def Run(self, args):
# Get the security policy.
holder = base_classes.ComputeApiHolder(self.ReleaseTrack())
ref = self.SECURITY_POLICY_ARG.ResolveAsResource(
args, holder.resources)
requests = []
security_policy = client.SecurityPolicy(ref,
compute_client=holder.client)
requests.extend(security_policy.Describe(only_generate_request=True))
resources = holder.client.MakeRequests(requests)
# Export the security policy.
try:
with open(args.file_name, 'w') as export_file:
if args.file_format == 'json':
security_policies_utils.WriteToFile(
export_file, resources[0], 'json')
else:
security_policies_utils.WriteToFile(
export_file, resources[0], 'yaml')
except EnvironmentError as exp:
msg = 'Unable to export security policy to file [{0}]: {1}'.format(
args.file_name, exp)
raise exceptions.BadFileException(msg)
log.status.Print('Exported security policy to [{0}].'.format(
args.file_name))
def testWriteToYamlFile(self):
with open(self.result_file_path, 'w') as yaml_file:
security_policies_utils.WriteToFile(
yaml_file,
test_resources.MakeSecurityPolicyCloudArmorConfig(
self.messages, self.my_policy), 'yaml')
with open(self.result_file_path) as results:
with open(_YAML_FILE_PATH) as expected:
self.assertEqual(expected.readlines(), results.readlines())
def testSecurityPolicy(self):
security_policy_name = _UniqueName('my-policy')
with self._SecurityPolicy(security_policy_name):
# Update the security policy
self.result_file_path = os.path.join(self.temp_path, 'exported')
self.Run('compute security-policies export {0}'
' --file-name "{1}" --file-format yaml'.format(
security_policy_name, self.result_file_path))
security_policy = yaml.load_path(self.result_file_path)
self.assertEqual('', security_policy['description'])
self.assertEqual(1, len(security_policy['rules']))
default_rule = security_policy['rules'][0]
self.assertEqual('default rule', default_rule['description'])
self.assertEqual(2147483647, default_rule['priority'])
self.assertEqual('SRC_IPS_V1',
default_rule['match']['versionedExpr'])
self.assertEqual('*',
default_rule['match']['config']['srcIpRanges'][0])
self.assertEqual('allow', default_rule['action'])
self.assertEqual(False, default_rule['preview'])
security_policy['description'] = 'new description'
security_policy['rules'] = []
with open(self.result_file_path, 'w') as export_file:
security_policies_utils.WriteToFile(export_file,
security_policy, 'json')
self.Run('compute security-policies import {0}'
' --file-name "{1}" --file-format yaml'.format(
security_policy_name, self.result_file_path))
self.Run('compute security-policies export {0}'
' --file-name "{1}" --file-format json'.format(
security_policy_name, self.result_file_path))
security_policy = yaml.load_path(self.result_file_path)
self.assertEqual('new description', security_policy['description'])
self.assertEqual(1, len(security_policy['rules']))
default_rule = security_policy['rules'][0]
self.assertEqual('default rule', default_rule['description'])
self.assertEqual(2147483647, default_rule['priority'])
self.assertEqual('SRC_IPS_V1',
default_rule['match']['versionedExpr'])
self.assertEqual('*',
default_rule['match']['config']['srcIpRanges'][0])
self.assertEqual('allow', default_rule['action'])
self.assertEqual(False, default_rule['preview'])