mirror of
https://github.com/inspec/inspec
synced 2024-11-26 22:50:36 +00:00
Add aws_eks_cluster resource (#3582)
* add aws_eks_cluster Signed-off-by: Timothy van Zadelhoff timothy.inspec@theothersolution.nl * disable ABC check on fetch_from_api Signed-off-by: Timothy van Zadelhoff <timothy.inspec@theothersolution.nl> * add status predicates * Change docs for status attribute Signed-off-by: Timothy van Zadelhoff <timothy.inspec@theothersolution.nl> * Add integration tests Signed-off-by: Timothy van Zadelhoff <timothy.inspec@theothersolution.nl> * Adjust EKS build code to almost work Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * EKS only uses private subnets - integration tests pass Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Correct AWS Exception class for resource search miss in unit test Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com> * Update unit test to reflect AWS resource-standard miss behavior, returning nil for most properties Signed-off-by: Clinton Wolfe <clintoncwolfe@gmail.com>
This commit is contained in:
parent
1c742e6eff
commit
b3fafab1e6
9 changed files with 781 additions and 1 deletions
190
docs/resources/aws_eks_cluster.md.erb
Normal file
190
docs/resources/aws_eks_cluster.md.erb
Normal file
|
@ -0,0 +1,190 @@
|
|||
## Resource Parameters
|
||||
|
||||
An `aws_eks_cluster` resource block declares the tests for a single EKS Cluster by Cluster name.
|
||||
|
||||
describe aws_eks_cluster('my-eks') do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe aws_eks_cluster(cluster_name: 'my-eks') do
|
||||
its('status') { should eq 'ACTIVE' }
|
||||
end
|
||||
|
||||
<br>
|
||||
|
||||
## Examples
|
||||
|
||||
The following examples show how to use this InSpec audit resource.
|
||||
|
||||
### Test that an EKS Cluster does not exist
|
||||
|
||||
describe aws_eks_cluster('bad-eks') do
|
||||
it { should_not exist }
|
||||
end
|
||||
|
||||
### Test that an EKS Cluster has at least 2 subnets
|
||||
|
||||
describe aws_eks_cluster('my-cluster') do
|
||||
its('subnets_count') { should be > 1 }
|
||||
end
|
||||
|
||||
<br>
|
||||
|
||||
## Properties
|
||||
|
||||
### version
|
||||
|
||||
Returns a string identifying the version of the EKS Cluster.
|
||||
|
||||
# Verify the version is 1.5
|
||||
describe aws_eks_cluster('my-cluster') do
|
||||
its('version') { should cmp '1.5' }
|
||||
end
|
||||
|
||||
### arn
|
||||
|
||||
Returns the ARN of the cluster. This is the Amazon resource name.
|
||||
|
||||
# Verify the arn is what we expect it to be
|
||||
describe aws_eks_cluster('my-cluster') do
|
||||
its('arn') { should eq 'arn:aws:eks:ab-region-1:012345678910:cluster/kangaroo' }
|
||||
end
|
||||
|
||||
### name
|
||||
|
||||
The name of the EKS cluster within AWS. The EKS name is unique within the region.
|
||||
|
||||
# Ensure that the EKS's name is what we said it was
|
||||
describe aws_eks_cluster('my-cluster') do
|
||||
its('name') { should match /my-cluster/ }
|
||||
end
|
||||
|
||||
### status
|
||||
|
||||
Returns a string containing the current status of the cluster, possible values are: CREATING,ACTIVE,DELETING,FAILED.
|
||||
|
||||
# ensure the cluster is available or being created
|
||||
describe aws_eks_cluster('my-cluster') do
|
||||
its('status') { should be_in %w(ACTIVE CREATING) }
|
||||
end
|
||||
|
||||
Status can also be called with predicates.
|
||||
|
||||
# ensure the cluster is available
|
||||
describe aws_eks_cluster('my-cluster') do
|
||||
it { should be_active }
|
||||
end
|
||||
|
||||
# ensure the cluster is being removed
|
||||
describe aws_eks_cluster('my-cluster') do
|
||||
it { should be_deleting }
|
||||
end
|
||||
|
||||
### endpoint
|
||||
|
||||
Returns a string with the K8s API server endpoint. The endpoint is used by kubectl to control the cluster.
|
||||
|
||||
# Ensure that the endpoint is what we expect it to be
|
||||
describe aws_eks_cluster('my-cluster') do
|
||||
its('endpoint') { should eq 'https://A0DCCD80A04F01705DD065655C30CC3D.yl4.aq-south-2.eks.amazonaws.com' }
|
||||
end
|
||||
|
||||
### security\_group\_ids
|
||||
|
||||
Returns an array of strings reflecting the security group IDs (firewall rule sets) assigned to the EKS Cluster VPC.
|
||||
|
||||
# Ensure that a specific SG ID is assigned
|
||||
describe aws_eks_cluster('my-cluster') do
|
||||
its('security_group_ids') { should include 'sg-12345678' }
|
||||
end
|
||||
|
||||
### subnet\_ids
|
||||
|
||||
Returns an array of strings reflecting the subnet IDs on which the EKS Cluster VPC is located.
|
||||
|
||||
# Ensure that the EKS VPC is on a specific subnet
|
||||
describe aws_eks_cluster('my-cluster') do
|
||||
its('subnet_ids') { should include 'subnet-12345678' }
|
||||
end
|
||||
|
||||
### vpc\_id
|
||||
|
||||
Returns a String reflecting the ID of the VPC in which the EKS Cluster is located.
|
||||
|
||||
# Ensure that the EKS Cluster is on a specific VPC
|
||||
describe aws_eks_cluster('my-cluster') do
|
||||
its('vpc_id') { should cmp 'vpc-12345678' }
|
||||
end
|
||||
|
||||
### role\_arn
|
||||
|
||||
Returns a String reflecting the Amazon resource name of the Amazon EKS Service IAM role the cluster is using.
