def load_config_from_dynamo(self): """If enabled, we can load a configuration dynamically from Dynamo at a certain time interval. This reduces the need for code redeploys to make configuration changes""" from consoleme.lib.dynamo import UserDynamoHandler from consoleme.lib.redis import RedisHandler ddb = UserDynamoHandler() red = RedisHandler().redis_sync() while True: dynamic_config = refresh_dynamic_config(ddb) if dynamic_config and dynamic_config != self.config.get("dynamic_config"): red.set( "DYNAMIC_CONFIG_CACHE", json.dumps(dynamic_config), ) self.get_logger("config").debug( { "function": f"{__name__}.{self.__class__.__name__}.{sys._getframe().f_code.co_name}", "message": "Dynamic configuration changes detected and loaded", "dynamic_config": dynamic_config, } ) self.config["dynamic_config"] = dynamic_config time.sleep(self.get("dynamic_config.dynamo_load_interval", 60))
def test_post_limit(self): mock_request_data = [ { "request_id": 12345, "username": "******" }, { "request_id": 12346, "username": "******" }, ] from consoleme.lib.redis import RedisHandler # Mocked by fakeredis red = RedisHandler().redis_sync() red.set( self.config.get("cache_policy_requests.redis_key", "ALL_POLICY_REQUESTS"), json.dumps(mock_request_data), ) headers = { self.config.get("auth.user_header_name"): "*****@*****.**", self.config.get("auth.groups_header_name"): "groupa,groupb,groupc", } response = self.fetch( "/api/v2/requests", method="POST", headers=headers, body=json.dumps({"limit": 1}), ) self.assertEqual(response.code, 200) self.assertEqual(len(json.loads(response.body)), 3) self.assertEqual(len(json.loads(response.body)["data"]), 1)
def test_post(self): mock_request_data = [ { "request_id": 12345, "username": "******", "request_time": 22345, }, { "request_id": 12346, "username": "******", "request_time": 12345, }, ] from consoleme.lib.redis import RedisHandler # Mocked by fakeredis red = RedisHandler().redis_sync() red.set( config.get("cache_policy_requests.redis_key", "ALL_POLICY_REQUESTS"), json.dumps(mock_request_data), ) headers = { config.get("auth.user_header_name"): "*****@*****.**", config.get("auth.groups_header_name"): "groupa,groupb,groupc", } response = self.fetch( "/api/v2/requests", method="POST", headers=headers, body="{}" ) self.assertEqual(response.code, 200) diff = DeepDiff(json.loads(response.body), mock_request_data) self.assertFalse(diff)
def test_post_request(self): mock_request_data = { "justification": "test asdf", "admin_auto_approve": False, "changes": { "changes": [{ "principal": { "principal_arn": "arn:aws:iam::123456789012:role/TestInstanceProfile", "principal_type": "AwsResource", }, "change_type": "inline_policy", "action": "attach", "policy": { "policy_document": { "Version": "2012-10-17", "Statement": [{ "Action": ["sqs:SetQueueAttributes"], "Effect": "Allow", "Resource": ["arn:aws:sqs:us-east-1:223456789012:queue"], }], } }, }] }, } from consoleme.lib.redis import RedisHandler # Mocked by fakeredis red = RedisHandler().redis_sync() red.set( self.config.get("cache_policy_requests.redis_key", "ALL_POLICY_REQUESTS"), json.dumps(mock_request_data), ) headers = { self.config.get("auth.user_header_name"): "*****@*****.**", self.config.get("auth.groups_header_name"): "groupa,groupb,groupc", } response = self.fetch( "/api/v2/request", method="POST", headers=headers, body=json.dumps(mock_request_data), ) self.assertEqual(response.code, 200) response_d = json.loads(response.body) self.assertEqual(response_d["errors"], 0) self.assertEqual(response_d["request_created"], True) self.assertIn("/policies/request/", response_d["request_url"])
def load_config_from_dynamo(self, ddb=None, red=None): if not ddb: from consoleme.lib.dynamo import UserDynamoHandler ddb = UserDynamoHandler() if not red: from consoleme.lib.redis import RedisHandler red = RedisHandler().redis_sync() dynamic_config = refresh_dynamic_config(ddb) if dynamic_config and dynamic_config != self.config.get("dynamic_config"): red.set( "DYNAMIC_CONFIG_CACHE", json.dumps(dynamic_config), ) self.get_logger("config").debug( { "function": f"{__name__}.{self.__class__.__name__}.{sys._getframe().f_code.co_name}", "message": "Dynamic configuration changes detected and loaded", } ) self.config["dynamic_config"] = dynamic_config