def test_credentials_file_helper_not_found_no_awsprofile(capsys, tmpdir):
fake_file = os.path.join(str(tmpdir), 'fake_aws_config')
tmpdir.join('fake_aws_config').write('')
with pytest.raises(SystemExit) as ex:
mount_efs.credentials_file_helper(fake_file, awsprofile='test_profile')
assert 0 != ex.value.code
out, err = capsys.readouterr()
assert 'No [test_profile] section found in config file' in err
def test_credentials_file_helper_not_found_with_awsprofile(capsys, tmpdir):
fake_file = os.path.join(str(tmpdir), 'fake_aws_config')
tmpdir.join('fake_aws_config').write(
'[default]\naws_access_key_id = WRONG_AWS_ACCESS_KEY_ID\n'
'aws_secret_access_key = WRONG_AWS_SECRET_ACCESS_KEY\n\n'
'[test_profile]\naws_secret_access_key = FAKE_AWS_SECRET_ACCESS_KEY')
with pytest.raises(SystemExit) as ex:
mount_efs.credentials_file_helper(fake_file, awsprofile='test_profile')
assert 0 != ex.value.code
out, err = capsys.readouterr()
assert 'aws_access_key_id or aws_secret_access_key not found' in err
assert 'under named profile [test_profile]' in err
def test_credentials_file_helper_awsprofile_not_found(caplog, tmpdir):
caplog.set_level(logging.DEBUG)
fake_file = os.path.join(str(tmpdir), 'fake_aws_config')
tmpdir.join('fake_aws_config').write('')
credentials = mount_efs.credentials_file_helper(fake_file, 'default')
assert credentials['AccessKeyId'] is None
assert credentials['SecretAccessKey'] is None
assert credentials['Token'] is None
assert 'No [default] section found in config file %s' % fake_file in [rec.message for rec in caplog.records][0]
def test_credentials_file_helper_awsprofile_not_found(caplog, tmpdir):
caplog.set_level(logging.DEBUG)
fake_file = os.path.join(str(tmpdir), "fake_aws_config")
tmpdir.join("fake_aws_config").write("")
credentials = mount_efs.credentials_file_helper(fake_file, "default")
assert credentials["AccessKeyId"] is None
assert credentials["SecretAccessKey"] is None
assert credentials["Token"] is None
assert ("No [default] section found in config file %s" % fake_file
in [rec.message for rec in caplog.records][0])
def test_credentials_file_helper_found_with_token_default(tmpdir):
fake_file, config = _config_helper(tmpdir)
config.set(DEFAULT_PROFILE, ACCESS_KEY_ID_KEY, ACCESS_KEY_ID_VAL)
config.set(DEFAULT_PROFILE, SECRET_ACCESS_KEY_KEY, SECRET_ACCESS_KEY_VAL)
config.set(DEFAULT_PROFILE, SESSION_TOKEN_KEY, SESSION_TOKEN_VAL)
with open(fake_file, 'w') as f:
config.write(f)
credentials = mount_efs.credentials_file_helper(fake_file)
assert credentials['AccessKeyId'] == ACCESS_KEY_ID_VAL
assert credentials['SecretAccessKey'] == SECRET_ACCESS_KEY_VAL
assert credentials['Token'] == SESSION_TOKEN_VAL
def test_credentials_file_helper_awsprofile_found_missing_key(caplog, tmpdir):
caplog.set_level(logging.DEBUG)
fake_file = os.path.join(str(tmpdir), 'fake_aws_config')
tmpdir.join('fake_aws_config').write('[default]\naws_access_key_id = WRONG_AWS_ACCESS_KEY_ID\n'
'aws_secret_access_key = WRONG_AWS_SECRET_ACCESS_KEY\n\n'
'[test_profile]\naws_secret_access_key = FAKE_AWS_SECRET_ACCESS_KEY')
credentials = mount_efs.credentials_file_helper(fake_file, 'test_profile')
assert credentials['AccessKeyId'] is None
assert credentials['SecretAccessKey'] is None
assert credentials['Token'] is None
assert 'aws_access_key_id or aws_secret_access_key not found in %s under named profile [test_profile]' % fake_file \
in [rec.message for rec in caplog.records][0]
def test_credentials_file_helper_found_without_token_default(caplog, tmpdir):
caplog.set_level(logging.DEBUG)
