From e196604c1f878785fbee31b7ee1fa1b544a711b6 Mon Sep 17 00:00:00 2001
From: Manav Sethi <mail@manav.co.in>
Date: Mon, 21 Oct 2024 20:49:52 +0530
Subject: [PATCH] Added tests for terraform lockfile

---
 pkg/parser/fixtures/terraform.lock.hcl | 126 +++++++++++++++++++++++++
 pkg/parser/terraform_test.go           |  72 ++++++++++++++
 2 files changed, 198 insertions(+)
 create mode 100644 pkg/parser/fixtures/terraform.lock.hcl
 create mode 100644 pkg/parser/terraform_test.go

diff --git a/pkg/parser/fixtures/terraform.lock.hcl b/pkg/parser/fixtures/terraform.lock.hcl
new file mode 100644
index 0000000..e4ebda9
--- /dev/null
+++ b/pkg/parser/fixtures/terraform.lock.hcl
@@ -0,0 +1,126 @@
+provider "registry.terraform.io/datadog/datadog" {
+version     = "3.21.0"
+constraints = "3.21.0"
+hashes = [
+"h1:1YOp1xS6o82ttLLW1sPCzIBfWEA6KlLuxQYeam55bQo=",
+"zh:0b8580c6fb745d168301c41f625eb41665b8945e005bbf113849664d91130e00",
+"zh:0bf203092914ee3252a2a18a6f6acd14f4cbd81186057b874397f8a3867c66e4",
+"zh:202b531c6d021cf06b4da2b23249670b26de3ebf28aa6d191539aaa673094692",
+"zh:47db2c5a7a8769ae13198ca4f53596f02fb43ca534bc013d22e9a530265a21cb",
+"zh:539d937599a931ebb5f282495356a4426245af48b323e66d9ba3638fc57ec29a",
+"zh:6106d5fa256de8b41af7a35b94538804672933ce05c769f1a5647117ff3efaf0",
+"zh:656e9df01ff0fa9664d7940c8ac35622eaebb23cc8c53307ad1fa61a5a41b72b",
+"zh:6cf21649f5d705aed31eecaaaa047c39f5faaab3c483972e052a7e9cef685cec",
+"zh:7d1756d5f015b8687b02021e2df762a3ab5d853b1724edb5895ddc1fed70fb94",
+"zh:805ca56e39c2c96745109975489b734fe471e0ac5e11e97421bee7aa45ca5e24",
+"zh:97210ca3e85b165df73d58b982990b47ef5feeb1fa02f61321f449ada4c26327",
+"zh:abb5c97822f4a57cac37cb74ff8a00925e5d9c805c40b9ad7e3245bea89fa9c3",
+"zh:cb78e047f2e529419a5a8e400079113bd5d6049494a39753825382984cfc9fe7",
+"zh:dab45899c9e701403387423dc01198b640a4c1184294c4109dc438a7fef1c95b",
+]
+}
+
+provider "registry.terraform.io/hashicorp/aws" {
+version     = "5.0.1"
+constraints = "5.0.1"
+hashes = [
+"h1:Jz41xV1uwYaT5TQGW05seb2vHrwMtRJh19K7MArqoYc=",
+"zh:006daf4060087b5f0c13562beed33f524a6f9e04ebd72a782bfe60502076368f",
+"zh:0f49636550aadd373c7e5c710600901c2f153ddd71b6c50482e1afdbb3f8d95d",
+"zh:1999d2fad0a7a884aab0d191507cf895df0ea7201369a2ef37529f4253ce1065",
+"zh:1b51774866cddca5a2da5a09a316e9ca078fc821f47611a184245ca892e9335d",
+"zh:2875579acceba1403563c4281c76a3a9b53b970ed6494e5370e27efb6430bb50",
+"zh:349eb9ab7c026b72154ce55c7bf9a69ebb3c3a4745ecfdb0c593400762ed1b0c",
+"zh:38f96c14db5b3beb80748010c0a97dd097a303b24c8478a1286ce1f48a1a0375",
+"zh:3d212e6e4fc54584e47faeccf501e5a68266c7fe9e36d89ad787c2e1f0e86197",
+"zh:3ea61ab960ef34ff66457319b9083c8645a9f801f7b5578e7e3f616e26945f90",
+"zh:584db6d88a07cac639f746104ccd5ed5c517ed99f892a143dad3bb64023098fc",
+"zh:653def88ffa17b628459f942e743d30ab9fc2194af464d88258a784d9282f9f9",
+"zh:9737008fea7ffbf5782fceb0108a283e91992c47bfcb93ec55ef43deaa7e509d",
+"zh:9b12af85486a96aedd8d7984b0ff811a4b42e3d88dad1a3fb4c0b580d04fa425",
+"zh:ce3ba0cabc1704c584cc46bf1432b14ba1d34b1a30e03a5694b5940cf1673ab8",
+"zh:de3e6d4e1defc6032359fc229000a1458d777adb07974293f194dde069adcc04",
+]
+}
+
+provider "registry.terraform.io/hashicorp/google" {
+version     = "4.59.0"
+constraints = "4.59.0"
+hashes = [
+"h1:FnhQjRf+Tt0SagED79ryejOd0lqQ42zIbWD2Z9xCNVo=",
+"zh:057042a29992ee5bddb8b0785ebba5c1455112602760bd88dca2ccab66de714c",
