def test_create_stack_rolearn( awsclient, cleanup_stack_simple_stack, temp_cloudformation_policy, cleanup_roles): # create a stack we use for the test lifecycle cloudformation_simple_stack, _ = load_cloudformation_template( here('resources/simple_cloudformation_stack/cloudformation.py') ) # create role to use for cloudformation deployment role = create_role_helper( awsclient, 'unittest_%s_kumo' % utils.random_string(), policies=[ temp_cloudformation_policy, 'arn:aws:iam::aws:policy/AmazonS3FullAccess' ], principal_service=['cloudformation.amazonaws.com'] ) cleanup_roles.append(role['RoleName']) config_rolearn = deepcopy(config_simple_stack) config_rolearn['stack']['RoleARN'] = role['Arn'] exit_code = deploy_stack(awsclient, {}, config_rolearn, cloudformation_simple_stack, override_stack_policy=False) assert exit_code == 0
def test_update_stack_rolearn(awsclient, simple_cloudformation_stack, temp_cloudformation_policy, cleanup_roles): # create a stack we use for the test lifecycle cloudformation_simple_stack, _ = load_cloudformation_template( here('resources/simple_cloudformation_stack/cloudformation.py') ) # create role to use for cloudformation update role = create_role_helper( awsclient, 'unittest_%s_kumo' % utils.random_string(), policies=[ temp_cloudformation_policy, 'arn:aws:iam::aws:policy/AmazonS3FullAccess' ], principal_service=['cloudformation.amazonaws.com'] ) cleanup_roles.append(role['RoleName']) config_rolearn = deepcopy(config_simple_stack) config_rolearn['stack']['RoleARN'] = role['Arn'] change_set_name, stackname, change_set_type = \ create_change_set(awsclient, {}, config_rolearn, cloudformation_simple_stack) assert stackname == _get_stack_name(config_rolearn) assert change_set_name != '' assert change_set_type == 'UPDATE' describe_change_set(awsclient, change_set_name, stackname) # update the stack changed = get_parameter_diff(awsclient, config_rolearn) assert not changed exit_code = deploy_stack(awsclient, {}, config_rolearn, cloudformation_simple_stack, override_stack_policy=False) assert exit_code == 0
def test_deploy_delete_cmds(awsclient, vendored_folder, cleanup_roles, temp_bucket): log.info('running test_create_lambda') temp_string = utils.random_string() lambda_name = 'jenkins_test_' + temp_string log.info(lambda_name) role = create_role_helper( awsclient, 'unittest_%s_lambda' % temp_string, policies=[ 'arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole', 'arn:aws:iam::aws:policy/AWSLambdaExecute' ]) cleanup_roles.append(role['RoleName']) config = { "lambda": { "name": lambda_name, "description": "unittest for ramuda", "role": role['Arn'], "handlerFunction": "handler.handle", "handlerFile": "./resources/sample_lambda/handler.py", "timeout": 300, "memorySize": 256, "events": { "s3Sources": [{ "bucket": temp_bucket, "type": "s3:ObjectCreated:*", "suffix": ".gz" }], "timeSchedules": [{ "ruleName": "infra-dev-sample-lambda-jobr-T1", "ruleDescription": "run every 5 min from 0-5", "scheduleExpression": "cron(0/5 0-5 ? * * *)" }, { "ruleName": "infra-dev-sample-lambda-jobr-T2", "ruleDescription": "run every 5 min from 8-23:59", "scheduleExpression": "cron(0/5 8-23:59 ? * * *)" }] }, "vpc": { "subnetIds": [ "subnet-d5ffb0b1", "subnet-d5ffb0b1", "subnet-d5ffb0b1", "subnet-e9db9f9f" ], "securityGroups": ["sg-660dd700"] } }, "bundling": { "zip": "bundle.zip", "folders": [{ "source": "./vendored", "target": "." }, { "source": "./impl", "target": "impl" }] }, "deployment": { "region": "eu-west-1" } } tooldata = get_tooldata(awsclient, 'ramuda', 'deploy', config=config) tooldata['context']['_arguments'] = {'--keep': False} bundle((tooldata['context'], {'ramuda': tooldata['config']})) deploy_cmd(False, **tooldata) # now we use the delete cmd to remove the lambda function tooldata['context']['command'] = 'delete' delete_cmd(True, lambda_name, True, **tooldata)
