def test_rollback_all(self, mock_runner, mock_generate, mock_logger):
"""CLI - Lambda Rollback all"""
options = MockOptions(None, ['all'])
for config in self.func_configs:
config['current_version'] = 3
rollback.rollback(options, self.config)
# Verify that all of the versions were rolled back
for config in self.func_configs:
assert_equal(config['current_version'], 2)
mock_logger.assert_not_called()
mock_generate.assert_called_once_with(config=self.config)
mock_runner.assert_called_once_with(targets=[
'module.alert_merger_lambda',
'module.alert_processor_lambda',
'module.app_box_collector_corp',
'module.app_duo_admin_collector_corp',
'module.stream_alert_athena',
'module.stream_alert_corp',
'module.stream_alert_prod',
'module.threat_intel_downloader'
])
def lambda_handler(options, config):
"""Handle all Lambda CLI operations"""
if options.subcommand == 'deploy':
# Check for valid credentials
if not check_credentials():
return
# Make sure the Terraform code is up to date
if not terraform_generate(config=config):
return
LOGGER_CLI.info('Deploying: %s', ' '.join(options.processor))
deploy(options, config)
elif options.subcommand == 'rollback':
# Check for valid credentials
if not check_credentials():
return
# Make sure the Terraform code is up to date
if not terraform_generate(config=config):
return
LOGGER_CLI.info('Rolling back: %s', ' '.join(options.processor))
rollback(options, config)
elif options.subcommand == 'test':
LOGGER_CLI.info('Testing: %s', ' '.join(options.processor))
stream_alert_test(options, config)
def test_rollback_all_invalid(self, mock_runner, mock_generate,
mock_logger):
"""CLI - Lambda Rollback all invalid"""
options = MockOptions(None, ['all'])
# Versions $LATEST and 1 cannot be rolled back.
self.alert_config['current_version'] = 1
rollback.rollback(options, self.config)
fmt = '%s cannot be rolled back from version %s'
mock_logger.assert_has_calls([
call.warn(fmt, 'alert_merger', '$LATEST'),
call.warn(fmt, 'alert_processor', '1'),
call.warn(fmt, 'duo_admin_collector_corp', '$LATEST'),
call.warn(fmt, 'box_collector_corp', '$LATEST'),
call.warn(fmt, 'athena_partition_refresh', '$LATEST'),
call.warn(fmt, 'rule_processor_prod', '$LATEST'),
call.warn(fmt, 'rule_processor_corp', '$LATEST'),
call.warn(fmt, 'threat_intel_downloader_config', '$LATEST')
],
any_order=True)
# We should have returned early - no Terraform actions necessary
mock_generate.assert_not_called()
mock_runner.assert_not_called()
def test_rollback_subset(self, mock_helper):
"""CLI - Lambda rollback apps and rule"""
rollback.rollback(MockOptions(None, ['apps', 'rule']),
MockCLIConfig(config=basic_streamalert_config()))
mock_helper.assert_has_calls([
mock.call(mock.ANY, 'unit-testing_corp_box_admin_events_box_collector_app'),
mock.call(mock.ANY, 'unit-testing_corp_duo_admin_duo_admin_collector_app'),
mock.call(mock.ANY, 'unit-testing_corp_streamalert_rule_processor'),
mock.call(mock.ANY, 'unit-testing_prod_streamalert_rule_processor')
])
def test_rollback_alert_processor(self, mock_runner, mock_generate, mock_logger):
"""CLI - Lambda Rollback global alert processor"""
options = MockOptions(None, ['alert'])
self.alert_config['current_version'] = 5
rollback.rollback(options, self.config)
assert_equal(4, self.alert_config['current_version'])
mock_logger.assert_not_called()
mock_generate.assert_called_once_with(config=self.config)
mock_runner.assert_called_once_with(targets=['module.alert_processor_lambda'])
def test_rollback_all(self, mock_helper):
"""CLI - Lambda rollback all"""
rollback.rollback(MockOptions(None, ['all']),
MockCLIConfig(config=basic_streamalert_config()))
mock_helper.assert_has_calls([
mock.call(mock.ANY, 'unit-testing_streamalert_alert_processor'),
mock.call(mock.ANY, 'unit-testing_streamalert_alert_merger'),
mock.call(mock.ANY, 'unit-testing_corp_box_admin_events_box_collector_app'),
mock.call(mock.ANY, 'unit-testing_corp_duo_admin_duo_admin_collector_app'),
mock.call(mock.ANY, 'unit-testing_streamalert_athena_partition_refresh'),
mock.call(mock.ANY, 'unit-testing_corp_streamalert_rule_processor'),
mock.call(mock.ANY, 'unit-testing_prod_streamalert_rule_processor'),
mock.call(mock.ANY, 'unit-testing_streamalert_threat_intel_downloader')
])
def test_rollback_rule_single_cluster(self, mock_runner, mock_generate, mock_logger):
"""CLI - Lambda Rollback rule processor in one cluster"""
options = MockOptions(['prod'], ['rule'])
self.rule_config_corp['current_version'] = 2
self.rule_config_prod['current_version'] = 2
rollback.rollback(options, self.config)
# Only the prod rule processor should have been rolled back
assert_equal(2, self.rule_config_corp['current_version'])
assert_equal(1, self.rule_config_prod['current_version'])
mock_logger.assert_not_called()
mock_generate.assert_called_once_with(config=self.config)
mock_runner.assert_called_once_with(targets=['module.stream_alert_prod'])
def lambda_handler(options, config):
"""Handle all Lambda CLI operations"""
if options.subcommand == 'deploy':
# Make sure the Terraform code is up to date
if not terraform_generate(config=config):
return
deploy(options, config)
elif options.subcommand == 'rollback':
# Make sure the Terraform code is up to date
if not terraform_generate(config=config):
return
rollback(options, config)
elif options.subcommand == 'test':
stream_alert_test(options, config)
