def test_tags(get_details, get_security_group_id, get_properties, boto3): """Make bad Security Group definitions more apparent.""" get_properties.return_value = {'security_group': {}} get_security_group_id.return_value = 'SGID' security_group = SpinnakerSecurityGroup() assert security_group.add_tags() is True
def test_default_security_groups(mock_properties, mock_details): """Make sure default Security Groups are added to the ingress rules.""" ingress = { 'test_app': [ { 'start_port': 30, 'end_port': 30, }, ], } mock_properties.return_value = { 'security_group': { 'ingress': ingress, 'description': '', }, } test_sg = { 'myapp': [ { 'start_port': '22', 'end_port': '22', 'protocol': 'tcp' }, ] } with mock.patch.dict('foremast.securitygroup.create_securitygroup.DEFAULT_SECURITYGROUP_RULES', test_sg): sg = SpinnakerSecurityGroup() ingress = sg.update_default_rules() assert 'myapp' in ingress
def test_misconfiguration(get_details, get_properties, get_sec_id): """Make bad Security Group definitions more apparent.""" get_properties.return_value = {'security_group': {}} security_group = SpinnakerSecurityGroup() with pytest.raises(ForemastConfigurationFileError): security_group.create_security_group()
def test_missing_configuration(get_properties): """Make missing Security Group configurations more apparent.""" get_properties.return_value = {} security_group = SpinnakerSecurityGroup() with pytest.raises(ForemastConfigurationFileError): security_group.create_security_group()
def test_create_crossaccount_securitygroup(get_details, pipeline_config, wait_for_task, get_vpc_id, get_security_group_id, boto3): """Should create SG with cross account true""" pipeline_config.return_value = json.loads(SAMPLE_JSON) get_security_group_id.return_value = 'SGID' get_vpc_id.return_value = 'VPCID' x = SpinnakerSecurityGroup(app='edgeforrest', env='dev', region='us-east-1') assert x.create_security_group() is True
def test_securitygroup_references(mock_properties, mock_details): """Make sure default Security Groups are added to the ingress rules.""" test_sg = { '$self': [ { 'start_port': '22', 'end_port': '22', 'protocol': 'tcp' }, ] } sg = SpinnakerSecurityGroup(app='myapp') ingress = sg.resolve_self_references(test_sg) assert 'myapp' in ingress assert '22' == ingress['myapp'][0]['start_port'] assert '22' == ingress['myapp'][0]['end_port']
def test_merge_security_groups(mock_properties, mock_details): """Make sure default Security Groups are added to the ingress rules.""" app_ingress = { 'test_app': [ { 'start_port': 30, 'end_port': 30, }, ], } mock_properties.return_value = { 'security_group': { 'ingress': app_ingress, 'description': '', }, } sg = SpinnakerSecurityGroup() ingress = sg.update_default_rules() assert ingress['myapp'][0]['start_port'] == 22 assert ingress['test_app'][0]['start_port'] == 31 assert ingress['test_app'][1]['start_port'] == 30
def test_create_crossaccount_securitygroup(get_details, pipeline_config, wait_for_task, get_vpc_id, get_security_group_id, boto3): """Should create SG with cross account true""" pipeline_config.return_value = json.loads(SAMPLE_JSON) get_security_group_id.return_value = 'SGID' get_vpc_id.return_value = 'VPCID' x = SpinnakerSecurityGroup(app='edgeforrest', env='dev', region='us-east-1') assert x.create_security_group() is True no_cross_account_data = { 'end_port': 8080, 'env': 'dev', 'protocol': 'tcp', 'start_port': 8080 } no_cross_account_result = { 'app': 'edgeforrest', 'end_port': 8080, 'cross_account_env': None, 'protocol': 'tcp', 'start_port': 8080, 'cross_account_vpc_id': None } no_cross_account = x.create_ingress_rule(app='edgeforrest', rule=no_cross_account_data) assert no_cross_account == no_cross_account_result cross_account_data = { 'end_port': 8080, 'env': 'stage', 'protocol': 'tcp', 'start_port': 8080 } cross_account_result = { 'app': 'edgeforrest', 'end_port': 8080, 'cross_account_env': 'stage', 'protocol': 'tcp', 'start_port': 8080, 'cross_account_vpc_id': 'VPCID' } cross_account = x.create_ingress_rule(app='edgeforrest', rule=cross_account_data) assert cross_account == cross_account_result no_cross_account_simple = x.create_ingress_rule(app='edgeforrest', rule=8080) assert no_cross_account_simple == no_cross_account_result