def _release_factory():
boto_session = assume_role(root_session, global_config.dev_account_id,
get_role_session_name(os.environ))
ecr_client = boto_session.client('ecr')
release_config = ReleaseConfig(global_config.dev_account_id,
global_config.prod_account_id,
metadata.aws_region)
return Release(release_config, ecr_client, component_name, version)
def _deploy_monitor_factory():
is_prod = environment_name == 'live'
if is_prod:
account_id = global_config.prod_account_id
else:
account_id = global_config.dev_account_id
boto_session = assume_role(root_session, account_id,
get_role_session_name(os.environ))
events = ECSEventIterator(metadata.ecs_cluster, environment_name,
component_name, version, boto_session)
return ECSMonitor(events)
def _destroy_factory():
is_prod = environment_name == 'live'
if is_prod:
account_id = global_config.prod_account_id
else:
account_id = global_config.dev_account_id
boto_session = assume_role(root_session, account_id,
get_role_session_name(os.environ))
s3_bucket_factory = S3BucketFactory(boto_session, account_id)
s3_bucket = s3_bucket_factory.get_bucket_name()
write_terragrunt_config(metadata.aws_region, s3_bucket,
environment_name, component_name)
return Destroy(boto_session, component_name, environment_name,
s3_bucket)
def _deploy_factory():
is_prod = environment_name == 'live'
if is_prod:
account_id = global_config.prod_account_id
else:
account_id = global_config.dev_account_id
platform_config_file = get_platform_config_path(
metadata.account_prefix, metadata.aws_region, is_prod)
boto_session = assume_role(root_session, account_id,
get_role_session_name(os.environ))
s3_bucket_factory = S3BucketFactory(boto_session, account_id)
s3_bucket = s3_bucket_factory.get_bucket_name()
write_terragrunt_config(metadata.aws_region, s3_bucket,
environment_name, component_name)
deploy_config = DeployConfig(
team=metadata.team,
platform_config_file=platform_config_file,
)
return Deploy(boto_session, component_name, environment_name,
additional_variables, deploy_config)
def test_get_safe_session_name(self, user_id):
sts_client = Mock()
sts_client.get_caller_identity.return_value = {
u'Account': '111111111111',
u'UserId': user_id,
'ResponseMetadata': {
'RetryAttempts': 0,
'HTTPStatusCode': 200,
'RequestId': 'aaaaaaaa-1111-bbbb-2222-cccccccccccc',
'HTTPHeaders': {
'x-amzn-requestid': 'aaaaaaaa-1111-bbbb-2222-cccccccccccc',
'date': 'Wed, 13 Sep 2000 12:00:59 GMT',
'content-length': '458',
'content-type': 'text/xml'
}
},
u'Arn': 'arn:aws:sts::111111111111:assumed-role/admin/[email protected]'
}
role_session_name = config.get_role_session_name(sts_client)
assert not re.search(config.ILLEGAL_CHARACTERS, role_session_name)
def test_get_session_name_from_unsafe_email_truncated(self, email):
env = {'EMAIL': email}
role_session_name = config.get_role_session_name(env)
assert len(role_session_name) <= 64
def test_get_session_name_from_email(self, email):
env = {'EMAIL': email}
role_session_name = config.get_role_session_name(env)
for character in ROLE_UNSAFE_CHARACTERS:
assert character not in role_session_name
def test_get_session_name_from_unsafe_job_name_truncated(self, job_name):
env = {'JOB_NAME': job_name}
role_session_name = config.get_role_session_name(env)
assert len(role_session_name) <= 64
def test_get_session_name_from_unsafe_job_name(self, job_name):
env = {'JOB_NAME': job_name}
role_session_name = config.get_role_session_name(env)
for character in ROLE_UNSAFE_CHARACTERS:
assert character not in role_session_name
def test_get_session_name_from_safe_job_name(self, job_name):
env = {'JOB_NAME': job_name}
role_session_name = config.get_role_session_name(env)
assert role_session_name == job_name