From b7467826964737b760531318758d19962e3400b3 Mon Sep 17 00:00:00 2001 From: scottpacknetflix <160107967+scottpacknetflix@users.noreply.github.com> Date: Mon, 13 May 2024 11:09:02 -0600 Subject: [PATCH] release pipeline test (#9378) * comment additions to check status of release pipeline * bump python version * update pre-commit rev * bumping isort version to address data.extras.pipfile_deprecated_finder[2] must match pattern ^[a-zA-Z-_.0-9]+$ * fix failing test * linting * black --- .github/workflows/build-and-package.yml | 8 +++---- .pre-commit-config.yaml | 6 +++--- .../default_plugins/plugins/config/config.py | 2 ++ .../templates/configmap-organization.yaml | 2 +- tests/handlers/test_role_login_api.py | 21 +++++++++++++++++-- 5 files changed, 29 insertions(+), 10 deletions(-) diff --git a/.github/workflows/build-and-package.yml b/.github/workflows/build-and-package.yml index 5a7c5c5f5..260f3ab18 100644 --- a/.github/workflows/build-and-package.yml +++ b/.github/workflows/build-and-package.yml @@ -15,10 +15,10 @@ jobs: ASYNC_TEST_TIMEOUT: 120 steps: - uses: actions/checkout@v2 - - name: Set up Python 3.10.5 + - name: Set up Python 3.10.14 uses: actions/setup-python@v1 with: - python-version: 3.10.5 + python-version: 3.10.14 - name: Install Terraform uses: hashicorp/setup-terraform@v1 - name: Install dependencies @@ -62,10 +62,10 @@ jobs: # master builds don't have tags, which breaks setupmeta versioning. This retrieves the tags. - run: git fetch --prune --unshallow --tags if: github.ref == 'refs/heads/master' - - name: Set up Python 3.10.5 + - name: Set up Python 3.10.14 uses: actions/setup-python@v1 with: - python-version: 3.10.5 + python-version: 3.10.14 - name: Build UI assets run: | curl -sL https://deb.nodesource.com/setup_14.x | sudo bash diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 3049d8e56..751cd23c0 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -9,8 +9,8 @@ repos: - id: debug-statements - id: check-yaml exclude: "^docs/gitbook/|^helm/consoleme|cdk/resources/create_config_lambda/config.yaml" - - repo: https://gitlab.com/pycqa/flake8 - rev: 3.8.4 + - repo: https://github.com/pycqa/flake8 + rev: 7.0.0 hooks: - id: flake8 args: ["--exclude", "consoleme/models.py"] @@ -21,7 +21,7 @@ repos: - id: seed-isort-config - repo: https://github.com/timothycrosley/isort - rev: "5.6.4" # Use the revision sha / tag you want to point at + rev: "5.13.2" # Use the revision sha / tag you want to point at hooks: - id: isort # Run `isort -rc ` to autofix pass_filenames: true diff --git a/consoleme/default_plugins/plugins/config/config.py b/consoleme/default_plugins/plugins/config/config.py index 2496adb95..88ea462cf 100644 --- a/consoleme/default_plugins/plugins/config/config.py +++ b/consoleme/default_plugins/plugins/config/config.py @@ -19,6 +19,7 @@ def get_config_location(): config_location = os.environ.get("CONFIG_LOCATION") default_save_location = f"{os.curdir}/consoleme.yaml" if config_location: + # Pull config from S3 if an S3 URL is provided if config_location.startswith("s3://"): import boto3 @@ -43,6 +44,7 @@ def get_config_location(): "/etc/consoleme/config/config.yaml", "example_config/example_config_development.yaml", ] + # Use the first config location that exists from the above list. for loc in config_locations: if os.path.exists(loc): return loc diff --git a/helm/consoleme/templates/configmap-organization.yaml b/helm/consoleme/templates/configmap-organization.yaml index 71249b289..4199fad7c 100644 --- a/helm/consoleme/templates/configmap-organization.yaml +++ b/helm/consoleme/templates/configmap-organization.yaml @@ -22,7 +22,7 @@ data: # # organizations:ListRoots # # organizations:ListTargetsForPolicy organizations_master_role_to_assume: "{{ .Values.cache_accounts_from_aws_organizations.organizations_master_role_to_assume }}" - + cache_cloud_accounts: from_aws_organizations: True {{- end }} diff --git a/tests/handlers/test_role_login_api.py b/tests/handlers/test_role_login_api.py index d26f2683d..bbfa7daa7 100644 --- a/tests/handlers/test_role_login_api.py +++ b/tests/handlers/test_role_login_api.py @@ -1,6 +1,8 @@ """Docstring in public module.""" + import os import sys +from unittest.mock import patch import ujson as json from tornado.testing import AsyncHTTPTestCase @@ -52,9 +54,24 @@ def test_role_api_fail_multiple_matching_roles(self): self.assertEqual(response_j["type"], "redirect") self.assertIn("/?arn=role&warningMessage=", response_j["redirect_url"]) - def test_role_api_success(self): + @patch("consoleme.default_plugins.plugins.aws.aws.AsyncHTTPClient") + def test_role_api_success(self, mock_client): from consoleme.config import config + class TestResp: + def __init__(self, code, body): + self.code = code + self.body = body + + class TestClient: + async def fetch( + self, url, method="GET", body=None, headers=None, ssl_options=None + ): + return TestResp( + code=200, body='{"SigninToken": "testTokenSignin456223"}' + ) + + mock_client.return_value = TestClient() headers = { config.get("auth.user_header_name"): "userwithrole@example.com", config.get("auth.groups_header_name"): "groupa@example.com", @@ -67,6 +84,6 @@ def test_role_api_success(self): self.assertEqual(response_j["reason"], "console_login") self.assertEqual(response_j["role"], "arn:aws:iam::123456789012:role/roleA") self.assertIn( - "https://signin.aws.amazon.com/federation?Action=login&Issuer=YourCompany&Destination=https%3A%2F%2Fus-east-1.console.aws.amazon.com&SigninToken=", + "https://signin.aws.amazon.com/federation?Action=login&Issuer=YourCompany&Destination=https%3A%2F%2Fus-east-1.console.aws.amazon.com&SigninToken=testTokenSignin456223", response_j["redirect_url"], )