def test_access(capsys):
# Setting up variables for testing
project_id = os.environ['GCLOUD_PROJECT']
# specifying a sample role to be assigned
gcp_role = 'roles/owner'
# section to create service account to test policy updates.
rand = str(random.randint(0, 1000))
name = 'python-test-' + rand
email = name + '@' + project_id + '.iam.gserviceaccount.com'
member = 'serviceAccount:' + email
service_accounts.create_service_account(project_id, name,
'Py Test Account')
policy = access.get_policy(project_id)
out, _ = capsys.readouterr()
assert u'etag' in out
policy = access.modify_policy_add_role(policy, gcp_role, member)
out, _ = capsys.readouterr()
assert u'etag' in out
policy = access.modify_policy_remove_member(policy, gcp_role, member)
out, _ = capsys.readouterr()
assert 'iam.gserviceaccount.com' in out
policy = access.set_policy(project_id, policy)
out, _ = capsys.readouterr()
assert u'etag' in out
# deleting the service account created above
service_accounts.delete_service_account(email)
def test_service_accounts(capsys):
project_id = os.environ['GOOGLE_CLOUD_PROJECT']
name = f'test-{uuid.uuid4().hex[:25]}'
try:
acct = service_accounts.create_service_account(project_id, name,
'Py Test Account')
assert ('uniqueId' in acct)
unique_id = acct['uniqueId']
service_accounts.list_service_accounts(project_id)
service_accounts.rename_service_account(unique_id,
'Updated Py Test Account')
service_accounts.disable_service_account(unique_id)
service_accounts.enable_service_account(unique_id)
service_accounts.delete_service_account(unique_id)
finally:
try:
service_accounts.delete_service_account(unique_id)
except HttpError as e:
# We've recently seen 404 error too.
# It used to return 403, so we keep it too.
if '403' in str(e) or '404' in str(e):
print("Ignoring 404/403 error upon cleanup.")
else:
raise
def test_service_accounts(capsys):
project_id = os.environ['GOOGLE_CLOUD_PROJECT']
name = f'test-{uuid.uuid4().hex[:25]}'
try:
acct = service_accounts.create_service_account(project_id, name,
'Py Test Account')
assert ('uniqueId' in acct)
unique_id = acct['uniqueId']
service_accounts.list_service_accounts(project_id)
service_accounts.rename_service_account(unique_id,
'Updated Py Test Account')
service_accounts.disable_service_account(unique_id)
service_accounts.enable_service_account(unique_id)
service_accounts.delete_service_account(unique_id)
finally:
try:
service_accounts.delete_service_account(unique_id)
except HttpError as e:
# When the service account doesn't exist, the service returns 403.
if '403' in str(e):
print("Ignoring 403 error upon cleanup.")
else:
raise
def test_service_accounts(capsys):
project_id = os.environ['GCLOUD_PROJECT']
rand = str(random.randint(0, 1000))
name = 'python-test-' + rand
email = name + '@' + project_id + '.iam.gserviceaccount.com'
service_accounts.create_service_account(project_id, name,
'Py Test Account')
service_accounts.list_service_accounts(project_id)
service_accounts.rename_service_account(email, 'Updated Py Test Account')
service_accounts.delete_service_account(email)
def test_member():
# section to create service account to test policy updates.
rand = str(random.randint(0, 1000))
name = "python-test-" + rand
email = name + "@" + GCLOUD_PROJECT + ".iam.gserviceaccount.com"
member = "serviceAccount:" + email
service_accounts.create_service_account(GCLOUD_PROJECT, name,
"Py Test Account")
yield member
# deleting the service account created above
service_accounts.delete_service_account(email)
def test_member():
# section to create service account to test policy updates.
# we use the first portion of uuid4 because full version is too long.
name = "python-test-" + str(uuid.uuid4()).split('-')[0]
email = name + "@" + GCLOUD_PROJECT + ".iam.gserviceaccount.com"
member = "serviceAccount:" + email
service_accounts.create_service_account(GCLOUD_PROJECT, name,
"Py Test Account")
yield member
# deleting the service account created above
service_accounts.delete_service_account(email)
def test_service_accounts(capsys):
project_id = os.environ['GCLOUD_PROJECT']
rand = str(random.randint(0, 1000))
name = 'python-test-' + rand
email = name + '@' + project_id + '.iam.gserviceaccount.com'
service_accounts.create_service_account(
project_id, name, 'Py Test Account')
service_accounts.list_service_accounts(
project_id)
service_accounts.rename_service_account(
email, 'Updated Py Test Account')
service_accounts.delete_service_account(
email)
def test_service_accounts(capsys):
project_id = os.environ['GOOGLE_CLOUD_PROJECT']
name = 'python-test-{}'.format(str(uuid.uuid4()).split('-')[0])
email = name + '@' + project_id + '.iam.gserviceaccount.com'
try:
service_accounts.create_service_account(
project_id, name, 'Py Test Account')
service_accounts.list_service_accounts(project_id)
service_accounts.rename_service_account(
email, 'Updated Py Test Account')
service_accounts.disable_service_account(email)
service_accounts.enable_service_account(email)
service_accounts.delete_service_account(email)
finally:
try:
service_accounts.delete_service_account(email)
except HttpError as e:
# When the service account doesn't exist, the service returns 403.
if '403' in str(e):
print("Ignoring 403 error upon cleanup.")
else:
raise