Skip to content

Commit

Permalink
Adding ECR Image Scan Event (#378)
Browse files Browse the repository at this point in the history
* Add ECR Scan Event Type

* Add ECR Scan Event Type Unit Test

* Consistency for type names

Co-authored-by: Alvin Siew <alvin_siew@tech.gov.sg>
  • Loading branch information
alvinsiew and alvinsiew authored Jul 15, 2021
1 parent cd5ccc1 commit 99b35f2
Show file tree
Hide file tree
Showing 3 changed files with 110 additions and 0 deletions.
30 changes: 30 additions & 0 deletions events/ecr_scan.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
package events

type ECRScanEvent struct {
Version string `json:"version"`
ID string `json:"id"`
DetailType string `json:"detail-type"`
Source string `json:"source"`
Time string `json:"time"`
Region string `json:"region"`
Resources []string `json:"resources"`
Account string `json:"account"`
Detail ECRScanEventDetailType `json:"detail"`
}

type ECRScanEventDetailType struct {
ScanStatus string `json:"scan-status"`
RepositoryName string `json:"repository-name"`
FindingSeverityCounts ECRScanEventFindingSeverityCounts `json:"finding-severity-counts"`
ImageDigest string `json:"image-digest"`
ImageTags []string `json:"image-tags"`
}

type ECRScanEventFindingSeverityCounts struct {
Critical int64 `json:"CRITICAL"`
High int64 `json:"HIGH"`
Medium int64 `json:"MEDIUM"`
Low int64 `json:"LOW"`
Informational int64 `json:"INFORMATIONAL"`
Undefined int64 `json:"UNDEFINED"`
}
56 changes: 56 additions & 0 deletions events/ecr_scan_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
// Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
package events

import (
"encoding/json"
"testing"

"github.com/aws/aws-lambda-go/events/test"
"github.com/stretchr/testify/assert"
)

func TestECRScanEventMarshaling(t *testing.T) {
// 1. read JSON from file
inputJson := test.ReadJSONFromFile(t, "./testdata/ecr-image-scan-event.json")

// 2. de-serialize into Go object
var inputEvent ECRScanEvent
if err := json.Unmarshal(inputJson, &inputEvent); err != nil {
t.Errorf("could not unmarshal event. details: %v", err)
}

// 3. Verify values populated into Go Object, at least one validation per data type
assert.Equal(t, "0", inputEvent.Version)
assert.Equal(t, "01234567-0123-0123-0123-012345678901", inputEvent.ID)
assert.Equal(t, "ECR Image Scan", inputEvent.DetailType)
assert.Equal(t, "aws.ecr", inputEvent.Source)
assert.Equal(t, "123456789012", inputEvent.Account)
assert.Equal(t, "2019-10-30T21:32:27Z", inputEvent.Time)
assert.Equal(t, "eu-north-1", inputEvent.Region)
assert.Equal(t, "arn:aws:ecr:eu-north-1:123456789012:repository/tribble-image-scan-test", inputEvent.Resources[0])

var detail = inputEvent.Detail
assert.Equal(t, "COMPLETE", detail.ScanStatus)
assert.Equal(t, "tribble-image-scan-test", detail.RepositoryName)
assert.Equal(t, "sha256:d4a96ee9443e641fc100e763a0c10928720b50c6e3ea3342d05d7c3435fc5355", detail.ImageDigest)
assert.Equal(t, "1572471135", detail.ImageTags[0])
assert.Equal(t, int64(10), detail.FindingSeverityCounts.Critical)
assert.Equal(t, int64(2), detail.FindingSeverityCounts.High)
assert.Equal(t, int64(9), detail.FindingSeverityCounts.Medium)
assert.Equal(t, int64(3), detail.FindingSeverityCounts.Low)
assert.Equal(t, int64(0), detail.FindingSeverityCounts.Informational)
assert.Equal(t, int64(0), detail.FindingSeverityCounts.Undefined)

// 4. serialize to JSON
outputJson, err := json.Marshal(inputEvent)
if err != nil {
t.Errorf("could not marshal event. details: %v", err)
}

// 5. check result
assert.JSONEq(t, string(inputJson), string(outputJson))
}

func TestECRScanMarshalingMalformedJson(t *testing.T) {
test.TestMalformedJson(t, ECRScanEvent{})
}
24 changes: 24 additions & 0 deletions events/testdata/ecr-image-scan-event.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
{
"version": "0",
"id": "01234567-0123-0123-0123-012345678901",
"detail-type": "ECR Image Scan",
"source": "aws.ecr",
"account": "123456789012",
"time": "2019-10-30T21:32:27Z",
"region": "eu-north-1",
"resources": ["arn:aws:ecr:eu-north-1:123456789012:repository/tribble-image-scan-test"],
"detail": {
"scan-status": "COMPLETE",
"repository-name": "tribble-image-scan-test",
"finding-severity-counts": {
"CRITICAL": 10,
"HIGH": 2,
"MEDIUM": 9,
"LOW": 3,
"INFORMATIONAL": 0,
"UNDEFINED": 0
},
"image-digest": "sha256:d4a96ee9443e641fc100e763a0c10928720b50c6e3ea3342d05d7c3435fc5355",
"image-tags": ["1572471135"]
}
}

0 comments on commit 99b35f2

Please sign in to comment.