|
||||
|
||||
# Ensure that the EKS Cluster is using a specific IAM role
|
||||
describe aws_eks_cluster('my-cluster') do
|
||||
its('role_arn') { should cmp 'rn:aws:iam::012345678910:role/eks-service-role-AWSServiceRoleForAmazonEKS-J7ONKE3BQ4PI' }
|
||||
end
|
||||
|
||||
### certificate\_authority
|
||||
|
||||
Returns a String reflecting the certificate authority data used by kubectl to identify to the cluster.
|
||||
|
||||
# Ensure that the EKS Cluster is using specific certificate authority data
|
||||
describe aws_eks_cluster('my-cluster') do
|
||||
its('certificate_authority') { should cmp 'LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRFNE1EVXpNVEl6TVRFek1Wb1hEVEk0TURVeU9ESXpNVEV6TVZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTTZWCjVUaG4rdFcySm9Xa2hQMzRlVUZMNitaRXJOZGIvWVdrTmtDdWNGS2RaaXl2TjlMVmdvUmV2MjlFVFZlN1ZGbSsKUTJ3ZURyRXJiQyt0dVlibkFuN1ZLYmE3ay9hb1BHekZMdmVnb0t6b0M1N2NUdGVwZzRIazRlK2tIWHNaME10MApyb3NzcjhFM1ROeExETnNJTThGL1cwdjhsTGNCbWRPcjQyV2VuTjFHZXJnaDNSZ2wzR3JIazBnNTU0SjFWenJZCm9hTi8zODFUczlOTFF2QTBXb0xIcjBFRlZpTFdSZEoyZ3lXaC9ybDVyOFNDOHZaQXg1YW1BU0hVd01aTFpWRC8KTDBpOW4wRVM0MkpVdzQyQmxHOEdpd3NhTkJWV3lUTHZKclNhRXlDSHFtVVZaUTFDZkFXUjl0L3JleVVOVXM3TApWV1FqM3BFbk9RMitMSWJrc0RzQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFNZ3RsQ1dIQ2U2YzVHMXl2YlFTS0Q4K2hUalkKSm1NSG56L2EvRGt0WG9YUjFVQzIrZUgzT1BZWmVjRVZZZHVaSlZCckNNQ2VWR0ZkeWdBYlNLc1FxWDg0S2RXbAp1MU5QaERDSmEyRHliN2pVMUV6VThTQjFGZUZ5ZFE3a0hNS1E1blpBRVFQOTY4S01hSGUrSm0yQ2x1UFJWbEJVCjF4WlhTS1gzTVZ0K1Q0SU1EV2d6c3JRSjVuQkRjdEtLcUZtM3pKdVVubHo5ZEpVckdscEltMjVJWXJDckxYUFgKWkUwRUtRNWEzMHhkVWNrTHRGQkQrOEtBdFdqSS9yZUZPNzM1YnBMdVoyOTBaNm42QlF3elRrS0p4cnhVc3QvOAppNGsxcnlsaUdWMm5SSjBUYjNORkczNHgrYWdzYTRoSTFPbU90TFM0TmgvRXJxT3lIUXNDc2hEQUtKUT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=',
|
||||
' }
|
||||
end
|
||||
|
||||
### subnets\_count
|
||||
|
||||
Returns the number of subnets associated with the Cluster VPC.
|
||||
|
||||
# Test that an EKS Cluster has 2 subnets
|
||||
describe aws_eks_cluster('my-cluster') do
|
||||
its('subnets_count') { should eq 2 }
|
||||
end
|
||||
|
||||
|
||||
### created_at
|
||||
|
||||
Returns a Time object for the time the cluster was created at.
|
||||
|
||||
# Test that an EKS Cluster was created after a certain date
|
||||
describe aws_eks_cluster('my-cluster') do
|
||||
its('created_at') { should be > Time.new(2011) }
|
||||
end
|
||||
|
||||
### security\_groups\_count
|
||||
|
||||
Returns the number of security groups associated with the Cluster VPC.
|
||||
|
||||
# Test that an EKS Cluster has 2 security groups
|
||||
describe aws_eks_cluster('my-cluster') do
|
||||
its('security_groups_count') { should eq 2 }
|
||||
end
|
||||
|
||||
### integration with other resources
|
||||
|
||||
Using the resource together with other AWS resources.
|
||||
|
||||
# find the default security group for our VPC
|
||||
my_vpc_id = aws_eks_cluster('my-cluster').vpc_id
|
||||
default_security_group = aws_security_group(group_name: 'default', vpc_id: my_vpc_id)
|
||||
|
||||
# make sure we are not using the default security group
|
||||
describe aws_eks_cluster('my-cluster') do
|
||||
its('security_group_ids') { should_not include default_security_group.group_id }
|
||||
end
|
||||
|
||||
<br>
|
||||
|
||||
## Matchers
|
||||
|
||||
This InSpec audit resource has no special matchers. For a full list of available matchers, please visit our [Universal Matchers page](https://www.inspec.io/docs/reference/matchers/).
|
||||
|
||||
|
||||
## AWS Permissions
|
||||
Your [Principal](https://docs.aws.amazon.com/IAM/latest/UserGuide/intro-structure.html#intro-structure-principal) will need the `eks:DescribeCluster` action set to Allow.
