def validate(self, rulesets): rulesets_to_apply = ['global'] if 'global' in rulesets else [] if self.resource_type in rulesets: rulesets_to_apply.append(self.resource_type) for resource in rulesets_to_apply: ruleset = rulesets[resource] for key in ruleset: if key == 'must_contain': must_contain(ruleset['must_contain'], self) if key == 'must_not_contain': must_not_contain(ruleset['must_not_contain'], self) if key == 'must_equal': must_equal(ruleset['must_equal'], self) if key == 'attributes': for attribute_key in ruleset['attributes']: if attribute_key == 'tags' and not self.taggable: continue else: for rule in ruleset['attributes'][attribute_key]: rule_definition = ruleset['attributes'][attribute_key][rule] if rule == 'must_contain': must_contain(rule_definition, self, attribute_key) elif rule == 'must_not_contain': must_not_contain(rule_definition, self, attribute_key) elif rule == 'must_equal': must_equal(rule_definition, self, attribute_key)
def test_must_equal_validator_resource_level(): rule = {'TestValue': 'Bleep'} config = {'address': 'test_address', 'values': {'TestValue': 'Bloop'}} resource = AWSResource('TestTag', config) resource.resource_type = 'testresource' must_equal(rule, resource) assert (resource.violations == { 'test_address.must_equal': ["[TestValue] must equal 'Bleep' but found 'Bloop'"] })
def test_must_equal_validator_with_str(): rule = 'testvalue' lookup_key = 'test' config = {'address': 'test_address', 'values': {'test': 'foo'}} resource = AWSResource('TestTag', config) resource.resource_type = 'testresource' must_equal(rule, resource, lookup_key) assert (resource.violations == { 'test_address.must_equal': ["Incorrect value [test] must equal 'testvalue' but found 'foo'"] })
def test_must_equal_validator_with_correct_config_returns_empty_violations(): rule = {'TestTag': 'Bloop'} lookup_key = 'tags' config = { 'address': 'test_address', 'values': { 'tags': { 'TestTag': 'Bloop' } } } resource = AWSResource('TestTag', config) resource.resource_type = 'testresource' must_equal(rule, resource, lookup_key) assert (resource.violations == {})
def test_must_equal_validator_with_dict(): rule = {'TestTag': 'Bleep'} lookup_key = 'tags' config = { 'address': 'test_address', 'values': { 'tags': { 'TestTag': 'Bloop' } } } resource = AWSResource('TestTag', config) resource.resource_type = 'testresource' must_equal(rule, resource, lookup_key) assert (resource.violations == { 'test_address.must_equal': ["Tags [TestTag] must equal 'Bleep' but found 'Bloop'"] })