Ejemplo n.º 1
0
def test_path_lookup_variable(mocker):
    lookup = aws_ssm.LookupModule()
    lookup._load_name = "aws_ssm"

    boto3_double = mocker.MagicMock()
    get_paginator_fn = boto3_double.Session.return_value.client.return_value.get_paginator
    paginator = get_paginator_fn.return_value
    paginator.paginate.return_value.build_full_result.return_value = path_success_response
    boto3_client_double = boto3_double.Session.return_value.client

    mocker.patch.object(boto3, 'session', boto3_double)
    args = copy(dummy_credentials)
    args["bypath"] = True
    args["recursive"] = True
    retval = lookup.run(["/testpath"], {}, **args)
    assert (retval[0]["/testpath/won"] == "simple_value_won")
    assert (retval[0]["/testpath/too"] == "simple_value_too")
    boto3_client_double.assert_called_with('ssm',
                                           'eu-west-1',
                                           aws_access_key_id='notakey',
                                           aws_secret_access_key="notasecret",
                                           aws_session_token=None)
    get_paginator_fn.assert_called_with('get_parameters_by_path')
    paginator.paginate.assert_called_with(Path="/testpath",
                                          Recursive=True,
                                          WithDecryption=True)
    paginator.paginate.return_value.build_full_result.assert_called_with()
Ejemplo n.º 2
0
def test_warn_notfound_resource(mocker):
    lookup = aws_ssm.LookupModule()
    lookup._load_name = "aws_ssm"

    boto3_double = mocker.MagicMock()
    boto3_double.Session.return_value.client.return_value.get_parameter.side_effect = mock_get_parameter

    with pytest.raises(AnsibleError):
        mocker.patch.object(boto3, 'session', boto3_double)
        lookup.run(["notfound_variable"], {}, **dummy_credentials)
Ejemplo n.º 3
0
def test_warn_denied_variable(mocker):
    lookup = aws_ssm.LookupModule()
    lookup._load_name = "aws_ssm"

    boto3_double = mocker.MagicMock()
    boto3_double.Session.return_value.client.return_value.get_parameters.side_effect = ClientError(
        error_response, operation_name)

    with pytest.raises(AnsibleError):
        mocker.patch.object(boto3, 'session', boto3_double)
        lookup.run(["denied_variable"], {}, **dummy_credentials)
Ejemplo n.º 4
0
def test_skip_on_denied_variable(mocker):
    lookup = aws_ssm.LookupModule()
    lookup._load_name = "aws_ssm"

    boto3_double = mocker.MagicMock()
    boto3_double.Session.return_value.client.return_value.get_parameter.side_effect = mock_get_parameter

    denied_credentials = copy(dummy_credentials)
    denied_credentials['on_denied'] = "warn"
    mocker.patch.object(boto3, 'session', boto3_double)
    retval = lookup.run(["denied_variable"], {}, **denied_credentials)
    assert (isinstance(retval, list))
    assert (retval[0] is None)
Ejemplo n.º 5
0
def test_error_on_denied_variable(mocker):
    lookup = aws_ssm.LookupModule()
    lookup._load_name = "aws_ssm"

    boto3_double = mocker.MagicMock()
    boto3_double.Session.return_value.client.return_value.get_parameter.side_effect = mock_get_parameter

    with pytest.raises(AnsibleError) as exc:
        denied_credentials = copy(dummy_credentials)
        denied_credentials['on_denied'] = "error"
        mocker.patch.object(boto3, 'session', boto3_double)
        lookup.run(["denied_variable"], {}, **denied_credentials)
    assert exc.match(
        r"Failed to access SSM parameter denied_variable \(AccessDenied\)")
Ejemplo n.º 6
0
def test_on_denied_wrong_value(mocker):
    lookup = aws_ssm.LookupModule()
    lookup._load_name = "aws_ssm"

    boto3_double = mocker.MagicMock()
    boto3_double.Session.return_value.client.return_value.get_parameter.side_effect = mock_get_parameter

