def test_commit_list(config, files): tempdir = config.base_path base = tempdir / 'security_groups' client = AwsClient(config) group = client.get('mock-group') group2 = client.get('mock-group2') group.revoke(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.0/32") group.revoke(ip_protocol="tcp", from_port=22, to_port=22, src_group=group2) gr0 = Grant(ip_protocol="tcp", from_port="22", to_port="22", cidr_ip="192.168.10.0/32") gr1 = Grant(ip_protocol="tcp", from_port="33", to_port="44", group="mock-group2") gr2 = Grant(ip_protocol="tcp", from_port="22", to_port="22", cidr_ip="192.168.20.0/32") FileService.write_csv(base / "mock-group.csv", [ gr0, gr1, ]) FileService.write_csv(base / "mock-group2.csv", [ gr2, ]) diff_list = dict(SgService.diff_list(config, AwsClient(config), [])) diff0 = diff_list['mock-group'] assert diff0.local_only == {gr0.rule, gr1.rule} assert diff_list['mock-group2'].local_only == {gr2.rule} SgService.commit_list(config=config, client=AwsClient(config), file_path_list=[], noconfirm=True) diff_list = dict(SgService.diff_list(config, AwsClient(config), [])) assert "mock-group" not in diff_list assert "mock-group2" not in diff_list
def test_commit_list(config, files): tempdir = config.base_path base = tempdir / 'security_groups' client = AwsClient(config) group = client.get('mock-group') group2 = client.get('mock-group2') group.revoke(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.0/32") group.revoke(ip_protocol="tcp", from_port=22, to_port=22, src_group=group2) gr0 = Grant(ip_protocol="tcp", from_port="22", to_port="22", cidr_ip="192.168.10.0/32") gr1 = Grant(ip_protocol="tcp", from_port="33", to_port="44", group="mock-group2") gr2 = Grant(ip_protocol="tcp", from_port="22", to_port="22", cidr_ip="192.168.20.0/32") FileService.write_csv(base / "mock-group.csv", [ gr0, gr1, ]) FileService.write_csv(base / "mock-group2.csv", [ gr2, ]) diff_list = dict(SgService.diff_list(config, AwsClient(config), [])) diff0 = diff_list['mock-group'] assert diff0.local_only == {gr0.rule, gr1.rule} assert diff_list['mock-group2'].local_only == {gr2.rule} SgService.commit_list(config=config, client=AwsClient(config), file_path_list=[], noconfirm=True) diff_list = dict(SgService.diff_list(config, AwsClient(config), [])) assert "mock-group" not in diff_list assert "mock-group2" not in diff_list
def test_diff_list(config, mock_groups): tempdir = config.base_path client = AwsClient(config) SgService.save_groups(config, client, tempdir / 'security_groups', noconfirm=True) file_path = tempdir / 'security_groups/mock-group.csv' assert file_path.exists() group = client.get('mock-group') group.revoke(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.0/32") group.authorize(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.10/32") group.authorize(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.20/32") group2 = client.get('mock-group2') group2.authorize(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.10/32") diff_list = SgService.diff_list(config, AwsClient(config), []) dic = dict(diff_list) diff0 = dic['mock-group'] assert 2 == len(diff0.remote_only) assert 1 == len(diff0.local_only) # remoteで削除したもの assert diff0.local_only == { Rule("tcp", "22", "22", cidr_ip="192.168.1.0/32", group=None) } # remoteに追加したもの assert diff0.remote_only == { Rule("tcp", "22", "22", cidr_ip="192.168.1.10/32", group=None), Rule("tcp", "22", "22", cidr_ip="192.168.1.20/32", group=None), } diff1 = dic['mock-group2'] assert diff1.local_only == set() # remoteに追加したもの assert diff1.remote_only == { Rule("tcp", "22", "22", cidr_ip="192.168.1.10/32", group=None) }
def test_diff_list(config, mock_groups): tempdir = config.base_path client = AwsClient(config) SgService.save_groups(config, client, tempdir / 'security_groups', noconfirm=True) file_path = tempdir / 'security_groups/mock-group.csv' assert file_path.exists() group = client.get('mock-group') group.revoke(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.0/32") group.authorize(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.10/32") group.authorize(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.20/32") group2 = client.get('mock-group2') group2.authorize(ip_protocol="tcp", from_port=22, to_port=22, cidr_ip="192.168.1.10/32") diff_list = SgService.diff_list(config, AwsClient(config), []) dic = dict(diff_list) diff0 = dic['mock-group'] assert 2 == len(diff0.remote_only) assert 1 == len(diff0.local_only) # remoteで削除したもの assert diff0.local_only == {Rule("tcp", "22", "22", cidr_ip="192.168.1.0/32", group=None)} # remoteに追加したもの assert diff0.remote_only == {Rule("tcp", "22", "22", cidr_ip="192.168.1.10/32", group=None), Rule("tcp", "22", "22", cidr_ip="192.168.1.20/32", group=None), } diff1 = dic['mock-group2'] assert diff1.local_only == set() # remoteに追加したもの assert diff1.remote_only == {Rule("tcp", "22", "22", cidr_ip="192.168.1.10/32", group=None)}