示例#1
0
    def test_build_rule_book_from_gcs_works(self, mock_load_rules_from_gcs):
        """Test that a RuleBook is built correctly with a mocked gcs file.

        Setup:
            * Create a mocked GCS object from a test yaml file.
            * Get the yaml file content.

        Expected results:
            There are 4 resources that have rules, in the rule book.
        """
        bucket_name = 'bucket-name'
        rules_path = 'input/test_rules_1.yaml'
        full_rules_path = 'gs://{}/{}'.format(bucket_name, rules_path)
        rules_engine = ire.IapRulesEngine(rules_file_path=full_rules_path)

        # Read in the rules file
        file_content = None
        with open(get_datafile_path(__file__, 'iap_test_rules_1.yaml'),
                  'r') as rules_local_file:
            try:
                file_content = yaml.safe_load(rules_local_file)
            except yaml.YAMLError:
                raise

        mock_load_rules_from_gcs.return_value = file_content

        rules_engine.build_rule_book({})
        self.assertEqual(1, len(rules_engine.rule_book.resource_rules_map))
示例#2
0
    def __init__(self, global_configs, scanner_configs, service_config,
                 model_name, snapshot_timestamp, rules):
        """Initialization.

        Args:
            global_configs (dict): Global configurations.
            scanner_configs (dict): Scanner configurations.
            service_config (ServiceConfig): Forseti 2.0 service configs
            model_name (str): name of the data model
            snapshot_timestamp (str): The snapshot timestamp.
            rules (str): Fully-qualified path and filename of the rules file.
        """
        super(IapScanner,
              self).__init__(global_configs, scanner_configs, service_config,
                             model_name, snapshot_timestamp, rules)
        self.rules_engine = iap_rules_engine.IapRulesEngine(
            rules_file_path=self.rules,
            snapshot_timestamp=self.snapshot_timestamp)
        self.rules_engine.build_rule_book(self.global_configs)
        self.scoped_session, self.data_access = (
            service_config.model_manager.get(model_name))
示例#3
0
 def test_build_rule_book_no_resource_type_fails(self):
     """Test that a rule without a resource type cannot be created."""
     rules_local_path = get_datafile_path(__file__, 'iap_test_rules_2.yaml')
     rules_engine = ire.IapRulesEngine(rules_file_path=rules_local_path)
     with self.assertRaises(InvalidRulesSchemaError):
         rules_engine.build_rule_book({})
示例#4
0
 def test_build_rule_book_from_local_json_file_works(self):
     """Test that a RuleBook is built correctly with a json file."""
     rules_local_path = get_datafile_path(__file__, 'iap_test_rules_1.json')
     rules_engine = ire.IapRulesEngine(rules_file_path=rules_local_path)
     rules_engine.build_rule_book({})
     self.assertEqual(2, len(rules_engine.rule_book.resource_rules_map))