|
||||
|
||||
You can find detailed documentation at [Amazon EKS IAM Policies, Roles, and Permissions](https://docs.aws.amazon.com/eks/latest/userguide/IAM_policies.html)
|
||||
The documentation for EKS actions is at [Policy Structure](https://docs.aws.amazon.com/eks/latest/userguide/iam-policy-structure.html#UsingWithEKS_Actions)
|
|
@ -24,6 +24,7 @@ require 'resources/aws/aws_ebs_volumes'
|
|||
require 'resources/aws/aws_flow_log'
|
||||
require 'resources/aws/aws_ec2_instances'
|
||||
require 'resources/aws/aws_ecs_cluster'
|
||||
require 'resources/aws/aws_eks_cluster'
|
||||
require 'resources/aws/aws_elb'
|
||||
require 'resources/aws/aws_elbs'
|
||||
require 'resources/aws/aws_iam_access_key'
|
||||
|
|
101
lib/resources/aws/aws_eks_cluster.rb
Normal file
101
lib/resources/aws/aws_eks_cluster.rb
Normal file
|
@ -0,0 +1,101 @@
|
|||
class AwsEksCluster < Inspec.resource(1)
|
||||
name 'aws_eks_cluster'
|
||||
desc 'Verifies settings for an EKS cluster'
|
||||
|
||||
example <<-EOX
|
||||
describe aws_eks_cluster('default') do
|
||||
it { should exist }
|
||||
end
|
||||
EOX
|
||||
supports platform: 'aws'
|
||||
|
||||
include AwsSingularResourceMixin
|
||||
attr_reader :version, :arn, :cluster_name, :certificate_authority, :name,
|
||||
:status, :endpoint, :subnets_count, :subnet_ids, :security_group_ids,
|
||||
:created_at, :role_arn, :vpc_id, :security_groups_count, :creating,
|
||||
:active, :failed, :deleting
|
||||
# Use aliases for matchers
|
||||
alias active? active
|
||||
alias failed? failed
|
||||
alias creating? creating
|
||||
alias deleting? deleting
|
||||
|
||||
def to_s
|
||||
"AWS EKS cluster #{cluster_name}"
|
||||
end
|
||||
|
||||
private
|
||||
|
||||
def validate_params(raw_params)
|
||||
validated_params = check_resource_param_names(
|
||||
raw_params: raw_params,
|
||||
allowed_params: [:cluster_name],
|
||||
allowed_scalar_name: :cluster_name,
|
||||
allowed_scalar_type: String,
|
||||
)
|
||||
|
||||
if validated_params.empty?
|
||||
raise ArgumentError, 'You must provide a cluster_name to aws_eks_cluster.'
|
||||
end
|
||||
|
||||
validated_params
|
||||
end
|
||||
|
||||
def fetch_from_api # rubocop:disable Metrics/AbcSize
|
||||
backend = BackendFactory.create(inspec_runner)
|
||||
begin
|
||||
params = { name: cluster_name }
|
||||
resp = backend.describe_cluster(params)
|
||||
rescue Aws::EKS::Errors::ResourceNotFoundException
|
||||
@exists = false
|
||||
populate_as_missing
|
||||
return
|
||||
end
|
||||
@exists = true
|
||||
cluster = resp.to_h[:cluster]
|
||||
@version = cluster[:version]
|
||||
@name = cluster[:name]
|
||||
@arn = cluster[:arn]
|
||||
@certificate_authority = cluster[:certificate_authority][:data]
|
||||
@created_at = cluster[:created_at]
|
||||
@endpoint = cluster[:endpoint]
|
||||
@security_group_ids = cluster[:resources_vpc_config][:security_group_ids]
|
||||
@subnet_ids = cluster[:resources_vpc_config][:subnet_ids]
|
||||
@subnets_count = cluster[:resources_vpc_config][:subnet_ids].length
|
||||
@security_groups_count = cluster[:resources_vpc_config][:security_group_ids].length
|
||||
@vpc_id = cluster[:resources_vpc_config][:vpc_id]
|
||||
@role_arn = cluster[:role_arn]
|
||||
@status = cluster[:status]
|
||||
@active = cluster[:status] == 'ACTIVE'
|
||||
@failed = cluster[:status] == 'FAILED'
|
||||
@creating = cluster[:status] == 'CREATING'
|
||||
@deleting = cluster[:status] == 'DELETING'
|
||||
end
|
||||
|
||||
def populate_as_missing
|
||||
@version = nil
|
||||
@name = cluster_name # name is an alias for cluster_name, and it is retained on a miss
|
||||
@arn = nil
|
||||
@certificate_authority = nil
|
||||
@created_at = nil
|
||||
@endpoint = nil
|
||||
@security_group_ids = []
|
||||
@subnet_ids = []
|
||||
@subnets_count = nil
|
||||
@security_groups_count = nil
|
||||
@vpc_id = nil
|
||||
@role_arn = nil
|
||||
@status = nil
|
||||
end
|
||||
|
||||
class Backend
|
||||
class AwsClientApi < AwsBackendBase
|
||||
BackendFactory.set_default_backend(self)
|
||||
self.aws_client_class = Aws::EKS::Client
|
||||
|
||||
def describe_cluster(query = {})
|
||||
aws_service_client.describe_cluster(query)
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
|
@ -3,7 +3,8 @@ terraform {
|
|||
}
|
||||
|
||||
provider "aws" {
|
||||
version = "= 1.13.0"
|
||||
# was 1.13.0
|
||||
version = "= 1.42.0"
|
||||
}
|
||||
|
||||
data "aws_caller_identity" "creds" {}
|
||||
|
@ -17,3 +18,5 @@ data "aws_region" "current" {}
|
|||
output "aws_region" {
|
||||
value = "${data.aws_region.current.name}"
|
||||
}
|
||||
|
||||
data "aws_availability_zones" "available" {}
|
|
@ -18,6 +18,7 @@ resource "aws_instance" "alpha" {
|
|||
Name = "${terraform.env}.alpha"
|
||||
X-Project = "inspec"
|
||||
}
|
||||
depends_on = [ "aws_subnet.subnet_01" ]
|
||||
}
|
||||
|
||||
resource "aws_instance" "beta" {
|
||||
|
@ -29,6 +30,7 @@ resource "aws_instance" "beta" {
|
|||
Name = "${terraform.env}.beta"
|
||||
X-Project = "inspec"
|
||||
}
|
||||
depends_on = [ "aws_subnet.subnet_01" ]
|
||||
}
|
||||
|
||||
#----------------------- Recall -----------------------#
|
||||
|
|
173
test/integration/aws/default/build/eks.tf
Normal file
173
test/integration/aws/default/build/eks.tf
Normal file
|
@ -0,0 +1,173 @@
|
|||
# Contains resources and outputs related to testing the aws_eks_cluster resources.
|
||||
|
||||
#======================================================#
|
||||
# EKS variables
|
||||
#======================================================#
|
||||
variable "eks_map_accounts" {
|
||||
description = "Additional AWS account numbers to add to the aws-auth configmap."
