The code that generates an ARN for a listener rule was relying on a random
number between 0 and 50 to ensure uniqueness. As a result, there was a decent
chance of generating a collision, particularly when adding multiple rules.
When a collision occurred, the new rule simply overwrote an existing rule,
causing a test that asserts on an expected number of rules being returned
to fail.
Reference the following runs for related test failures:
https://github.com/spulec/moto/runs/2772429387https://github.com/spulec/moto/runs/2786330037
* Add ssm parsing support for cloudformation stacks
* Start adding unit tests for ssm parameter parsing
* Add tests for code update
* Add tests to parse ssm parameters code
* Fix black lint errors
* Fix bug.
* Need to specify region_name
* region needs to be same
* Use ssm_backends[region] instead of ssm_backend
* StringList -> string
* Linting
* check if servermode tests are on
* Typo
* Added support for ListenerRule. Will remove cruft
* Pushing latest
* Something works
* Put back ripped out code
* Save point. Incase I need more validations
* Revert "Save point. Incase I need more validations"
This reverts commit dac4953335dd9335eddb7a91a63667bc3c17104c.
* Fixed validations and some refactor
* Fix formatting
* Linting
* Cannot refactor if I have to fix all tests
* Remove exceptions for now. Will do in another PR
* Remove validations. Will add in next PR
* Fix broken tests. Almost.:
* Fix all tests. Some sneaky for now.
* Python2 making me write bad code
* OrderedDict.move_to_end() does not work in python2
* Linting
* Add more checks to field in conditions later.
* Unwnated change in FakeListener
* Revert "Unwnated change in FakeListener"
This reverts commit 962c2fdfd76fce999de9feccf1dd1c3ec48c459f.
* Add back default listener rule
* Linting fix
* Fix priority sorting
* Add cloudformation test for edge case
* Add validation for ForwardConfig in Action of ListernRule CF
* use not in
* set the priority template correctly
* Check for boolean in condition
* One more check
Co-authored-by: Bert Blommers <bblommers@users.noreply.github.com>
* - Adding checking for resource type in tag functions
- Adding TargetNotFoundException when no resource found
- Adding support for tags for root OU, OU and Policies
- Adding tests covering the new code
- Adding test for deletion of a tag
* fixed linting issue
* - renamed helper function to a more logical name
- added tests for helper function
- fixed bugs in tests for tag functions
Co-authored-by: Sjoerd Tromp <stromp@schubergphilis.com>
* Add ssm parsing support for cloudformation stacks
* Start adding unit tests for ssm parameter parsing
* Add tests for code update
* Add tests to parse ssm parameters code
* Fix black lint errors
* Fix bug.
* Need to specify region_name
* region needs to be same
* Use ssm_backends[region] instead of ssm_backend
* StringList -> string
* Linting
* check if servermode tests are on
* Typo
* Added support for ListenerRule. Will remove cruft
* Pushing latest
* Something works
* Put back ripped out code
* Save point. Incase I need more validations
* Revert "Save point. Incase I need more validations"
This reverts commit dac4953335dd9335eddb7a91a63667bc3c17104c.
* Fixed validations and some refactor
* Fix formatting
* Linting
* Cannot refactor if I have to fix all tests
* Remove exceptions for now. Will do in another PR
* Remove validations. Will add in next PR
* Fix broken tests. Almost.:
* Fix all tests. Some sneaky for now.
* Python2 making me write bad code
* OrderedDict.move_to_end() does not work in python2
* Linting
* Add more checks to field in conditions later.
* Unwnated change in FakeListener
* Revert "Unwnated change in FakeListener"
This reverts commit 962c2fdfd76fce999de9feccf1dd1c3ec48c459f.
* Add back default listener rule
* Linting fix
* Fix priority sorting
* Add cloudformation test for edge case
Co-authored-by: Bert Blommers <bblommers@users.noreply.github.com>
* Including labels and versions in SSM Get Parameters
* implementing NextToken and MaxResults into the SSM Get Parameter History functionality
* Implementing unit tests and some lint refactoring for NextToken implementation in get_parameter_history
* Implement correct error when requesting specific version of a parameter which exists but does not have this version
* removing trailing whitespace causing lint failure
* Adding unit tests and fixing linting for new error handling
* Fixing small bug in response message
* Revert change in get_parameters as versioning is not currently implemented in this method. Will fix as a separate PR
* Check exit status of container
* Added support for job dependencies
* batch container overrides
* add AWS_BATCH_JOB_ID to container env variables
* lint with black
* refactor batch dependency test
* refactor batch dependency test
* fix index
Co-authored-by: jterry64 <justin.terry@wri.org>
Co-authored-by: Daniel Mannarino <daniel.mannarino@gmail.com>
* basic implementation of update rest api
* basic implementation of update rest api
* basic implementation of update rest api
* review comments from bblommers
Co-authored-by: rajinder saini <rajinder.saini@c02vt5k2htd6.corp.climate.com>
* Add delete container and list tags endpoints to MediaStore
* Black reformat
* Fixed Lint problems
* Check if dictionary was deleted effectively
* lint fix
Co-authored-by: av <arcovoltaico@gmail.com>
* Add ssm parsing support for cloudformation stacks
* Start adding unit tests for ssm parameter parsing
* Add tests for code update
* Add tests to parse ssm parameters code
* Fix black lint errors
* Fix bug.