def test_create_lambda(awsclient, vendored_folder, cleanup_lambdas, cleanup_roles): log.info('running test_create_lambda') temp_string = helpers.random_string() lambda_name = 'jenkins_test_' + temp_string log.info(lambda_name) role = create_role_helper( awsclient, 'unittest_%s_lambda' % temp_string, policies=[ 'arn:aws:iam::aws:policy/service-role/AWSLambdaVPCAccessExecutionRole', 'arn:aws:iam::aws:policy/AWSLambdaExecute' ]) cleanup_roles.append(role['RoleName']) config = { "lambda": { "name": "dp-dev-sample-lambda-jobr1", "description": "lambda test for ramuda", "role": "'unused'", "handlerFunction": "handler.handle", "handlerFile": "./resources/sample_lambda/handler.py", "timeout": 300, "memorySize": 256, "events": { "s3Sources": [{ "bucket": "jobr-test", "type": "s3:ObjectCreated:*", "suffix": ".gz" }], "timeSchedules": [{ "ruleName": "infra-dev-sample-lambda-jobr-T1", "ruleDescription": "run every 5 min from 0-5", "scheduleExpression": "cron(0/5 0-5 ? * * *)" }, { "ruleName": "infra-dev-sample-lambda-jobr-T2", "ruleDescription": "run every 5 min from 8-23:59", "scheduleExpression": "cron(0/5 8-23:59 ? * * *)" }] }, "vpc": { "subnetIds": [ "subnet-d5ffb0b1", "subnet-d5ffb0b1", "subnet-d5ffb0b1", "subnet-e9db9f9f" ], "securityGroups": ["sg-660dd700"] } }, "bundling": { "zip": "bundle.zip", "folders": [{ "source": "./vendored", "target": "." }, { "source": "./impl", "target": "impl" }] }, "deployment": { "region": "eu-west-1" } } lambda_description = config['lambda'].get('description') # print (role) role_arn = role['Arn'] lambda_handler = config['lambda'].get('handlerFunction') handler_filename = config['lambda'].get('handlerFile') timeout = int(config['lambda'].get('timeout')) memory_size = int(config['lambda'].get('memorySize')) zip_name = config['bundling'].get('zip') folders_from_file = config['bundling'].get('folders') subnet_ids = config['lambda'].get('vpc', {}).get('subnetIds', None) security_groups = config['lambda'].get('vpc', {}).get('securityGroups', None) region = config['deployment'].get('region') artifact_bucket = config['deployment'].get('artifactBucket', None) zipfile = _get_zipped_file( handler_filename, folders_from_file, ) deploy_lambda(awsclient=awsclient, function_name=lambda_name, role=role_arn, handler_filename=handler_filename, handler_function=lambda_handler, folders=folders_from_file, description=lambda_description, timeout=timeout, memory=memory_size, artifact_bucket=artifact_bucket, zipfile=zipfile) # TODO improve this (by using a waiter??) cleanup_lambdas.append(lambda_name)
def test_create_update_stack_artifactbucket(awsclient, temp_cloudformation_policy, cleanup_roles, cleanup_buckets): # create a stack we use for the test lifecycle cloudformation_simple_stack, _ = load_cloudformation_template( here('resources/simple_cloudformation_stack/cloudformation.py') ) upload_conf = { 'stack': { 'StackName': "infra-dev-kumo-sample-stack", 'artifactBucket': "unittest-kumo-artifact-bucket" }, 'parameters': { 'InstanceType': "t2.micro", } } region = awsclient.get_client('s3').meta.region_name account = os.getenv('ACCOUNT', None) # add account prefix to artifact bucket config if account: upload_conf['stack']['artifactBucket'] = \ '%s-unittest-kumo-artifact-bucket' % account artifact_bucket = _get_artifact_bucket(upload_conf) prepare_artifacts_bucket(awsclient, artifact_bucket) cleanup_buckets.append(artifact_bucket) dest_key = 'kumo/%s/%s-cloudformation.json' % (region, _get_stack_name(upload_conf)) expected_s3url = 'https://s3-%s.amazonaws.com/%s/%s' % (region, artifact_bucket, dest_key) actual_s3url = _s3_upload(awsclient, upload_conf, generate_template({}, upload_conf, cloudformation_simple_stack)) assert expected_s3url == actual_s3url # create role to use for cloudformation update role = create_role_helper( awsclient, 'unittest_%s_kumo' % utils.random_string(), policies=[ temp_cloudformation_policy, 'arn:aws:iam::aws:policy/AWSCodeDeployReadOnlyAccess', 'arn:aws:iam::aws:policy/AmazonS3FullAccess' ], principal_service=['cloudformation.amazonaws.com'] ) cleanup_roles.append(role['RoleName']) # create exit_code = deploy_stack(awsclient, {}, upload_conf, cloudformation_simple_stack, override_stack_policy=False) assert exit_code == 0 stack_id = get_stack_id(awsclient, upload_conf['stack']['StackName']) wait_for_stack_create_complete(awsclient, stack_id) # update (as a change we add the RoleARN) upload_conf['stack']['RoleARN'] = role['Arn'] # update the stack changed = get_parameter_diff(awsclient, upload_conf) assert not changed exit_code = deploy_stack(awsclient, {}, upload_conf, cloudformation_simple_stack, override_stack_policy=False) assert exit_code == 0 wait_for_stack_update_complete(awsclient, stack_id) # cleanup exit_code = delete_stack(awsclient, upload_conf) assert exit_code == 0 wait_for_stack_delete_complete(awsclient, stack_id)