def test_fail_git_repo_bare(
self,
mock_repo,
mock_git_url,
mock_git_commit_utc_timestamp
):
with TempDirectory() as temp_dir:
# setup
step_config = {
'repo-root': temp_dir.path
}
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='generate-metadata',
implementer='Git'
)
# setup mocks
mock_repo().bare = True
# run test
actual_step_result = step_implementer._run_step()
# verify results
expected_step_result = StepResult(
step_name='generate-metadata',
sub_step_name='Git',
sub_step_implementer_name='Git'
)
expected_step_result.success = False
expected_step_result.message = f'Given git-repo-root is not a Git repository'
self.assertEqual(actual_step_result, expected_step_result)
def test_run_step_fail_missing_path_file_from_deploy(self):
with TempDirectory() as temp_dir:
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
test_file_name = 'yamlnotused'
test_file_path = os.path.join(temp_dir.path, test_file_name)
temp_dir.write(test_file_path, b'ignored')
step_config = {}
artifact_config = {
'argocd-deployed-manifest': {
'value': f'{test_file_path}.bad'
}
}
workflow_result = self.setup_previous_result(
parent_work_dir_path, artifact_config)
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='validate-environment-configuration',
implementer='ConfiglintArgocd',
workflow_result=workflow_result,
parent_work_dir_path=parent_work_dir_path)
result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='validate-environment-configuration',
sub_step_name='ConfiglintArgocd',
sub_step_implementer_name='ConfiglintArgocd')
expected_step_result.success = False
expected_step_result.message = f'File specified in argocd-deployed-manifest {test_file_path}.bad not found'
self.assertEqual(expected_step_result, result)
def test_fail(self, mock_write_working_file, mock_run_maven_step):
with TempDirectory() as test_dir:
parent_work_dir_path = os.path.join(test_dir.path, 'working')
step_config = {}
step_implementer = self.create_step_implementer(
step_config=step_config,
parent_work_dir_path=parent_work_dir_path,
)
# run step with mock failure
mock_run_maven_step.side_effect = StepRunnerException(
'Mock error running maven')
actual_step_result = step_implementer._run_step()
# create expected step result
expected_step_result = StepResult(
step_name='foo',
sub_step_name='MavenGeneric',
sub_step_implementer_name='MavenGeneric')
expected_step_result.add_artifact(
description="Standard out and standard error from maven.",
name='maven-output',
value='/mock/mvn_output.txt')
expected_step_result.message = "Error running maven. " \
"More details maybe found in 'maven-output' report artifact: "\
"Mock error running maven"
expected_step_result.success = False
# verify step result
self.assertEqual(actual_step_result, expected_step_result)
mock_write_working_file.assert_called_once()
mock_run_maven_step.assert_called_with(
mvn_output_file_path='/mock/mvn_output.txt')
def test_run_step_fail_missing_version_in_package_file(self):
with TempDirectory() as temp_dir:
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
temp_dir.write(
'package.json', b'''{
"name": "my-awesome-package"
}''')
package_file_path = os.path.join(temp_dir.path, 'package.json')
step_config = {'package-file': package_file_path}
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='generate-metadata',
implementer='Npm',
parent_work_dir_path=parent_work_dir_path,
)
result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='generate-metadata',
sub_step_name='Npm',
sub_step_implementer_name='Npm',
)
expected_step_result.success = False
expected_step_result.message = f"Given npm package file ({package_file_path})" + \
' does not contain a \"version\" key.'
self.assertEqual(result, expected_step_result)
def test__run_step_pass_no_evidence(self, generate_evidence_mock):
step_config = {
'organization': 'test-ORG',
'application-name': 'test-APP',
'service-name': 'test-SERVICE',
'version': '42.0-test'
}
step_implementer = self.create_step_implementer(
step_config=step_config,
)
#Set mock method to return None
generate_evidence_mock.return_value = None
step_result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='generate_evidence',
sub_step_name='GenerateEvidence',
sub_step_implementer_name='GenerateEvidence'
)
expected_step_result.add_artifact(
name='result-generate-evidence',
value='No evidence to generate.',
description='Evidence from all previously run steps.'
