Example #1
0
def test_put_delete_s3_object(app):
    from lemur.plugins.lemur_aws.s3 import put, delete, get

    bucket = "public-bucket"
    region = "us-east-1"
    account = "123456789012"
    path = "some-path/foo"
    data = "dummy data"

    s3_client = boto3.client('s3')
    s3_client.create_bucket(Bucket=bucket)

    put(bucket_name=bucket,
        region_name=region,
        prefix=path,
        data=data,
        encrypt=False,
        account_number=account,
        region=region)

    response = get(bucket_name=bucket,
                   prefixed_object_name=path,
                   account_number=account)

    # put data, and getting the same data
    assert (response == data)

    response = get(bucket_name="wrong-bucket",
                   prefixed_object_name=path,
                   account_number=account)

    # attempting to get thccle wrong data
    assert (response is None)

    delete(bucket_name=bucket,
           prefixed_object_name=path,
           account_number=account)
    response = get(bucket_name=bucket,
                   prefixed_object_name=path,
                   account_number=account)

    # delete data, and getting the same data
    assert (response is None)
Example #2
0
def test_upload_acme_token(app):
    from lemur.plugins.base import plugins
    from lemur.plugins.lemur_aws.s3 import get

    bucket = "public-bucket"
    account = "123456789012"
    prefix = "some-path/more-path/"
    token_content = "Challenge"
    token_name = "TOKEN"
    token_path = ".well-known/acme-challenge/" + token_name

    additional_options = [
        {
            "name": "bucket",
            "value": bucket,
            "type": "str",
            "required": True,
            "validation": r"[0-9a-z.-]{3,63}",
            "helpMessage": "Must be a valid S3 bucket name!",
        },
        {
            "name":
            "accountNumber",
            "type":
            "str",
            "value":
            account,
            "required":
            True,
            "validation":
            r"[0-9]{12}",
            "helpMessage":
            "A valid AWS account number with permission to access S3",
        },
        {
            "name": "region",
            "type": "str",
            "default": "us-east-1",
            "required": False,
            "helpMessage": "Region bucket exists",
            "available": ["us-east-1", "us-west-2", "eu-west-1"],
        },
        {
            "name": "encrypt",
            "type": "bool",
            "value": False,
            "required": False,
            "helpMessage": "Enable server side encryption",
            "default": True,
        },
        {
            "name": "prefix",
            "type": "str",
            "value": prefix,
            "required": False,
            "helpMessage": "Must be a valid S3 object prefix!",
        },
    ]

    s3_client = boto3.client('s3')
    s3_client.create_bucket(Bucket=bucket)
    p = plugins.get("aws-s3")

    response = p.upload_acme_token(token_path=token_path,
                                   token_content=token_content,
                                   token=token_content,
                                   options=additional_options)
    assert response

    response = get(bucket_name=bucket,
                   prefixed_object_name=prefix + token_name,
                   encrypt=False,
                   account_number=account)

    # put data, and getting the same data
    assert (response == token_content)

    response = p.delete_acme_token(token_path=token_path,
                                   options=additional_options,
                                   account_number=account)
    assert response
Example #3
0
File: cli.py Project: yiluzhu/lemur
def upload_acme_token_s3(token, token_name, prefix, account_number,
                         bucket_name):
    """
    This method serves for testing the upload_acme_token to S3, fetching the token to verify it, and then deleting it.
    It mainly serves for testing purposes.
    :param token:
    :param token_name:
    :param prefix:
    :param account_number:
    :param bucket_name:
    :return:
    """
    additional_options = [
        {
            "name": "bucket",
            "value": bucket_name,
            "type": "str",
            "required": True,
            "validation": r"[0-9a-z.-]{3,63}",
            "helpMessage": "Must be a valid S3 bucket name!",
        },
        {
            "name":
            "accountNumber",
            "type":
            "str",
            "value":
            account_number,
            "required":
            True,
            "validation":
            r"[0-9]{12}",
            "helpMessage":
            "A valid AWS account number with permission to access S3",
        },
        {
            "name": "region",
            "type": "str",
            "default": "us-east-1",
            "required": False,
            "helpMessage": "Region bucket exists",
            "available": ["us-east-1", "us-west-2", "eu-west-1"],
        },
        {
            "name": "encrypt",
            "type": "bool",
            "value": False,
            "required": False,
            "helpMessage": "Enable server side encryption",
            "default": True,
        },
        {
            "name": "prefix",
            "type": "str",
            "value": prefix,
            "required": False,
            "helpMessage": "Must be a valid S3 object prefix!",
        },
    ]

    p = plugins.get("aws-s3")
    p.upload_acme_token(token_name, token, additional_options)

    if not prefix.endswith("/"):
        prefix + "/"

    token_res = s3.get(bucket_name,
                       prefix + token_name,
                       account_number=account_number)
    assert (token_res == token)
    s3.delete(bucket_name, prefix + token_name, account_number=account_number)