def test_use_previous_image_id_true(mocker):
result = True
mocker.patch(
"reconcile.utils.terrascript_client.TerrascriptClient.init_jenkins",
return_value=MockJenkinsApi(result),
)
ts = tsclient.TerrascriptClient("", "", 1, [])
image = {"upstream": {"instance": {"name": "ci"}, "name": "job"}}
assert ts._use_previous_image_id(image) == result
def test_validate_mandatory_policies():
mandatory_policy = {
"name": "mandatory",
"mandatory": True,
}
not_mandatory_policy = {
"name": "not-mandatory",
}
account = {
"name": "acc",
"policies": [mandatory_policy, not_mandatory_policy]
}
ts = tsclient.TerrascriptClient("", "", 1, [])
assert ts._validate_mandatory_policies(account, [mandatory_policy],
"role") is True
assert (ts._validate_mandatory_policies(account, [not_mandatory_policy],
"role") is False)
def test_aws_username_aws(self):
ts = tsclient.TerrascriptClient('', '', 1, [])
result = 'aws'
user = {'org_username': '******', 'aws_username': result}
self.assertEqual(ts._get_aws_username(user), result)
def run(dry_run, print_to_file=None,
enable_deletion=False, thread_pool_size=10, defer=None):
settings = queries.get_app_interface_settings()
clusters = [c for c in queries.get_clusters()
if c.get('peering') is not None]
with_ocm = any(c.get('ocm') for c in clusters)
if with_ocm:
ocm_map = ocm.OCMMap(clusters=clusters,
integration=QONTRACT_INTEGRATION,
settings=settings)
else:
# this is a case for an OCP cluster which is not provisioned
# through OCM. it is expected that an 'assume_role' is provided
# on the vpc peering defition in the cluster file.
ocm_map = None
accounts = queries.get_aws_accounts()
awsapi = aws_api.AWSApi(1, accounts, settings=settings, init_users=False)
desired_state = []
errors = []
# Fetch desired state for cluster-to-vpc(account) VPCs
desired_state_vpc, err = \
build_desired_state_vpc(clusters, ocm_map, awsapi)
desired_state.extend(desired_state_vpc)
errors.append(err)
# Fetch desired state for cluster-to-account (vpc mesh) VPCs
if ocm_map is not None:
desired_state_vpc_mesh, err = \
build_desired_state_vpc_mesh(clusters, ocm_map, awsapi)
desired_state.extend(desired_state_vpc_mesh)
errors.append(err)
else:
logging.debug('account-vpc-mesh is not yet supported without OCM')
# Fetch desired state for cluster-to-cluster VPCs
if ocm_map is not None:
desired_state_cluster, err = \
build_desired_state_all_clusters(clusters, ocm_map, awsapi)
desired_state.extend(desired_state_cluster)
errors.append(err)
else:
logging.debug('cluster-vpc is not yet supported without OCM')
# check there are no repeated vpc connection names
connection_names = [c['connection_name'] for c in desired_state]
if len(set(connection_names)) != len(connection_names):
logging.error("duplicate vpc connection names found")
sys.exit(1)
participating_accounts = \
[item['requester']['account'] for item in desired_state]
participating_accounts += \
[item['accepter']['account'] for item in desired_state]
participating_account_names = \
[a['name'] for a in participating_accounts]
accounts = [a for a in accounts
if a['name'] in participating_account_names]
ts = terrascript.TerrascriptClient(
QONTRACT_INTEGRATION,
"",
thread_pool_size,
accounts,
settings=settings)
ts.populate_additional_providers(participating_accounts)
ts.populate_vpc_peerings(desired_state)
working_dirs = ts.dump(print_to_file=print_to_file)
if print_to_file:
sys.exit(0 if dry_run else int(any(errors)))
tf = terraform.TerraformClient(
QONTRACT_INTEGRATION,
QONTRACT_INTEGRATION_VERSION,
"",
accounts,
working_dirs,
thread_pool_size,
awsapi)
if tf is None or any(errors):
sys.exit(1)
defer(tf.cleanup)
disabled_deletions_detected, err = tf.plan(enable_deletion)
errors.append(err)
if disabled_deletions_detected:
logging.error("Deletions detected when they are disabled")
sys.exit(1)
if dry_run:
sys.exit(int(any(errors)))
if any(errors):
sys.exit(1)
errors.append(tf.apply())
sys.exit(int(any(errors)))
def test_use_previous_image_id_no_upstream():
ts = tsclient.TerrascriptClient("", "", 1, [])
assert ts._use_previous_image_id({}) is False
def test_aws_username_aws():
ts = tsclient.TerrascriptClient("", "", 1, [])
result = "aws"
user = {"org_username": "******", "aws_username": result}
assert ts._get_aws_username(user) == result
def run(dry_run,
print_only=False,
enable_deletion=False,
thread_pool_size=10,
defer=None):
settings = queries.get_app_interface_settings()
clusters = [
c for c in queries.get_clusters() if c.get('peering') is not None
]
ocm_map = ocm.OCMMap(clusters=clusters,
integration=QONTRACT_INTEGRATION,
settings=settings)
accounts = queries.get_aws_accounts()
awsapi = aws_api.AWSApi(1, accounts, settings=settings, init_users=False)
errors = []
# Fetch desired state for cluster-to-vpc(account) VPCs
desired_state_vpc, err = \
build_desired_state_vpc(clusters, ocm_map, awsapi)
errors.append(err)
# Fetch desired state for cluster-to-account (vpc mesh) VPCs
desired_state_vpc_mesh, err = \
build_desired_state_vpc_mesh(clusters, ocm_map, awsapi)
errors.append(err)
# Fetch desired state for cluster-to-cluster VPCs
desired_state_cluster, err = \
build_desired_state_all_clusters(clusters, ocm_map, awsapi)
errors.append(err)
desired_state = \
desired_state_vpc + \
desired_state_vpc_mesh + \
desired_state_cluster
# check there are no repeated vpc connection names
connection_names = [c['connection_name'] for c in desired_state]
if len(set(connection_names)) != len(connection_names):
logging.error("duplicate vpc connection names found")
sys.exit(1)
participating_accounts = \
[item['requester']['account'] for item in desired_state]
participating_accounts += \
[item['accepter']['account'] for item in desired_state]
participating_account_names = \
[a['name'] for a in participating_accounts]
accounts = [
a for a in accounts if a['name'] in participating_account_names
]
ts = terrascript.TerrascriptClient(QONTRACT_INTEGRATION,
"",
thread_pool_size,
accounts,
settings=settings)
ts.populate_additional_providers(participating_accounts)
ts.populate_vpc_peerings(desired_state)
working_dirs = ts.dump(print_only=print_only)
if print_only:
sys.exit(0 if dry_run else int(any(errors)))
tf = terraform.TerraformClient(QONTRACT_INTEGRATION,
QONTRACT_INTEGRATION_VERSION, "", accounts,
working_dirs, thread_pool_size)
if tf is None or any(errors):
sys.exit(1)
defer(tf.cleanup)
disabled_deletions_detected, err = tf.plan(enable_deletion)
errors.append(err)
if disabled_deletions_detected:
logging.error("Deletions detected when they are disabled")
sys.exit(1)
if dry_run:
sys.exit(int(any(errors)))
if any(errors):
sys.exit(1)
errors.append(tf.apply())
sys.exit(int(any(errors)))