Merge create_environment and create_environment_baseline
This commit is contained in:
parent
7c0179a108
commit
6ea17bb4f8
@ -197,26 +197,6 @@ class CloudProviderInterface:
|
|||||||
"""
|
"""
|
||||||
raise NotImplementedError()
|
raise NotImplementedError()
|
||||||
|
|
||||||
def create_environment_baseline(
|
|
||||||
self, auth_credentials: Dict, csp_environment_id: str
|
|
||||||
) -> Dict:
|
|
||||||
"""Provision the necessary baseline entities (such as roles) in the given environment
|
|
||||||
|
|
||||||
Arguments:
|
|
||||||
auth_credentials -- Object containing CSP account credentials
|
|
||||||
csp_environment_id -- ID of the CSP Environment to provision roles against.
|
|
||||||
|
|
||||||
Returns:
|
|
||||||
dict: Returns dict that associates the resource identities with their ATAT representations.
|
|
||||||
Raises:
|
|
||||||
AuthenticationException: Problem with the credentials
|
|
||||||
AuthorizationException: Credentials not authorized for current action(s)
|
|
||||||
ConnectionException: Issue with the CSP API connection
|
|
||||||
UnknownServerException: Unknown issue on the CSP side
|
|
||||||
BaselineProvisionException: Specific issue occurred with some aspect of baseline setup
|
|
||||||
"""
|
|
||||||
raise NotImplementedError()
|
|
||||||
|
|
||||||
def create_or_update_user(
|
def create_or_update_user(
|
||||||
self, auth_credentials: Dict, user_info: EnvironmentRole, csp_role_id: str
|
self, auth_credentials: Dict, user_info: EnvironmentRole, csp_role_id: str
|
||||||
) -> str:
|
) -> str:
|
||||||
@ -330,9 +310,21 @@ class MockCloudProvider(CloudProviderInterface):
|
|||||||
environment.id, "Could not create environment."
|
environment.id, "Could not create environment."
|
||||||
),
|
),
|
||||||
)
|
)
|
||||||
|
|
||||||
|
csp_environment_id = self._id()
|
||||||
|
|
||||||
|
self._delay(1, 5)
|
||||||
|
self._maybe_raise(self.NETWORK_FAILURE_PCT, self.NETWORK_EXCEPTION)
|
||||||
|
self._maybe_raise(self.SERVER_FAILURE_PCT, self.SERVER_EXCEPTION)
|
||||||
|
self._maybe_raise(
|
||||||
|
self.ATAT_ADMIN_CREATE_FAILURE_PCT,
|
||||||
|
BaselineProvisionException(
|
||||||
|
csp_environment_id, "Could not create environment baseline."
|
||||||
|
),
|
||||||
|
)
|
||||||
self._maybe_raise(self.UNAUTHORIZED_RATE, self.AUTHORIZATION_EXCEPTION)
|
self._maybe_raise(self.UNAUTHORIZED_RATE, self.AUTHORIZATION_EXCEPTION)
|
||||||
|
|
||||||
return self._id()
|
return csp_environment_id
|
||||||
|
|
||||||
def create_atat_admin_user(self, auth_credentials, csp_environment_id):
|
def create_atat_admin_user(self, auth_credentials, csp_environment_id):
|
||||||
self._authorize(auth_credentials)
|
self._authorize(auth_credentials)
|
||||||
@ -351,27 +343,6 @@ class MockCloudProvider(CloudProviderInterface):
|
|||||||
|
|
||||||
return {"id": self._id(), "credentials": self._auth_credentials}
|
return {"id": self._id(), "credentials": self._auth_credentials}
|
||||||
|
|
||||||
def create_environment_baseline(self, auth_credentials, csp_environment_id):
|
|
||||||
self._authorize(auth_credentials)
|
|
||||||
|
|
||||||
self._delay(1, 5)
|
|
||||||
self._maybe_raise(self.NETWORK_FAILURE_PCT, self.NETWORK_EXCEPTION)
|
|
||||||
self._maybe_raise(self.SERVER_FAILURE_PCT, self.SERVER_EXCEPTION)
|
|
||||||
self._maybe_raise(
|
|
||||||
self.ATAT_ADMIN_CREATE_FAILURE_PCT,
|
|
||||||
BaselineProvisionException(
|
|
||||||
csp_environment_id, "Could not create environment baseline."