|
||||
type = "list"
|
||||
|
||||
default = [
|
||||
"777777777777",
|
||||
"888888888888",
|
||||
]
|
||||
}
|
||||
|
||||
variable "eks_map_roles" {
|
||||
description = "Additional IAM roles to add to the aws-auth configmap."
|
||||
type = "list"
|
||||
|
||||
default = [
|
||||
{
|
||||
role_arn = "arn:aws:iam::66666666666:role/role1"
|
||||
username = "role1"
|
||||
group = "system:masters"
|
||||
},
|
||||
]
|
||||
}
|
||||
|
||||
variable "eks_map_users" {
|
||||
description = "Additional IAM users to add to the aws-auth configmap."
|
||||
type = "list"
|
||||
|
||||
default = [
|
||||
{
|
||||
user_arn = "arn:aws:iam::66666666666:user/user1"
|
||||
username = "user1"
|
||||
group = "system:masters"
|
||||
},
|
||||
{
|
||||
user_arn = "arn:aws:iam::66666666666:user/user2"
|
||||
username = "user2"
|
||||
group = "system:masters"
|
||||
},
|
||||
]
|
||||
}
|
||||
|
||||
#======================================================#
|
||||
# EKS Cluster
|
||||
#======================================================#
|
||||
|
||||
locals {
|
||||
cluster_name = "test-eks-inspec-${terraform.env}"
|
||||
|
||||
worker_groups = [
|
||||
{
|
||||
instance_type = "t2.small"
|
||||
additional_userdata = "echo foo bar"
|
||||
subnets = "${join(",", module.eks_vpc.private_subnets)}"
|
||||
additional_security_group_ids = "${aws_security_group.eks_worker_group_mgmt_one.id},${aws_security_group.eks_worker_group_mgmt_two.id}"
|
||||
},
|
||||
]
|
||||
tags = {
|
||||
Environment = "test-eks-${terraform.env}"
|
||||
}
|
||||
}
|
||||
|
||||
resource "aws_security_group" "eks_worker_group_mgmt_one" {
|
||||
name_prefix = "eks_worker_group_mgmt_one-${terraform.env}"
|
||||
description = "SG to be applied to all *nix machines"
|
||||
vpc_id = "${module.eks_vpc.vpc_id}"
|
||||
|
||||
ingress {
|
||||
from_port = 22
|
||||
to_port = 22
|
||||
protocol = "tcp"
|
||||
|
||||
cidr_blocks = [
|
||||
"10.0.0.0/8",
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
resource "aws_security_group" "eks_worker_group_mgmt_two" {
|
||||
name_prefix = "eks_worker_group_mgmt_two-${terraform.env}"
|
||||
vpc_id = "${module.eks_vpc.vpc_id}"
|
||||
|
||||
ingress {
|
||||
from_port = 22
|
||||
to_port = 22
|
||||
protocol = "tcp"
|
||||
|
||||
cidr_blocks = [
|
||||
"192.168.0.0/16",
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
resource "aws_security_group" "eks_all_worker_mgmt" {
|
||||
name_prefix = "eks_all_worker_management-${terraform.env}"
|
||||
vpc_id = "${module.eks_vpc.vpc_id}"
|
||||
|
||||
ingress {
|
||||
from_port = 22
|
||||
to_port = 22
|
||||
protocol = "tcp"
|
||||
|
||||
cidr_blocks = [
|
||||
"10.0.0.0/8",
|
||||
"172.16.0.0/12",
|
||||
"192.168.0.0/16",
|
||||
]
|
||||
}
|
||||
}
|
||||
|
||||
module "eks_vpc" {
|
||||
source = "terraform-aws-modules/vpc/aws"
|
||||
version = "1.14.0"
|
||||
name = "eks-test-vpc"
|
||||
cidr = "10.0.0.0/16"
|
||||
azs = ["${data.aws_availability_zones.available.names[0]}", "${data.aws_availability_zones.available.names[1]}", "${data.aws_availability_zones.available.names[2]}"]
|
||||
private_subnets = ["10.0.1.0/24", "10.0.2.0/24", "10.0.3.0/24"]
|
||||
public_subnets = []
|
||||
enable_nat_gateway = false
|
||||
tags = "${merge(local.tags, map("kubernetes.io/cluster/${local.cluster_name}", "shared"))}"
|
||||
}
|
||||
|
||||
output "eks_vpc_id" {
|
||||
value = "${module.eks_vpc.vpc_id}"
|
||||
}
|
||||
|
||||
output "eks_vpc_subnets" {
|
||||
value = "${module.eks_vpc.private_subnets}"
|
||||
}
|
||||
|
||||
module "eks" {
|
||||
source = "terraform-aws-modules/eks/aws"
|
||||
version = "1.6.0"
|
||||
cluster_name = "${local.cluster_name}"
|
||||
subnets = ["${module.eks_vpc.private_subnets}"]
|
||||
tags = "${local.tags}"
|
||||
vpc_id = "${module.eks_vpc.vpc_id}"
|
||||
worker_groups = "${local.worker_groups}"
|
||||
worker_group_count = "1"
|
||||
worker_additional_security_group_ids = ["${aws_security_group.eks_all_worker_mgmt.id}"]
|
||||
map_roles = "${var.eks_map_roles}"
|
||||
map_users = "${var.eks_map_users}"
|
||||
map_accounts = "${var.eks_map_accounts}"
|
||||
manage_aws_auth = false
|
||||
}
|
||||
|
||||
output "eks_cluster_id" {
|
||||
value = "${module.eks.cluster_id}"
|
||||
}
|
||||
|
||||
output "eks_cluster_name" {
|
||||
value = "${module.eks.cluster_id}"
|
||||
}
|
||||
|
||||
output "eks_cluster_security_group_id" {
|
||||
value = "${module.eks.cluster_security_group_id}"
|
||||
}
|
||||
|
||||
output "eks_worker_security_group_id" {
|
||||
value = "${module.eks.worker_security_group_id}"
|
||||
}
|
||||
|
||||
output "eks_cluster_endpoint" {
|
||||
value = "${module.eks.cluster_endpoint}"
|
||||
}
|
||||
|
||||
output "eks_cluster_certificate" {
|
||||
value = "${module.eks.cluster_certificate_authority_data}"
|
||||
}
|
|
@ -17,6 +17,7 @@ resource "aws_db_instance" "default" {
|
|||
password = "testpassword"
|
||||
parameter_group_name = "default.mysql5.6"
|
||||
skip_final_snapshot = true
|
||||