    with pytest.raises(AnsibleError) as exc:
        denied_credentials = copy(dummy_credentials)
        denied_credentials['on_denied'] = "fake_value_on_denied"
        mocker.patch.object(boto3, 'session', boto3_double)
        lookup.run(["simple"], {}, **denied_credentials)

    assert exc.match(
        '"on_denied" must be a string and one of "error", "warn" or "skip"')
Ejemplo n.º 7
0
def test_error_on_missing_variable(mocker):
    lookup = aws_ssm.LookupModule()
    lookup._load_name = "aws_ssm"

    boto3_double = mocker.MagicMock()
    boto3_double.Session.return_value.client.return_value.get_parameter.side_effect = mock_get_parameter

    with pytest.raises(AnsibleError) as exc:
        missing_credentials = copy(dummy_credentials)
        missing_credentials['on_missing'] = "error"
        mocker.patch.object(boto3, 'session', boto3_double)
        lookup.run(["missing_variable"], {}, **missing_credentials)

    assert exc.match(
        r"Failed to find SSM parameter missing_variable \(ResourceNotFound\)")
Ejemplo n.º 8
0
def test_return_none_for_missing_variable(mocker):
    """
    during jinja2 templates, we can't shouldn't normally raise exceptions since this blocks the ability to use defaults.

    for this reason we return ```None``` for missing variables
    """
    lookup = aws_ssm.LookupModule()
    lookup._load_name = "aws_ssm"

    boto3_double = mocker.MagicMock()
    boto3_double.Session.return_value.client.return_value.get_parameters.return_value = missing_variable_response

    mocker.patch.object(boto3, 'session', boto3_double)
    retval = lookup.run(["missing_variable"], {}, **dummy_credentials)
    assert (retval[0] is None)
Ejemplo n.º 9
0
def test_lookup_variable(mocker):
    lookup = aws_ssm.LookupModule()
    lookup._load_name = "aws_ssm"

    boto3_double = mocker.MagicMock()
    boto3_double.Session.return_value.client.return_value.get_parameters.return_value = simple_variable_success_response
    boto3_client_double = boto3_double.Session.return_value.client

    mocker.patch.object(boto3, 'session', boto3_double)
    retval = lookup.run(["simple_variable"], {}, **dummy_credentials)
    assert (retval[0] == "simplevalue")
    boto3_client_double.assert_called_with('ssm',
                                           'eu-west-1',
                                           aws_access_key_id='notakey',
                                           aws_secret_access_key="notasecret",
                                           aws_session_token=None)
Ejemplo n.º 10
0
def test_match_retvals_to_call_params_even_with_some_missing_variables(mocker):
    """
    If we get a complex list of variables with some missing and some not, we still have to return a
    list which matches with the original variable list.
    """
    lookup = aws_ssm.LookupModule()
    lookup._load_name = "aws_ssm"

    boto3_double = mocker.MagicMock()
    boto3_double.Session.return_value.client.return_value.get_parameters.return_value = some_missing_variable_response

    mocker.patch.object(boto3, 'session', boto3_double)
    retval = lookup.run(
        ["simple", "missing_variable", "/testpath/won", "simple"], {},
        **dummy_credentials)
    assert (retval == [
        "simple_value", None, "simple_value_won", "simple_value"
    ])
Ejemplo n.º 11
0
def test_skip_on_missing_match_retvals_to_call_params_with_some_missing_variables(
        mocker):
    """If we get a complex list of variables with some missing and some
    not, and on_missing is skip, we still have to return a list which
    matches with the original variable list.

    """
    lookup = aws_ssm.LookupModule()
    lookup._load_name = "aws_ssm"

    boto3_double = mocker.MagicMock()

    boto3_double.Session.return_value.client.return_value.get_parameter.side_effect = mock_get_parameter

    mocker.patch.object(boto3, 'session', boto3_double)
    args = copy(dummy_credentials)
    args["on_missing"] = 'skip'
    retval = lookup.run(
        ["simple", "missing_variable", "/testpath/won", "simple"], {}, **args)
    assert (isinstance(retval, list))
    assert (retval == [
        "simple_value", None, "simple_value_won", "simple_value"
    ])