def test_s3_bucket_does_not_exist_us_east(self):
"""Create S3 bucket when it does not exist."""
context = Context(config=self.config, region='us-east-1')
stubber = Stubber(context.s3_conn)
stubber.add_client_error(
"head_bucket",
service_error_code="NoSuchBucket",
service_message="Not Found",
http_status_code=404,
)
stubber.add_response("create_bucket",
service_response={},
expected_params={
"Bucket": ANY,
})
with stubber:
self.assertIsNone(context._s3_bucket_verified)
self.assertTrue(context.s3_bucket_verified)
self.assertTrue(context._s3_bucket_verified)
stubber.assert_no_pending_responses()
def test_unlock_persistent_graph_code_missmatch(self):
"""Error raised when local code does not match object."""
code = '0000'
context = Context(config=self.persist_graph_config)
context._s3_bucket_verified = True
context._persistent_graph = Graph.from_dict({'stack1': []}, context)
stubber = Stubber(context.s3_conn)
stubber.add_response('get_object_tagging', {
'TagSet':
gen_tagset({context._persistent_graph_lock_tag: '1111'})
}, context.persistent_graph_location)
with stubber:
with self.assertRaises(PersistentGraphCannotUnlock):
context.unlock_persistent_graph(code)
stubber.assert_no_pending_responses()
def test_put_persistent_graph_code_missmatch(self):
"""Error raised when provided lock code does not match object."""
code = "0000"
context = Context(config=self.persist_graph_config)
context._s3_bucket_verified = True
context._persistent_graph = Graph.from_dict({"stack1": []}, context)
stubber = Stubber(context.s3_conn)
stubber.add_response(
"get_object_tagging",
{
"TagSet": gen_tagset(
{context._persistent_graph_lock_tag: "1111"})
},
context.persistent_graph_location,
)
with stubber:
with self.assertRaises(PersistentGraphLockCodeMissmatch):
context.put_persistent_graph(code)
stubber.assert_no_pending_responses()
def test_lock_persistent_graph_locked(self):
"""Error raised when when object is locked."""
code = '0000'
context = Context(config=self.persist_graph_config)
context._s3_bucket_verified = True
context._persistent_graph = Graph()
stubber = Stubber(context.s3_conn)
expected_params = {
'Tagging': {
'TagSet':
gen_tagset({context._persistent_graph_lock_tag: code})
}
}
expected_params.update(context.persistent_graph_location)
stubber.add_response('get_object_tagging', {
'TagSet':
gen_tagset({context._persistent_graph_lock_tag: '1111'})
}, context.persistent_graph_location)
with stubber:
with self.assertRaises(PersistentGraphLocked):
context.lock_persistent_graph(code)
stubber.assert_no_pending_responses()
def test_context_get_fqn_stack_name(self):
"""Test context get fqn stack name."""
context = Context(config=self.config)
fqn = context.get_fqn("stack1")
self.assertEqual(fqn, "namespace-stack1")
def setUp(self):
"""Run before tests."""
self.ctx = Context({"namespace": "test-ns"})
self.ctx.set_hook_data("fake_hook", {"result": "good"})
def test_persistent_graph_lock_code_disabled(self, mock_prop):
"""Return 'None' when not used."""
