def __assert_call_with_tag(self, mock_print, mock_aws_class, tag="ip-liberator"): # given group_id = "sg-1" settings = make_settings(security_groups=[group_id]) index = make_services_index(settings, tag) rule = next(make_rules(index, settings['config'])) # given with os.fdopen(self.fd, mode='w') as file: json.dump(settings, file) # given program_args = ["--profile", self.filename] if tag != "ip-liberator": program_args += ["--tag", tag] # when main(args=program_args) # then mock_print.assert_has_calls([ mock.call("Authorizing rules", name_port_list(index), "to IP", IP), mock.call('-', group_id) ]) # then mock_aws_class.assert_called_once_with(ANY, ANY, ANY) mock_liberator = mock_aws_class.return_value mock_liberator.describe_rules.assert_called_once_with( index, settings['config']) mock_liberator.authorize_rule.assert_called_once_with(rule)
def test_main(self, mock_print, mock_aws_class): # given access_key = "LT7F9TDQ" secret_key = "SAERB0DITUERDQTYYX8Q" region_name = "sa-west-1" operator = "Fighter" services = [{"name": "HTTP", "port": "80"}] security_groups = ["sg-1"] # given settings = make_settings(access_key, secret_key, region_name, operator, services, security_groups) index = make_services_index(settings) rule = next(make_rules(index, settings['config'])) # given with os.fdopen(self.fd, mode='w') as file: json.dump(settings, file) # when main(args=["--no-tag", "--profile", self.filename]) # then mock_print.assert_has_calls([ mock.call("Authorizing rules", name_port_list(index), "to IP", IP), mock.call('-', security_groups[0]) ]) # then mock_aws_class.assert_called_once_with(access_key, secret_key, region_name) mock_liberator = mock_aws_class.return_value mock_liberator.describe_rules.assert_called_once_with( index, settings['config']) mock_liberator.authorize_rule.assert_called_once_with(rule)
def test_make_rules__no_port_range(mock_ip): mock_ip.return_value = '10.0.0.1/32' ports_input = [ "", " ", "\t\n " ] for port in ports_input: rules = make_rules(config={"security_groups": ["sg-1"]}, services={"SVC": {"port": port}}) with pytest.raises(ValueError, match="No port range informed in service: SVC"): next(rules)
def test_make_rules(mock_ip): mock_ip.return_value = '10.0.0.1/32' rules = make_rules(config={"security_groups": ["sg-1"]}, services={"John SFTP": {"name": "SFTP", "port": "22"}, "John HTTP": {"name": "HTTP", "port": "80"}}) expected = {'GroupId': 'sg-1', 'IpPermissions': [ {'FromPort': 22, 'ToPort': 22, 'IpProtocol': 'tcp', 'IpRanges': [{'CidrIp': '10.0.0.1/32', 'Description': 'John SFTP'}]}, {'FromPort': 80, 'ToPort': 80, 'IpProtocol': 'tcp', 'IpRanges': [{'CidrIp': '10.0.0.1/32', 'Description': 'John HTTP'}]} ]} assert isinstance(rules, typing.Iterator) assert next(rules) == expected with pytest.raises(StopIteration): next(rules)
def test_make_rules__invalid_port_range(mock_ip): mock_ip.return_value = '10.0.0.1/32' ports_input = [ "1-2-3", "100-", "-100", "abc", "1 2 3", ] for port in ports_input: rules = make_rules(config={"security_groups": ["sg-1"]}, services={"SVC": {"port": port}}) with pytest.raises(ValueError, match="Invalid port range: '%s'" % port): next(rules)
def test_main__ip_informed_at_service(self, mock_print, mock_aws_class): # given group_id = "sg-1" informed_ip = "1.2.3.4/32" operator = "Peter" services = [{ "name": "HTTP", "port": "80" }, { "name": "SFTP", "port": "22", "ip": informed_ip }] # given descriptions = ["%s %s" % (operator, svc["name"]) for svc in services] settings = make_settings(operator=operator, services=services, security_groups=[group_id]) services_index = make_services_index(settings) rule = next(make_rules(services_index, settings['config'])) # given with os.fdopen(self.fd, mode='w') as file: json.dump(settings, file) # when main(args=["--no-tag", "--profile", self.filename]) # then mock_print.assert_has_calls([ mock.call("Authorizing rule '%s' to IP %s" % (descriptions[0], IP)), mock.call("Authorizing rule '%s' to IP %s" % (descriptions[1], informed_ip)), mock.call('-', group_id) ]) # then mock_liberator = mock_aws_class.return_value mock_liberator.describe_rules.assert_called_once_with( services_index, settings['config']) mock_liberator.authorize_rule.assert_called_once_with(rule)