Merge pull request #286 from Kudbettin/fix_issue-249

Fixes a problem where a value of a property can be an empty string (or emtpy list) but still being validated.

Author: eerkunt

CHANGELOG.md

@@ -1,5 +1,8 @@
 # CHANGELOG
 
+## Unreleased
+* Fixed a bug where some empty found values would be treated as not found. ([#249](https://github.com/eerkunt/terraform-compliance/issues/249))
+
 ## 1.2.4 (2020-06-03)
 * Add ability to reference a git repo by branch name and directory via `<repo>.git//<directory>?ref=<branch-name`. ([#218](https://github.com/eerkunt/terraform-compliance/issues/218))
 

terraform_compliance/steps/then/it_must_contain_something.py

@@ -40,6 +40,7 @@ def it_must_contain_something(_step_obj, something, inherited_values=Null):
 
                     if isinstance(found_key, dict):
                         found_value = jsonify(found_key.get(something, found_key))
+                        found_value = found_value if found_value not in ([], '') else found_key
                     else:
                         found_value = found_key
             elif isinstance(values, list):
@@ -137,6 +138,7 @@ def it_must_not_contain_something(_step_obj, something, inherited_values=Null):
 
                     if isinstance(found_key, dict):
                         found_value = jsonify(found_key.get(something, found_key))
+                        found_value = found_value if found_value not in ([], '') else found_key
                     else:
                         found_value = found_key
             elif isinstance(values, list):

tests/functional/test_issue-249-bad_feature/.expected

@@ -0,0 +1 @@
+Failure: module.alb.aws_alb.alb \(aws_alb\) does not have bad_something_waf_custom property.

tests/functional/test_issue-249-bad_feature/.failure

@@ -0,0 +1,18 @@
+# Fixed version of the features provided on issue 249. 
+# Bad feature: Last line changed to something that's not in tags
+Feature: Resources should be properly tagged
+  In order to keep track of resource ownership
+  As engineers
+  We'll enforce tagging on all resources
+
+# Check required tag for ALB and CF
+  Scenario: Ensure that waf_policy for ALB/CF tag is defined
+    Given I have aws_alb defined
+    When it contains tags
+    Then it must contain waf_policy
+    And its value must match the "^(internal|external|custom)$" regex
+
+  Scenario: Ensure that waf_custom for ALB/CF tag is defined
+    Given I have aws_alb defined
+    When it contains tags
+    Then it must contain bad_something_waf_custom

tests/functional/test_issue-249-bad_feature/plan.out.json

@@ -0,0 +1,19 @@
+# Fixed version of the features provided on issue 249
+# Has: "when it contains" steps are changed to "when it has"
+Feature: Resources should be properly tagged
+  In order to keep track of resource ownership
+  As engineers
+  We'll enforce tagging on all resources
+
+# Check required tag for ALB and CF
+  Scenario: Ensure that waf_policy for ALB/CF tag is defined
+    Given I have aws_alb defined
+    When it has tags
+    Then it must contain tags
+    Then it must contain waf_policy
+    And its value must match the "^(internal|external|custom)$" regex
+
+  Scenario: Ensure that waf_custom for ALB/CF tag is defined
+    Given I have aws_alb defined
+    When it has tags
+    Then it must contain waf_custom

tests/functional/test_issue-249-bad_feature/test.feature

@@ -0,0 +1,2 @@
+Failure: waf_policy property exists in module.alb.aws_alb.alb \(aws_alb\).
+Failure: waf_custom property exists in module.alb.aws_alb.alb \(aws_alb\).

tests/functional/test_issue-249-has/plan.out.json

@@ -0,0 +1,17 @@
+# Fixed version of the features provided on issue 249
+# Must not: Testing must not changes
+Feature: Resources should be properly tagged
+  In order to keep track of resource ownership
+  As engineers
+  We'll enforce tagging on all resources
+
+# Check required tag for ALB and CF
+  Scenario: Ensure that waf_policy for ALB/CF tag is defined
+    Given I have aws_alb defined
+    When it contains tags
+    Then it must not contain waf_policy
+
+  Scenario: Ensure that waf_custom for ALB/CF tag is defined
+    Given I have aws_alb defined
+    When it contains tags
+    Then it must not contain waf_custom

tests/functional/test_issue-249-has/test.feature

@@ -0,0 +1,18 @@
+# Fixed version of the features provided on issue 249
+# Must not: Testing must not changes
+# Bad feature: Last line changed to something that's not in tags
+Feature: Resources should be properly tagged
+  In order to keep track of resource ownership
+  As engineers
+  We'll enforce tagging on all resources
+
+# Check required tag for ALB and CF
+  Scenario: Ensure that waf_policy for ALB/CF tag is defined
+    Given I have aws_alb defined
+    When it contains tags
+    Then it must not contain bad_waf_policy
+
+  Scenario: Ensure that waf_custom for ALB/CF tag is defined
+    Given I have aws_alb defined
+    When it contains tags
+    Then it must not contain bad_something_waf_custom

tests/functional/test_issue-249-must_not/.expected

@@ -0,0 +1,17 @@
+# Fixed version of the features provided on issue 249
+Feature: Resources should be properly tagged
+  In order to keep track of resource ownership
+  As engineers
+  We'll enforce tagging on all resources
+
+# Check required tag for ALB and CF
+  Scenario: Ensure that waf_policy for ALB/CF tag is defined
+    Given I have aws_alb defined
+    When it contains tags
+    Then it must contain waf_policy
+    And its value must match the "^(internal|external|custom)$" regex
+
+  Scenario: Ensure that waf_custom for ALB/CF tag is defined
+    Given I have aws_alb defined
+    When it contains tags
+    Then it must contain waf_custom