Adding ECR Image Scan Event (#378)

alvinsiew · web-flow · commit 99b35f2f5456 · 2021-07-14T18:18:00.000-07:00
* Add ECR Scan Event Type

* Add ECR Scan Event Type Unit Test

* Consistency for type names

Co-authored-by: Alvin Siew &lt;alvin_siew@tech.gov.sg&gt;
diff --git a/events/ecr_scan.go b/events/ecr_scan.go
@@ -0,0 +1,30 @@
+package events
+
+type ECRScanEvent struct {
+	Version    string                 `json:"version"`
+	ID         string                 `json:"id"`
+	DetailType string                 `json:"detail-type"`
+	Source     string                 `json:"source"`
+	Time       string                 `json:"time"`
+	Region     string                 `json:"region"`
+	Resources  []string               `json:"resources"`
+	Account    string                 `json:"account"`
+	Detail     ECRScanEventDetailType `json:"detail"`
+}
+
+type ECRScanEventDetailType struct {
+	ScanStatus            string                            `json:"scan-status"`
+	RepositoryName        string                            `json:"repository-name"`
+	FindingSeverityCounts ECRScanEventFindingSeverityCounts `json:"finding-severity-counts"`
+	ImageDigest           string                            `json:"image-digest"`
+	ImageTags             []string                          `json:"image-tags"`
+}
+
+type ECRScanEventFindingSeverityCounts struct {
+	Critical      int64 `json:"CRITICAL"`
+	High          int64 `json:"HIGH"`
+	Medium        int64 `json:"MEDIUM"`
+	Low           int64 `json:"LOW"`
+	Informational int64 `json:"INFORMATIONAL"`
+	Undefined     int64 `json:"UNDEFINED"`
+}
diff --git a/events/ecr_scan_test.go b/events/ecr_scan_test.go
@@ -0,0 +1,56 @@
+// Copyright 2020 Amazon.com, Inc. or its affiliates. All Rights Reserved.
+package events
+
+import (
+	"encoding/json"
+	"testing"
+
+	"github.com/aws/aws-lambda-go/events/test"
+	"github.com/stretchr/testify/assert"
+)
+
+func TestECRScanEventMarshaling(t *testing.T) {
+	// 1. read JSON from file
+	inputJson := test.ReadJSONFromFile(t, "./testdata/ecr-image-scan-event.json")
+
+	// 2. de-serialize into Go object
+	var inputEvent ECRScanEvent
+	if err := json.Unmarshal(inputJson, &inputEvent); err != nil {
+		t.Errorf("could not unmarshal event. details: %v", err)
+	}
+
+	// 3. Verify values populated into Go Object, at least one validation per data type
+	assert.Equal(t, "0", inputEvent.Version)
+	assert.Equal(t, "01234567-0123-0123-0123-012345678901", inputEvent.ID)
+	assert.Equal(t, "ECR Image Scan", inputEvent.DetailType)
+	assert.Equal(t, "aws.ecr", inputEvent.Source)
+	assert.Equal(t, "123456789012", inputEvent.Account)
+	assert.Equal(t, "2019-10-30T21:32:27Z", inputEvent.Time)
+	assert.Equal(t, "eu-north-1", inputEvent.Region)
+	assert.Equal(t, "arn:aws:ecr:eu-north-1:123456789012:repository/tribble-image-scan-test", inputEvent.Resources[0])
+
+	var detail = inputEvent.Detail
+	assert.Equal(t, "COMPLETE", detail.ScanStatus)
+	assert.Equal(t, "tribble-image-scan-test", detail.RepositoryName)
+	assert.Equal(t, "sha256:d4a96ee9443e641fc100e763a0c10928720b50c6e3ea3342d05d7c3435fc5355", detail.ImageDigest)
+	assert.Equal(t, "1572471135", detail.ImageTags[0])
+	assert.Equal(t, int64(10), detail.FindingSeverityCounts.Critical)
+	assert.Equal(t, int64(2), detail.FindingSeverityCounts.High)
+	assert.Equal(t, int64(9), detail.FindingSeverityCounts.Medium)
+	assert.Equal(t, int64(3), detail.FindingSeverityCounts.Low)
+	assert.Equal(t, int64(0), detail.FindingSeverityCounts.Informational)
+	assert.Equal(t, int64(0), detail.FindingSeverityCounts.Undefined)
+
+	// 4. serialize to JSON
+	outputJson, err := json.Marshal(inputEvent)
+	if err != nil {
+		t.Errorf("could not marshal event. details: %v", err)
+	}
+
+	// 5. check result
+	assert.JSONEq(t, string(inputJson), string(outputJson))
+}
+
+func TestECRScanMarshalingMalformedJson(t *testing.T) {
+	test.TestMalformedJson(t, ECRScanEvent{})
+}
diff --git a/events/testdata/ecr-image-scan-event.json b/events/testdata/ecr-image-scan-event.json
@@ -0,0 +1,24 @@
+{
+  "version": "0",
+  "id": "01234567-0123-0123-0123-012345678901",
+  "detail-type": "ECR Image Scan",
+  "source": "aws.ecr",
+  "account": "123456789012",
+  "time": "2019-10-30T21:32:27Z",
+  "region": "eu-north-1",
+  "resources": ["arn:aws:ecr:eu-north-1:123456789012:repository/tribble-image-scan-test"],
+  "detail": {
+    "scan-status": "COMPLETE",
+    "repository-name": "tribble-image-scan-test",
+    "finding-severity-counts": {
+      "CRITICAL": 10,
+      "HIGH": 2,
+      "MEDIUM": 9,
+      "LOW": 3,
+      "INFORMATIONAL": 0,
+      "UNDEFINED": 0
+    },
+    "image-digest": "sha256:d4a96ee9443e641fc100e763a0c10928720b50c6e3ea3342d05d7c3435fc5355",
+    "image-tags": ["1572471135"]
+  }
+}