* Need to specify region_name
* region needs to be same
* Use ssm_backends[region] instead of ssm_backend
* StringList -> string
* Linting
* check if servermode tests are on
* Typo
Co-authored-by: Bert Blommers <bblommers@users.noreply.github.com>
* Fix:SES-Added params check in template
* Added more tests and handled message
* linting
* fixed tests
* fix attribute name in message
* fix logic for exception
* Fix sqs message retention logic
* Apply lint to moto/sqs/models.py
* Fix failed tests because of freezing time
* Fix freezing time in test_publish_to_sqs_in_different_region
* Dont fail if CodeCov fails - for now
* CI - Force cache rebuild
* Bump werkzeug to latest version
* CI - Enforce cache flush
* ManagedBlockchain - fix error format
* ManagedBlockchain - Fix tests to use pytest.raises paradigm
* Revert "Lock Flask (#3925)"
This reverts commit 8bb0feb956.
* CI - Enforce cache rebuild
* Support rotating secrets using Lambda
The Secrets manager rotation process uses an AWS Lambda function
to perform the rotation of a secret. [1]
In fact, it's not possible to trigger rotation of a Secret
without specifying a Lambda function at some point in the life
of the secret:
```
$ aws secretsmanager rotate-secret --secret-id /rotationTest
An error occurred (InvalidRequestException) when calling the RotateSecret operation: No Lambda rotation function ARN is associated with this secret.
```
`moto` can be a little more lenient in this regard and allow
`rotate_secret` to be called without a Lambda function being
present, if only to allow simulation of the `AWSCURRENT` and
`AWSPREVIOUS` labels moving across versions.
However, if a lambda function _has_ been specified when calling
`rotate_secret`, it should be invoked therefore providing the
developer with the full multi-stage process [3] which can be
used to test the Lambda function itself and ensuring that full
end-to-end testing is performed. Without this there's no easy
way to configure the Secret in the state needed to provide the
Lambda function with the data in the format it needs to be in
at each step of the invocation process.
[1]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-lambda-function-overview.html
[2]: https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/secretsmanager.html#SecretsManager.Client.rotate_secret
[3]: https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets-lambda-function-overview.html#rotation-explanation-of-steps
* Run `black` over `secretsmanager/models.py`
* Make `lambda_backends` import local to the condition
* Implement `update_secret_version_stage`
Allow a staging label to be moved across versions.
https://boto3.amazonaws.com/v1/documentation/api/latest/reference/services/secretsmanager.html#SecretsManager.Client.update_secret_version_stage
* Add an integration test for Secrets Manager & Lambda
* Support passing `ClientRequestToken` to `put_secret_value`
By passing `ClientRequestToken` to `put_secret_value` within
the lambda function invoked by calling `rotate_secret`, one
can update the value associated with the existing (pending)
version, without causing a new secret version to be created.
* Add application logic for `AWSPENDING`
The rotation function must end with the versions of the secret
in one of two states:
- The `AWSPENDING` and `AWSCURRENT` staging labels are
attached to the same version of the secret, or
- The `AWSPENDING` staging label is not attached to any
version of the secret.
If the `AWSPENDING` staging label is present but not attached
to the same version as `AWSCURRENT` then any later invocation
of RotateSecret assumes that a previous rotation request is
still in progress and returns an error.
* Update `default_version_id` after Lambda rotation concludes
Call `set_default_version_id` directly, rather than going
through `reset_default_version` as the Lambda function is
responsible for moving the version labels around, not `rotate_secret`.
* Run `black` over changed files
* Fix Python 2.7 compatibility
* Add additional test coverage for Secrets Manager
* Fix bug found by tests
AWSPENDING + AWSCURRENT check wasn't using `version_stages`.
Also tidy up the AWSCURRENT moving in `update_secret_version_stage`
to remove AWSPREVIOUS it from the new stage.
* Run `black` over changed files
* Add additional `rotate_secret` tests
* Skip `test_rotate_secret_lambda_invocations` in test server mode
* Add test for invalid Lambda ARN
* implement user pool mfa actions
* Add messages to errors
Add messages to errors
Fix error message
* Change exception type
* fix validation & add more tests
Co-authored-by: George Lewis <glewis@evertz.com>
* allow specifying the service as env var
This is required if running as a Github Action which doesn't allow passing parameters to `docker create` but allows environment variables
* import os
* Update server.py
* add test that fails with FilterNotImplementedError
* describe_network_acls: add support for owner-id filter
Co-authored-by: Kevin Neal <Kevin_Neal@intuit.com>