1 package test
2
3 import (
4 "encoding/json"
5 "fmt"
6 "os"
7 "strings"
8 "testing"
9
10 "github.com/stretchr/testify/assert"
11 "github.com/stretchr/testify/require"
12 "gopkg.in/yaml.v2"
13 )
14
15 type fileStruct struct {
16 APIVersion string `yaml:"apiVersion"`
17 Kind string `yaml:"kind"`
18 Metadata struct {
19 Name string
20 Namespace string
21 } `yaml:"metadata"`
22 Data struct {
23 Edgesiem string `yaml:"edge-siem"`
24 } `yaml:"data"`
25 }
26
27 var validClusterLogLevels = []string{
28 "DEBUG",
29 "INFO",
30 "NOTICE",
31 "WARNING",
32 "ERROR",
33 "CRITICAL",
34 "ALERT",
35 "EMERGENCY",
36 }
37
38 type classifications struct {
39 Namespace string
40 Pod string
41 Container string
42 LogType string `json:"log_type"`
43 LogClass string `json:"log_Class"`
44 Severity string
45 Pattern string `json:"omitempty"`
46 }
47
48 func TestEdgeSIEM(t *testing.T) {
49 var obj fileStruct
50
51 yamlFile, err := os.ReadFile("fluentbit/base/edge-siem.yaml")
52 if err != nil {
53 fmt.Printf("failed to read edge-siem.yaml #%v\n", err)
54 t.FailNow()
55 }
56
57 err = yaml.Unmarshal(yamlFile, &obj)
58 if err != nil {
59 fmt.Printf("failed to unmarshal edge-siem.yaml: %v\n", err)
60 t.FailNow()
61 }
62
63
64 require.Equal(t, "v1", obj.APIVersion)
65 require.Equal(t, "ConfigMap", obj.Kind)
66 require.Equal(t, "edge-siem", obj.Metadata.Name)
67 require.Equal(t, "fluent-operator", obj.Metadata.Namespace)
68 require.NotEmpty(t, obj.Data.Edgesiem)
69
70
71 var edgeSiem []classifications
72 err = json.Unmarshal([]byte(obj.Data.Edgesiem), &edgeSiem)
73 if err != nil {
74 println("Please ensure that the last classification doesn't have a comma")
75 println("and all internal data in classifications has commas after it")
76
77 fmt.Printf("failed to unmarshal edge-siem JSON data: %v\n", err)
78 t.FailNow()
79 }
80
81
82 var originalData []map[string]interface{}
83 err = json.Unmarshal([]byte(obj.Data.Edgesiem), &originalData)
84 if err != nil {
85 fmt.Printf("failed to unmarshal edge-siem JSON data into map: %v\n", err)
86 t.FailNow()
87 }
88
89 var errorList []string
90
91 for i, siemClassification := range edgeSiem {
92 originalMap := originalData[i]
93
94 if _, exists := originalMap["pattern"]; !exists {
95 errorList = append(errorList, fmt.Sprintf("Pattern field does not exist in the original JSON: %+v", siemClassification))
96 }
97
98 if siemClassification.Container == "" {
99 errorList = append(errorList, fmt.Sprintf("Container is empty: %+v", siemClassification))
100 }
101 if siemClassification.Namespace == "" {
102 errorList = append(errorList, fmt.Sprintf("Namespace is empty: %+v", siemClassification))
103 }
104 if siemClassification.Pod == "" {
105 errorList = append(errorList, fmt.Sprintf("Pod is empty: %+v", siemClassification))
106 }
107 if siemClassification.LogClass == "" {
108 errorList = append(errorList, fmt.Sprintf("LogClass is empty: %+v", siemClassification))
109 }
110 if siemClassification.LogType == "" {
111 errorList = append(errorList, fmt.Sprintf("LogType is empty: %+v", siemClassification))
112 }
113 if !assert.Contains(t, validClusterLogLevels, strings.ToUpper(siemClassification.Severity)) {
114 errorList = append(errorList, fmt.Sprintf("Severity is invalid: %+v", siemClassification))
115 }
116 }
117
118 if len(errorList) > 0 {
119 for _, errMsg := range errorList {
120 fmt.Println(errMsg)
121 }
122 t.FailNow()
123 }
124 }
125
View as plain text