)
expected_step_result.message = "No evidence generated from previously run steps"
self.assertEqual(step_result, expected_step_result)
generate_evidence_mock.assert_called_once()
def test_fail_is_detached(
self,
mock_repo,
mock_git_url,
mock_git_commit_utc_timestamp
):
with TempDirectory() as temp_dir:
# setup
step_config = {
'git-repo-root': temp_dir.path
}
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='generate-metadata',
implementer='Git'
)
# setup mocks
mock_repo().bare = False
mock_repo().head.is_detached = True
# run test
actual_step_result = step_implementer._run_step()
# verify results
expected_step_result = StepResult(
step_name='generate-metadata',
sub_step_name='Git',
sub_step_implementer_name='Git'
)
expected_step_result.success = False
expected_step_result.message = f'Expected a Git branch in given git repo root' \
f' but has a detached head'
self.assertEqual(actual_step_result, expected_step_result)
def test__upload_to_remote_with_auth(self, gather_evidence_mock, upload_file_mock):
with TempDirectory() as temp_dir:
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
step_config = {
'organization': 'test-ORG',
'application-name': 'test-APP',
'service-name': 'test-SERVICE',
'version': '42.0-test',
'evidence-destination-url': self.DEST_URL,
'evidence-destination-username': '******',
'evidence-destination-password': '******'
}
step_implementer = self.create_step_implementer(
step_config=step_config,
parent_work_dir_path=parent_work_dir_path
)
# mock the upload results
upload_file_mock.return_value = "mock upload results"
# run the step
step_result = step_implementer._run_step()
# verify results
expected_step_result = StepResult(
step_name='generate_evidence',
sub_step_name='GenerateEvidence',
sub_step_implementer_name='GenerateEvidence'
)
expected_step_result.add_artifact(
name='evidence-upload-results',
description='Results of uploading the evidence JSON file ' \
'to the given destination.',
value='mock upload results'
)
expected_step_result.add_artifact(
name='evidence-uri',
description='URI of the uploaded results archive.',
value=self.DEST_URI
)
expected_step_result.add_artifact(
name='evidence-path',
value=os.path.join(parent_work_dir_path, 'generate_evidence',
"test-ORG-test-APP-test-SERVICE-42.0-test-evidence.json"),
description='File path of evidence.'
)
expected_step_result.message = "Evidence successfully packaged in JSON file and uploaded to data store."
self.assertEqual(step_result, expected_step_result)
# verify mocks called
gather_evidence_mock.assert_called_once()
upload_file_mock.assert_called_once_with(
file_path=mock.ANY,
destination_uri=self.DEST_URI,
username='******',
password='******'
)
def test__run_step_pass_audit_success(self,
audit_attestation_mock,
download_source_to_destination_mock):
with TempDirectory() as temp_dir:
workflow_attestation_uri = 'https://foo.bar/evidence.json'
workflow_policy_uri = 'https://foo.bar/policy.json'
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
step_config = {
'workflow-policy-uri': workflow_policy_uri
}
step_result = StepResult(
step_name='test-step',
sub_step_name='test-sub-step',
sub_step_implementer_name='test-sub-step-implementer'
)
step_result.add_artifact('evidence-uri', workflow_attestation_uri, 'URI of the uploaded results archive.')
workflow_result = WorkflowResult()
workflow_result.add_step_result(step_result)
step_implementer = self.create_step_implementer(
step_config=step_config,
parent_work_dir_path=parent_work_dir_path,
workflow_result=workflow_result
)
download_source_to_destination_mock.side_effect = [
parent_work_dir_path + '/workflow_attestion.json',
parent_work_dir_path + '/workflow_policy.rego']
audit_attestation_mock.return_value = "Audit was successful", 0
step_result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='audit_attestation',
sub_step_name='OpenPolicyAgent',
sub_step_implementer_name='OpenPolicyAgent'
)
expected_step_result.add_artifact(
name='audit-results',
value='Audit was successful'
)
expected_step_result.message = 'Audit was successful'
self.assertEqual(step_result, expected_step_result)
audit_attestation_mock.assert_called_once_with(parent_work_dir_path + '/workflow_attestion.json',
parent_work_dir_path + '/workflow_policy.rego', "data.workflowResult.passAll")
download_source_to_destination_mock.assert_has_calls([
mock.call(workflow_attestation_uri,
parent_work_dir_path + '/audit_attestation'),
mock.call(workflow_policy_uri,
parent_work_dir_path + '/audit_attestation')
]
)
def test_run_step_fail_bad_rule_path(self, config_lint_mock):
with TempDirectory() as temp_dir:
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
test_file_name = 'rules'
test_file_path = os.path.join(temp_dir.path, test_file_name)
temp_dir.write(test_file_path, b'ignored')
step_config = {
'configlint-yml-path': test_file_path,
'rules': 'invalid_file'
}
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='validate-environment-configuration',
implementer='Configlint',
parent_work_dir_path=parent_work_dir_path,
)
result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='validate-environment-configuration',
sub_step_name='Configlint',
sub_step_implementer_name='Configlint'
)
expected_step_result.success = False
expected_step_result.message = 'File specified in rules not found: invalid_file'
self.assertEqual(expected_step_result, result)
def test_fail_no_properties_and_project_key(self, mock_sonar, mock_is_release_branch):
with TempDirectory() as temp_dir:
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
artifact_config = {
'version': {'description': '', 'value': '1.0-123abc'},
}
workflow_result = self.setup_previous_result(parent_work_dir_path, artifact_config)
step_config = {
'url': 'https://sonarqube-sonarqube.apps.ploigos_step_runner.rht-set.com',
'application-name': 'app-name',
'service-name': 'service-name',
'project-key': 'project-key'
}
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='static-code-analysis',
implementer='SonarQube',
workflow_result=workflow_result,
parent_work_dir_path=parent_work_dir_path