depends_on = [ "aws_subnet.subnet_01" ]
|
||||
}
|
||||
|
||||
output "rds_db_instance_id" {
|
||||
|
|
|
@ -0,0 +1,45 @@
|
|||
fixtures = {}
|
||||
[
|
||||
'eks_cluster_id',
|
||||
'eks_cluster_name',
|
||||
'eks_cluster_security_group_id',
|
||||
'eks_vpc_subnets',
|
||||
].each do |fixture_name|
|
||||
fixtures[fixture_name] = attribute(
|
||||
fixture_name,
|
||||
default: "default.#{fixture_name}",
|
||||
description: 'See ../build/eks.tf',
|
||||
)
|
||||
end
|
||||
|
||||
control "aws_eks_cluster recall" do
|
||||
|
||||
describe aws_eks_cluster(fixtures['eks_cluster_id']) do
|
||||
it { should exist }
|
||||
end
|
||||
|
||||
describe aws_eks_cluster('i-dont-exist') do
|
||||
it { should_not exist }
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
control "aws_eks_cluster properties" do
|
||||
describe aws_eks_cluster(fixtures['eks_cluster_id']) do
|
||||
its('name') { should eq fixtures['eks_cluster_name'] }
|
||||
its('status') { should be_in %w(ACTIVE CREATING) }
|
||||
its('subnets_count') { should eq 3 }
|
||||
its('security_groups_count') { should eq 1 }
|
||||
|
||||
fixtures['eks_vpc_subnets'].each do |subnet|
|
||||
its('subnet_ids') { should include (subnet) }
|
||||
end
|
||||
end
|
||||
end
|
||||
|
||||
control "aws_eks_cluster matchers" do
|
||||
describe aws_eks_cluster(fixtures['eks_cluster_id']) do
|
||||
it { should exist }
|
||||
it { should be_active }
|
||||
end
|
||||
end
|
264
test/unit/resources/aws_eks_cluster_test.rb
Normal file
264
test/unit/resources/aws_eks_cluster_test.rb
Normal file
|
@ -0,0 +1,264 @@
|
|||
require 'helper'
|
||||
|
||||
# MAEKSB = MockAwsEksClusterSingularBackend
|
||||
# Abbreviation not used outside this file
|
||||
|
||||
#=============================================================================#
|
||||
# Constructor Tests
|
||||
#=============================================================================#
|
||||
class AwsEksClusterConstructorTest < Minitest::Test
|
||||
|
||||
def setup
|
||||
AwsEksCluster::BackendFactory.select(MAEKSB::Empty)
|
||||
end
|
||||
|
||||
def test_empty_params_rejected
|
||||
assert_raises(ArgumentError) { AwsEksCluster.new }
|
||||
end
|
||||
|
||||
def test_string_accepted
|
||||
AwsEksCluster.new 'kangaroo'
|
||||
end
|
||||
|
||||
def test_hash_accepted
|
||||
AwsEksCluster.new cluster_name: 'polar_bear'
|
||||
end
|
||||
|
||||
def test_rejects_unrecognized_params
|
||||
assert_raises(ArgumentError) { AwsEksCluster.new(shoe_size: 9) }
|
||||
end
|
||||
end
|
||||
|
||||
|
||||
#=============================================================================#
|
||||
# Search / Recall
|
||||
#=============================================================================#
|
||||
class AwsEksClusterFilterCriteriaTest < Minitest::Test
|
||||
|
||||
def setup
|
||||
AwsEksCluster::BackendFactory.select(MAEKSB::Basic)
|
||||
end
|
||||
|
||||
def test_search_miss
|
||||
refute AwsEksCluster.new('nonesuch').exists?
|
||||
end
|
||||
|
||||
def test_recall_when_provided_a_string
|
||||
cluster = AwsEksCluster.new 'kangaroo'
|
||||
assert cluster.exists?
|
||||
assert_equal('kangaroo', cluster.cluster_name)
|
||||
end
|
||||
|
||||
def test_recall_when_provided_a_hash
|
||||
cluster = AwsEksCluster.new cluster_name: 'kang-the-alien'
|
||||
assert cluster.exists?
|
||||
assert_equal('kang-the-alien', cluster.name)
|
||||
end
|
||||
|
||||
end
|
||||
|
||||
#=============================================================================#
|
||||
# Properties
|
||||
#=============================================================================#
|
||||
class AwsEksClusterProperties < Minitest::Test
|
||||
|
||||
def setup
|
||||
AwsEksCluster::BackendFactory.select(MAEKSB::Basic)
|
||||
@roo = AwsEksCluster.new('kangaroo')
|
||||
@kang = AwsEksCluster.new('kang-the-alien')
|
||||
@kodos = AwsEksCluster.new('kodos-the-alien')
|
||||
@gamma = AwsEksCluster.new('gamma')
|
||||
@miss = AwsEksCluster.new('nonesuch')
|
||||
end
|
||||
|
||||
def test_property_with_cluster_arn
|
||||
assert_equal('arn:aws:eks:ab-region-1:012345678910:cluster/kangaroo', @roo.arn)
|
||||
assert_equal('arn:aws:eks:ab-region-1:019876543210:cluster/kang-the-alien', @kang.arn)
|
||||
assert_equal('arn:aws:eks:ab-region-1:013836573410:cluster/gamma', @gamma.arn)
|
||||
assert_nil(@miss.arn)
|
||||
end
|
||||
|
||||
def test_property_with_name
|
||||
assert_equal('kangaroo', @roo.name)
|
||||
assert_equal('kang-the-alien', @kang.name)
|
||||
assert_equal('gamma', @gamma.name)
|
||||
assert_equal('nonesuch', @miss.name) # Even misses retain their identifier
|
||||
end
|
||||
|
||||
def test_property_with_status
|
||||
assert_equal('ACTIVE', @roo.status)
|
||||
assert_equal('CREATING', @kang.status)
|
||||
assert_equal('DELETING', @gamma.status)
|
||||
assert_equal('FAILED', @kodos.status)
|
||||
assert_nil(@miss.status)
|
||||
end
|
||||
|
||||
def test_property_with_status_predicate
|
||||
assert(@roo.active?)
