def test_commit_list(config, files):
tempdir = config.base_path
base = tempdir / 'security_groups'
client = AwsClient(config)
group = client.get('mock-group')
group2 = client.get('mock-group2')
group.revoke(ip_protocol="tcp", from_port=22, to_port=22,
cidr_ip="192.168.1.0/32")
group.revoke(ip_protocol="tcp", from_port=22, to_port=22,
src_group=group2)
gr0 = Grant(ip_protocol="tcp", from_port="22", to_port="22",
cidr_ip="192.168.10.0/32")
gr1 = Grant(ip_protocol="tcp", from_port="33", to_port="44",
group="mock-group2")
gr2 = Grant(ip_protocol="tcp", from_port="22", to_port="22",
cidr_ip="192.168.20.0/32")
FileService.write_csv(base / "mock-group.csv",
[
gr0,
gr1,
])
FileService.write_csv(base / "mock-group2.csv",
[
gr2,
])
diff_list = dict(SgService.diff_list(config, AwsClient(config), []))
diff0 = diff_list['mock-group']
assert diff0.local_only == {gr0.rule, gr1.rule}
assert diff_list['mock-group2'].local_only == {gr2.rule}
SgService.commit_list(config=config, client=AwsClient(config),
file_path_list=[],
noconfirm=True)
diff_list = dict(SgService.diff_list(config, AwsClient(config), []))
assert "mock-group" not in diff_list
assert "mock-group2" not in diff_list
def test_commit_list(config, files):
tempdir = config.base_path
base = tempdir / 'security_groups'
client = AwsClient(config)
group = client.get('mock-group')
group2 = client.get('mock-group2')
group.revoke(ip_protocol="tcp",
from_port=22,
to_port=22,
cidr_ip="192.168.1.0/32")
group.revoke(ip_protocol="tcp", from_port=22, to_port=22, src_group=group2)
gr0 = Grant(ip_protocol="tcp",
from_port="22",
to_port="22",
cidr_ip="192.168.10.0/32")
gr1 = Grant(ip_protocol="tcp",
from_port="33",
to_port="44",
group="mock-group2")
gr2 = Grant(ip_protocol="tcp",
from_port="22",
to_port="22",
cidr_ip="192.168.20.0/32")
FileService.write_csv(base / "mock-group.csv", [
gr0,
gr1,
])
FileService.write_csv(base / "mock-group2.csv", [
gr2,
])
diff_list = dict(SgService.diff_list(config, AwsClient(config), []))
diff0 = diff_list['mock-group']
assert diff0.local_only == {gr0.rule, gr1.rule}
assert diff_list['mock-group2'].local_only == {gr2.rule}
SgService.commit_list(config=config,
client=AwsClient(config),
file_path_list=[],
noconfirm=True)
diff_list = dict(SgService.diff_list(config, AwsClient(config), []))
assert "mock-group" not in diff_list
assert "mock-group2" not in diff_list
def test_diff_list(config, mock_groups):
tempdir = config.base_path
client = AwsClient(config)
SgService.save_groups(config,
client,
tempdir / 'security_groups',
noconfirm=True)
file_path = tempdir / 'security_groups/mock-group.csv'
assert file_path.exists()
group = client.get('mock-group')
group.revoke(ip_protocol="tcp",
from_port=22,
to_port=22,
cidr_ip="192.168.1.0/32")
group.authorize(ip_protocol="tcp",
from_port=22,
to_port=22,
cidr_ip="192.168.1.10/32")
group.authorize(ip_protocol="tcp",
from_port=22,
to_port=22,
cidr_ip="192.168.1.20/32")
group2 = client.get('mock-group2')
group2.authorize(ip_protocol="tcp",
from_port=22,
to_port=22,
cidr_ip="192.168.1.10/32")
diff_list = SgService.diff_list(config, AwsClient(config), [])
dic = dict(diff_list)
diff0 = dic['mock-group']
assert 2 == len(diff0.remote_only)
assert 1 == len(diff0.local_only)
# remoteで削除したもの
assert diff0.local_only == {
Rule("tcp", "22", "22", cidr_ip="192.168.1.0/32", group=None)
}
# remoteに追加したもの
assert diff0.remote_only == {
Rule("tcp", "22", "22", cidr_ip="192.168.1.10/32", group=None),
Rule("tcp", "22", "22", cidr_ip="192.168.1.20/32", group=None),
}
diff1 = dic['mock-group2']
assert diff1.local_only == set()
# remoteに追加したもの
assert diff1.remote_only == {
Rule("tcp", "22", "22", cidr_ip="192.168.1.10/32", group=None)
}
def test_diff_list(config, mock_groups):
tempdir = config.base_path
client = AwsClient(config)
SgService.save_groups(config, client,
tempdir / 'security_groups',
noconfirm=True)
file_path = tempdir / 'security_groups/mock-group.csv'
assert file_path.exists()
group = client.get('mock-group')
group.revoke(ip_protocol="tcp", from_port=22, to_port=22,
cidr_ip="192.168.1.0/32")
group.authorize(ip_protocol="tcp", from_port=22, to_port=22,
cidr_ip="192.168.1.10/32")
group.authorize(ip_protocol="tcp", from_port=22, to_port=22,
cidr_ip="192.168.1.20/32")
group2 = client.get('mock-group2')
group2.authorize(ip_protocol="tcp", from_port=22, to_port=22,
cidr_ip="192.168.1.10/32")
diff_list = SgService.diff_list(config, AwsClient(config), [])
dic = dict(diff_list)
diff0 = dic['mock-group']
assert 2 == len(diff0.remote_only)
assert 1 == len(diff0.local_only)
# remoteで削除したもの
assert diff0.local_only == {Rule("tcp", "22", "22",
cidr_ip="192.168.1.0/32",
group=None)}
# remoteに追加したもの
assert diff0.remote_only == {Rule("tcp", "22", "22",
cidr_ip="192.168.1.10/32",
group=None),
Rule("tcp", "22", "22",
cidr_ip="192.168.1.20/32",
group=None),
}
diff1 = dic['mock-group2']
assert diff1.local_only == set()
# remoteに追加したもの
assert diff1.remote_only == {Rule("tcp", "22", "22",
cidr_ip="192.168.1.10/32", group=None)}
