Support all Action types in ELBv2 create_rule and set_rule_priorities responses (#5080)

This commit is contained in:
Stephanie Manning 2022-04-30 07:09:03 -04:00 committed by GitHub
parent 4cacf2698c
commit b57ce46670
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 226 additions and 34 deletions

View File

@ -424,6 +424,15 @@ class FakeAction(BaseModel):
<UserPoolArn>{{ action.data["AuthenticateCognitoConfig"]["UserPoolArn"] }}</UserPoolArn> <UserPoolArn>{{ action.data["AuthenticateCognitoConfig"]["UserPoolArn"] }}</UserPoolArn>
<UserPoolClientId>{{ action.data["AuthenticateCognitoConfig"]["UserPoolClientId"] }}</UserPoolClientId> <UserPoolClientId>{{ action.data["AuthenticateCognitoConfig"]["UserPoolClientId"] }}</UserPoolClientId>
<UserPoolDomain>{{ action.data["AuthenticateCognitoConfig"]["UserPoolDomain"] }}</UserPoolDomain> <UserPoolDomain>{{ action.data["AuthenticateCognitoConfig"]["UserPoolDomain"] }}</UserPoolDomain>
{% if "SessionCookieName" in action.data["AuthenticateCognitoConfig"] %}
<SessionCookieName>{{ action.data["AuthenticateCognitoConfig"]["SessionCookieName"] }}</SessionCookieName>
{% endif %}
{% if "Scope" in action.data["AuthenticateCognitoConfig"] %}
<Scope>{{ action.data["AuthenticateCognitoConfig"]["Scope"] }}</Scope>
{% endif %}
{% if "SessionTimeout" in action.data["AuthenticateCognitoConfig"] %}
<SessionTimeout>{{ action.data["AuthenticateCognitoConfig"]["SessionTimeout"] }}</SessionTimeout>
{% endif %}
{% if action.data["AuthenticateCognitoConfig"].get("AuthenticationRequestExtraParams") %} {% if action.data["AuthenticateCognitoConfig"].get("AuthenticationRequestExtraParams") %}
<AuthenticationRequestExtraParams> <AuthenticationRequestExtraParams>
{% for entry in action.data["AuthenticateCognitoConfig"].get("AuthenticationRequestExtraParams", {}).get("entry", {}).values() %} {% for entry in action.data["AuthenticateCognitoConfig"].get("AuthenticationRequestExtraParams", {}).get("entry", {}).values() %}
@ -434,6 +443,9 @@ class FakeAction(BaseModel):
{% endfor %} {% endfor %}
</AuthenticationRequestExtraParams> </AuthenticationRequestExtraParams>
{% endif %} {% endif %}
{% if "OnUnauthenticatedRequest" in action.data["AuthenticateCognitoConfig"] %}
<OnUnauthenticatedRequest>{{ action.data["AuthenticateCognitoConfig"]["OnUnauthenticatedRequest"] }}</OnUnauthenticatedRequest>
{% endif %}
</AuthenticateCognitoConfig> </AuthenticateCognitoConfig>
{% elif action.type == "authenticate-oidc" %} {% elif action.type == "authenticate-oidc" %}
<AuthenticateOidcConfig> <AuthenticateOidcConfig>

