Skip to content

Commit

Permalink
spec: Added test case file for AWS CloudFront plugins (#565)
Browse files Browse the repository at this point in the history 
* SPLOIT-113: Added Plain Text Parameters plugin for CloudFormation

* Added vpcEndpointAcceptance plugin and spec file

* SPLOIT-113: Added Plain Text Parameters plugin for CloudFormation

* Added plugin and spec file for launch wizard security groups

* Refactored code in plaintextParameters plugin and spec file

* SPLOIT-113: Updated custom settings

* Made PR requested changes

* SPLOIT-113: Added regex to check if NoEcho is enabled

* Accommodated PR changes

* Fixed eslint issues

* Update exports.js

* Fixed eslint issues

* Update index.js

* Update index.js

* Added cloudformation in china and gov regions

* Accomodated PR changes

* Updated status in result of failure

* SPLOIT-113: Added Plain Text Parameters plugin for CloudFormation

* Added plugin and spec file for launch wizard security groups

* Added vpcEndpointAcceptance plugin and spec file

* Refactored code in plaintextParameters plugin and spec file

* SPLOIT-113: Updated custom settings

* Made PR requested changes

* SPLOIT-113: Added regex to check if NoEcho is enabled

* Accommodated PR changes

* Fixed eslint issues

* Update index.js

* Update index.js

* Accomodated PR changes

* Updated status in result of failure

* SPLOIT-113: Added Plain Text Parameters plugin for CloudFormation

* Added plugin and spec file for launch wizard security groups

* Added vpcEndpointAcceptance plugin and spec file

* Refactored code in plaintextParameters plugin and spec file

* SPLOIT-113: Updated custom settings

* Made PR requested changes

* SPLOIT-113: Added regex to check if NoEcho is enabled

* Accommodated PR changes

* Fixed eslint issues

* Update index.js

* Update index.js

* Accomodated PR changes

* Updated status in result of failure

* SPLOIT-113: Added Plain Text Parameters plugin for CloudFormation

* SPLOIT-113: Added Plain Text Parameters plugin for CloudFormation

* Added plugin and spec file for launch wizard security groups

* Added vpcEndpointAcceptance plugin and spec file

* Refactored code in plaintextParameters plugin and spec file

* SPLOIT-113: Updated custom settings

* Made PR requested changes

* SPLOIT-113: Added regex to check if NoEcho is enabled

* Accommodated PR changes

* Fixed eslint issues

* Update exports.js

* Update index.js

* Update index.js

* Accomodated PR changes

* Updated status in result of failure

* Removed unnecesary rebase changes

* Added superlinter

* Added scans ci

* Updated Ci file

* Updated Node version in CI file

* removed spech check command

* Delete scan_ci.yml

* Added spellcheck

* Added test case file for AWS CloudFront plugins
  • Loading branch information
@AkhtarAmir
AkhtarAmir authored Mar 29, 2021
1 parent 7bd72d4 commit 0677576
Show file tree
Hide file tree
Showing 8 changed files with 1,042 additions and 3 deletions.
200 changes: 200 additions & 0 deletions plugins/aws/cloudfront/cloudfrontHttpsOnly.spec.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,200 @@
var expect = require('chai').expect;
const cloudfrontHttpsOnly = require('./cloudfrontHttpsOnly');