|
||||
refute(@kang.active?)
|
||||
assert(@kang.creating?)
|
||||
assert(@gamma.deleting?)
|
||||
assert(@kodos.failed?)
|
||||
assert_nil(@miss.active?)
|
||||
end
|
||||
|
||||
def test_property_with_subnets_count
|
||||
assert_equal(4, @roo.subnets_count)
|
||||
assert_equal(2, @kang.subnets_count)
|
||||
assert_equal(0, @gamma.subnets_count)
|
||||
assert_nil(@miss.subnets_count)
|
||||
end
|
||||
|
||||
def test_property_with_security_groups_count
|
||||
assert_equal(0, @roo.security_groups_count)
|
||||
assert_equal(1, @kang.security_groups_count)
|
||||
assert_equal(2, @gamma.security_groups_count)
|
||||
assert_nil(@miss.security_groups_count)
|
||||
end
|
||||
|
||||
def test_property_with_subnet_ids
|
||||
assert_includes(@roo.subnet_ids, 'subnet-e7e741bc')
|
||||
assert_includes(@kang.subnet_ids, 'subnet-1234e12a')
|
||||
refute_includes(@gamma.subnet_ids, nil)
|
||||
assert_kind_of(Array, @miss.subnet_ids)
|
||||
assert_empty(@miss.subnet_ids)
|
||||
end
|
||||
|
||||
def test_property_with_security_group_ids
|
||||
refute_includes(@roo.security_group_ids, nil)
|
||||
assert_includes(@kang.security_group_ids, 'sg-6979fe18')
|
||||
assert_includes(@gamma.security_group_ids, 'sg-6975fe18')
|
||||
assert_kind_of(Array, @miss.security_group_ids)
|
||||
assert_empty(@miss.security_group_ids)
|
||||
end
|
||||
|
||||
def test_property_with_version
|
||||
assert_includes(@roo.version,'1.0')
|
||||
assert_includes(@kang.version, '1.3')
|
||||
assert_includes(@gamma.version, '2.3')
|
||||
assert_nil(@miss.version)
|
||||
end
|
||||
|
||||
def test_property_with_created_at
|
||||
assert_operator(@roo.created_at, :>, Time.at(1527807878))
|
||||
assert_operator(@kang.created_at, :<, Time.at(1527807979))
|
||||
assert_operator(@kang.created_at, :<, @gamma.created_at)
|
||||
refute_operator(@kang.created_at, :>, @gamma.created_at)
|
||||
assert_equal(@gamma.created_at, Time.at(9999999999))
|
||||
assert_nil(@miss.created_at)
|
||||
end
|
||||
|
||||
def test_property_with_role_arn
|
||||
assert_equal(@roo.role_arn, 'arn:aws:iam::012345678910:role/eks-service-role-AWSServiceRoleForAmazonEKS-J7ONKE3BQ4PI')
|
||||
assert_nil(@miss.role_arn)
|
||||
end
|
||||
|
||||
def test_property_with_certificate_authority
|
||||
assert_equal(@roo.certificate_authority, 'LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRFNE1EVXpNVEl6TVRFek1Wb1hEVEk0TURVeU9ESXpNVEV6TVZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTTZWCjVUaG4rdFcySm9Xa2hQMzRlVUZMNitaRXJOZGIvWVdrTmtDdWNGS2RaaXl2TjlMVmdvUmV2MjlFVFZlN1ZGbSsKUTJ3ZURyRXJiQyt0dVlibkFuN1ZLYmE3ay9hb1BHekZMdmVnb0t6b0M1N2NUdGVwZzRIazRlK2tIWHNaME10MApyb3NzcjhFM1ROeExETnNJTThGL1cwdjhsTGNCbWRPcjQyV2VuTjFHZXJnaDNSZ2wzR3JIazBnNTU0SjFWenJZCm9hTi8zODFUczlOTFF2QTBXb0xIcjBFRlZpTFdSZEoyZ3lXaC9ybDVyOFNDOHZaQXg1YW1BU0hVd01aTFpWRC8KTDBpOW4wRVM0MkpVdzQyQmxHOEdpd3NhTkJWV3lUTHZKclNhRXlDSHFtVVZaUTFDZkFXUjl0L3JleVVOVXM3TApWV1FqM3BFbk9RMitMSWJrc0RzQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFNZ3RsQ1dIQ2U2YzVHMXl2YlFTS0Q4K2hUalkKSm1NSG56L2EvRGt0WG9YUjFVQzIrZUgzT1BZWmVjRVZZZHVaSlZCckNNQ2VWR0ZkeWdBYlNLc1FxWDg0S2RXbAp1MU5QaERDSmEyRHliN2pVMUV6VThTQjFGZUZ5ZFE3a0hNS1E1blpBRVFQOTY4S01hSGUrSm0yQ2x1UFJWbEJVCjF4WlhTS1gzTVZ0K1Q0SU1EV2d6c3JRSjVuQkRjdEtLcUZtM3pKdVVubHo5ZEpVckdscEltMjVJWXJDckxYUFgKWkUwRUtRNWEzMHhkVWNrTHRGQkQrOEtBdFdqSS9yZUZPNzM1YnBMdVoyOTBaNm42QlF3elRrS0p4cnhVc3QvOAppNGsxcnlsaUdWMm5SSjBUYjNORkczNHgrYWdzYTRoSTFPbU90TFM0TmgvRXJxT3lIUXNDc2hEQUtKUT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=',
|
||||
)
|
||||
assert_nil(@miss.certificate_authority)
