diff --git a/pkg/resource/validations/kms_arn_regex_validation.go b/pkg/resource/validations/kms_arn_regex_validation.go index 0670e25..8830dda 100644 --- a/pkg/resource/validations/kms_arn_regex_validation.go +++ b/pkg/resource/validations/kms_arn_regex_validation.go @@ -6,7 +6,7 @@ import ( ) var KmsArnRE = regexp.MustCompile( - `^arn:aws[\w-]*:kms:[\w-]+:\d{12}:key\/mrk-[0-9a-f]{32}$|[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$`, + `^arn:aws[\w-]*:kms:[\w-]+:\d{12}:key\/(mrk-[0-9a-f]{32}$|[0-9a-f]{8}-[0-9a-f]{4}-[1-5][0-9a-f]{3}-[89ab][0-9a-f]{3}-[0-9a-f]{12}$)`, ) func ValidateKMSKeyARN(kmsKeyARN *string) error { diff --git a/pkg/resource/validations/kms_arn_regex_validation_test.go b/pkg/resource/validations/kms_arn_regex_validation_test.go index 5115e38..c0bbbc9 100644 --- a/pkg/resource/validations/kms_arn_regex_validation_test.go +++ b/pkg/resource/validations/kms_arn_regex_validation_test.go @@ -1,54 +1,52 @@ package validations import ( - . "github.com/onsi/ginkgo/v2" . "github.com/onsi/gomega" ) var _ = Describe("Validations", func() { Describe("validateKMSKeyARN", func() { - var ( - kmsKeyARN string - ) - - BeforeEach(func() { - kmsKeyARN = "" - }) - - Context("when kmsKeyARN is nil", func() { - It("should not return an error", func() { - err := ValidateKMSKeyARN(nil) - Expect(err).ToNot(HaveOccurred()) - }) - }) - - Context("when kmsKeyARN is empty", func() { - It("should not return an error", func() { - err := ValidateKMSKeyARN(&kmsKeyARN) - Expect(err).ToNot(HaveOccurred()) + Context("empty kmsKeyARN", func() { + When("kmsKeyARN is nil", func() { + It("should not return an error", func() { + err := ValidateKMSKeyARN(nil) + Expect(err).ToNot(HaveOccurred()) + }) }) - }) - Context("when kmsKeyARN is not empty and matches the regex", func() { - BeforeEach(func() { - kmsKeyARN = "arn:aws:kms:us-east-1:111111111111:key/mrk-0123456789abcdef0123456789abcdef" + When("kmsKeyARN is empty", func() { + It("should not return an error", func() { + emptyKmsKeyARN := "" + err := ValidateKMSKeyARN(&emptyKmsKeyARN) + Expect(err).ToNot(HaveOccurred()) + }) }) + }) - It("should not return an error", func() { - err := ValidateKMSKeyARN(&kmsKeyARN) - Expect(err).ToNot(HaveOccurred()) + Context("kmsKeyARN regex", func() { + When("kmsKeyARN is not empty and matches the regex", func() { + It("should not return an error", func() { + validKmsKeyARN := "arn:aws:kms:us-east-1:111111111111:key/mrk-0123456789abcdef0123456789abcdef" + err := ValidateKMSKeyARN(&validKmsKeyARN) + Expect(err).ToNot(HaveOccurred()) + }) }) - }) - Context("when kmsKeyARN is not empty and does not match the regex", func() { - BeforeEach(func() { - kmsKeyARN = "invalid-kms-key-arn" + When("kmsKeyARN is not empty but is not prefixed with 'mrk'", func() { + It("should return an error", func() { + invalidKmsKeyARN := "arn:aws:notkms:us-west-2:301721915996:key/9fdfaf2f-efb7-4db7-a5c3-0d047c52f094" + err := ValidateKMSKeyARN(&invalidKmsKeyARN) + Expect(err).To(HaveOccurred()) + }) }) - It("should return an error", func() { - err := ValidateKMSKeyARN(&kmsKeyARN) - Expect(err).To(HaveOccurred()) + When("when kmsKeyARN is not empty and does not match the regex", func() { + It("should return an error", func() { + invalidKmsKeyARN := "invalid-kms-key-arn" + err := ValidateKMSKeyARN(&invalidKmsKeyARN) + Expect(err).To(HaveOccurred()) + }) }) }) })