const listDistributions = [
{
"Id": "E1JHW5DZR5X4HW",
"ARN": "arn:aws:cloudfront::111122223333:distribution/E1JHW5DZR5X4HW",
"Origins": {
"Quantity": 1,
"Items": [
{
"Id": "S3-cdn-oai/data",
"DomainName": "cdn-oai.s3.amazonaws.com",
"OriginPath": "/data",
}
]
},
"OriginGroups": {
"Quantity": 0
},
"DefaultCacheBehavior": {
"TargetOriginId": "S3-cdn-oai/data",
"TrustedSigners": {
"Enabled": false,
"Quantity": 0
},
"TrustedKeyGroups": {
"Enabled": false,
"Quantity": 0
},
"ViewerProtocolPolicy": "https-only",
"AllowedMethods": {
"Quantity": 2,
"Items": [
"HEAD",
"GET"
],
},
},
},
{
"Id": "E1JHW5DZR5X4HW",
"ARN": "arn:aws:cloudfront::111122223333:distribution/E1JHW5DZR5X4HW",
"Origins": {
"Quantity": 1,
"Items": [
{
"Id": "S3-cdn-oai/data",
"DomainName": "cdn-oai.s3.amazonaws.com",
"OriginPath": "/data",
}
]
},
"OriginGroups": {
"Quantity": 0
},
"DefaultCacheBehavior": {
"TargetOriginId": "S3-cdn-oai/data",
"TrustedSigners": {
"Enabled": false,
"Quantity": 0
},
"TrustedKeyGroups": {
"Enabled": false,
"Quantity": 0
},
"ViewerProtocolPolicy": "redirect-to-https",
"AllowedMethods": {
"Quantity": 2,
"Items": [
"HEAD",
"GET"
],
},
},
},
{
"Id": "E1JHW5DZR5X4HW",
"ARN": "arn:aws:cloudfront::111122223333:distribution/E1JHW5DZR5X4HW",
"Origins": {
"Quantity": 1,
"Items": [
{
"Id": "S3-cdn-oai/data",
"DomainName": "cdn-oai.s3.amazonaws.com",
"OriginPath": "/data",
}
]
},
"OriginGroups": {
"Quantity": 0
},
"DefaultCacheBehavior": {
"TargetOriginId": "S3-cdn-oai/data",
"TrustedSigners": {
"Enabled": false,
"Quantity": 0
},
"TrustedKeyGroups": {
"Enabled": false,
"Quantity": 0
},
"ViewerProtocolPolicy": "http-and-https",
"AllowedMethods": {
"Quantity": 2,
"Items": [
"HEAD",
"GET"
],
},
}
}
];

const createCache = (data, err) => {
return {
cloudfront: {
listDistributions: {
'us-east-1': {
data: data,
err: err
}
}
}
};
};


const createNullCache = () => {
return {
cloudfront: {
listDistributions: {
'us-east-1': null,
},
},
};
};

describe('cloudfrontHttpsOnly', function () {
describe('run', function () {
it('should PASS if CloudFront distribution is set to use HTTPS only', function (done) {
const cache = createCache([listDistributions[0]]);
cloudfrontHttpsOnly.run(cache, {}, (err, results) => {
expect(results.length).to.equal(1);
expect(results[0].status).to.equal(0);
expect(results[0].region).to.equal('global');
done();
});
});

it('should PASS if CloudFront distribution is configured to redirect non-HTTPS traffic to HTTPS', function (done) {
const cache = createCache([listDistributions[1]]);
cloudfrontHttpsOnly.run(cache, {}, (err, results) => {
expect(results.length).to.equal(1);
expect(results[0].status).to.equal(0);
expect(results[0].region).to.equal('global');
done();
});
});

it('should FAIL if CloudFront distribution is not configured to use HTTPS', function (done) {
const cache = createCache([listDistributions[2]]);
cloudfrontHttpsOnly.run(cache, {}, (err, results) => {
expect(results.length).to.equal(1);
expect(results[0].status).to.equal(2);
expect(results[0].region).to.equal('global');
done();
});
});

it('should PASS if no CloudFront distributions found', function (done) {
const cache = createCache([]);
cloudfrontHttpsOnly.run(cache, {}, (err, results) => {
expect(results.length).to.equal(1);
expect(results[0].status).to.equal(0);
expect(results[0].region).to.equal('global');
done();
});
});

it('should UNKNOWN if unable to list distributions', function (done) {
const cache = createCache([], { message: 'Unable to list distributions' });
cloudfrontHttpsOnly.run(cache, {}, (err, results) => {
expect(results.length).to.equal(1);
expect(results[0].status).to.equal(3);
expect(results[0].region).to.equal('global');
done();
});
});

it('should not return any results if list distributions response not found', function (done) {
const cache = createNullCache();
cloudfrontHttpsOnly.run(cache, {}, (err, results) => {
expect(results.length).to.equal(0);
done();
});
});

});
});
6 changes: 6 additions & 0 deletions plugins/aws/cloudfront/cloudfrontLoggingEnabled.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -60,6 +60,12 @@ module.exports = {
var getDistribution = helpers.addSource(cache, source,
['cloudfront', 'getDistribution', region, Distribution.Id]);

if (!getDistribution || getDistribution.err || !getDistribution.data || !getDistribution.data.Distribution) {
helpers.addResult(results, 3,
`Unable to get CloudFront distribution: ${helpers.addError(getDistribution)}`);
return;
}

if (getDistribution.data &&
getDistribution.data.Distribution &&
getDistribution.data.Distribution.DistributionConfig &&
Expand Down
178 changes: 178 additions & 0 deletions plugins/aws/cloudfront/cloudfrontLoggingEnabled.spec.js
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,178 @@
var expect = require('chai').expect;
const cloudfrontLoggingEnabled = require('./cloudfrontLoggingEnabled');