|
|
||||||
),
|
|
||||||
)
|
|
||||||
|
|
||||||
self._maybe_raise(self.UNAUTHORIZED_RATE, self.AUTHORIZATION_EXCEPTION)
|
|
||||||
return {
|
|
||||||
CSPRole.BASIC_ACCESS.value: self._id(),
|
|
||||||
CSPRole.NETWORK_ADMIN.value: self._id(),
|
|
||||||
CSPRole.BUSINESS_READ.value: self._id(),
|
|
||||||
CSPRole.TECHNICAL_READ.value: self._id(),
|
|
||||||
}
|
|
||||||
|
|
||||||
def create_or_update_user(self, auth_credentials, user_info, csp_role_id):
|
def create_or_update_user(self, auth_credentials, user_info, csp_role_id):
|
||||||
self._authorize(auth_credentials)
|
self._authorize(auth_credentials)
|
||||||
|
|
||||||
|
@ -134,17 +134,3 @@ class Environments(object):
|
|||||||
.filter(Environment.root_user_info == None)
|
.filter(Environment.root_user_info == None)
|
||||||
).all()
|
).all()
|
||||||
return [id_ for id_, in results]
|
return [id_ for id_, in results]
|
||||||
|
|
||||||
@classmethod
|
|
||||||
def get_environments_pending_baseline_creation(cls, now) -> List[UUID]:
|
|
||||||
"""
|
|
||||||
Any environment with an active CLIN that has a `cloud_id` and `root_user_info`
|
|
||||||
but no `baseline_info`.
|
|
||||||
"""
|
|
||||||
results = (
|
|
||||||
cls.base_provision_query(now)
|
|
||||||
.filter(Environment.cloud_id != None)
|
|
||||||
.filter(Environment.root_user_info != None)
|
|
||||||
.filter(Environment.baseline_info == None)
|
|
||||||
).all()
|
|
||||||
return [id_ for id_, in results]
|
|
||||||
|
46
atst/jobs.py
46
atst/jobs.py
@ -77,6 +77,13 @@ def do_create_environment(csp: CloudProviderInterface, environment_id=None):
|
|||||||
db.session.add(environment)
|
db.session.add(environment)
|
||||||
db.session.commit()
|
db.session.commit()
|
||||||
|
|
||||||
|
body = render_email(
|
||||||
|
"emails/application/environment_ready.txt", {"environment": environment}
|
||||||
|
)
|
||||||
|
app.mailer.send(
|
||||||
|
[environment.creator.email], translate("email.environment_ready"), body
|
||||||
|
)
|
||||||
|
|
||||||
|
|
||||||
def do_create_atat_admin_user(csp: CloudProviderInterface, environment_id=None):
|
def do_create_atat_admin_user(csp: CloudProviderInterface, environment_id=None):
|
||||||
environment = Environments.get(environment_id)
|
environment = Environments.get(environment_id)
|
||||||
@ -96,27 +103,6 @@ def render_email(template_path, context):
|
|||||||
return app.jinja_env.get_template(template_path).render(context)
|
return app.jinja_env.get_template(template_path).render(context)
|
||||||
|
|
||||||
|
|
||||||
def do_create_environment_baseline(csp: CloudProviderInterface, environment_id=None):
|
|
||||||
environment = Environments.get(environment_id)
|
|
||||||
|
|
||||||
with claim_for_update(environment) as environment:
|
|
||||||
# ASAP switch to use remote root user for provisioning
|
|
||||||
atat_remote_root_creds = environment.root_user_info["credentials"]
|
|
||||||
|
|
||||||
baseline_info = csp.create_environment_baseline(
|
|
||||||
atat_remote_root_creds, environment.cloud_id
|
|
||||||
)
|
|
||||||
environment.baseline_info = baseline_info
|
|
||||||
body = render_email(
|
|
||||||
"emails/application/environment_ready.txt", {"environment": environment}
|
|
||||||
