def test_project_without_next_page_token(self):
mock_project_execute = \
self._mock_discovery.build().projects().list().execute
mock_project_execute.return_value = mock_projects_dict
mock_project_list_next = \
self._mock_discovery.build().projects().list_next
mock_project_list_next.return_value = None
mock_firewall_execute = \
self._mock_discovery.build().firewalls().list().execute
mock_firewall_execute.return_value = {}
mock_firewall_list_next = \
self._mock_discovery.build().firewalls().list_next
mock_firewall_list_next.return_value = None
mock_zone_execute = self._mock_discovery.build().zones().list().execute
mock_zone_execute.return_value = {}
mock_zone_list_next = self._mock_discovery.build().zones().list_next
mock_zone_list_next.return_value = None
# Consume the data from the generator
list(gcpcloud.GCPCloud('').read())
mock_project_execute.assert_called_once_with()
mock_project_list_next.assert_called_once_with(
previous_request=mock.ANY, previous_response=mock.ANY)
def test_firewall_allowed_and_denied_rules_both_present(self):
mock_firewall_dict = {
'items': [{
'allowed': [{}],
'denied': [{}],
}]
}
# We do not expect both 'allowed' and 'denied' rules to be
# present in the same firewall item but we are making sure here
# that if they were to be present together, we are still able to
# handle it in a sensible manner.
m = self._mock_discovery
m.build().projects().list().execute.return_value = mock_projects_dict
m.build().projects().list_next.return_value = None
m.build().firewalls().list().execute.return_value = mock_firewall_dict
m.build().firewalls().list_next.return_value = None
m.build().zones().list().execute.return_value = {}
m.build().zones().list_next.return_value = None
records = list(gcpcloud.GCPCloud('').read())
records = [
r for r in records if r['com']['record_type'] == 'firewall_rule'
]
self.assertEqual(len(records), 2)
self.assertEqual(records[0]['com']['access'], 'allow')
self.assertEqual(records[1]['com']['access'], 'deny')
def test_firewall_missing_allowed_denied_key(self):
mock_firewall_dict = {'items': [{}]}
m = self._mock_discovery
m.build().firewalls().list().execute.return_value = mock_firewall_dict
records = list(gcpcloud.GCPCloud('', '').read())
records = [
r for r in records if r['com']['record_type'] == 'firewall_rule'
]
self.assertEqual(len(records), 0)
def test_instance_without_next_page_token(self, mock_service_account,
mock_discovery):
mock_execute = mock_discovery.build().instances().list().execute
mock_execute.return_value = mock_instance_data
# Consume the data from the generator
list(gcpcloud.GCPCloud('', '').read())
mock_execute.assert_called_once_with()
def test_firewall_single_allowed_rule(self):
mock_firewall_dict = {'items': [{'allowed': [{}]}]}
m = self._mock_discovery
m.build().firewalls().list().execute.return_value = mock_firewall_dict
records = list(gcpcloud.GCPCloud('', '').read())
records = [
r for r in records if r['com']['record_type'] == 'firewall_rule'
]
self.assertEqual(len(records), 1)
self.assertEqual(records[0]['com']['access'], 'allow')
def test_firewall_missing_ports(self):
mock_firewall_dict = {
'items': [{
'allowed': [{}],
}]
}
m = self._mock_discovery
m.build().firewalls().list().execute.return_value = mock_firewall_dict
records = list(gcpcloud.GCPCloud('', '').read())
records = [
r for r in records if r['com']['record_type'] == 'firewall_rule'
]
self.assertEqual(records[0]['com']['destination_ports'], ['0-65535'])
def test_firewall_rule_reference_has_firewall_link(self):
mock_firewall_dict = {
'items': [{
'allowed': [{}],
'selfLink': 'mockLink',
}]
}
m = self._mock_discovery