const listDistributions = [
{
"Id": "E1JHW5DZR5X4HW",
"ARN": "arn:aws:cloudfront::111122223333:distribution/E1JHW5DZR5X4HW",
"Origins": {
"Quantity": 1,
"Items": [
{
"Id": "S3-cdn-oai/data",
"DomainName": "cdn-oai.s3.amazonaws.com",
"OriginPath": "/data",
}
]
},
"OriginGroups": {
"Quantity": 0
},
"DefaultCacheBehavior": {
"TargetOriginId": "S3-cdn-oai/data",
"TrustedSigners": {
"Enabled": false,
"Quantity": 0
},
"TrustedKeyGroups": {
"Enabled": false,
"Quantity": 0
},
"ViewerProtocolPolicy": "https-only",
"AllowedMethods": {
"Quantity": 2,
"Items": [
"HEAD",
"GET"
],
},
},
}
];

const getDistribution = [
{
"ETag": "EHQJVBQTCVNEN",
"Distribution": {
"Id": "E1JHW5DZR5X4HW",
"ARN": "arn:aws:cloudfront::111122223333:distribution/E1JHW5DZR5X4HW",
"DistributionConfig": {
"DefaultRootObject": "",
"OriginGroups": {
"Quantity": 0
},
"Logging": {
"Enabled": true,
"IncludeCookies": false,
"Bucket": "s3://abc",
"Prefix": "logs/"
},
}
}
},
{
"ETag": "EHQJVBQTCVNEN",
"Distribution": {
"Id": "E1JHW5DZR5X4HW",
"ARN": "arn:aws:cloudfront::111122223333:distribution/E1JHW5DZR5X4HW",
"DistributionConfig": {
"DefaultRootObject": "",
"OriginGroups": {
"Quantity": 0
},
"Logging": {
"Enabled": false,
"IncludeCookies": false,
"Bucket": "",
"Prefix": ""
},
}
}
}
];

const createCache = (data, err, getData, getErr) => {
var distributionId = (data && data.length) ? data[0].Id : null;
return {
cloudfront: {
listDistributions: {
'us-east-1': {
data: data,
err: err
}
},
getDistribution: {
'us-east-1': {
[distributionId]: {
data: getData,
err: getErr
}
}
}
}
};
};


const createNullCache = () => {
return {
cloudfront: {
listDistributions: {
'us-east-1': null,
},
},
};
};

describe('cloudfrontLoggingEnabled', function () {
describe('run', function () {
it('should PASS if Request logging is enabled', function (done) {
const cache = createCache([listDistributions[0]], null, getDistribution[0]);
cloudfrontLoggingEnabled.run(cache, {}, (err, results) => {
expect(results.length).to.equal(1);
expect(results[0].status).to.equal(0);
expect(results[0].region).to.equal('global');
done();
});
});

it('should FAIL if Request logging is not enabled', function (done) {
const cache = createCache([listDistributions[0]], null, getDistribution[1]);
cloudfrontLoggingEnabled.run(cache, {}, (err, results) => {
expect(results.length).to.equal(1);
expect(results[0].status).to.equal(2);
expect(results[0].region).to.equal('global');
done();
});
});

it('should PASS if no CloudFront distributions found', function (done) {
const cache = createCache([]);
cloudfrontLoggingEnabled.run(cache, {}, (err, results) => {
expect(results.length).to.equal(1);
expect(results[0].status).to.equal(0);
expect(results[0].region).to.equal('global');
done();
});
});

it('should UNKNOWN if unable to list distributions', function (done) {
const cache = createCache([], { message: 'Unable to list distributions' });
cloudfrontLoggingEnabled.run(cache, {}, (err, results) => {
expect(results.length).to.equal(1);
expect(results[0].status).to.equal(3);
expect(results[0].region).to.equal('global');
done();
});
});

it('should UNKNOWN if unable to get distributions', function (done) {
const cache = createCache([listDistributions[0]], null, null, { message: 'Unable to get distribution'});
cloudfrontLoggingEnabled.run(cache, {}, (err, results) => {
expect(results.length).to.equal(1);
expect(results[0].status).to.equal(3);
expect(results[0].region).to.equal('global');
done();
});
});

it('should not return any results if list distributions response not found', function (done) {
const cache = createNullCache();
cloudfrontLoggingEnabled.run(cache, {}, (err, results) => {
expect(results.length).to.equal(0);
done();
});
});

});
});
Loading

0 comments on commit 0677576

Please sign in to comment.