)
|
|
||||||
app.mailer.send(
|
|
||||||
[environment.creator.email], translate("email.environment_ready"), body
|
|
||||||
)
|
|
||||||
db.session.add(environment)
|
|
||||||
db.session.commit()
|
|
||||||
|
|
||||||
|
|
||||||
def do_provision_user(csp: CloudProviderInterface, environment_role_id=None):
|
def do_provision_user(csp: CloudProviderInterface, environment_role_id=None):
|
||||||
environment_role = EnvironmentRoles.get_by_id(environment_role_id)
|
environment_role = EnvironmentRoles.get_by_id(environment_role_id)
|
||||||
|
|
||||||
@ -151,16 +137,6 @@ def create_atat_admin_user(self, environment_id=None):
|
|||||||
)
|
)
|
||||||
|
|
||||||
|
|
||||||
@celery.task(bind=True, base=RecordEnvironmentFailure)
|
|
||||||
def create_environment_baseline(self, environment_id=None):
|
|
||||||
do_work(
|
|
||||||
do_create_environment_baseline,
|
|
||||||
self,
|
|
||||||
app.csp.cloud,
|
|
||||||
environment_id=environment_id,
|
|
||||||
)
|
|
||||||
|
|
||||||
|
|
||||||
@celery.task(bind=True)
|
@celery.task(bind=True)
|
||||||
def provision_user(self, environment_role_id=None):
|
def provision_user(self, environment_role_id=None):
|
||||||
do_work(
|
do_work(
|
||||||
@ -184,14 +160,6 @@ def dispatch_create_atat_admin_user(self):
|
|||||||
create_atat_admin_user.delay(environment_id=environment_id)
|
create_atat_admin_user.delay(environment_id=environment_id)
|
||||||
|
|
||||||
|
|
||||||
@celery.task(bind=True)
|
|
||||||
def dispatch_create_environment_baseline(self):
|
|
||||||
for environment_id in Environments.get_environments_pending_baseline_creation(
|
|
||||||
pendulum.now()
|
|
||||||
):
|
|
||||||
create_environment_baseline.delay(environment_id=environment_id)
|
|
||||||
|
|
||||||
|
|
||||||
@celery.task(bind=True)
|
@celery.task(bind=True)
|
||||||
def dispatch_provision_user(self):
|
def dispatch_provision_user(self):
|
||||||
for (
|
for (
|
||||||
|
@ -1,11 +1,7 @@
|
|||||||
import pytest
|
import pytest
|
||||||
|
|
||||||
from atst.domain.csp.cloud import EnvironmentCreationException
|
from atst.domain.csp.cloud import EnvironmentCreationException
|
||||||
from atst.jobs import (
|
from atst.jobs import do_create_environment, do_create_atat_admin_user
|
||||||
do_create_environment,
|
|
||||||
do_create_atat_admin_user,
|
|
||||||
do_create_environment_baseline,
|
|
||||||
)
|
|
||||||
|
|
||||||
# pylint: disable=unused-import
|
# pylint: disable=unused-import
|
||||||
from tests.mock_boto3 import mock_aws, mock_boto3, AUTH_CREDENTIALS
|
from tests.mock_boto3 import mock_aws, mock_boto3, AUTH_CREDENTIALS
|
||||||
@ -61,27 +57,11 @@ def test_create_atat_admin_when_user_already_exists(mock_aws):
|
|||||||
iam_client.get_user.assert_any_call(UserName="atat")
|
iam_client.get_user.assert_any_call(UserName="atat")
|
||||||
|
|
||||||
|
|
||||||
def test_create_environment_baseline_succeeds(mock_aws):
|
|
||||||
baseline_info = mock_aws.create_environment_baseline(
|
|
||||||
AUTH_CREDENTIALS, "csp_environment_id"
|
|
||||||
)
|
|
||||||
assert {"policies": [{"BillingReadOnly": "policy-arn"}]} == baseline_info
|
|
||||||
|
|
||||||
|
|
||||||
@pytest.mark.mock_boto3({"iam.create_policy.already_exists": True})
