1 package workloadsiemcfg
2
3 import (
4 "encoding/json"
5 "testing"
6
7 assertapi "github.com/stretchr/testify/assert"
8 corev1 "k8s.io/api/core/v1"
9 v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
10 )
11
12 const (
13 class1 = `"log_class":"audit"`
14 class2 = `"log_class":"security"`
15
16 alpineContainer = "alpine-fim"
17 testHelmEdgeID1 = `"helm_edge_ID":"4acb3c0e-89a2-4f5e-bc36-559b7e874b40"`
18
19 couchdbContainer = "couchdb"
20 testHelmEdgeID2 = `"helm_edge_ID":"4acb3c0e-89a2-4f5e-bc36-559b7e874b41"`
21
22 authserverContainer = "authserver"
23 testHelmEdgeID3 = `"helm_edge_ID":"4acb3c0e-89a2-4f5e-bc36-559b7e874b42"`
24 )
25
26 func TestFromConfigMap(t *testing.T) {
27 assert := assertapi.New(t)
28
29 cfg := getSiemConfigMap()
30
31 sc := FromConfigMap(cfg)
32
33 assert.Contains(sc.Configs, class1)
34 assert.Contains(sc.Configs, alpineContainer)
35 assert.Contains(sc.Configs, testHelmEdgeID1)
36
37 assert.Contains(sc.Configs, class2)
38 assert.Contains(sc.Configs, couchdbContainer)
39 assert.Contains(sc.Configs, testHelmEdgeID2)
40
41 assert.Contains(sc.Configs, class2)
42 assert.Contains(sc.Configs, authserverContainer)
43 assert.Contains(sc.Configs, testHelmEdgeID3)
44 }
45
46 func TestToConfigMap(t *testing.T) {
47 assert := assertapi.New(t)
48
49 customSiem := getSiemConfig()
50 cfg := customSiem.ToConfigMap()
51
52 assert.Contains(cfg.Data[WorkloadSiemConfigDataFieldName], class1)
53 assert.Contains(cfg.Data[WorkloadSiemConfigDataFieldName], alpineContainer)
54 assert.Contains(cfg.Data[WorkloadSiemConfigDataFieldName], testHelmEdgeID1)
55
56 assert.Contains(cfg.Data[WorkloadSiemConfigDataFieldName], class2)
57 assert.Contains(cfg.Data[WorkloadSiemConfigDataFieldName], couchdbContainer)
58 assert.Contains(cfg.Data[WorkloadSiemConfigDataFieldName], testHelmEdgeID2)
59
60 assert.Contains(cfg.Data[WorkloadSiemConfigDataFieldName], class2)
61 assert.Contains(cfg.Data[WorkloadSiemConfigDataFieldName], authserverContainer)
62 assert.Contains(cfg.Data[WorkloadSiemConfigDataFieldName], testHelmEdgeID3)
63 }
64
65 func TestNewValidSiemConfigConfigMap(t *testing.T) {
66 assert := assertapi.New(t)
67 cfg := getSiemConfigMap()
68 siemConfig, err := New(cfg)
69 assert.NoError(err)
70
71 assert.Contains(siemConfig.Configs, class1)
72 assert.Contains(siemConfig.Configs, alpineContainer)
73 assert.Contains(siemConfig.Configs, testHelmEdgeID1)
74
75 assert.Contains(siemConfig.Configs, class2)
76 assert.Contains(siemConfig.Configs, couchdbContainer)
77 assert.Contains(siemConfig.Configs, testHelmEdgeID2)
78
79 assert.Contains(siemConfig.Configs, class2)
80 assert.Contains(siemConfig.Configs, authserverContainer)
81 assert.Contains(siemConfig.Configs, testHelmEdgeID3)
82 }
83
84 func TestNewInvalidCustomSiemConfigMap(t *testing.T) {
85 assert := assertapi.New(t)
86 cfg := getSiemConfigMap()
87 delete(cfg.Data, WorkloadSiemConfigDataFieldName)
88 sc, err := New(cfg)
89 assert.Error(err)
90 assert.Nil(sc)
91 }
92
93 func TestIsCustomSiemConfigMap(t *testing.T) {
94 assert := assertapi.New(t)
95
96 expected := getSiemConfigMap()
97 IsCustomSiemConfigMap := IsSiemConfigMap(expected.ObjectMeta.Name, expected.ObjectMeta.Namespace)
98
99 assert.True(IsCustomSiemConfigMap)
100 }
101
102 func TestFieldsRequired(t *testing.T) {
103 assert := assertapi.New(t)
104 cfg := &corev1.ConfigMap{}
105 err := ValidateConfigMap(cfg)
106 assert.Error(err)
107 allFields := "workload-siem configmap invalid, value(s) not provided: " + WorkloadSiemConfigDataFieldName
108 assert.Equal(err.Error(), allFields)
109 }
110
111
112 func getSiemConfig() *WorkloadSiemConfigData {
113
114 classifications := []SIEMClassification{
115 {
116 HelmEdgeID: "4acb3c0e-89a2-4f5e-bc36-559b7e874b40",
117 Pod: "samhaim",
118 Container: "alpine-fim",
119 LogType: "alpine-fim",
120 LogClass: "audit",
121 Severity: "INFO",
122 Pattern: "xyz",
123 },
124 {
125 HelmEdgeID: "4acb3c0e-89a2-4f5e-bc36-559b7e874b41",
126 Pod: "data-sync-couchdb",
127 Container: "couchdb",
128 LogType: "couchdb",
129 LogClass: "security",
130 Severity: "INFO",
131 Pattern: "123",
132 },
133 {
134 HelmEdgeID: "4acb3c0e-89a2-4f5e-bc36-559b7e874b42",
135 Pod: "authserver",
136 Container: "authserver",
137 LogType: "authserver",
138 LogClass: "security",
139 Severity: "WARNING",
140 Pattern: "",
141 },
142 }
143
144 marshaledClassifications, _ := json.Marshal(classifications)
145
146
147 return &WorkloadSiemConfigData{
148 Configs: string(marshaledClassifications),
149 }
150 }
151
152 func getSiemConfigMap() *corev1.ConfigMap {
153
154 sc := getSiemConfig()
155 return &corev1.ConfigMap{
156 TypeMeta: v1.TypeMeta{
157 Kind: "ConfigMap",
158 APIVersion: v1.SchemeGroupVersion.String(),
159 },
160 ObjectMeta: v1.ObjectMeta{
161 Name: WorkloadSiemConfigMapName,
162 Namespace: WorkloadSiemConfigMapNS,
163 },
164 Data: map[string]string{
165 WorkloadSiemConfigDataFieldName: sc.Configs,
166 },
167 }
168 }
169
View as plain text