Skip to main content

Decorator to help for AWS/boto integration testing in pytest

Project description

The potemkin decorator allows standing up AWS resources in the form of a Cloudformation template. For "integration testing" boto code with AWS, this allows for a convenient way to setup initial conditions instead of having to develop boto code that is likely as complex as the "code under test".

Basic Usage

Here is an example invocation from pytest:

import potemkin
import boto3


@potemkin.CloudFormationStack(
  'test/integration/test_templates/aes256_bucket.yml',
  stack_name_stem='TestStack',
  parameters={'BucketName': 'unclefreddie33388'},
  aws_profile='myprofile',
  teardown=False
)
def test_bucket_has_aes256_encryption(stack_outputs, stack_name):
  full_bucket_name = stack_outputs['BucketNameOut']

  s3 = boto3.Session(profile_name='myprofile').client('s3')
  get_bucket_encryption_response = s3.get_bucket_encryption(
    Bucket=full_bucket_name
  )

  assert get_bucket_encryption_response['ServerSideEncryptionConfiguration']['Rules'][0]['ApplyServerSideEncryptionByDefault']['SSEAlgorithm'] == 'AES256'

The CloudFormationStack creates the stack and binds the outputs to stack_outputs. The pytest method could invoke more boto code to manipulate the resources created by the decorator. In this case, the test just asserts that the initial condition is what is expected.

This is basically a python/pytest port of "aws-int-test-rspec-helper" that worked with Ruby/RSpec:

Service Specific Usage

The potemkin decorator has additional functions for interacting with specific AWS services

AWS Config

AWS Config initiates evaluations when a resource is created, but the evaluations are completed asynchronously. They can take several minutes to complete. The AWS config functions wait until the config rule has an evaluation for the resource, then returns the evaluation.

config_rule_wait_for_resource

This function polls aws config until there is an evaluation for the resource, then returns it. Use this function for config rules with a configuration change trigger.

import potemkin
import boto3


@potemkin.CloudFormationStack(
  'test/integration/test_templates/aes256_bucket.yml',
  stack_name_stem='TestStack',
  parameters={'BucketName': 'unclefreddie33388'}
)
def test_bucket_encryption_rule(stack_outputs, stack_name):
  configservice = boto3.Session().client('config')

  results = config_rule_wait_for_resource(configservice, 
                                          resource_id='unclefreddie33388', 
                                          rule_name='config-rule-s3-encryption')

  assert results['ComplianceType'] == 'NON_COMPLIANT'

evaluate_config_rule_and_wait_for_resource

This is similar to config_rule_wait_for_resource but it first initiates a config evaluation. Use this for config rules with a periodic trigger.

import potemkin
import boto3


@potemkin.CloudFormationStack(
  'test/integration/test_templates/aes256_bucket.yml',
  stack_name_stem='TestStack',
  parameters={'BucketName': 'unclefreddie33388'}
)
def test_bucket_encryption_rule(stack_outputs, stack_name):
  configservice = boto3.Session().client('config')

  results = evaluate_config_rule_and_wait_for_resource(configservice, 
                                                      resource_id='unclefreddie33388', 
                                                      rule_name='config-rule-s3-encryption')

  assert results['ComplianceType'] == 'NON_COMPLIANT'

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Files for potemkin-decorator, version 0.0.6
Filename, size File type Python version Upload date Hashes
Filename, size potemkin_decorator-0.0.6-py3-none-any.whl (6.9 kB) File type Wheel Python version py3 Upload date Hashes View
Filename, size potemkin-decorator-0.0.6.tar.gz (5.1 kB) File type Source Python version None Upload date Hashes View

Supported by

Pingdom Pingdom Monitoring Google Google Object Storage and Download Analytics Sentry Sentry Error logging AWS AWS Cloud computing DataDog DataDog Monitoring Fastly Fastly CDN DigiCert DigiCert EV certificate StatusPage StatusPage Status page