fake_file, config = _config_helper(tmpdir)
config.set(DEFAULT_PROFILE, ACCESS_KEY_ID_KEY, ACCESS_KEY_ID_VAL)
config.set(DEFAULT_PROFILE, SECRET_ACCESS_KEY_KEY, SECRET_ACCESS_KEY_VAL)
with open(fake_file, 'w') as f:
config.write(f)
credentials = mount_efs.credentials_file_helper(fake_file)
assert credentials['AccessKeyId'] == ACCESS_KEY_ID_VAL
assert credentials['SecretAccessKey'] == SECRET_ACCESS_KEY_VAL
assert credentials['Token'] is None
assert 'aws_session_token' in [rec.message for rec in caplog.records][0]
def test_credentials_file_helper_not_found_with_default(caplog, tmpdir):
caplog.set_level(logging.DEBUG)
fake_file, config = _config_helper(tmpdir)
config.set(DEFAULT_PROFILE, SECRET_ACCESS_KEY_KEY,
WRONG_SECRET_ACCESS_KEY_VAL)
with open(fake_file, 'w') as f:
config.write(f)
credentials = mount_efs.credentials_file_helper(fake_file)
assert credentials['AccessKeyId'] is None
assert credentials['SecretAccessKey'] is None
assert credentials['Token'] is None
assert 'No [default] section found in config file' in [
rec.message for rec in caplog.records
][0]
def test_credentials_file_helper_awsprofile_found_missing_key(caplog, tmpdir):
caplog.set_level(logging.DEBUG)
fake_file = os.path.join(str(tmpdir), "fake_aws_config")
tmpdir.join("fake_aws_config").write(
"[default]\naws_access_key_id = WRONG_AWS_ACCESS_KEY_ID\n"
"aws_secret_access_key = WRONG_AWS_SECRET_ACCESS_KEY\n\n"
"[test_profile]\naws_secret_access_key = FAKE_AWS_SECRET_ACCESS_KEY")
credentials = mount_efs.credentials_file_helper(fake_file, "test_profile")
assert credentials["AccessKeyId"] is None
assert credentials["SecretAccessKey"] is None
assert credentials["Token"] is None
assert (
"aws_access_key_id or aws_secret_access_key not found in %s under named profile [test_profile]"
% fake_file in [rec.message for rec in caplog.records][0])
def test_credentials_file_helper_awsprofile_found_without_token(caplog, tmpdir):
caplog.set_level(logging.DEBUG)
fake_file = get_fake_aws_config_file(tmpdir)
config = get_fake_config(add_test_profile=True)
config.set(DEFAULT_PROFILE, ACCESS_KEY_ID_KEY, WRONG_ACCESS_KEY_ID_VAL)
config.set(DEFAULT_PROFILE, SECRET_ACCESS_KEY_KEY, WRONG_SECRET_ACCESS_KEY_VAL)
config.set(AWSPROFILE, ACCESS_KEY_ID_KEY, ACCESS_KEY_ID_VAL)
config.set(AWSPROFILE, SECRET_ACCESS_KEY_KEY, SECRET_ACCESS_KEY_VAL)
with open(fake_file, 'w') as f:
config.write(f)
credentials = mount_efs.credentials_file_helper(fake_file, awsprofile=AWSPROFILE)
assert credentials['AccessKeyId'] == ACCESS_KEY_ID_VAL
assert credentials['SecretAccessKey'] == SECRET_ACCESS_KEY_VAL
assert credentials['Token'] is None
assert 'aws_session_token' in [rec.message for rec in caplog.records][0]
def test_credentials_file_helper_awsprofile_found_with_token(tmpdir):
fake_file = get_fake_aws_config_file(tmpdir)
config = get_fake_config(add_test_profile=True)
config.set(DEFAULT_PROFILE, ACCESS_KEY_ID_KEY, WRONG_ACCESS_KEY_ID_VAL)
config.set(DEFAULT_PROFILE, SECRET_ACCESS_KEY_KEY, WRONG_SECRET_ACCESS_KEY_VAL)
config.set(DEFAULT_PROFILE, SESSION_TOKEN_KEY, WRONG_SESSION_TOKEN_VAL)
config.set(AWSPROFILE, ACCESS_KEY_ID_KEY, ACCESS_KEY_ID_VAL)
config.set(AWSPROFILE, SECRET_ACCESS_KEY_KEY, SECRET_ACCESS_KEY_VAL)
config.set(AWSPROFILE, SESSION_TOKEN_KEY, SESSION_TOKEN_VAL)
with open(fake_file, 'w') as f:
config.write(f)
credentials = mount_efs.credentials_file_helper(fake_file, AWSPROFILE)
assert credentials['AccessKeyId'] == ACCESS_KEY_ID_VAL
assert credentials['SecretAccessKey'] == SECRET_ACCESS_KEY_VAL
assert credentials['Token'] == SESSION_TOKEN_VAL