)
result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='static-code-analysis',
sub_step_name='SonarQube',
sub_step_implementer_name='SonarQube'
)
expected_step_result.success = False
expected_step_result.message = 'Properties file not found: ./sonar-project.properties'
self.assertEqual(result, expected_step_result)
def test_fail_getting_git_repo(
self,
mock_repo,
mock_git_url,
mock_git_commit_utc_timestamp
):
with TempDirectory() as temp_dir:
# setup
step_config = {
'repo-root': temp_dir.path
}
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='generate-metadata',
implementer='Git'
)
# setup mocks
mock_repo.side_effect = StepRunnerException('mock error')
# run test
actual_step_result = step_implementer._run_step()
# verify results
expected_step_result = StepResult(
step_name='generate-metadata',
sub_step_name='Git',
sub_step_implementer_name='Git'
)
expected_step_result.success = False
expected_step_result.message = f'mock error'
self.assertEqual(actual_step_result, expected_step_result)
def test_fail_set_version(self, mock_settings_file,
mock_write_working_file, mock_run_maven_step,
mock_run_maven):
with TempDirectory() as test_dir:
parent_work_dir_path = os.path.join(test_dir.path, 'working')
pom_file = os.path.join(test_dir.path, 'mock-pom.xml')
maven_push_artifact_repo_id = 'mock-repo-id'
maven_push_artifact_repo_url = 'https://mock-repo.ploigos.com'
version = '0.42.0-mock'
step_config = {
'pom-file': pom_file,
'maven-push-artifact-repo-id': maven_push_artifact_repo_id,
'maven-push-artifact-repo-url': maven_push_artifact_repo_url,
'version': version
}
step_implementer = self.create_step_implementer(
step_config=step_config,
parent_work_dir_path=parent_work_dir_path,
)
# run step with mvn version:set failure
mock_run_maven.side_effect = StepRunnerException(
'mock error setting new pom version')
actual_step_result = step_implementer._run_step()
# create expected step result
expected_step_result = StepResult(
step_name='deploy',
sub_step_name='MavenDeploy',
sub_step_implementer_name='MavenDeploy')
expected_step_result.success = False
expected_step_result.message = "Error running 'maven deploy' to push artifacts. " \
"More details maybe found in 'maven-output' report artifact: " \
"mock error setting new pom version"
expected_step_result.add_artifact(
description=
"Standard out and standard error from running maven to update version.",
name='maven-update-version-output',
value='/mock/mvn_versions_set_output.txt')
expected_step_result.add_artifact(
description="Standard out and standard error from running maven to " \
"push artifacts to repository.",
name='maven-push-artifacts-output',
value='/mock/mvn_deploy_output.txt'
)
# verify step result
self.assertEqual(actual_step_result, expected_step_result)
mock_write_working_file.assert_called()
mock_run_maven.assert_called_with(
mvn_output_file_path='/mock/mvn_versions_set_output.txt',
settings_file='/fake/settings.xml',
pom_file=pom_file,
phases_and_goals=['versions:set'],
additional_arguments=[f'-DnewVersion={version}'])
mock_run_maven_step.assert_not_called()
def test_fail_sign_image(self, mock_sign_image, mock_import_pgp_key,
mock_upload_file, mock_container_registries_login,
mock_get_deploy_time_container_image_address):
with TempDirectory() as temp_dir:
# setup
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
pgp_private_key_fingerprint = 'abc123'
step_config = TestStepImplementerSignContainerImagePodmanBase.generate_config(
)
# setup mocks
def import_pgp_key_side_effect(pgp_private_key):
return pgp_private_key_fingerprint
mock_import_pgp_key.side_effect = import_pgp_key_side_effect
mock_sign_image.side_effect = StepRunnerException(
'mock error signing image')
# run test
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='sign-container-image',
implementer='PodmanSign',
parent_work_dir_path=parent_work_dir_path)
result = step_implementer._run_step()
# validate
mock_import_pgp_key.assert_called_once_with(
pgp_private_key=step_config['signer-pgp-private-key'])
mock_sign_image.assert_called_once_with(
pgp_private_key_fingerprint=pgp_private_key_fingerprint,
image_signatures_directory=os.path.join(
parent_work_dir_path,
'sign-container-image/image-signature'),
container_image_address=
'mock-deploy-time-container-image-address')
mock_container_registries_login.assert_called_once_with(
registries=None,
containers_config_tls_verify=True,
container_command_short_name='podman')
mock_get_deploy_time_container_image_address.assert_called_once()
expected_step_result = StepResult(
step_name='sign-container-image',
sub_step_name='PodmanSign',
sub_step_implementer_name='PodmanSign')
expected_step_result.add_artifact(
name='container-image-signature-signer-private-key-fingerprint',
value=pgp_private_key_fingerprint)
expected_step_result.success = False
expected_step_result.message = 'mock error signing image'
self.assertEqual(expected_step_result, result)
def test__run_step_pass_upload_to_remote_with_auth_failure(
self, create_archive_mock, upload_file_mock):
with TempDirectory() as temp_dir:
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
step_config = {
'organization': 'test-ORG',
'application-name': 'test-APP',
'service-name': 'test-SERVICE',
'version': '42.0-test',
'results-archive-destination-url':
'https://ploigos.com/mock/results-archives',
'results-archive-destination-username': '******',
'results-archive-destination-password': '******'
}
step_implementer = self.create_step_implementer(
step_config=step_config,
parent_work_dir_path=parent_work_dir_path,
)
# mock the upload results
upload_file_mock.side_effect = RuntimeError('mock upload error')
# run the step
step_result = step_implementer._run_step()
# verify results
expected_step_result = StepResult(
step_name='report',
sub_step_name='ResultArtifactsArchive',
sub_step_implementer_name='ResultArtifactsArchive')
expected_step_result.add_artifact(
name='result-artifacts-archive',
value='/fake/archive/path/foo.zip',
description=
'Archive of all of the step result artifacts marked for archiving.'
