From 4e6992725c6c55e656f034097dc17f736b91ddc2 Mon Sep 17 00:00:00 2001
From: Sofienne Lassoued <soflass1293@gmail.com>
Date: Sat, 27 Jan 2024 17:49:31 +0100
Subject: [PATCH] feat: Added SQS managed SSE status advisor

---
 src/core/sqs-managed-sse-status-advisor.ts    | 14 +++++
 .../sqs-managed-sse-status-advisor.test.ts    | 58 +++++++++++++++++++
 2 files changed, 72 insertions(+)
 create mode 100644 src/core/sqs-managed-sse-status-advisor.ts
 create mode 100644 src/test/sqs-managed-sse-status-advisor.test.ts

diff --git a/src/core/sqs-managed-sse-status-advisor.ts b/src/core/sqs-managed-sse-status-advisor.ts
new file mode 100644
index 0000000..3b07d4f
--- /dev/null
+++ b/src/core/sqs-managed-sse-status-advisor.ts
@@ -0,0 +1,14 @@
+import { Advisor } from "./types";
+import { Worker } from "./worker";
+
+export class SqsManagedSseStatusAdvisor implements Advisor {
+  apply(worker: Worker) {
+    const suggestions: string[] = [];
+    if (worker.sqs.Properties.SqsManagedSseEnabled === false) {
+      suggestions.push(
+        "Server-side queue encryption is disabled, consider enabling it or use your own encryption service",
+      );
+    }
+    return suggestions;
+  }
+}
diff --git a/src/test/sqs-managed-sse-status-advisor.test.ts b/src/test/sqs-managed-sse-status-advisor.test.ts
new file mode 100644
index 0000000..6bfae2e
--- /dev/null
+++ b/src/test/sqs-managed-sse-status-advisor.test.ts
@@ -0,0 +1,58 @@
+import { Worker } from "../core";
+import { SqsManagedSseStatusAdvisor } from "../core/sqs-managed-sse-status-advisor";
+
+describe("App", () => {
+  it("should not contain suggestion 'Server-side queue encryption is disabled, consider enabling it or use your own encryption service' when queue has no properties", () => {
+    const worker = new Worker({
+      id: "worker",
+      lambda: { id: "lambda", Properties: { Timeout: 1 } },
+      sqs: { id: "sqs", Properties: { VisibilityTimeout: 1 } },
+      integration: {
+        id: "integration",
+        Properties: {},
+      },
+    });
+    expect(new SqsManagedSseStatusAdvisor().apply(worker)).toEqual(
+      expect.arrayContaining([]),
+    );
+  });
+  it("should not contain suggestion 'Server-side queue encryption is disabled, consider enabling it or use your own encryption service' when queue properties has no 'SqsManagedSseEnabled' property", () => {
+    const worker = new Worker({
+      id: "worker",
+      lambda: { id: "lambda", Properties: { Timeout: 1 } },
+      sqs: { id: "sqs", Properties: { VisibilityTimeout: 1 } },
+      integration: {
+        id: "integration",
+        Properties: {
+          BatchSize: 1,
+          ScalingConfig: { MaximumConcurrency: 1 },
+        },
+      },
+    });
+    expect(new SqsManagedSseStatusAdvisor().apply(worker)).toEqual(
+      expect.arrayContaining([]),
+    );
+  });
+  it("should not contain suggestion 'Server-side queue encryption is disabled, consider enabling it or use your own encryption service' when queue properties has 'SqsManagedSseEnabled' property set to 'false'", () => {
+    const worker = new Worker({
+      id: "worker",
+      lambda: { id: "lambda", Properties: { Timeout: 1 } },
+      sqs: {
+        id: "sqs",
+        Properties: { VisibilityTimeout: 1, SqsManagedSseEnabled: false },
+      },
+      integration: {
+        id: "integration",
+        Properties: {
+          BatchSize: 1,
+          ScalingConfig: { MaximumConcurrency: 1 },
+        },
+      },
+    });
+    expect(new SqsManagedSseStatusAdvisor().apply(worker)).toEqual(
+      expect.arrayContaining([
+        "Server-side queue encryption is disabled, consider enabling it or use your own encryption service",
+      ]),
+    );
+  });
+});