constellation/cli/cloud/cloudcmd/validators_test.go

package cloudcmd

import (
	"testing"

	"github.com/edgelesssys/constellation/cli/cloudprovider"
	"github.com/edgelesssys/constellation/internal/config"
	"github.com/stretchr/testify/assert"
)

func TestWarnAboutPCRs(t *testing.T) {
	zero := []byte("00000000000000000000000000000000")

	testCases := map[string]struct {
		pcrs         map[uint32][]byte
		wantWarnings []string
		wantWInclude []string
		wantErr      bool
	}{
		"no warnings": {
			pcrs: map[uint32][]byte{
				0:  zero,
				1:  zero,
				2:  zero,
				3:  zero,
				4:  zero,
				5:  zero,
				6:  zero,
				7:  zero,
				8:  zero,
				9:  zero,
				10: zero,
				11: zero,
				12: zero,
			},
		},
		"no warnings for missing non critical values": {
			pcrs: map[uint32][]byte{
				0:  zero,
				1:  zero,
				2:  zero,
				3:  zero,
				4:  zero,
				5:  zero,
				8:  zero,
				9:  zero,
				11: zero,
				12: zero,
			},
		},
		"warn for BIOS": {
			pcrs: map[uint32][]byte{
				0:  zero,
				2:  zero,
				3:  zero,
				4:  zero,
				5:  zero,
				8:  zero,
				9:  zero,
				11: zero,
				12: zero,
			},
			wantWarnings: []string{"BIOS"},
		},
		"warn for OPROM": {
			pcrs: map[uint32][]byte{
				0:  zero,
				1:  zero,
				3:  zero,
				4:  zero,
				5:  zero,
				8:  zero,
				9:  zero,
				11: zero,
				12: zero,
			},
			wantWarnings: []string{"OPROM"},
		},
		"warn for MBR": {
			pcrs: map[uint32][]byte{
				0:  zero,
				1:  zero,
				2:  zero,
				3:  zero,
				5:  zero,
				8:  zero,
				9:  zero,
				11: zero,
				12: zero,
			},
			wantWarnings: []string{"MBR"},
		},
		"warn for kernel": {
			pcrs: map[uint32][]byte{
				0:  zero,
				1:  zero,
				2:  zero,
				3:  zero,
				4:  zero,
				5:  zero,
				9:  zero,
				11: zero,
				12: zero,
			},
			wantWarnings: []string{"kernel"},
		},
		"warn for initrd": {
			pcrs: map[uint32][]byte{
				0:  zero,
				1:  zero,
				2:  zero,
				3:  zero,
				4:  zero,
				5:  zero,
				8:  zero,
				11: zero,
				12: zero,
			},
			wantWarnings: []string{"initrd"},
		},
		"warn for initialization": {
			pcrs: map[uint32][]byte{
				0:  zero,
				1:  zero,
				2:  zero,
				3:  zero,
				4:  zero,
				5:  zero,
				8:  zero,
				9:  zero,
				11: zero,
			},
			wantWInclude: []string{"initialization"},
		},
		"multi warning": {
			pcrs: map[uint32][]byte{},
			wantWarnings: []string{
				"BIOS",
				"OPROM",
				"MBR",
				"initrd",
				"kernel",
			},
			wantWInclude: []string{"initialization"},
		},
		"bad config": {
			pcrs: map[uint32][]byte{
				0: []byte("000"),
			},
			wantErr: true,
		},
	}

	for _, provider := range []string{"gcp", "azure", "unknown"} {
		t.Run(provider, func(t *testing.T) {
			for name, tc := range testCases {
				t.Run(name, func(t *testing.T) {
					assert := assert.New(t)

					config := &config.Config{
						Provider: &config.ProviderConfig{
							Azure: &config.AzureConfig{PCRs: &tc.pcrs},
							GCP:   &config.GCPConfig{PCRs: &tc.pcrs},
						},
					}

					validators, err := NewValidators(cloudprovider.FromString(provider), config)

					v := validators.V()
					warnings := validators.Warnings()
					warningsInclueInit := validators.WarningsIncludeInit()

					if tc.wantErr || provider == "unknown" {
						assert.Error(err)
					} else {
						assert.NoError(err)
						if len(tc.wantWarnings) == 0 {
							assert.Empty(warnings)
						}
						for _, w := range tc.wantWarnings {
							assert.Contains(warnings, w)
						}
						for _, w := range tc.wantWarnings {
							assert.Contains(warningsInclueInit, w)
						}
						if len(tc.wantWInclude) == 0 {
							assert.Equal(len(warnings), len(warningsInclueInit))
						} else {
							assert.Greater(len(warningsInclueInit), len(warnings))
						}
						for _, w := range tc.wantWInclude {
							assert.Contains(warningsInclueInit, w)
						}
						assert.NotEmpty(v)
					}
				})
			}
		})
	}
}
Move validators to cloudcmd 2022-04-19 11:02:02 -04:00			`package cloudcmd`

			`import (`
			`"testing"`

			`"github.com/edgelesssys/constellation/cli/cloudprovider"`
			`"github.com/edgelesssys/constellation/internal/config"`
			`"github.com/stretchr/testify/assert"`
			`)`

			`func TestWarnAboutPCRs(t *testing.T) {`
			`zero := []byte("00000000000000000000000000000000")`