)
expected_step_result.add_artifact(
name='results-archive-uri',
description='URI of the uploaded results archive.',
value=
'https://ploigos.com/mock/results-archives/test-ORG/test-APP/test-SERVICE/foo.zip'
)
expected_step_result.success = False
expected_step_result.message = 'mock upload error'
# verify mocks called
create_archive_mock.assert_called_once()
upload_file_mock.assert_called_once_with(
file_path=mock.ANY,
destination_uri=
'https://ploigos.com/mock/results-archives/test-ORG/test-APP/test-SERVICE/foo.zip',
username='******',
password='******')
def test_success_with_report_dir_deployed_host_urls_list_multiple_entries(
self, mock_gather_evidence, mock_write_working_file,
mock_run_npm_step):
with TempDirectory() as test_dir:
# setup test
parent_work_dir_path = os.path.join(test_dir.path, 'working')
deployed_host_urls = [
'https://mock.ploigos.org/mock-app-1',
'https://mock.ploigos.org/mock-app-2'
]
step_config = {
'npm-test-script': 'myscript',
'deployed-host-urls': deployed_host_urls,
'npm-envs': {
'VAR1': 'VAL1',
'VAR2': 'VAL2'
},
'test-reports-dir': '/mock/test-results-dir',
"target-host-env-var-name": "APP_ROUTE"
}
step_implementer = self.create_step_implementer(
step_config=step_config,
parent_work_dir_path=parent_work_dir_path,
)
# run test
actual_step_result = step_implementer._run_step()
# verify results
expected_step_result = StepResult(
step_name='shared',
sub_step_name='NpmXunitGeneric',
sub_step_implementer_name='NpmXunitGeneric')
expected_step_result.add_artifact(
description="Standard out and standard error from npm.",
name='npm-output',
value='/mock/npm_output.txt')
expected_step_result.add_artifact(
description="Test report generated when running tests.",
name='test-report',
value='/mock/test-results-dir')
expected_step_result.message = f"Given more than one deployed host URL ({deployed_host_urls})," \
f" targeting first one ({deployed_host_urls[0]}) for test."
self.assertEqual(actual_step_result, expected_step_result)
mock_run_npm_step.assert_called_once_with(
npm_output_file_path='/mock/npm_output.txt',
step_implementer_additional_envs={
'APP_ROUTE': 'https://mock.ploigos.org/mock-app-1'
})
mock_gather_evidence.assert_called_once_with(
step_result=Any(StepResult),
test_report_dirs='/mock/test-results-dir')
def test_fail_with_report_dir(self, mock_gather_evidence,
mock_get_test_report_dir,
mock_write_working_file,
mock_run_maven_step):
with TempDirectory() as test_dir:
# setup test
parent_work_dir_path = os.path.join(test_dir.path, 'working')
pom_file = os.path.join(test_dir.path, 'mock-pom.xml')
step_config = {
'pom-file': pom_file,
'target-host-url-maven-argument-name':
'mock.target-host-url-param',
'deployed-host-urls': ['https://mock.ploigos.org/mock-app-1']
}
step_implementer = self.create_step_implementer(
step_config=step_config,
parent_work_dir_path=parent_work_dir_path,
)
# setup mocks
mock_run_maven_step.side_effect = StepRunnerException('mock error')
# run test
actual_step_result = step_implementer._run_step()
# verify results
expected_step_result = StepResult(
step_name='unit-test',
sub_step_name='MavenIntegrationTest',
sub_step_implementer_name='MavenIntegrationTest')
expected_step_result.success = False
expected_step_result.message = "Error running maven. " \
"More details maybe found in report artifacts: " \
"mock error"
expected_step_result.add_artifact(
description="Standard out and standard error from maven.",
name='maven-output',
value='/mock/mvn_output.txt')
expected_step_result.add_artifact(
description="Test report generated when running unit tests.",
name='test-report',
value='/mock/test-results-dir')
self.assertEqual(actual_step_result, expected_step_result)
mock_run_maven_step.assert_called_once_with(
mvn_output_file_path='/mock/mvn_output.txt',
step_implementer_additional_arguments=[
'-Dmock.target-host-url-param=https://mock.ploigos.org/mock-app-1'
])
mock_gather_evidence.assert_called_once_with(
step_result=Any(StepResult),
test_report_dirs='/mock/test-results-dir')
def test_run_step_error_git_push(self, git_repo_mock, git_url_mock, get_tag_value_mock):
# Test data setup
tag = '1.0+69442c8'
url = '[email protected]:ploigos/ploigos-step-runner.git'
error = 'oh no. ohhhhh no.'
