def test_failure2(self): resource_conf = { 'name': ['google_cluster'], 'monitoring_service': ['monitoring.googleapis.com'], 'master_authorized_networks_config': [{}], } scan_result = check.scan_resource_conf(conf=resource_conf) self.assertEqual(CheckResult.FAILED, scan_result)
def test_success(self): resource_conf = { 'name': ['google_cluster'], 'monitoring_service': ['monitoring.googleapis.com'], 'master_authorized_networks_config': [{}], 'master_auth': [{ 'client_certificate_config': [{ 'issue_client_certificate': [False], }], }], } scan_result = check.scan_resource_conf(conf=resource_conf) self.assertEqual(CheckResult.PASSED, scan_result)
def test_success_no_basic_out_if_username_and_password_are_present_but_empty( self): resource_conf = { 'name': ['google_cluster'], 'monitoring_service': ['monitoring.googleapis.com'], 'master_authorized_networks_config': [{}], 'master_auth': [{ 'username': [''], 'password': [''], 'client_certificate_config': [{ 'issue_client_certificate': [False], }], }] } scan_result = check.scan_resource_conf(conf=resource_conf) self.assertEqual(CheckResult.PASSED, scan_result)
def test_failure(self): resource_conf = { 'name': ['google_cluster_bad'], 'monitoring_service': ['none'], 'enable_legacy_abac': [True], 'master_authorized_networks_config': [{ 'cidr_blocks': [{ 'cidr_block': ['0.0.0.0/0'], 'display_name': ['The world'], }] }], 'master_auth': [{ 'username': ['test'], 'password': ['password'], }], } scan_result = check.scan_resource_conf(conf=resource_conf) self.assertEqual(CheckResult.FAILED, scan_result)