def __setup_evidence(self,
parent_work_dir_path,
evidence=True,
environment=None):
step_config = {
'organization': 'test-ORG',
'application-name': 'test-APP',
'service-name': 'test-SERVICE',
'version': '42.0-test',
}
step_result = StepResult(
step_name='test-step',
sub_step_name='test-sub-step',
sub_step_implementer_name='test-sub-step-implementer',
environment=environment)
step_result.add_evidence(name='test-evidence',
value="test-value",
description="test-description")
step_result.add_evidence(name='test-evidence2',
value="test-value2",
description="test-description2")
workflow_result = WorkflowResult()
workflow_result.add_step_result(step_result)
step_implementer = self.create_step_implementer(
step_config=step_config,
parent_work_dir_path=parent_work_dir_path,
workflow_result=workflow_result,
)
return step_implementer
def test__run_step_pass_audit_success(self,
audit_attestation_mock,
download_source_to_destination_mock):
with TempDirectory() as temp_dir:
workflow_attestation_uri = 'https://foo.bar/evidence.json'
workflow_policy_uri = 'https://foo.bar/policy.json'
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
step_config = {
'workflow-policy-uri': workflow_policy_uri
}
step_result = StepResult(
step_name='test-step',
sub_step_name='test-sub-step',
sub_step_implementer_name='test-sub-step-implementer'
)
step_result.add_artifact('evidence-uri', workflow_attestation_uri, 'URI of the uploaded results archive.')
workflow_result = WorkflowResult()
workflow_result.add_step_result(step_result)
step_implementer = self.create_step_implementer(
step_config=step_config,
parent_work_dir_path=parent_work_dir_path,
workflow_result=workflow_result
)
download_source_to_destination_mock.side_effect = [
parent_work_dir_path + '/workflow_attestion.json',
parent_work_dir_path + '/workflow_policy.rego']
audit_attestation_mock.return_value = "Audit was successful", 0
step_result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='audit_attestation',
sub_step_name='OpenPolicyAgent',
sub_step_implementer_name='OpenPolicyAgent'
)
expected_step_result.add_artifact(
name='audit-results',
value='Audit was successful'
)
expected_step_result.message = 'Audit was successful'
self.assertEqual(step_result, expected_step_result)
audit_attestation_mock.assert_called_once_with(parent_work_dir_path + '/workflow_attestion.json',
parent_work_dir_path + '/workflow_policy.rego', "data.workflowResult.passAll")
download_source_to_destination_mock.assert_has_calls([
mock.call(workflow_attestation_uri,
parent_work_dir_path + '/audit_attestation'),
mock.call(workflow_policy_uri,
parent_work_dir_path + '/audit_attestation')
]
)
def test_string_result_with_env(self):
with TempDirectory() as temp_dir:
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
step_config = {
'organization': 'test-ORG',
'application-name': 'test-APP',
'service-name': 'test-SERVICE',
'version': '42.0-test'
}
step_result = StepResult(
step_name='test-step',
sub_step_name='test-sub-step',
sub_step_implementer_name='test-sub-step-implementer',
environment='test-env1')
step_result.add_artifact(name='test-step-result-str',
value='hello world')
workflow_result = WorkflowResult()
workflow_result.add_step_result(step_result)
step_implementer = self.create_step_implementer(
step_config=step_config,
parent_work_dir_path=parent_work_dir_path,
workflow_result=workflow_result)
archive_path = step_implementer._ResultArtifactsArchive__create_archive(
)
archive_zip = zipfile.ZipFile(archive_path)
artifact_file_path = f"{step_config['organization']}-" \
f"{step_config['application-name']}-{step_config['service-name']}-" \
f"{step_config['version']}/test-step/test-sub-step/test-env1/test-step-result-str"
with archive_zip.open(artifact_file_path, 'r') as artifact_file:
artifact_file_contents = artifact_file.read().decode('UTF-8')
self.assertEqual(artifact_file_contents, 'hello world')
def test_dir_result(self):
with TempDirectory() as temp_dir:
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
step_config = {
'organization': 'test-ORG',
'application-name': 'test-APP',
'service-name': 'test-SERVICE',
'version': '42.0-test'
}
artifact_dir_name = 'test-result-artifact-dir'
temp_dir.makedir(artifact_dir_name)
artifact_file_name_1 = f'{artifact_dir_name}/test-artifact1.txt'
temp_dir.write(artifact_file_name_1, bytes('hello world 1',
'utf-8'))
artifact_file_name_2 = f'{artifact_dir_name}/test-artifact2.txt'
temp_dir.write(artifact_file_name_2, bytes('hello world 2',
'utf-8'))
step_result = StepResult(
step_name='test-step',
sub_step_name='test-sub-step',
sub_step_implementer_name='test-sub-step-implementer')
step_result.add_artifact(name='test-step-result-dir',
value=os.path.join(
temp_dir.path,
f'{artifact_dir_name}/'))
workflow_result = WorkflowResult()
workflow_result.add_step_result(step_result)
step_implementer = self.create_step_implementer(
step_config=step_config,
parent_work_dir_path=parent_work_dir_path,
workflow_result=workflow_result)
archive_path = step_implementer._ResultArtifactsArchive__create_archive(
)
archive_zip = zipfile.ZipFile(archive_path)
artifact_file_path_1 = f"{step_config['organization']}-" \
f"{step_config['application-name']}-{step_config['service-name']}-" \
f"{step_config['version']}/test-step/test-sub-step/test-step-result-dir/" \
f"{artifact_file_name_1}"
with archive_zip.open(artifact_file_path_1, 'r') as artifact_file:
artifact_file_contents = artifact_file.read().decode('UTF-8')
self.assertEqual(artifact_file_contents, 'hello world 1')
artifact_file_path_2 = f"{step_config['organization']}-" \
f"{step_config['application-name']}-{step_config['service-name']}-" \
f"{step_config['version']}/test-step/test-sub-step/test-step-result-dir/" \
f"{artifact_file_name_1}"
with archive_zip.open(artifact_file_path_2, 'r') as artifact_file:
artifact_file_contents = artifact_file.read().decode('UTF-8')
self.assertEqual(artifact_file_contents, 'hello world 1')
def test__run_step_fail_audit_fail_missing_workflow_attestation(self):
with TempDirectory() as temp_dir:
workflow_attestation_uri = 'https://foo.bar/evidence.json'
workflow_policy_uri = 'https://foo.bar/policy.json'
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
step_config = {
'workflow-policy-uri': workflow_policy_uri
}
step_result = StepResult(
step_name='test-step',
sub_step_name='test-sub-step',
sub_step_implementer_name='test-sub-step-implementer'
)
step_result.add_artifact('evidence-uri-wrong-key', workflow_attestation_uri, 'URI of the uploaded results archive.')
workflow_result = WorkflowResult()
workflow_result.add_step_result(step_result)
step_implementer = self.create_step_implementer(
step_config=step_config,
parent_work_dir_path=parent_work_dir_path,
workflow_result=workflow_result
)
step_result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='audit_attestation',
sub_step_name='OpenPolicyAgent',
sub_step_implementer_name='OpenPolicyAgent'
)
expected_step_result.success = False
expected_step_result.message = "No value found for evidence-uri"
self.assertEqual(step_result, expected_step_result)