View File

@ -172,6 +172,7 @@ class ELBV2Response(BaseResponse):
actions=params["Actions"], actions=params["Actions"],
tags=params.get("Tags"), tags=params.get("Tags"),
) )
template = self.response_template(CREATE_RULE_TEMPLATE) template = self.response_template(CREATE_RULE_TEMPLATE)
return template.render(rules=rules) return template.render(rules=rules)
@ -776,24 +777,7 @@ CREATE_RULE_TEMPLATE = """<CreateRuleResponse xmlns="http://elasticloadbalancing
<Actions> <Actions>
{% for action in rules.actions %} {% for action in rules.actions %}
<member> <member>
<Type>{{ action["type"] }}</Type> {{ action.to_xml() }}
{% if action["type"] == "forward" and "forward_config" in action.data %}
<ForwardConfig>
<TargetGroups>
{% for target_group in action.data["forward_config"]["target_groups"] %}
<member>
<TargetGroupArn>{{ target_group["target_group_arn"] }}</TargetGroupArn>
<Weight>{{ target_group["weight"] }}</Weight>
</member>
{% endfor %}
</TargetGroups>
</ForwardConfig>
{% endif %}
{% if action["type"] == "forward" and "forward_config" not in action.data %}
<TargetGroupArn>{{ action["target_group_arn"] }}</TargetGroupArn>
{% elif action["type"] == "redirect" %}
<RedirectConfig>{{ action["redirect_config"] }}</RedirectConfig>
{% endif %}
</member> </member>
{% endfor %} {% endfor %}
</Actions> </Actions>
@ -1513,22 +1497,7 @@ SET_RULE_PRIORITIES_TEMPLATE = """<SetRulePrioritiesResponse xmlns="http://elast
<Actions> <Actions>
{% for action in rule.actions %} {% for action in rule.actions %}
<member> <member>
<Type>{{ action["type"] }}</Type> {{ action.to_xml() }}
{% if action["type"] == "forward" and "forward_config" in action.data %}
<ForwardConfig>
<TargetGroups>
{% for target_group in action.data["forward_config"]["target_groups"] %}
<member>
<TargetGroupArn>{{ target_group["target_group_arn"] }}</TargetGroupArn>
<Weight>{{ target_group["weight"] }}</Weight>
</member>
{% endfor %}
</TargetGroups>
</ForwardConfig>
{% endif %}
{% if action["type"] == "forward" and "forward_config" not in action.data %}
<TargetGroupArn>{{ action["target_group_arn"] }}</TargetGroupArn>
{% endif %}
</member> </member>
{% endfor %} {% endfor %}
</Actions> </Actions>