+"zh:21a0e30a76a9e3e375a374ecd2e82d3240b32913f54017c7b8eca7165ffb2e27",
+"zh:26cdc960455b335590c5473593d66eddbdb9c60709f416327092a9b4ba8c8b70",
+"zh:2d8ffb7c150adb43d58fd0057b9a38e9e0435382bb870bf6fe3f13717828a34b",
+"zh:4c1156babfaffcbb5e91b8a82710a4a33119be416aaee1b85fe5f45162ac37e2",
+"zh:54de19d1d40fdfa2f9804b64355cac6e6de1bdcdcd193317dd2e24f923cd3007",
+"zh:9f029f0478458d39cd7255abf8ce32d33111bc6f1ca822718e66344bea61522d",
+"zh:ac5b8867769921f56e95c95332c6167b73c6b6275f158b762b01a0a8013b67a8",
+"zh:d010b2b8b0d547fb712c2cc3e0f816c001783fcac072191a3e8ed5e22f826951",
+"zh:d4e6b5f5aa78b16761c9b47534b631c2d1b6d6ec01f97a15db84dec20be3b8b2",
+"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
+"zh:fefbd0cd4cb94ecee0c6d99f079b6cbb56b86cd63609b72395c4f1fa7c2addcb",
+]
+}
+
+provider "registry.terraform.io/hashicorp/kubernetes" {
+version     = "2.11.0"
+constraints = "2.11.0"
+hashes = [
+"h1:lSh/Q5vX73hHL80TtGn2Vrv1UYLzlIRjC+xaCijY4ew=",
+"zh:143a19dd0ea3b07fc5e3d9231f3c2d01f92894385c98a67327de74c76c715843",
+"zh:1fc757d209e09c3cf7848e4274daa32408c07743698fbed10ee52a4a479b62b6",
+"zh:22dfebd0685749c51a8f765d51a1090a259778960ac1cd4f32021a325b2b9b72",
+"zh:3039b3b76e870cd8fc404cf75a29c66b171c6ba9b6182e131b6ae2ca648ec7c0",
+"zh:3af0a15562fcab4b5684b18802e0239371b2b8ff9197ed069ff4827f795a002b",
+"zh:50aaf20336d1296a73315adb66f7687f75bd5c6b1f93a894b95c75cc142810ec",
+"zh:682064fabff895ec351860b4fe0321290bbbb17c2a410b62c9bea0039400650e",
+"zh:70ac914d5830b3371a2679d8f77cc20c419a6e12925145afae6c977c8eb90934",
+"zh:710aa02cccf7b0f3fb50880d6d2a7a8b8c9435248666616844ba71f74648cddc",
+"zh:88e418118cd5afbdec4984944c7ab36950bf48e8d3e09e090232e55eecfb470b",
+"zh:9cef159377bf23fa331f8724fdc6ce27ad39a217a4bae6df3b1ca408fc643da6",
+"zh:f569b65999264a9416862bca5cd2a6177d94ccb0424f3a4ef424428912b9cb3c",
+]
+}
+
+provider "registry.terraform.io/hashicorp/random" {
+version     = "3.6.3"
+constraints = "3.6.3"
+hashes = [
+"h1:zG9uFP8l9u+yGZZvi5Te7PV62j50azpgwPunq2vTm1E=",
+"zh:04ceb65210251339f07cd4611885d242cd4d0c7306e86dda9785396807c00451",
+"zh:448f56199f3e99ff75d5c0afacae867ee795e4dfda6cb5f8e3b2a72ec3583dd8",
+"zh:4b4c11ccfba7319e901df2dac836b1ae8f12185e37249e8d870ee10bb87a13fe",
+"zh:4fa45c44c0de582c2edb8a2e054f55124520c16a39b2dfc0355929063b6395b1",
+"zh:588508280501a06259e023b0695f6a18149a3816d259655c424d068982cbdd36",
+"zh:737c4d99a87d2a4d1ac0a54a73d2cb62974ccb2edbd234f333abd079a32ebc9e",
+"zh:78d5eefdd9e494defcb3c68d282b8f96630502cac21d1ea161f53cfe9bb483b3",
+"zh:a357ab512e5ebc6d1fda1382503109766e21bbfdfaa9ccda43d313c122069b30",
+"zh:c51bfb15e7d52cc1a2eaec2a903ac2aff15d162c172b1b4c17675190e8147615",
+"zh:e0951ee6fa9df90433728b96381fb867e3db98f66f735e0c3e24f8f16903f0ad",
+"zh:e3cdcb4e73740621dabd82ee6a37d6cfce7fee2a03d8074df65086760f5cf556",
+"zh:eff58323099f1bd9a0bec7cb04f717e7f1b2774c7d612bf7581797e1622613a0",
+]
+}
+
+provider "registry.terraform.io/integrations/github" {
+version     = "5.9.0"
+constraints = "5.9.0"
+hashes = [
+"h1:KgBGv/fwwxaVXySLz6NdteTrN0Js+OtQcDYR3oOuzV4=",
+"zh:0be8c899ccaea204eb7f2498eee0d1de0a3ad73caa3089df26beff617890a4e1",
+"zh:0c83a573ab8f3d806530e86ea00c815335a9c9e7f08d9bc3edf6779d7cd86bfa",
+"zh:1c4747be2a91335c396970e490da19e3236694634ee696df738608d77f49351e",
+"zh:29f2c396d76f0e1f0a0b547c4f6f0061703bcb932a5ce8aac903cb9747ed1af6",