branch_name = 'feature/no-feature'
# Mock setup
get_tag_value_mock.return_value = tag
git_url_mock.return_value = url
git_repo_mock.active_branch.name = branch_name
with TempDirectory() as temp_dir:
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
artifact_config = {
'version': {'description': '', 'value': tag},
'container-image-version': {'description': '', 'value': tag}
}
workflow_result = self.setup_previous_result(parent_work_dir_path, artifact_config)
step_config = {
'url': url,
'git-username': '******',
'git-password': '******'
}
step_implementer = self.create_step_implementer(
step_config=step_config,
workflow_result=workflow_result,
parent_work_dir_path=parent_work_dir_path
)
# this is the test here
git_repo_mock.git.push.side_effect = Exception(error)
result = step_implementer._run_step()
# verify the test results
expected_step_result = StepResult(
step_name='tag-source',
sub_step_name='Git',
sub_step_implementer_name='Git'
)
expected_step_result.add_artifact(name='tag', value=tag)
expected_step_result.success = False
expected_step_result.message = f"Error tagging and pushing tags: Error pushing tags to remote ({url})" \
f" on current branch ({branch_name}): {error}"
# verifying all mocks were called
git_repo_mock.create_tag.assert_called_once_with(tag, force=True)
git_url_mock.assert_called_once_with()
git_repo_mock.git.push.assert_called_once_with(url, '--tag')
self.assertEqual(result, expected_step_result)
def test_success_with_report_dir_deployed_host_urls_list_multiple_entries(
self, mock_gather_evidence, mock_get_test_report_dir,
mock_write_working_file, mock_run_maven_step):
with TempDirectory() as test_dir:
# setup test
parent_work_dir_path = os.path.join(test_dir.path, 'working')
pom_file = os.path.join(test_dir.path, 'mock-pom.xml')
step_config = {
'pom-file':
pom_file,
'target-host-url-maven-argument-name':
'mock.target-host-url-param',
'deployed-host-urls': [
'https://mock.ploigos.org/mock-app-1',
'https://mock.ploigos.org/mock-app-2'
]
}
step_implementer = self.create_step_implementer(
step_config=step_config,
parent_work_dir_path=parent_work_dir_path,
)
# run test
actual_step_result = step_implementer._run_step()
# verify results
expected_step_result = StepResult(
step_name='unit-test',
sub_step_name='MavenIntegrationTest',
sub_step_implementer_name='MavenIntegrationTest')
expected_step_result.message = \
f"Given more then one deployed host URL ({step_config['deployed-host-urls']})," \
f" targeting first one (https://mock.ploigos.org/mock-app-1) for user acceptance test (UAT)."
expected_step_result.add_artifact(
description="Standard out and standard error from maven.",
name='maven-output',
value='/mock/mvn_output.txt')
expected_step_result.add_artifact(
description="Test report generated when running unit tests.",
name='test-report',
value='/mock/test-results-dir')
self.assertEqual(actual_step_result, expected_step_result)
mock_run_maven_step.assert_called_once_with(
mvn_output_file_path='/mock/mvn_output.txt',
step_implementer_additional_arguments=[
'-Dmock.target-host-url-param=https://mock.ploigos.org/mock-app-1'
])
mock_gather_evidence.assert_called_once_with(
step_result=Any(StepResult),
test_report_dirs='/mock/test-results-dir')
def test_success_error_finding_label_on_build_image_inspection_details(
self, mock_create_working_dir_sub_dir, mock_write_working_file,
mock_container_registries_login, mock_inspect_container_image,
mock_s2i):
# setup
step_config = {'s2i-builder-image': 'mock.io/awesome-image:v42'}
step_implementer = self.create_step_implementer(
step_config=step_config)
# setup mocks
mock_inspect_container_image.return_value = {}
# run test
actual_step_result = step_implementer._run_step()
# validate
expected_step_result = StepResult(
step_name='create-container-image',
sub_step_name='SourceToImage',
sub_step_implementer_name='SourceToImage')
expected_step_result.message = "WARNING: failed to find s2i scripts url label" \
" (io.openshift.s2i.scripts-url) on s2i builder image" \
" (mock.io/awesome-image:v42) to dynamically determine image scripts url." \
" S2I default will be used: Could not find key ('OCIv1').\n"
expected_step_result.add_artifact(
name='imagespecfile',
value='/mock/working/s2i-context/Containerfile.s2i-gen',
description=
'File defining the container image to build generated by s2i')
expected_step_result.add_artifact(
name='context',
value='/mock/working/s2i-context',
description=
'Context to use when building the imagespecfile generated by S2I.')