View File

@ -55,6 +55,21 @@ def setup_listener(conn):
return http_listener_arn return http_listener_arn
def setup_target_group(boto_client):
ec2 = boto3.resource("ec2", region_name="us-east-1")
vpc = ec2.create_vpc(CidrBlock="172.28.7.0/24", InstanceTenancy="default")
response = boto_client.create_target_group(
Name="target-group-name", Protocol="HTTP", Port=80, VpcId=vpc.id
)
target_group = response.get("TargetGroups")[0]
target_group_arn = target_group.get("TargetGroupArn")
return target_group_arn
@mock_elbv2 @mock_elbv2
@mock_ec2 @mock_ec2
@pytest.mark.parametrize( @pytest.mark.parametrize(
@ -308,3 +323,199 @@ def test_describe_unknown_rule():
err = exc.value.response["Error"] err = exc.value.response["Error"]
err["Code"].should.equal("RuleNotFound") err["Code"].should.equal("RuleNotFound")
err["Message"].should.equal("One or more rules not found") err["Message"].should.equal("One or more rules not found")
@mock_elbv2
@mock_ec2
@pytest.mark.parametrize(
"action",
[
(
{
"Type": "authenticate-oidc",
"AuthenticateOidcConfig": {
"Issuer": "https://example.com/path",
"AuthorizationEndpoint": "https://example.com/path",
"TokenEndpoint": "https://example.com/path",
"UserInfoEndpoint": "https://example.com/path",
"ClientId": "id",
"ClientSecret": "secret",
"SessionCookieName": "cookie",
"Scope": "openid",
"SessionTimeout": 60,
"AuthenticationRequestExtraParams": {"extra": "param"},
"OnUnauthenticatedRequest": "deny",
"UseExistingClientSecret": False,
},
}
),
(
{
"Type": "authenticate-cognito",
"AuthenticateCognitoConfig": {
"UserPoolArn": "arn:user-pool",
"UserPoolClientId": "id",
"UserPoolDomain": "domain",
"SessionCookieName": "cookie",
"Scope": "openid",
"SessionTimeout": 60,
"AuthenticationRequestExtraParams": {"extra": "param"},
"OnUnauthenticatedRequest": "deny",
},
}
),
(
{
"Type": "redirect",
"RedirectConfig": {
"Protocol": "HTTPS",
"Port": "1",
"Host": "host",
"Path": "/path",
"Query": "query",
"StatusCode": "HHTP 301",
},
}
),
(
{
"Type": "fixed-response",
"FixedResponseConfig": {
"MessageBody": "message body",
"ContentType": "text/plain",
"StatusCode": "503",
},
}
),
],
)
def test_create_rule_action(action):
conn = boto3.client("elbv2", region_name="us-east-1")
http_listener_arn = setup_listener(conn)
# create_rule
response = conn.create_rule(
ListenerArn=http_listener_arn,
Priority=100,
Conditions=[],
Actions=[action],
)
# assert create_rule response
response["Rules"].should.have.length_of(1)
rule = response.get("Rules")[0]
rule["Priority"].should.equal("100")
rule["Conditions"].should.equal([])
rule["Actions"].should.equal([action])
# assert describe_rules response
response = conn.describe_rules(ListenerArn=http_listener_arn)
response["Rules"].should.have.length_of(2) # including the default rule
rule = response.get("Rules")[0]
rule["Actions"][0].should.equal(action)
# assert set_rule_priorities response
rule_arn = response.get("Rules")[0]["RuleArn"]
response = conn.set_rule_priorities(
RulePriorities=[{"RuleArn": rule_arn, "Priority": 99}]
)
response["Rules"].should.have.length_of(1)
rule = response.get("Rules")[0]
rule["Priority"].should.equal("99")
rule["Conditions"].should.equal([])
rule["Actions"][0].should.equal(action)
@mock_elbv2
@mock_ec2
def test_create_rule_action_forward_config():
conn = boto3.client("elbv2", region_name="us-east-1")
http_listener_arn = setup_listener(conn)
target_group_arn = setup_target_group(conn)
forward_config = {
"TargetGroups": [{"TargetGroupArn": target_group_arn, "Weight": 100}],
"TargetGroupStickinessConfig": {"Enabled": False},
}
action = {"Order": 1, "Type": "forward", "ForwardConfig": forward_config}
# create_rule
response = conn.create_rule(
ListenerArn=http_listener_arn,
Priority=100,
Conditions=[],
Actions=[action],
)
# assert create_rule response
response["Rules"].should.have.length_of(1)
rule = response.get("Rules")[0]
rule["Priority"].should.equal("100")
rule["Conditions"].should.equal([])
rule["Actions"][0].should.equal(action)
# assert describe_rules response
response = conn.describe_rules(ListenerArn=http_listener_arn)
response["Rules"].should.have.length_of(2) # including the default rule
rule = response.get("Rules")[0]
rule["Actions"][0].should.equal(action)
# assert set_rule_priorities response
rule_arn = response.get("Rules")[0]["RuleArn"]
response = conn.set_rule_priorities(
RulePriorities=[{"RuleArn": rule_arn, "Priority": 99}]
)
response["Rules"].should.have.length_of(1)
rule = response.get("Rules")[0]
rule["Priority"].should.equal("99")
rule["Conditions"].should.equal([])
rule["Actions"][0].should.equal(action)
@mock_elbv2
@mock_ec2
def test_create_rule_action_forward_target_group():
conn = boto3.client("elbv2", region_name="us-east-1")
http_listener_arn = setup_listener(conn)
target_group_arn = setup_target_group(conn)
action = {"Order": 1, "Type": "forward", "TargetGroupArn": target_group_arn}
# create_rule
response = conn.create_rule(
ListenerArn=http_listener_arn,
Priority=100,
Conditions=[],
Actions=[action],
)
# assert create_rule response
response["Rules"].should.have.length_of(1)
rule = response.get("Rules")[0]
rule["Priority"].should.equal("100")
rule["Conditions"].should.equal([])
rule["Actions"][0].should.equal(action)
# assert describe_rules response
response = conn.describe_rules(ListenerArn=http_listener_arn)
response["Rules"].should.have.length_of(2) # including the default rule
rule = response.get("Rules")[0]
rule["Actions"][0].should.equal(action)
# assert set_rule_priorities
rule_arn = response.get("Rules")[0]["RuleArn"]
response = conn.set_rule_priorities(
RulePriorities=[{"RuleArn": rule_arn, "Priority": 99}]
)
# assert set_rule_priorities response
response["Rules"].should.have.length_of(1)
rule = response.get("Rules")[0]
rule["Priority"].should.equal("99")
rule["Conditions"].should.equal([])
rule["Actions"][0].should.equal(action)