package flag_test import ( "testing" "time" "github.com/spf13/viper" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/aquasecurity/trivy/pkg/flag" ) func TestCacheFlagGroup_ToOptions(t *testing.T) { type fields struct { ClearCache bool CacheBackend string CacheTTL time.Duration RedisTLS bool RedisCACert string RedisCert string RedisKey string } tests := []struct { name string fields fields want flag.CacheOptions assertion require.ErrorAssertionFunc }{ { name: "fs", fields: fields{ CacheBackend: "fs", }, want: flag.CacheOptions{ CacheBackend: "fs", }, assertion: require.NoError, }, { name: "redis", fields: fields{ CacheBackend: "redis://localhost:6379", }, want: flag.CacheOptions{ CacheBackend: "redis://localhost:6379", }, assertion: require.NoError, }, { name: "redis tls", fields: fields{ CacheBackend: "redis://localhost:6379", RedisCACert: "ca-cert.pem", RedisCert: "cert.pem", RedisKey: "key.pem", }, want: flag.CacheOptions{ CacheBackend: "redis://localhost:6379", RedisOptions: flag.RedisOptions{ RedisCACert: "ca-cert.pem", RedisCert: "cert.pem", RedisKey: "key.pem", }, }, assertion: require.NoError, }, { name: "redis tls with public certificates", fields: fields{ CacheBackend: "redis://localhost:6379", RedisTLS: true, }, want: flag.CacheOptions{ CacheBackend: "redis://localhost:6379", RedisTLS: true, }, assertion: require.NoError, }, { name: "unknown backend", fields: fields{ CacheBackend: "unknown", }, assertion: func(t require.TestingT, err error, msgs ...any) { require.ErrorContains(t, err, "unsupported cache backend") }, }, { name: "sad redis tls", fields: fields{ CacheBackend: "redis://localhost:6379", RedisCACert: "ca-cert.pem", }, assertion: func(t require.TestingT, err error, msgs ...any) { require.ErrorContains(t, err, "you must provide Redis CA") }, }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { viper.Set(flag.ClearCacheFlag.ConfigName, tt.fields.ClearCache) viper.Set(flag.CacheBackendFlag.ConfigName, tt.fields.CacheBackend) viper.Set(flag.CacheTTLFlag.ConfigName, tt.fields.CacheTTL) viper.Set(flag.RedisTLSFlag.ConfigName, tt.fields.RedisTLS) viper.Set(flag.RedisCACertFlag.ConfigName, tt.fields.RedisCACert) viper.Set(flag.RedisCertFlag.ConfigName, tt.fields.RedisCert) viper.Set(flag.RedisKeyFlag.ConfigName, tt.fields.RedisKey) f := &flag.CacheFlagGroup{ ClearCache: flag.ClearCacheFlag.Clone(), CacheBackend: flag.CacheBackendFlag.Clone(), CacheTTL: flag.CacheTTLFlag.Clone(), RedisTLS: flag.RedisTLSFlag.Clone(), RedisCACert: flag.RedisCACertFlag.Clone(), RedisCert: flag.RedisCertFlag.Clone(), RedisKey: flag.RedisKeyFlag.Clone(), } got, err := f.ToOptions() tt.assertion(t, err) assert.Equalf(t, tt.want, got, "ToOptions()") }) } } func TestCacheOptions_CacheBackendMasked(t *testing.T) { type fields struct { backend string } tests := []struct { name string fields fields want string }{ { name: "redis cache backend masked", fields: fields{ backend: "redis://root:password@localhost:6379", }, want: "redis://****@localhost:6379", }, { name: "redis cache backend masked does nothing", fields: fields{ backend: "redis://localhost:6379", }, want: "redis://localhost:6379", }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { c := &flag.CacheOptions{ CacheBackend: tt.fields.backend, } assert.Equal(t, tt.want, c.CacheBackendMasked()) }) } }