mock_prop.return_value = None
context = Context(config=Config(self.config))
mock_prop.assert_not_called()
self.assertIsNone(context.persistent_graph_lock_code)
"%sEndpoint" % ekscluster.title,
Description="EKS Cluster Endpoint",
Export=Export(
Sub("${AWS::StackName}-%sEndpoint" % ekscluster.title)),
Value=ekscluster.get_att("Endpoint"),
))
# Additional Outputs
template.add_output(
Output(
"VpcId",
Description="EKS Cluster VPC Id",
Export=Export(Sub("${AWS::StackName}-VpcId")),
Value=variables["VPC"].ref,
))
template.add_output(
Output(
"Subnets",
Description="EKS Cluster Subnets",
Export=Export(Sub("${AWS::StackName}-Subnets")),
Value=Join(",", variables["EksSubnets"].ref),
))
# Helper section to enable easy blueprint -> template generation
# (just run `python <thisfile>` to output the json)
if __name__ == "__main__":
from runway.cfngin.context import Context
print(Cluster("test", Context({"namespace": "test"}), None).to_json())
"NodeGroup",
DesiredCapacity=If(
"DesiredInstanceCountSpecified",
variables["NodeAutoScalingGroupMaxSize"].ref,
NoValue,
),
LaunchConfigurationName=nodelaunchconfig.ref(),
MinSize=variables["NodeAutoScalingGroupMinSize"].ref,
MaxSize=variables["NodeAutoScalingGroupMaxSize"].ref,
VPCZoneIdentifier=variables["Subnets"].ref,
Tags=[
autoscaling.Tag(
"Name", Sub("${ClusterName}-${NodeGroupName}-Node"),
True),
autoscaling.Tag(
Sub("kubernetes.io/cluster/${ClusterName}"), "owned",
True),
],
UpdatePolicy=UpdatePolicy(
AutoScalingRollingUpdate=AutoScalingRollingUpdate(
MinInstancesInService="1", MaxBatchSize="1")),
))
# Helper section to enable easy blueprint -> template generation
# (just run `python <thisfile>` to output the json)
if __name__ == "__main__":
from runway.cfngin.context import Context
print(NodeGroup("test", Context({"namespace": "test"}), None).to_json())
iam.Policy(
PolicyName="cluster-autoscaler",
PolicyDocument=PolicyDocument(
Version="2012-10-17",
Statement=[
Statement(
Action=[
awacs.autoscaling.DescribeAutoScalingGroups,
awacs.autoscaling.DescribeAutoScalingInstances,
awacs.autoscaling.DescribeTags,
awacs.autoscaling.SetDesiredCapacity,
awacs.autoscaling.TerminateInstanceInAutoScalingGroup,
],
Effect=Allow,
Resource=["*"],
)
],
),
)
],
)
)
# Helper section to enable easy blueprint -> template generation
# (just run `python <thisfile>` to output the json)
if __name__ == "__main__":
from runway.cfngin.context import Context
print(Iam("test", Context({"namespace": "test"}), None).to_json())
def setUp(self):
"""Run before tests."""
self.count = 0
self.config = Config({"namespace": "namespace"})
self.context = Context(config=self.config)
register_lookup_handler("noop", lambda **kwargs: "test")
def test_persistent_graph_locked_disabled(self):
"""Return 'None' when key is not set."""
context = Context(config=self.config)
self.assertFalse(context.persistent_graph_locked)
terraformstatebucket.get_att("Arn"), "/*"
])
],
),
Statement(
Action=[
awacs.dynamodb.GetItem,
awacs.dynamodb.PutItem,
awacs.dynamodb.DeleteItem,
],
Effect=Allow,
Resource=[terraformlocktable.get_att("Arn")],
),
],
),
))
template.add_output(
Output(
"PolicyArn",
Description="Managed policy Arn",
Value=managementpolicy.ref(),
))
# Helper section to enable easy blueprint -> template generation
# (just run `python <thisfile>` to output the json)
if __name__ == "__main__":
from runway.cfngin.context import Context
print(TfState("test", Context({"namespace": "test"}), None).to_json())
def test_context_namespace(self):
"""Test context namespace."""
context = Context(config=Config({"namespace": "namespace"}))
self.assertEqual(context.namespace, "namespace")
def test_context_get_fqn_empty_namespace(self):
"""Test context get fqn empty namespace."""
context = Context(config=Config({"namespace": ""}))
fqn = context.get_fqn("vpc")
self.assertEqual(fqn, "vpc")
self.assertEqual(context.tags, {})
def test_context_get_fqn_replace_dot(self):
"""Test context get fqn replace dot."""
context = Context(config=Config({"namespace": "my.namespace"}))
fqn = context.get_fqn()
self.assertEqual(fqn, "my-namespace")
def test_context_get_fqn(self):
"""Test context get fqn."""
context = Context(config=self.config)
fqn = context.get_fqn()
self.assertEqual(fqn, "namespace")
def test_context_get_stacks(self):
"""Test context get stacks."""
context = Context(config=self.config)
self.assertEqual(len(context.get_stacks()), 2)
'/*'])
]
),
Statement(
Action=[awacs.dynamodb.GetItem,
awacs.dynamodb.PutItem,
awacs.dynamodb.DeleteItem],
Effect=Allow,
Resource=[terraformlocktable.get_att('Arn')]
)
]
)
)
)
template.add_output(
Output(
'PolicyArn',
Description='Managed policy Arn',
Value=managementpolicy.ref()
)
)
# Helper section to enable easy blueprint -> template generation
# (just run `python <thisfile>` to output the json)
if __name__ == "__main__":
from runway.cfngin.context import Context
print(TfState('test',
Context({'namespace': 'test'}),
None).to_json())
def test_context_default_bucket_name(self):
"""Test context default bucket name."""