m.build().firewalls().list().execute.return_value = mock_firewall_dict
records = list(gcpcloud.GCPCloud('', '').read())
records = [
r for r in records if r['com']['record_type'] == 'firewall_rule'
]
self.assertEqual(records[0]['com']['reference'], 'mockLink')
def test_instance_with_next_page_token(self, mock_service_account,
mock_discovery):
mock_instance_data_with_next_page = copy.deepcopy(mock_instance_data)
mock_instance_data_with_next_page.update({'nextPageToken': 'bar'})
mock_execute = mock_discovery.build().instances().list().execute
mock_execute.side_effect = [
mock_instance_data_with_next_page, mock_instance_data
]
# Consume the data from the generator
list(gcpcloud.GCPCloud('', '').read())
self.assertEqual(mock_execute.mock_calls, [mock.call(), mock.call()])
def test_firewall_direction_other_normalization(self):
mock_firewall_dict = {
'items': [{
'allowed': [{}],
'direction': 'FoO',
}]
}
m = self._mock_discovery
m.build().firewalls().list().execute.return_value = mock_firewall_dict
records = list(gcpcloud.GCPCloud('', '').read())
records = [
r for r in records if r['com']['record_type'] == 'firewall_rule'
]
self.assertEqual(records[0]['com']['direction'], 'foo')
def test_firewall_rule_disabled_true_normalization(self):
mock_firewall_dict = {
'items': [{
'allowed': [{}],
'disabled': True,
}]
}
m = self._mock_discovery
m.build().firewalls().list().execute.return_value = mock_firewall_dict
records = list(gcpcloud.GCPCloud('', '').read())
records = [
r for r in records if r['com']['record_type'] == 'firewall_rule'
]
self.assertFalse(records[0]['com']['enabled'])
def test_firewall_zero_allowed_rules(self):
mock_firewall_dict = {'items': [{'allowed': []}]}
m = self._mock_discovery
m.build().projects().list().execute.return_value = mock_projects_dict
m.build().projects().list_next.return_value = None
m.build().firewalls().list().execute.return_value = mock_firewall_dict
m.build().firewalls().list_next.return_value = None
m.build().zones().list().execute.return_value = {}
m.build().zones().list_next.return_value = None
records = list(gcpcloud.GCPCloud('').read())
records = [
r for r in records if r['com']['record_type'] == 'firewall_rule'
]
self.assertEqual(len(records), 0)
def test_firewall_protocol_normalization(self):
mock_firewall_dict = {
'items': [{
'allowed': [{
'IPProtocol': 'tcp'
}],
}]
}
m = self._mock_discovery
m.build().firewalls().list().execute.return_value = mock_firewall_dict
records = list(gcpcloud.GCPCloud('', '').read())
records = [
r for r in records if r['com']['record_type'] == 'firewall_rule'
]
self.assertEqual(records[0]['com']['protocol'], 'tcp')
def test_firewall_source_ranges_normalization(self):
mock_firewall_dict = {
'items': [{
'allowed': [{}],
'sourceRanges': ['40.0.0.0/8', '50.0.0.0/8'],
}]
}
m = self._mock_discovery
m.build().firewalls().list().execute.return_value = mock_firewall_dict
records = list(gcpcloud.GCPCloud('', '').read())
records = [
r for r in records if r['com']['record_type'] == 'firewall_rule'
]
self.assertEqual(records[0]['com']['source_addresses'],
['40.0.0.0/8', '50.0.0.0/8'])
def test_firewall_ports_normalization(self):
mock_firewall_dict = {
'items': [{
'allowed': [{
'ports': ['22', '3389', '8000-8080']
}],
}]
}
m = self._mock_discovery
m.build().firewalls().list().execute.return_value = mock_firewall_dict
records = list(gcpcloud.GCPCloud('', '').read())
records = [
r for r in records if r['com']['record_type'] == 'firewall_rule'
]
self.assertEqual(records[0]['com']['destination_ports'],
['22', '3389', '8000-8080'])
def test_firewall_rule_disabled_false_normalization(self):
mock_firewall_dict = {
'items': [{
'allowed': [{}],
'disabled': False,
}]
}