|
|
||||||
def test_create_environment_baseline_when_policy_already_exists(mock_aws):
|
|
||||||
baseline_info = mock_aws.create_environment_baseline(
|
|
||||||
AUTH_CREDENTIALS, "csp_environment_id"
|
|
||||||
)
|
|
||||||
assert "policies" in baseline_info
|
|
||||||
|
|
||||||
|
|
||||||
def test_aws_provision_environment(mock_aws, session):
|
def test_aws_provision_environment(mock_aws, session):
|
||||||
environment = EnvironmentFactory.create()
|
environment = EnvironmentFactory.create()
|
||||||
|
|
||||||
do_create_environment(mock_aws, environment_id=environment.id)
|
do_create_environment(mock_aws, environment_id=environment.id)
|
||||||
do_create_atat_admin_user(mock_aws, environment_id=environment.id)
|
do_create_atat_admin_user(mock_aws, environment_id=environment.id)
|
||||||
do_create_environment_baseline(mock_aws, environment_id=environment.id)
|
|
||||||
|
|
||||||
session.refresh(environment)
|
session.refresh(environment)
|
||||||
|
|
||||||
|
@ -10,10 +10,8 @@ from atst.jobs import (
|
|||||||
RecordEnvironmentRoleFailure,
|
RecordEnvironmentRoleFailure,
|
||||||
do_create_environment,
|
do_create_environment,
|
||||||
do_create_atat_admin_user,
|
do_create_atat_admin_user,
|
||||||
do_create_environment_baseline,
|
|
||||||
dispatch_create_environment,
|
dispatch_create_environment,
|
||||||
dispatch_create_atat_admin_user,
|
dispatch_create_atat_admin_user,
|
||||||
dispatch_create_environment_baseline,
|
|
||||||
create_environment,
|
create_environment,
|
||||||
dispatch_provision_user,
|
dispatch_provision_user,
|
||||||
do_provision_user,
|
do_provision_user,
|
||||||
@ -166,39 +164,6 @@ def test_dispatch_create_atat_admin_user(session, monkeypatch):
|
|||||||
mock.delay.assert_called_once_with(environment_id=environment.id)
|
mock.delay.assert_called_once_with(environment_id=environment.id)
|
||||||
|
|
||||||
|
|
||||||
def test_dispatch_create_environment_baseline(session, monkeypatch):
|
|
||||||
portfolio = PortfolioFactory.create(
|
|
||||||
applications=[
|
|
||||||
{
|
|
||||||
"environments": [
|
|
||||||
{
|
|
||||||
"cloud_id": uuid4().hex,
|
|
||||||
"root_user_info": {},
|
|
||||||
"baseline_info": None,
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
],
|
|
||||||
task_orders=[
|
|
||||||
{
|
|
||||||
"create_clins": [
|
|
||||||
{
|
|
||||||
"start_date": pendulum.now().subtract(days=1),
|
|
||||||
"end_date": pendulum.now().add(days=1),
|
|
||||||
}
|
|
||||||
]
|
|
||||||
}
|
|
||||||
],
|
|
||||||
)
|
|
||||||
mock = Mock()
|
|
||||||
monkeypatch.setattr("atst.jobs.create_environment_baseline", mock)
|
|
||||||
environment = portfolio.applications[0].environments[0]
|
|
||||||
|
|
||||||
dispatch_create_environment_baseline.run()
|
|
||||||
|
|
||||||
mock.delay.assert_called_once_with(environment_id=environment.id)
|
|
||||||
|
|
||||||
|
|
||||||
def test_create_environment_no_dupes(session, celery_app, celery_worker):
|
def test_create_environment_no_dupes(session, celery_app, celery_worker):
|
||||||
portfolio = PortfolioFactory.create(
|
portfolio = PortfolioFactory.create(
|
||||||
applications=[
|
applications=[
|
||||||
|
Loading…
x
Reference in New Issue
Block a user