context = Context(config=Config({"namespace": "test"}))
self.assertEqual(context.bucket_name, "stacker-test")
template.add_output(
Output('AuthAtEdgeUserPoolId',
Description=
'Cognito User Pool App Client for Auth @ Edge',
Value=user_pool_id))
else:
user_pool_id = self.context.hook_data[
'aae_user_pool_id_retriever']['id']
client = template.add_resource(
cognito.UserPoolClient(
"AuthAtEdgeClient",
AllowedOAuthFlows=['code'],
CallbackURLs=callbacks,
UserPoolId=user_pool_id,
AllowedOAuthScopes=variables['OAuthScopes']))
template.add_output(
Output(
'AuthAtEdgeClient',
Description='Cognito User Pool App Client for Auth @ Edge',
Value=client.ref()))
# Helper section to enable easy blueprint -> template generation
# (just run `python <thisfile>` to output the json)
if __name__ == "__main__":
from runway.cfngin.context import Context
print(Dependencies('test', Context({"namespace": "test"}), None).to_json())
def test_context_bucket_name_is_overridden(self):
"""Test context bucket name is overridden."""
config = Config({"namespace": "test", "cfngin_bucket": "bucket123"})
context = Context(config=config)
self.assertEqual(context.bucket_name, "bucket123")
Pattern="|".join(
str(x) for x in GITHUB_ACCOUNT_IDS),
),
codebuild.WebhookFilter(
Type="EVENT",
Pattern="PULL_REQUEST_CREATED,"
"PULL_REQUEST_UPDATED,"
"PULL_REQUEST_REOPENED",
),
codebuild.WebhookFilter(
Type="BASE_REF",
Pattern="^refs/heads/release$"),
codebuild.WebhookFilter(
Type="HEAD_REF",
Pattern="^refs/heads/master$"),
]],
),
))
runner = Runner(use_abs=True)
# create the necessary resources for each test
for test in runner.available_tests:
add_test_resources(test.__name__)
if __name__ == "__main__":
from runway.cfngin.context import Context
print(CodeBuild("test", Context({"namespace": "test"}), None).to_json())
def test_context_namespace_delimiter_is_overridden_and_is_empty(self):
"""Test context namespace delimiter is overridden and is empty."""
config = Config({"namespace": "namespace", "namespace_delimiter": ""})
context = Context(config=config)
fqn = context.get_fqn("stack1")
self.assertEqual(fqn, "namespacestack1")
self.template.add_output(
Output('CFDistributionDomainName',
Description='CloudFront distribution domain name',
Value=distribution.get_att('DomainName')))
return distribution
def _get_cloudfront_bucket_policy_statements(self, bucket, oai): # noqa pylint: disable=no-self-use
return [
Statement(Action=[awacs.s3.GetObject],
Effect=Allow,
Principal=Principal('CanonicalUser',
oai.get_att('S3CanonicalUserId')),
Resource=[Join('', [bucket.get_att('Arn'), '/*'])])
]
def _get_index_rewrite_role_function_and_version(self):
res = {}
res['role'] = self.add_lambda_execution_role(
'CFDirectoryIndexRewriteRole', 'CFDirectoryIndexRewrite')
res['function'] = self.add_cloudfront_directory_index_rewrite(
res['role'])
res['version'] = self.add_cloudfront_directory_index_rewrite_version(
res['function'])
return res
# Helper section to enable easy blueprint -> template generation
# (just run `python <thisfile>` to output the json)
if __name__ == "__main__":
print(StaticSite('test', Context({"namespace": "test"}), None).to_json())
def test_context_tags_with_empty_map(self):
"""Test context tags with empty map."""
config = Config({"namespace": "test", "tags": {}})
context = Context(config=config)
self.assertEqual(context.tags, {})
def setUp(self):
"""Run before tests."""
self.ctx = Context({"namespace": "test"})
self.prov = MagicMock()
self.blueprint = MagicMock()
def test_context_no_tags_specified(self):
"""Test context no tags specified."""
config = Config({"namespace": "test"})
context = Context(config=config)
self.assertEqual(context.tags, {"cfngin_namespace": "test"})
def setUp(self):
"""Run before tests."""
self.provider = MagicMock()
self.context = Context(config=Config({"namespace": "ns"}))
def test_persistent_graph_location_no_key(self):
"""Return an empty dict if key is not set."""
context = Context(config=self.config)
self.assertEqual({}, context.persistent_graph_location)
