def test_opa_404(self, mock_post):
mock_post.return_value.headers = r"""{'Content-Type': 'application/json', 'Date': 'Mon, 19 Aug 2019 22:55:37 GMT', 'Content-Length': '1078'}"""
mock_post.return_value.status_code = 404
with open("./testing/deployments/test-deploy02.json") as json_file:
request_object_json = json.load(json_file)
response_message = ""
namespace = "test1"
result = magtape.build_response_message(request_object_json,
response_message,
namespace)
expected_result = "[FAIL] HIGH - Call to OPA was unsuccessful. Please contact your cluster administrator"
print(f"Result is: {result}")
self.assertEqual(result, expected_result)
def test_opa_success(self, mock_post):
mock_post.return_value.status_code = 200
mock_post.return_value.headers = r"""{'Content-Type': 'application/json', 'Date': 'Mon, 19 Aug 2019 22:55:37 GMT', 'Content-Length': '1078'}"""
mock_post.return_value.text = r"""{"decisions":[{"policy":"policy_resource_limits","reasons":[{"errcode":"MT1003","msg":"[FAIL] LOW - Resource limits missing (CPU/MEM) for container \"test-deploy02\" (MT1003)","name":"policy-resource-limits","severity":"LOW"}]},{"policy":"policy_privileged_pod","reasons":[{"errcode":"MT2001","msg":"[FAIL] HIGH - Found privileged Security Context for container \"test-deploy02\" (MT2001)","name":"policy-privileged-pod","severity":"HIGH"}]},{"policy":"policy_readiness_probe","reasons":[{"errcode":"MT1002","msg":"[FAIL] LOW - Readiness Probe missing for container \"test-deploy02\" (MT1002)","name":"policy-readiness-probe","severity":"LOW"}]},{"policy":"policy_resource_requests","reasons":[{"errcode":"MT1004","msg":"[FAIL] LOW - Resource requests missing (CPU/MEM) for container \"test-deploy02\" (MT1004)","name":"policy-resource-requests","severity":"LOW"}]},{"policy":"policy_liveness_probe","reasons":[{"errcode":"MT1001","msg":"[FAIL] LOW - Liveness Probe missing for container \"test-deploy02\" (MT1001)","name":"policy-liveness-probe","severity":"LOW"}]}]}"""
with open("./testing/deployments/test-deploy02.json") as json_file:
request_object_json = json.load(json_file)
response_message = ""
namespace = "test1"
result = magtape.build_response_message(request_object_json,
response_message,
namespace)
expected_result = '[FAIL] HIGH - Found privileged Security Context for container "test-deploy02" (MT2001), [FAIL] LOW - Liveness Probe missing for container "test-deploy02" (MT1001), [FAIL] LOW - Readiness Probe missing for container "test-deploy02" (MT1002), [FAIL] LOW - Resource limits missing (CPU/MEM) for container "test-deploy02" (MT1003), [FAIL] LOW - Resource requests missing (CPU/MEM) for container "test-deploy02" (MT1004)'
print(f"Result is: {result}")
self.assertEqual(result, expected_result)