def test_diff(config, mock_groups): tempdir = config.base_path with mock.patch("sg.service._confirm") as dummy: dummy.return_value = True client = AwsClient(config) SgService.save_groups(config, client, tempdir / 'security_groups') file_path = tempdir / 'security_groups/mock-group.csv' assert file_path.exists() group = client.get('mock-group') group.revoke(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.0/32") group.authorize(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.10/32") group.authorize(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.20/32") diff = SgService.diff(AwsClient(config), 'mock-group', file_path) assert 2 == len(diff.remote_only) assert 1 == len(diff.local_only) # remoteで削除したもの assert diff.local_only == { Rule("tcp", "22", "22", cidr_ip="192.168.1.0/32", group=None) } # remoteに追加したもの assert diff.remote_only == { Rule("tcp", "22", "22", cidr_ip="192.168.1.10/32", group=None), Rule("tcp", "22", "22", cidr_ip="192.168.1.20/32", group=None), }
def test_diff(config, mock_groups): tempdir = config.base_path with mock.patch("sg.service._confirm") as dummy: dummy.return_value = True client = AwsClient(config) SgService.save_groups(config, client, tempdir / 'security_groups') file_path = tempdir / 'security_groups/mock-group.csv' assert file_path.exists() group = client.get('mock-group') group.revoke(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.0/32") group.authorize(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.10/32") group.authorize(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.20/32") diff = SgService.diff(AwsClient(config), 'mock-group', file_path) assert 2 == len(diff.remote_only) assert 1 == len(diff.local_only) # remoteで削除したもの assert diff.local_only == {Rule("tcp", "22", "22", cidr_ip="192.168.1.0/32", group=None)} # remoteに追加したもの assert diff.remote_only == {Rule("tcp", "22", "22", cidr_ip="192.168.1.10/32", group=None), Rule("tcp", "22", "22", cidr_ip="192.168.1.20/32", group=None), }
def test_save(config, mock_groups): with mock.patch("sg.service._confirm") as dummy: dummy.return_value = True client = AwsClient(config) SgService.save_groups(config, client, config.base_path / 'security_groups') assert Path(config.base_path / 'security_groups/mock-group.csv').exists()
def test_commit(config, mock_groups): """SgService.commitのテスト. :param config: :param mock_groups: :return: """ tempdir = config.base_path with mock.patch("sg.service._confirm") as dummy: dummy.return_value = True client = AwsClient(config) SgService.save_groups(config, client, tempdir / 'security_groups') file_path = tempdir / 'security_groups/mock-group.csv' assert file_path.exists() group = client.get('mock-group') group.revoke(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.0/32") group.authorize(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.10/32") group.authorize(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.20/32") diff = SgService.diff(AwsClient(config), 'mock-group', file_path) SgService.commit(client, diff, group.name) client = AwsClient(config) # remoteに反映されることを確認 grants = list(client.get_list("mock-group")) rules = [grant.rule for grant in grants] # さっきrevokeしたものが復活している assert Rule(ip_protocol="tcp", from_port="22", to_port="22", cidr_ip="192.168.1.0/32", group=None) in rules assert Rule(ip_protocol="tcp", from_port="22", to_port="22", cidr_ip="192.168.1.10/32", group=None) not in rules
def test_diff_list(config, mock_groups): tempdir = config.base_path client = AwsClient(config) SgService.save_groups(config, client, tempdir / 'security_groups', noconfirm=True) file_path = tempdir / 'security_groups/mock-group.csv' assert file_path.exists() group = client.get('mock-group') group.revoke(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.0/32") group.authorize(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.10/32") group.authorize(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.20/32") group2 = client.get('mock-group2') group2.authorize(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.10/32") diff_list = SgService.diff_list(config, AwsClient(config), []) dic = dict(diff_list) diff0 = dic['mock-group'] assert 2 == len(diff0.remote_only) assert 1 == len(diff0.local_only) # remoteで削除したもの assert diff0.local_only == { Rule("tcp", "22", "22", cidr_ip="192.168.1.0/32", group=None) } # remoteに追加したもの assert diff0.remote_only == { Rule("tcp", "22", "22", cidr_ip="192.168.1.10/32", group=None), Rule("tcp", "22", "22", cidr_ip="192.168.1.20/32", group=None), } diff1 = dic['mock-group2'] assert diff1.local_only == set() # remoteに追加したもの assert diff1.remote_only == { Rule("tcp", "22", "22", cidr_ip="192.168.1.10/32", group=None) }
def pytest_funcarg__files(request): from sg.client import AwsClient from sg.service import SgService config = pytest_funcarg__config(request) pytest_funcarg__mock_groups(request) tempdir = config.base_path client = AwsClient(config) path_list = SgService.save_groups(config, client, tempdir / "security_groups", noconfirm=True) return path_list
def pytest_funcarg__files(request): from sg.client import AwsClient from sg.service import SgService config = pytest_funcarg__config(request) pytest_funcarg__mock_groups(request) tempdir = config.base_path client = AwsClient(config) path_list = SgService.save_groups(config, client, tempdir / 'security_groups', noconfirm=True) return path_list
def test_diff_list(config, mock_groups): tempdir = config.base_path client = AwsClient(config) SgService.save_groups(config, client, tempdir / 'security_groups', noconfirm=True) file_path = tempdir / 'security_groups/mock-group.csv' assert file_path.exists() group = client.get('mock-group') group.revoke(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.0/32") group.authorize(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.10/32") group.authorize(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.20/32") group2 = client.get('mock-group2') group2.authorize(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.10/32") diff_list = SgService.diff_list(config, AwsClient(config), []) dic = dict(diff_list) diff0 = dic['mock-group'] assert 2 == len(diff0.remote_only) assert 1 == len(diff0.local_only) # remoteで削除したもの assert diff0.local_only == {Rule("tcp", "22", "22", cidr_ip="192.168.1.0/32", group=None)} # remoteに追加したもの assert diff0.remote_only == {Rule("tcp", "22", "22", cidr_ip="192.168.1.10/32", group=None), Rule("tcp", "22", "22", cidr_ip="192.168.1.20/32", group=None), } diff1 = dic['mock-group2'] assert diff1.local_only == set() # remoteに追加したもの assert diff1.remote_only == {Rule("tcp", "22", "22", cidr_ip="192.168.1.10/32", group=None)}