self.assertEqual(actual_step_result, expected_step_result)
mock_inspect_container_image.assert_called_once_with(
container_image_address='mock.io/awesome-image:v42',
containers_config_auth_file=
'create-container-image/container-auth.json')
mock_s2i.build.assert_called_once_with(
'.',
'mock.io/awesome-image:v42',
'--loglevel',
1,
'--tlsverify',
'--as-dockerfile',
'/mock/working/s2i-context/Containerfile.s2i-gen',
_out=ANY,
_err=ANY,
_tee='err')
def test_run_step_fail_commit_changes_and_push(
self,
mock_repo,
mock_git_url,
mock_git_commit_utc_timestamp
):
# Data setup
git_branch = 'main'
error = 'Holy guacamole..!'
with TempDirectory() as temp_dir:
# setup
step_config = {
'repo-root': temp_dir.path,
'git-commit-and-push-changes': True
}
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='generate-metadata',
implementer='Git'
)
# setup mocks
mock_repo().bare = False
mock_repo().head.is_detached = False
mock_repo().active_branch.name = git_branch
mock_repo().git.commit.side_effect = Exception(error)
# run test
actual_step_result = step_implementer._run_step()
# verify results
expected_step_result = StepResult(
step_name='generate-metadata',
sub_step_name='Git',
sub_step_implementer_name='Git'
)
expected_step_result.add_artifact(
name='branch',
value=git_branch
)
expected_step_result.add_artifact(
name='is-pre-release',
value=False
)
expected_step_result.success = False
expected_step_result.message = f'Error committing and pushing changes: Error committing changes ' \
f'to current branch ({git_branch}): {error}'
self.assertEqual(actual_step_result, expected_step_result)
def test_run_step_fail_scan(self, configlint_mock):
with TempDirectory() as temp_dir:
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
file_to_validate_contents = 'notused'
temp_dir.write('config-file-to-validate.yml', file_to_validate_contents.encode())
file_to_validate_file_path = str(os.path.join(temp_dir.path, 'config-file-to-validate.yml'))
# write config-lint rules file
configlint_rules_content = 'not used'
config_lint_rules_file_name = 'config-lint-test-rules.yml'
temp_dir.write(config_lint_rules_file_name, configlint_rules_content.encode())
config_lint_rules_file_path = os.path.join(temp_dir.path, config_lint_rules_file_name)
step_config = {
'configlint-yml-path': file_to_validate_file_path,
'rules': config_lint_rules_file_path
}
configlint_mock.side_effect = \
TestStepImplementerConfiglint.create_config_lint_side_effect(
config_lint_fail=True
)
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='validate-environment-configuration',
implementer='Configlint',
parent_work_dir_path=parent_work_dir_path,
)
result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='validate-environment-configuration',
sub_step_name='Configlint',
sub_step_implementer_name='Configlint'
)
expected_step_result.success = False
expected_step_result.message = 'Failed config-lint scan.'
expected_step_result.add_artifact(
name='configlint-result-set',
value=f'{step_implementer.work_dir_path}/configlint_results_file.txt'
)
expected_step_result.add_artifact(
name='configlint-yml-path',
value=file_to_validate_file_path
)
self.assertEqual(expected_step_result, result)
def test_fail_no_commit_history(
self,
mock_repo,
mock_git_url,
mock_git_commit_utc_timestamp
):
# Data setup
git_branch = 'main'
with TempDirectory() as temp_dir:
# setup
step_config = {
'repo-root': temp_dir.path
}
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='generate-metadata',
implementer='Git'
)
# setup mocks
mock_repo().bare = False
mock_repo().head.is_detached = False
mock_repo().active_branch.name = git_branch
type(mock_repo().head.reference).commit = PropertyMock(side_effect=ValueError)
# run test
actual_step_result = step_implementer._run_step()
# verify results
expected_step_result = StepResult(
step_name='generate-metadata',
sub_step_name='Git',
sub_step_implementer_name='Git'
)
expected_step_result.add_artifact(
name='branch',
value=git_branch
)
expected_step_result.add_artifact(
name='is-pre-release',
value=False
)
expected_step_result.success = False
expected_step_result.message = f'Given Git repository root is a' \
f' git branch ({git_branch}) with no commit history.'