			`testCases := map[string]struct {`
			`pcrs map[uint32][]byte`
			`wantWarnings []string`
			`wantWInclude []string`
			`wantErr bool`
			`}{`
			`"no warnings": {`
			`pcrs: map[uint32][]byte{`
			`0: zero,`
			`1: zero,`
			`2: zero,`
			`3: zero,`
			`4: zero,`
			`5: zero,`
			`6: zero,`
			`7: zero,`
			`8: zero,`
			`9: zero,`
			`10: zero,`
			`11: zero,`
			`12: zero,`
			`},`
			`},`
			`"no warnings for missing non critical values": {`
			`pcrs: map[uint32][]byte{`
			`0: zero,`
			`1: zero,`
			`2: zero,`
			`3: zero,`
			`4: zero,`
			`5: zero,`
			`8: zero,`
			`9: zero,`
			`11: zero,`
			`12: zero,`
			`},`
			`},`
			`"warn for BIOS": {`
			`pcrs: map[uint32][]byte{`
			`0: zero,`
			`2: zero,`
			`3: zero,`
			`4: zero,`
			`5: zero,`
			`8: zero,`
			`9: zero,`
			`11: zero,`
			`12: zero,`
			`},`
			`wantWarnings: []string{"BIOS"},`
			`},`
			`"warn for OPROM": {`
			`pcrs: map[uint32][]byte{`
			`0: zero,`
			`1: zero,`
			`3: zero,`
			`4: zero,`
			`5: zero,`
			`8: zero,`
			`9: zero,`
			`11: zero,`
			`12: zero,`
			`},`
			`wantWarnings: []string{"OPROM"},`
			`},`
			`"warn for MBR": {`
			`pcrs: map[uint32][]byte{`
			`0: zero,`
			`1: zero,`
			`2: zero,`
			`3: zero,`
			`5: zero,`
			`8: zero,`
			`9: zero,`
			`11: zero,`
			`12: zero,`
			`},`
			`wantWarnings: []string{"MBR"},`
			`},`
			`"warn for kernel": {`
			`pcrs: map[uint32][]byte{`
			`0: zero,`
			`1: zero,`
			`2: zero,`
			`3: zero,`
			`4: zero,`
			`5: zero,`
			`9: zero,`
			`11: zero,`
			`12: zero,`
			`},`
			`wantWarnings: []string{"kernel"},`
			`},`
			`"warn for initrd": {`
			`pcrs: map[uint32][]byte{`
			`0: zero,`
			`1: zero,`
			`2: zero,`
			`3: zero,`
			`4: zero,`
			`5: zero,`
			`8: zero,`
			`11: zero,`
			`12: zero,`
			`},`
			`wantWarnings: []string{"initrd"},`
			`},`
			`"warn for initialization": {`
			`pcrs: map[uint32][]byte{`
			`0: zero,`
			`1: zero,`
			`2: zero,`
			`3: zero,`
			`4: zero,`
			`5: zero,`
			`8: zero,`
			`9: zero,`
			`11: zero,`
			`},`
			`wantWInclude: []string{"initialization"},`
			`},`
			`"multi warning": {`
			`pcrs: map[uint32][]byte{},`
			`wantWarnings: []string{`
			`"BIOS",`
			`"OPROM",`
			`"MBR",`
			`"initrd",`
			`"kernel",`
			`},`
			`wantWInclude: []string{"initialization"},`
			`},`
			`"bad config": {`
			`pcrs: map[uint32][]byte{`
			`0: []byte("000"),`
			`},`
			`wantErr: true,`
			`},`
			`}`

			`for _, provider := range []string{"gcp", "azure", "unknown"} {`
			`t.Run(provider, func(t *testing.T) {`
			`for name, tc := range testCases {`
			`t.Run(name, func(t *testing.T) {`
			`assert := assert.New(t)`

			`config := &config.Config{`
			`Provider: &config.ProviderConfig{`
			`Azure: &config.AzureConfig{PCRs: &tc.pcrs},`
			`GCP: &config.GCPConfig{PCRs: &tc.pcrs},`
			`},`
			`}`

			`validators, err := NewValidators(cloudprovider.FromString(provider), config)`

			`v := validators.V()`
			`warnings := validators.Warnings()`
			`warningsInclueInit := validators.WarningsIncludeInit()`

			`if tc.wantErr \|\| provider == "unknown" {`
			`assert.Error(err)`
			`} else {`
			`assert.NoError(err)`
			`if len(tc.wantWarnings) == 0 {`
			`assert.Empty(warnings)`
			`}`
			`for _, w := range tc.wantWarnings {`
			`assert.Contains(warnings, w)`
			`}`
			`for _, w := range tc.wantWarnings {`
			`assert.Contains(warningsInclueInit, w)`
			`}`
			`if len(tc.wantWInclude) == 0 {`
			`assert.Equal(len(warnings), len(warningsInclueInit))`
			`} else {`
			`assert.Greater(len(warningsInclueInit), len(warnings))`
			`}`
			`for _, w := range tc.wantWInclude {`
			`assert.Contains(warningsInclueInit, w)`
			`}`
			`assert.NotEmpty(v)`
			`}`
			`})`
			`}`
			`})`
			`}`
			`}`