How to use the foremast.securitygroup.SpinnakerSecurityGroup function in foremast

To help you get started, we’ve selected a few foremast examples, based on popular ways it is used in public projects.

Secure your code as it's written. Use Snyk Code to scan source code in minutes - no build needed - and fix issues immediately.

github foremast / foremast / tests / test_securitygroup.py View on Github external
def test_create_crossaccount_securitygroup(get_details, pipeline_config, wait_for_task, get_vpc_id,
                                           get_security_group_id, boto3):
    """Should create SG with cross account true"""
    pipeline_config.return_value = json.loads(SAMPLE_JSON)

    get_security_group_id.return_value = 'SGID'
    get_vpc_id.return_value = 'VPCID'

    x = SpinnakerSecurityGroup(app='edgeforrest', env='dev', region='us-east-1')
    assert x.create_security_group() is True

    no_cross_account_data = {'end_port': 8080, 'env': 'dev', 'protocol': 'tcp', 'start_port': 8080}
    no_cross_account_result = {'app': 'edgeforrest', 'end_port': 8080, 'cross_account_env': None, 'protocol': 'tcp', 'start_port': 8080, 'cross_account_vpc_id': None}
    no_cross_account = x.create_ingress_rule(app='edgeforrest', rule=no_cross_account_data)
    assert no_cross_account == no_cross_account_result

    cross_account_data = {'end_port': 8080, 'env': 'stage', 'protocol': 'tcp', 'start_port': 8080}
    cross_account_result = {'app': 'edgeforrest', 'end_port': 8080, 'cross_account_env': 'stage', 'protocol': 'tcp', 'start_port': 8080, 'cross_account_vpc_id': 'VPCID'}
    cross_account = x.create_ingress_rule(app='edgeforrest', rule=cross_account_data)
    assert cross_account == cross_account_result

    no_cross_account_simple = x.create_ingress_rule(app='edgeforrest', rule=8080)
    assert no_cross_account_simple == no_cross_account_result
github foremast / foremast / tests / test_securitygroup.py View on Github external
def test_securitygroup_references(mock_properties, mock_details):
    """Make sure default Security Groups are added to the ingress rules."""
    test_sg = {
        '$self': [
            {
                'start_port': '22',
                'end_port': '22',
                'protocol': 'tcp'
            },
        ]
    }

    sg = SpinnakerSecurityGroup(app='myapp')
    ingress = sg.resolve_self_references(test_sg)
    assert 'myapp' in ingress
    assert '22' == ingress['myapp'][0]['start_port']
    assert '22' == ingress['myapp'][0]['end_port']
github foremast / foremast / tests / test_securitygroup.py View on Github external
'ingress': ingress,
            'description': '',
        },
    }

    test_sg = {
        'myapp': [
            {
                'start_port': '22',
                'end_port': '22',
                'protocol': 'tcp'
            },
        ]
    }
    with mock.patch.dict('foremast.securitygroup.create_securitygroup.DEFAULT_SECURITYGROUP_RULES', test_sg):
        sg = SpinnakerSecurityGroup()
        ingress = sg.update_default_rules()
        assert 'myapp' in ingress
github foremast / foremast / tests / test_securitygroup.py View on Github external
def test_missing_configuration(get_details, get_properties, get_sec_id):
    """Make missing Security Group configurations more apparent."""
    get_properties.return_value = {}

    security_group = SpinnakerSecurityGroup()

    with pytest.raises(ForemastConfigurationFileError):
        security_group.create_security_group()
github foremast / foremast / tests / test_securitygroup.py View on Github external
'test_app': [
            {
                'start_port': 30,
                'end_port': 30,
            },
        ],
    }

    mock_properties.return_value = {
        'security_group': {
            'ingress': app_ingress,
            'description': '',
        },
    }

    sg = SpinnakerSecurityGroup()
    ingress = sg.update_default_rules()
    assert ingress['myapp'][0]['start_port'] == 22
    assert ingress['test_app'][0]['start_port'] == 31
    assert ingress['test_app'][1]['start_port'] == 30
github foremast / foremast / tests / test_securitygroup.py View on Github external
def test_tags(get_details, get_security_group_id, get_properties, boto3):
    """Make bad Security Group definitions more apparent."""
    get_properties.return_value = {'security_group': {}}
    get_security_group_id.return_value = 'SGID'

    security_group = SpinnakerSecurityGroup()
    assert security_group.add_tags() is True
github foremast / foremast / src / foremast / runner.py View on Github external
def create_secgroups(self):
        """ Creates security groups as defined in the configs """
        utils.banner("Creating Security Group")
        sgobj = securitygroup.SpinnakerSecurityGroup(app=self.app,
                                                     env=self.env,
                                                     region=self.region,
                                                     prop_path=self.json_path)
        sgobj.create_security_group()
github foremast / foremast / src / foremast / runner.py View on Github external
def create_secgroups(self):
        """Create security groups as defined in the configs."""
        utils.banner("Creating Security Group")
        sgobj = securitygroup.SpinnakerSecurityGroup(
            app=self.app, env=self.env, region=self.region, prop_path=self.json_path)
        sgobj.create_security_group()