+"zh:2f02380af975135adaba8549e6dd4b2578682db9b38cf311a6aadd505e6c7533",
+"zh:40bd88e8eaaef612f6d0aaef0b802e63055932ff885833b57c1dbd3ccaa4e75b",
+"zh:5cbdb6903d698c685fb8b1094d07a3197ad95b66990378b31791332a366e063e",
+"zh:67f0f5a24cd6a386d05391610d4465840bc0645bfa65acdb85c76a0ce817f7e4",
+"zh:6c9b08e96c92cc58203b17f3e3eb753573bb90837fdda6033153d6a31cc15aad",
+"zh:6d8c0add203b39586234913b76f20e901f1b716d9fa4d8e3d2b5fa0d57a1b5d0",
+"zh:6de6d4518a38e888f7d96f9ae0d3f63e4895f64008724f74357b1268386a78b6",
+"zh:6ea3bcda04891ca74687ec7fd74ec0cf2e0929d1a90d935d5df23511492fff90",
+"zh:bc0dcaf130796436192114811553365766c964563783d80aef056f78f9836b2c",
+"zh:edc3328c6cd1cd849de13f5535d26ff6801e20ce7e18858c4760de5a929fdea2",
+]
+}
diff --git a/pkg/parser/terraform_test.go b/pkg/parser/terraform_test.go
new file mode 100644
index 0000000..4cae320
--- /dev/null
+++ b/pkg/parser/terraform_test.go
@@ -0,0 +1,72 @@
+package parser
+
+import (
+	"testing"
+
+	"github.com/safedep/vet/pkg/models"
+	"github.com/stretchr/testify/assert"
+)
+
+func findPackageInManifest(manifest *models.PackageManifest, name, version string) *models.Package {
+	for _, pkg := range manifest.GetPackages() {
+		if pkg.GetName() == name && (version == "" || pkg.GetVersion() == version) {
+			return pkg
+		}
+	}
+	return nil
+}
+
+func TestTerraformLockfileParserBasic(t *testing.T) {
+	pm, err := parseTerraformLockfile("./fixtures/terraform.lock.hcl", defaultParserConfigForTest)
+	assert.Nil(t, err)
+
+	assert.NotNil(t, pm)
+	assert.NotEmpty(t, pm.GetPackages())
+}
+
+func TestTerraformLockfileParserSpecificProvider(t *testing.T) {
+	pm, err := parseTerraformLockfile("./fixtures/terraform.lock.hcl", defaultParserConfigForTest)
+	assert.Nil(t, err)
+
+	awsProvider := findPackageInManifest(pm, "registry.terraform.io/hashicorp/aws", "5.0.1")
+	assert.NotNil(t, awsProvider)
+	assert.Equal(t, "5.0.1", awsProvider.GetVersion())
+}
+
+func TestTerraformLockfileParserAllProviders(t *testing.T) {
+	pm, err := parseTerraformLockfile("./fixtures/terraform.lock.hcl", defaultParserConfigForTest)
+	assert.Nil(t, err)
+
+	expectedProviders := []string{
+		"registry.terraform.io/hashicorp/aws",
+		"registry.terraform.io/hashicorp/google",
+		"registry.terraform.io/datadog/datadog",
+		"registry.terraform.io/hashicorp/kubernetes",
+		"registry.terraform.io/integrations/github",
+	}
+
+	for _, providerName := range expectedProviders {
+		provider := findPackageInManifest(pm, providerName, "")
+		assert.NotNil(t, provider, "Provider %s should be present", providerName)
+	}
+}
+
+func TestTerraformLockfileParserProviderVersions(t *testing.T) {
+	pm, err := parseTerraformLockfile("./fixtures/terraform.lock.hcl", defaultParserConfigForTest)
+	assert.Nil(t, err)
+
+	providers := []struct {
+		name    string
+		version string
+	}{
+		{"registry.terraform.io/hashicorp/aws", "5.0.1"},
+		{"registry.terraform.io/hashicorp/google", "4.59.0"},
+		{"registry.terraform.io/datadog/datadog", "3.21.0"},
+	}
+
+	for _, provider := range providers {
+		pkg := findPackageInManifest(pm, provider.name, provider.version)
+		assert.NotNil(t, pkg, "Provider %s@%s should be present", provider.name, provider.version)
+		assert.Equal(t, provider.version, pkg.GetVersion(), "Provider %s should have version %s", provider.name, provider.version)
+	}
+}