Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CICD Integration tests: s3 dataset shares, persistent shares #1580

Merged
merged 115 commits into from
Oct 2, 2024
Merged

CICD Integration tests: s3 dataset shares, persistent shares #1580

merged 115 commits into from
Oct 2, 2024

Conversation

SofiaSazonova
Copy link
Contributor

Feature or Bugfix

  • Feature

Detail

  • test for persistent shares
  • common test functions are places in separate file
  • updated envs/dataset fixtures

Relates

Security

Please answer the questions below briefly where applicable, or write N/A. Based on
OWASP 10.

  • Does this PR introduce or modify any input fields or queries - this includes
    fetching data from storage outside the application (e.g. a database, an S3 bucket)?
    • Is the input sanitized?
    • What precautions are you taking before deserializing the data you consume?
    • Is injection prevented by parametrizing queries?
    • Have you ensured no eval or similar functions are used?
  • Does this PR introduce any functionality or component that requires authorization?
    • How have you ensured it respects the existing AuthN/AuthZ mechanisms?
    • Are you logging failed auth attempts?
  • Are you using or adding any cryptographic features?
    • Do you use a standard proven implementations?
    • Are the used keys controlled by the customer? Where are they stored?
  • Are you introducing any new policies/roles/users?
    • Have you used the least-privilege principle? How?

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

dlpzx and others added 30 commits July 1, 2024 19:08
@dlpzx
Add integration tests for datasets - basic queries and conftest
b188538
@noah-paige
add list + get queries, add persistent datasets, begin create/update/…
45d1407 
…delete tests
@dlpzx
Add integration test role in Environment stack + session in conftest …
cd27097 
…+ aws clients for dataset
@dlpzx
simplified conftests for datasets
d04b525
@noah-paige
create integration role with region in name
5e5507e
@dlpzx
New environment type: IntegrationTests + ssm param with tooling accou…
fa69dde 
…nt id
@dlpzx
Error on cdk add_to_policy
3e19596
@noah-paige
Add filter term include tags datasets
c05de67
@noah-paige
Add sample data and tests for dataset role access
8f2a918
@noah-paige
Add sample data and tests for dataset role access
9b2c711
set up structure
d30c121
in get_or_create_persistent_env argument of delete_env must be env-ob…
2bad8bd 
…ject
create|update|submit simple share
6214964
testdata.json -> gitignore
3972e05
@dlpzx
Add assume role permissions to codebuild role
2dcd60f
@dlpzx
Add naming checks in clients + create table
c261da7
@dlpzx
Add permissions, confidentiality and commented tests
1e9732b
second share + autoapproval test
cf8553c
@dlpzx
revert persistent environment
5ea8b6b
@dlpzx
Fix check_stack_ready in dataset creation
520a34e
full cycle test
0cf4ea7
@dlpzx
Revert session environment and add tests
972c883
@noah-paige
fix integration role datasets
7b1c942
@noah-paige
Fix presigned URL upload test
d9042dc
@dlpzx
Merge remote-tracking branch 'refs/remotes/origin/main' into feat/int…
928c3aa 
…egration-tests-datasets-pt2

# Conflicts:
#	tests_new/integration_tests/core/environment/global_conftest.py
#	tests_new/integration_tests/modules/s3_datasets/global_conftest.py
#	tests_new/integration_tests/modules/s3_datasets/test_s3_dataset.py
decouple tests, test dependencies
a996273
Merge branch 'mda-main' into share-int-tests
023fbc4
@dlpzx
Uncomment drafted table/folder tests
b633938
Merge branch 'mda-main' into share-int-tests
74cb6fe
conftest
c05df65
@SofiaSazonova SofiaSazonova changed the title Share int tests 2 CICD Integration tests: s3 dataset shares, persistent shares Sep 26, 2024
petrkalos
petrkalos requested changes Oct 1, 2024
View reviewed changes
backend/dataall/core/environment/api/queries.py Outdated
@@ -220,3 +221,15 @@
resolver=get_consumption_role_policies,
test_scope='Environment',
)


getConsumptionRole = gql.QueryField(
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: to avoid all those changes in the backend you could have used listEnvironmentConsumptionRoles with a filter

backend/dataall/core/stacks/api/types.py Show resolved Hide resolved
tests_new/integration_tests/aws_clients/iam.py Outdated
def delete_role(self, role_name):
try:
self._client.delete_role(RoleName=role_name)
except Exception as e:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

except just for logging isn't really necessary, let the exception bubble up and the runtime will eventually log it with a stacktrace etc

tests_new/integration_tests/aws_clients/utils.py Outdated


# it's here and not in Env test module, because it's used only here and we don't want circular dependencies
def get_environment_access_token(client, env_uri, group_uri):
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I wouldn't mix that. To avoid the circular dependency I'd add access_token as a parameter in the get_group_session

tests_new/integration_tests/core/environment/test_environment.py Outdated
Comment on lines 64 to 68
updated_before = datetime.strptime(stack.updated, '%Y-%m-%d %H:%M:%S.%f').timestamp()
stack = update_env_stack(client1, persistent_env1)
assert_that(stack).contains_entry(status='UPDATE_COMPLETE')
updated = datetime.strptime(stack.updated, '%Y-%m-%d %H:%M:%S.%f').timestamp()
assert_that(updated).is_greater_than_or_equal_to(updated_before)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. we write ISO dates so you can use datetime.fromisoformat(...)
  2. you don't have to convert to timestamps, datetime objects are comparable and errors will much easier to read
  3. depending on whether updated is updated based on CFN or not (see my comment below) we might not want the "equal" part

i.e...

nn1 = datetime.datetime.fromisoformat('2024-10-01 08:12:27.732312') # this is the format we write in the db
nn2 = datetime.datetime.now()
assert_that(nn2).is_greater_than(nn1)

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

  1. ok
  2. ok
  3. We need equal)

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

wrt 3 and for the record (not to be solved in this PR).

Ideally we would want to be able to tell wether an update was issued but at the moment I don't think it's possible as this is a limitation of the backend.

petrkalos
petrkalos reviewed Oct 1, 2024
View reviewed changes
tests_new/integration_tests/conftest.py Outdated
@@ -167,6 +167,11 @@ def session_id() -> str:
return datetime.datetime.utcnow().isoformat()


@pytest.fixture(scope='session', autouse=True)
def session_start_timestamp(session_id) -> float:
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this is unused

petrkalos
petrkalos reviewed Oct 2, 2024
View reviewed changes
tests_new/integration_tests/core/environment/test_environment.py Outdated
persistent_env1.environmentUri,
target_type='environment',
)
updated_before = datetime.strptime(stack.updated, '%Y-%m-%d %H:%M:%S.%f')
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

nit: you could use datetime.fromisoformat

@SofiaSazonova SofiaSazonova merged commit 87a6e7b into data-dot-all:main Oct 2, 2024
9 checks passed
@SofiaSazonova SofiaSazonova deleted the share-int-tests-2 branch October 3, 2024 13:42
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@petrkalos petrkalos petrkalos approved these changes

Assignees
No one assigned
Labels
None yet
Projects
v2.7.0
Status: Done
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@SofiaSazonova @petrkalos @dlpzx @noah-paige