def test_execute(self):
actor = elb_actor.SetCert('Unit Test', {
'name': 'unit-test',
'region': 'us-east-1',
'cert_name': 'unit-cert'
})
elb = mock.Mock()
elb.listeners = [(443, 443, 'HTTPS', 'HTTPS',
'arn:aws:iam::12345:server-certificate/nextdoor.com')
]
actor._find_elb = helper.mock_tornado(elb)
actor._get_cert_arn = helper.mock_tornado('arn')
actor._check_access = helper.mock_tornado()
actor._use_cert = helper.mock_tornado()
yield actor._execute()
self.assertEquals(actor._check_access._call_count, 0)
self.assertEquals(actor._use_cert._call_count, 1)
# Check quick exit if the cert is already in use
actor._get_cert_arn = helper.mock_tornado(elb.listeners[0][4])
yield actor._execute()
# Function calls should remain unchanged
self.assertEquals(actor._check_access._call_count, 0)
self.assertEquals(actor._use_cert._call_count, 1)
def test_get_cert_arn(self):
cert = {
'get_server_certificate_response': {
'get_server_certificate_result': {
'server_certificate': {
'server_certificate_metadata': {
'arn': 'unit-test-arn-value'
}
}
}
}
}
actor = elb_actor.SetCert('Unit Test', {
'name': 'unit-test',
'region': 'us-east-1',
'cert_name': 'unit-cert'
})
actor.iam_conn = mock.Mock()
actor.iam_conn.get_server_certificate = mock.Mock(return_value=cert)
arn = yield actor._get_cert_arn('test')
self.assertEquals(actor.iam_conn.get_server_certificate.call_count, 1)
self.assertEquals(arn, 'unit-test-arn-value')
yield actor._get_cert_arn('test-new')
# New name supplied, call count should be 2
self.assertEquals(actor.iam_conn.get_server_certificate.call_count, 2)
def test_get_cert_arn_fail(self):
actor = elb_actor.SetCert('Unit Test', {
'name': 'unit-test',
'region': 'us-east-1',
'cert_name': 'unit-cert'
})
actor.iam_conn = mock.Mock()
error = BotoServerError(400, 'test')
actor.iam_conn.get_server_certificate.side_effect = error
with self.assertRaises(elb_actor.CertNotFound):
yield actor._get_cert_arn('test')
def test_use_cert(self):
actor = elb_actor.SetCert('Unit Test', {
'name': 'unit-test',
'region': 'us-east-1',
'cert_name': 'unit-cert'
})
elb = mock.Mock()
yield actor._use_cert(elb, 'test')
self.assertEquals(elb.set_listener_SSL_certificate.call_count, 1)
error = BotoServerError(400, 'test')
elb.set_listener_SSL_certificate.side_effect = error
with self.assertRaises(exceptions.RecoverableActorFailure):
yield actor._use_cert(elb, 'test')
def test_check_access(self):
elb = mock.Mock()
botoerror = BotoServerError('Fail', 'Unit test')
botoerror.error_code = 'AccessDenied'
elb.set_listener_SSL_certificate = mock.Mock(side_effect=botoerror)
actor = elb_actor.SetCert('Unit Test', {
'name': 'unit-test',
'region': 'us-east-1',
'cert_name': 'unit-cert'
})
# AccessDenied means check has failed.
with self.assertRaises(exceptions.UnrecoverableActorFailure):
yield actor._check_access(elb)
# Anything else means the check has passed.
botoerror.error_code = 'Cert Not Found'
yield actor._check_access(elb)
def test_execute_dry(self):
actor = elb_actor.SetCert('Unit Test', {
'name': 'unit-test',
'region': 'us-east-1',
'cert_name': 'unit-cert'
},
dry=True)
elb = mock.Mock()
elb.listeners = [(443, 443, 'HTTPS', 'HTTPS',
'arn:aws:iam::12345:server-certificate/nextdoor.com')
]
actor._find_elb = helper.mock_tornado(elb)
actor._get_cert_arn = helper.mock_tornado('arn')
actor._check_access = helper.mock_tornado()
yield actor._execute()
self.assertEqual(actor._check_access._call_count, 1)
