package test import ( "encoding/json" "fmt" "os" "strings" "testing" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "gopkg.in/yaml.v2" ) type fileStruct struct { APIVersion string `yaml:"apiVersion"` Kind string `yaml:"kind"` Metadata struct { Name string Namespace string } `yaml:"metadata"` Data struct { Edgesiem string `yaml:"edge-siem"` } `yaml:"data"` } var validClusterLogLevels = []string{ "DEBUG", "INFO", "NOTICE", "WARNING", "ERROR", "CRITICAL", "ALERT", "EMERGENCY", } type classifications struct { Namespace string Pod string Container string LogType string `json:"log_type"` LogClass string `json:"log_Class"` Severity string Pattern string `json:"omitempty"` } func TestEdgeSIEM(t *testing.T) { var obj fileStruct yamlFile, err := os.ReadFile("fluentbit/base/edge-siem.yaml") if err != nil { fmt.Printf("failed to read edge-siem.yaml #%v\n", err) t.FailNow() } err = yaml.Unmarshal(yamlFile, &obj) if err != nil { fmt.Printf("failed to unmarshal edge-siem.yaml: %v\n", err) t.FailNow() } // ensure valid yaml require.Equal(t, "v1", obj.APIVersion) require.Equal(t, "ConfigMap", obj.Kind) require.Equal(t, "edge-siem", obj.Metadata.Name) require.Equal(t, "fluent-operator", obj.Metadata.Namespace) require.NotEmpty(t, obj.Data.Edgesiem) // ensure valid JSON for edge-siem val var edgeSiem []classifications err = json.Unmarshal([]byte(obj.Data.Edgesiem), &edgeSiem) if err != nil { println("Please ensure that the last classification doesn't have a comma") println("and all internal data in classifications has commas after it") fmt.Printf("failed to unmarshal edge-siem JSON data: %v\n", err) t.FailNow() } // Unmarshal the original JSON into a slice of maps var originalData []map[string]interface{} err = json.Unmarshal([]byte(obj.Data.Edgesiem), &originalData) if err != nil { fmt.Printf("failed to unmarshal edge-siem JSON data into map: %v\n", err) t.FailNow() } var errorList []string for i, siemClassification := range edgeSiem { originalMap := originalData[i] if _, exists := originalMap["pattern"]; !exists { errorList = append(errorList, fmt.Sprintf("Pattern field does not exist in the original JSON: %+v", siemClassification)) } if siemClassification.Container == "" { errorList = append(errorList, fmt.Sprintf("Container is empty: %+v", siemClassification)) } if siemClassification.Namespace == "" { errorList = append(errorList, fmt.Sprintf("Namespace is empty: %+v", siemClassification)) } if siemClassification.Pod == "" { errorList = append(errorList, fmt.Sprintf("Pod is empty: %+v", siemClassification)) } if siemClassification.LogClass == "" { errorList = append(errorList, fmt.Sprintf("LogClass is empty: %+v", siemClassification)) } if siemClassification.LogType == "" { errorList = append(errorList, fmt.Sprintf("LogType is empty: %+v", siemClassification)) } if !assert.Contains(t, validClusterLogLevels, strings.ToUpper(siemClassification.Severity)) { errorList = append(errorList, fmt.Sprintf("Severity is invalid: %+v", siemClassification)) } } if len(errorList) > 0 { for _, errMsg := range errorList { fmt.Println(errMsg) } t.FailNow() } }