m = self._mock_discovery
m.build().projects().list().execute.return_value = mock_projects_dict
m.build().projects().list_next.return_value = None
m.build().firewalls().list().execute.return_value = mock_firewall_dict
m.build().firewalls().list_next.return_value = None
m.build().zones().list().execute.return_value = {}
m.build().zones().list_next.return_value = None
records = list(gcpcloud.GCPCloud('').read())
records = [
r for r in records if r['com']['record_type'] == 'firewall_rule'
]
self.assertTrue(records[0]['com']['enabled'])
def test_firewall_direction_egress_normalization(self):
mock_firewall_dict = {
'items': [{
'allowed': [{}],
'direction': 'EGRESS',
}]
}
m = self._mock_discovery
m.build().projects().list().execute.return_value = mock_projects_dict
m.build().projects().list_next.return_value = None
m.build().firewalls().list().execute.return_value = mock_firewall_dict
m.build().firewalls().list_next.return_value = None
m.build().zones().list().execute.return_value = {}
m.build().zones().list_next.return_value = None
records = list(gcpcloud.GCPCloud('').read())
records = [
r for r in records if r['com']['record_type'] == 'firewall_rule'
]
self.assertEqual(records[0]['com']['direction'], 'out')
def test_instance_without_next_page_token(self):
mock_project_execute = \
self._mock_discovery.build().projects().list().execute
mock_project_execute.return_value = mock_projects_dict
mock_project_list_next = \
self._mock_discovery.build().projects().list_next
mock_project_list_next.return_value = None
mock_firewall_execute = \
self._mock_discovery.build().firewalls().list().execute
mock_firewall_execute.return_value = {}
mock_firewall_list_next = \
self._mock_discovery.build().firewalls().list_next
mock_firewall_list_next.return_value = None
mock_zone_execute = self._mock_discovery.build().zones().list().execute
mock_zone_execute.return_value = mock_zones_data
mock_zone_list_next = self._mock_discovery.build().zones().list_next
mock_zone_list_next.return_value = None
mock_instance_execute = \
self._mock_discovery.build().instances().list().execute
mock_instance_execute.return_value = mock_instance_data
mock_instance_list_next = \
self._mock_discovery.build().instances().list_next
mock_instance_list_next.return_value = None
# Consume the data from the generator
records = list(gcpcloud.GCPCloud('').read())
records = [r for r in records if r['ext']['zone'] == 'foozone']
self.assertEqual(len(records), 1)
def test_project_with_next_page_token(self):
mock_project_execute = \
self._mock_discovery.build().projects().list().execute
mock_project_execute.side_effect = [
mock_projects_dict, mock_projects_dict
]
mock_project_list_next = \
self._mock_discovery.build().projects().list_next
mock_project_list_next.side_effect = [
self._mock_discovery.build().projects().list(), None
]
mock_firewall_execute = \
self._mock_discovery.build().firewalls().list().execute
mock_firewall_execute.side_effect = [{}, {}]
mock_firewall_list_next = \
self._mock_discovery.build().firewalls().list_next
mock_firewall_list_next.side_effect = [None, None]
mock_zone_execute = self._mock_discovery.build().zones().list().execute
mock_zone_execute.side_effect = [{}, {}]
mock_zone_list_next = self._mock_discovery.build().zones().list_next
mock_zone_list_next.side_effect = [None, None]
# Consume the data from the generator
list(gcpcloud.GCPCloud('').read())
self.assertEqual(mock_project_execute.mock_calls,
[mock.call(), mock.call()])
self.assertEqual(mock_project_list_next.mock_calls, [
mock.call(previous_request=mock.ANY, previous_response=mock.ANY),
mock.call(previous_request=mock.ANY, previous_response=mock.ANY)
])