self.assertEqual(actual_step_result, expected_step_result)
def test_fail_import_pgp_key(self, mock_sign_image, mock_import_pgp_key,
mock_upload_file,
mock_container_registries_login,
mock_get_deploy_time_container_image_address):
with TempDirectory() as temp_dir:
# setup
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
step_config = TestStepImplementerSignContainerImagePodmanBase.generate_config(
)
signature_name = 'does/not/matter/signature-0'
# setup mocks
mock_import_pgp_key.side_effect = RuntimeError(
'mock error importing pgp key')
def sign_image_side_effect(pgp_private_key_fingerprint,
image_signatures_directory,
container_image_address):
return os.path.join(image_signatures_directory, signature_name)
mock_sign_image.side_effect = sign_image_side_effect
# run test
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='sign-container-image',
implementer='PodmanSign',
parent_work_dir_path=parent_work_dir_path)
result = step_implementer._run_step()
# validate
mock_import_pgp_key.assert_called_once_with(
pgp_private_key=step_config['signer-pgp-private-key'])
mock_upload_file.assert_not_called()
mock_container_registries_login.assert_not_called()
mock_get_deploy_time_container_image_address.assert_called_once()
expected_step_result = StepResult(
step_name='sign-container-image',
sub_step_name='PodmanSign',
sub_step_implementer_name='PodmanSign')
expected_step_result.success = False
expected_step_result.message = 'mock error importing pgp key'
self.assertEqual(expected_step_result, result)
def test_run_step_error_git_url(self, git_repo_mock, git_url_mock, get_tag_value_mock):
with TempDirectory() as temp_dir:
tag = '1.0+69442c8'
url = '[email protected]:ploigos/ploigos-step-runner.git'
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
error = 'uh oh spaghetti-os'
artifact_config = {
'version': {'description': '', 'value': tag},
'container-image-version': {'description': '', 'value': tag}
}
workflow_result = self.setup_previous_result(parent_work_dir_path, artifact_config)
step_config = {
'url': url,
'git-username': '******',
'git-password': '******'
}
step_implementer = self.create_step_implementer(
step_config=step_config,
workflow_result=workflow_result,
parent_work_dir_path=parent_work_dir_path
)
get_tag_value_mock.return_value = tag
# this is the test here
git_url_mock.side_effect = StepRunnerException(error)
result = step_implementer._run_step()
# verify test results
expected_step_result = StepResult(
step_name='tag-source',
sub_step_name='Git',
sub_step_implementer_name='Git'
)
expected_step_result.add_artifact(name='tag', value=tag)
expected_step_result.success = False
expected_step_result.message = f"Error tagging and pushing tags: {error}"
# verifying correct mocks were called
git_repo_mock.create_tag.assert_called_once_with(tag, force=True)
git_url_mock.assert_called_once()
self.assertEqual(result, expected_step_result)
def test__run_step_pass_upload_to_remote_with_auth_failure(self, gather_evidence_mock, upload_file_mock):
with TempDirectory() as temp_dir:
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
step_config = {
'organization': 'test-ORG',
'application-name': 'test-APP',
'service-name': 'test-SERVICE',
'version': '42.0-test',
'evidence-destination-url': self.DEST_URL,
'evidence-destination-username': '******',
'evidence-destination-password': '******'
}
step_implementer = self.create_step_implementer(
step_config=step_config,
parent_work_dir_path=parent_work_dir_path
)
# mock the upload results
upload_file_mock.side_effect = RuntimeError('mock upload error')
upload_file_mock.return_value = "mock upload results"
# run the step
step_result = step_implementer._run_step()
# verify results
expected_step_result = StepResult(
step_name='generate_evidence',
sub_step_name='GenerateEvidence',
sub_step_implementer_name='GenerateEvidence'
)
expected_step_result.success = False
expected_step_result.message = 'mock upload error'
self.assertEqual(step_result, expected_step_result)
# verify mocks called
gather_evidence_mock.assert_called_once()
upload_file_mock.assert_called_once_with(
file_path=mock.ANY,
destination_uri=self.DEST_URI,
username='******',
password='******'
)
def test_run_step_fail_missing_version_in_pom_file(
self,
mock_run_maven
):
mock_run_maven.side_effect = StepRunnerException("no version found")
with TempDirectory() as temp_dir:
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
temp_dir.write('pom.xml', b'''<project>
<modelVersion>4.0.0</modelVersion>
<groupId>com.mycompany.app</groupId>
<artifactId>my-app</artifactId>
</project>''')
pom_file_path = os.path.join(temp_dir.path, 'pom.xml')
step_config = {
'pom-file': pom_file_path
}
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='generate-metadata',
implementer='Maven',
parent_work_dir_path=parent_work_dir_path,
)
result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='generate-metadata',
sub_step_name='Maven',
sub_step_implementer_name='Maven'
)
expected_step_result.success = False
expected_step_result.message = f'Error running maven to get the project version: ' \
f'no version found' \
f'Could not get project version from given pom file' \
f' ({pom_file_path})'
