clusters []documentdb.Cluster) {
+func getClusters(ctx parser.FileContext) (clusters []documentdb.Cluster) {
 
 	clusterResources := ctx.GetResourcesByType("AWS::DocDB::DBCluster")
 
@@ -28,7 +28,7 @@ func getClusters(ctx parser2.FileContext) (clusters []documentdb.Cluster) {
 	return clusters
 }
 
-func updateInstancesOnCluster(cluster *documentdb.Cluster, ctx parser2.FileContext) {
+func updateInstancesOnCluster(cluster *documentdb.Cluster, ctx parser.FileContext) {
 
 	instanceResources := ctx.GetResourcesByType("AWS::DocDB::DBInstance")
 
@@ -43,7 +43,7 @@ func updateInstancesOnCluster(cluster *documentdb.Cluster, ctx parser2.FileConte
 	}
 }
 
-func getLogExports(r *parser2.Resource) (logExports []types.StringValue) {
+func getLogExports(r *parser.Resource) (logExports []types.StringValue) {
 
 	exportsList := r.GetProperty("EnableCloudwatchLogsExports")
 

pkg/iac/adapters/cloudformation/aws/documentdb/documentdb_test.go

@@ -1,14 +1,11 @@
 package documentdb
 
 import (
-	"context"
 	"testing"
 
-	"github.com/aquasecurity/trivy/internal/testutil"
+	"github.com/aquasecurity/trivy/pkg/iac/adapters/cloudformation/testutil"
 	"github.com/aquasecurity/trivy/pkg/iac/providers/aws/documentdb"
-	"github.com/aquasecurity/trivy/pkg/iac/scanners/cloudformation/parser"
 	"github.com/aquasecurity/trivy/pkg/iac/types"
-	"github.com/stretchr/testify/require"
 )
 
 func TestAdapt(t *testing.T) {
@@ -76,15 +73,7 @@ Resources:
 
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			fsys := testutil.CreateFS(t, map[string]string{
-				"main.yaml": tt.source,
-			})
-
-			fctx, err := parser.New().ParseFile(context.TODO(), fsys, "main.yaml")
-			require.NoError(t, err)
-
-			adapted := Adapt(*fctx)
-			testutil.AssertDefsecEqual(t, tt.expected, adapted)
+			testutil.AdaptAndCompare(t, tt.source, tt.expected, Adapt)
 		})
 	}
 }