self.assertEqual(result, expected_step_result)
def test_push_error(self, mock_pelorus_prometheus_job,
mock_pelorus_prometheus_pushgateway_url,
mock_commit_utc_timestamp, mock_container_image_digest,
mock_commit_hash, mock_pelorus_app_name,
mock_push_to_gateway):
# setup mocks
mock_pelorus_prometheus_job.return_value = 'mock-job'
mock_pelorus_prometheus_pushgateway_url.return_value = 'mock-push-url'
mock_commit_utc_timestamp.return_value = '1642079293.0'
mock_container_image_digest.return_value = 'mock-digest'
mock_commit_hash.return_value = 'mock-commit-hash'
mock_pelorus_app_name.return_value = 'mock-app-name'
mock_push_to_gateway.side_effect = Exception('mock push error')
# setup
step_implementer = self.create_step_implementer()
# run step
actual_result = step_implementer._run_step()
# verify
expected_step_result = StepResult(
step_name='push-container-image',
sub_step_name='PelorusCommitTimestampMetric',
sub_step_implementer_name='PelorusCommitTimestampMetric')
expected_step_result.success = False
expected_step_result.message = "Error pushing Pelorus Commit Timestamp metric to" \
" Prometheus Pushgateway (mock-push-url): mock push error"
self.assertEqual(actual_result, expected_step_result)
mock_push_to_gateway.assert_called_once_with(gateway='mock-push-url',
job='mock-job',
grouping_key={
'job':
'mock-job',
'app':
'mock-app-name',
'commit':
'mock-commit-hash'
},
registry=ANY)
def test__run_step_fail_audit_fail_missing_workflow_attestation(self):
with TempDirectory() as temp_dir:
workflow_attestation_uri = 'https://foo.bar/evidence.json'
workflow_policy_uri = 'https://foo.bar/policy.json'
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
step_config = {
'workflow-policy-uri': workflow_policy_uri
}
step_result = StepResult(
step_name='test-step',
sub_step_name='test-sub-step',
sub_step_implementer_name='test-sub-step-implementer'
)
step_result.add_artifact('evidence-uri-wrong-key', workflow_attestation_uri, 'URI of the uploaded results archive.')
workflow_result = WorkflowResult()
workflow_result.add_step_result(step_result)
step_implementer = self.create_step_implementer(
step_config=step_config,
parent_work_dir_path=parent_work_dir_path,
workflow_result=workflow_result
)
step_result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='audit_attestation',
sub_step_name='OpenPolicyAgent',
sub_step_implementer_name='OpenPolicyAgent'
)
expected_step_result.success = False
expected_step_result.message = "No value found for evidence-uri"
self.assertEqual(step_result, expected_step_result)
def test_found_warning(self, mock_collect_report_results):
with TempDirectory() as test_dir:
# setup test
actual_step_result = StepResult(
step_name='mock-maven-test-step',
sub_step_name='mock-maven-test-sub-step',
sub_step_implementer_name=
'MockMavenTestReportingMixinStepImplementer')
test_report_dir = os.path.join(test_dir.path, 'mock-test-results')
# setup mocks
mock_collect_report_results.return_value = [{
"time": 1.42,
"tests": 42,
"errors": 3,
"skipped": 2,
"failures": 1
}, ['WARNING: mock warning about nothing']]
# run test
MavenTestReportingMixin._gather_evidence_from_test_report_directory_testsuite_elements(
step_result=actual_step_result,
test_report_dirs=test_report_dir)
# verify results
expected_step_result = StepResult(
step_name='mock-maven-test-step',
sub_step_name='mock-maven-test-sub-step',
sub_step_implementer_name=
'MockMavenTestReportingMixinStepImplementer')
expected_step_result.message = '\nWARNING: mock warning about nothing'
expected_step_result.add_evidence(name='time', value=1.42)
expected_step_result.add_evidence(name='tests', value=42)
expected_step_result.add_evidence(name='errors', value=3)
expected_step_result.add_evidence(name='skipped', value=2)
expected_step_result.add_evidence(name='failures', value=1)
self.assertEqual(actual_step_result, expected_step_result)
mock_collect_report_results.assert_called_once_with(
test_report_dirs=[test_report_dir])
def test_run_step_pass(self, config_lint_mock):
with TempDirectory() as temp_dir:
parent_work_dir_path = os.path.join(temp_dir.path, 'working')
test_file_name = 'file.txt'
test_file_path = os.path.join(temp_dir.path, test_file_name)
temp_dir.write(test_file_path, b'ignored')
step_config = {
'rules': test_file_path,
'configlint-yml-path': test_file_path
}
step_implementer = self.create_step_implementer(
step_config=step_config,
step_name='validate-environment-configuration',
implementer='Configlint',
parent_work_dir_path=parent_work_dir_path,
)
config_lint_mock.side_effect = sh.ErrorReturnCode('config_lint', b'mock out', b'mock error')
result = step_implementer._run_step()
expected_step_result = StepResult(
step_name='validate-environment-configuration',
sub_step_name='Configlint',
sub_step_implementer_name='Configlint'
)
expected_step_result.success = False
expected_step_result.message = 'Unexpected Error invoking config-lint.'
expected_step_result.add_artifact(
name='configlint-result-set',
value=f'{step_implementer.work_dir_path}/configlint_results_file.txt'
)
expected_step_result.add_artifact(
name='configlint-yml-path',
value=test_file_path
)
self.assertEqual(expected_step_result, result)