|
||||
end
|
||||
|
||||
def test_property_with_vpc_id
|
||||
assert_equal(@roo.vpc_id,'vpc-166723ec')
|
||||
assert_equal(@kang.vpc_id, 'vpc-266723ec')
|
||||
assert_equal(@gamma.vpc_id, 'vpc-366723ec')
|
||||
assert_nil(@miss.vpc_id)
|
||||
end
|
||||
|
||||
end
|
||||
#=============================================================================#
|
||||
# Test Fixtures
|
||||
#=============================================================================#
|
||||
module MAEKSB
|
||||
class Empty < AwsBackendBase
|
||||
def describe_cluster(query = {})
|
||||
raise Aws::EKS::Errors::ResourceNotFoundException.new(nil, nil)
|
||||
end
|
||||
end
|
||||
|
||||
class Basic < AwsBackendBase
|
||||
def describe_cluster(query = {})
|
||||
fixtures = [
|
||||
OpenStruct.new({
|
||||
version: '1.0',
|
||||
name: 'kangaroo',
|
||||
arn: 'arn:aws:eks:ab-region-1:012345678910:cluster/kangaroo',
|
||||
certificate_authority: OpenStruct.new({
|
||||
data: 'LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRFNE1EVXpNVEl6TVRFek1Wb1hEVEk0TURVeU9ESXpNVEV6TVZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTTZWCjVUaG4rdFcySm9Xa2hQMzRlVUZMNitaRXJOZGIvWVdrTmtDdWNGS2RaaXl2TjlMVmdvUmV2MjlFVFZlN1ZGbSsKUTJ3ZURyRXJiQyt0dVlibkFuN1ZLYmE3ay9hb1BHekZMdmVnb0t6b0M1N2NUdGVwZzRIazRlK2tIWHNaME10MApyb3NzcjhFM1ROeExETnNJTThGL1cwdjhsTGNCbWRPcjQyV2VuTjFHZXJnaDNSZ2wzR3JIazBnNTU0SjFWenJZCm9hTi8zODFUczlOTFF2QTBXb0xIcjBFRlZpTFdSZEoyZ3lXaC9ybDVyOFNDOHZaQXg1YW1BU0hVd01aTFpWRC8KTDBpOW4wRVM0MkpVdzQyQmxHOEdpd3NhTkJWV3lUTHZKclNhRXlDSHFtVVZaUTFDZkFXUjl0L3JleVVOVXM3TApWV1FqM3BFbk9RMitMSWJrc0RzQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFNZ3RsQ1dIQ2U2YzVHMXl2YlFTS0Q4K2hUalkKSm1NSG56L2EvRGt0WG9YUjFVQzIrZUgzT1BZWmVjRVZZZHVaSlZCckNNQ2VWR0ZkeWdBYlNLc1FxWDg0S2RXbAp1MU5QaERDSmEyRHliN2pVMUV6VThTQjFGZUZ5ZFE3a0hNS1E1blpBRVFQOTY4S01hSGUrSm0yQ2x1UFJWbEJVCjF4WlhTS1gzTVZ0K1Q0SU1EV2d6c3JRSjVuQkRjdEtLcUZtM3pKdVVubHo5ZEpVckdscEltMjVJWXJDckxYUFgKWkUwRUtRNWEzMHhkVWNrTHRGQkQrOEtBdFdqSS9yZUZPNzM1YnBMdVoyOTBaNm42QlF3elRrS0p4cnhVc3QvOAppNGsxcnlsaUdWMm5SSjBUYjNORkczNHgrYWdzYTRoSTFPbU90TFM0TmgvRXJxT3lIUXNDc2hEQUtKUT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=',
|
||||
}),
|
||||
created_at: Time.at(1527807879),
|
||||
endpoint: 'https://A0DCCD80A04F01705DD065655C30CC3D.yl4.aq-south-2.eks.amazonaws.com',
|
||||
resources_vpc_config: OpenStruct.new({
|
||||
security_group_ids: [],
|
||||
subnet_ids: %w[subnet-1234e12a subnet-e7e741bc subnet-e7a763ac subnet-e7b781cc],
|
||||
vpc_id: 'vpc-166723ec',
|
||||
}),
|
||||
role_arn: 'arn:aws:iam::012345678910:role/eks-service-role-AWSServiceRoleForAmazonEKS-J7ONKE3BQ4PI',
|
||||
status: 'ACTIVE',
|
||||
}),
|
||||
OpenStruct.new({
|
||||
version: '1.3',
|
||||
name: 'kang-the-alien',
|
||||
arn: 'arn:aws:eks:ab-region-1:019876543210:cluster/kang-the-alien',
|
||||
certificate_authority: OpenStruct.new({
|
||||
data: 'LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRFNE1EVXpNVEl6TVRFek1Wb1hEVEk0TURVeU9ESXpNVEV6TVZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTTZWCjVUaG4rdFcySm9Xa2hQMzRlVUZMNitaRXJOZGIvWVdrTmtDdWNGS2RaaXl2TjlMVmdvUmV2MjlFVFZlN1ZGbSsKUTJ3ZURyRXJiQyt0dVlibkFuN1ZLYmE3ay9hb1BHekZMdmVnb0t6b0M1N2NUdGVwZzRIazRlK2tIWHNaME10MApyb3NzcjhFM1ROeExETnNJTThGL1cwdjhsTGNCbWRPcjQyV2VuTjFHZXJnaDNSZ2wzR3JIazBnNTU0SjFWenJZCm9hTi8zODFUczlOTFF2QTBXb0xIcjBFRlZpTFdSZEoyZ3lXaC9ybDVyOFNDOHZaQXg1YW1BU0hVd01aTFpWRC8KTDBpOW4wRVM0MkpVdzQyQmxHOEdpd3NhTkJWV3lUTHZKclNhRXlDSHFtVVZaUTFDZkFXUjl0L3JleVVOVXM3TApWV1FqM3BFbk9RMitMSWJrc0RzQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFNZ3RsQ1dIQ2U2YzVHMXl2YlFTS0Q4K2hUalkKSm1NSG56L2EvRGt0WG9YUjFVQzIrZUgzT1BZWmVjRVZZZHVaSlZCckNNQ2VWR0ZkeWdBYlNLc1FxWDg0S2RXbAp1MU5QaERDSmEyRHliN2pVMUV6VThTQjFGZUZ5ZFE3a0hNS1E1blpBRVFQOTY4S01hSGUrSm0yQ2x1UFJWbEJVCjF4WlhTS1gzTVZ0K1Q0SU1EV2d6c3JRSjVuQkRjdEtLcUZtM3pKdVVubHo5ZEpVckdscEltMjVJWXJDckxYUFgKWkUwRUtRNWEzMHhkVWNrTHRGQkQrOEtBdFdqSS9yZUZPNzM1YnBMdVoyOTBaNm42QlF3elRrS0p4cnhVc3QvOAppNGsxcnlsaUdWMm5SSjBUYjNORkczNHgrYWdzYTRoSTFPbU90TFM0TmgvRXJxT3lIUXNDc2hEQUtKUT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=',
|
||||
}),
|
||||
created_at: Time.at(1527807879),
|
||||
endpoint: 'https://A0DCCD80A04F01705DD065655C30CC3D.yl4.aq-south-1.eks.amazonaws.com',
|
||||
resources_vpc_config: OpenStruct.new({
|
||||
security_group_ids: ['sg-6979fe18'],
|
||||
subnet_ids: %w[subnet-1234e12a subnet-e7e741bc],
|
||||
vpc_id: 'vpc-266723ec',
|
||||
}),
|
||||
role_arn: 'arn:aws:iam::012345678910:role/eks-service-role-AWSServiceRoleForAmazonEKS-J7ONKE3BQ4PI',
|
||||
status: 'CREATING',
|
||||
}),
|
||||
OpenStruct.new({
|
||||
version: '2.3',
|
||||
name: 'gamma',
|
||||
arn: 'arn:aws:eks:ab-region-1:013836573410:cluster/gamma',
|
||||
certificate_authority: OpenStruct.new({
|
||||
data: 'LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRFNE1EVXpNVEl6TVRFek1Wb1hEVEk0TURVeU9ESXpNVEV6TVZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTTZWCjVUaG4rdFcySm9Xa2hQMzRlVUZMNitaRXJOZGIvWVdrTmtDdWNGS2RaaXl2TjlMVmdvUmV2MjlFVFZlN1ZGbSsKUTJ3ZURyRXJiQyt0dVlibkFuN1ZLYmE3ay9hb1BHekZMdmVnb0t6b0M1N2NUdGVwZzRIazRlK2tIWHNaME10MApyb3NzcjhFM1ROeExETnNJTThGL1cwdjhsTGNCbWRPcjQyV2VuTjFHZXJnaDNSZ2wzR3JIazBnNTU0SjFWenJZCm9hTi8zODFUczlOTFF2QTBXb0xIcjBFRlZpTFdSZEoyZ3lXaC9ybDVyOFNDOHZaQXg1YW1BU0hVd01aTFpWRC8KTDBpOW4wRVM0MkpVdzQyQmxHOEdpd3NhTkJWV3lUTHZKclNhRXlDSHFtVVZaUTFDZkFXUjl0L3JleVVOVXM3TApWV1FqM3BFbk9RMitMSWJrc0RzQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFNZ3RsQ1dIQ2U2YzVHMXl2YlFTS0Q4K2hUalkKSm1NSG56L2EvRGt0WG9YUjFVQzIrZUgzT1BZWmVjRVZZZHVaSlZCckNNQ2VWR0ZkeWdBYlNLc1FxWDg0S2RXbAp1MU5QaERDSmEyRHliN2pVMUV6VThTQjFGZUZ5ZFE3a0hNS1E1blpBRVFQOTY4S01hSGUrSm0yQ2x1UFJWbEJVCjF4WlhTS1gzTVZ0K1Q0SU1EV2d6c3JRSjVuQkRjdEtLcUZtM3pKdVVubHo5ZEpVckdscEltMjVJWXJDckxYUFgKWkUwRUtRNWEzMHhkVWNrTHRGQkQrOEtBdFdqSS9yZUZPNzM1YnBMdVoyOTBaNm42QlF3elRrS0p4cnhVc3QvOAppNGsxcnlsaUdWMm5SSjBUYjNORkczNHgrYWdzYTRoSTFPbU90TFM0TmgvRXJxT3lIUXNDc2hEQUtKUT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=',
|
||||
}),
|
||||
created_at: Time.at(9999999999),
|
||||
endpoint: 'https://A0DCCD80A04F01705DD065655C30CC3D.yl4.aq-south-3.eks.amazonaws.com',
|
||||
resources_vpc_config: OpenStruct.new({
|
||||
security_group_ids: %w[sg-6975fe18 sg-6479fe18],
|
||||
subnet_ids: [],
|
||||
vpc_id: 'vpc-366723ec',
|
||||
}),
|
||||
role_arn: 'arn:aws:iam::012345678910:role/eks-service-role-AWSServiceRoleForAmazonEKS-J7ONKE3BQ4PI',
|
||||
status: 'DELETING',
|
||||
}),
|
||||
OpenStruct.new({
|
||||
version: '2.0',
|
||||
name: 'kodos-the-alien',
|
||||
arn: 'arn:aws:eks:ab-region-1:013836573410:cluster/kodos',
|
||||
certificate_authority: OpenStruct.new({
|
||||
data: 'LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUN5RENDQWJDZ0F3SUJBZ0lCQURBTkJna3Foa2lHOXcwQkFRc0ZBREFWTVJNd0VRWURWUVFERXdwcmRXSmwKY201bGRHVnpNQjRYRFRFNE1EVXpNVEl6TVRFek1Wb1hEVEk0TURVeU9ESXpNVEV6TVZvd0ZURVRNQkVHQTFVRQpBeE1LYTNWaVpYSnVaWFJsY3pDQ0FTSXdEUVlKS29aSWh2Y05BUUVCQlFBRGdnRVBBRENDQVFvQ2dnRUJBTTZWCjVUaG4rdFcySm9Xa2hQMzRlVUZMNitaRXJOZGIvWVdrTmtDdWNGS2RaaXl2TjlMVmdvUmV2MjlFVFZlN1ZGbSsKUTJ3ZURyRXJiQyt0dVlibkFuN1ZLYmE3ay9hb1BHekZMdmVnb0t6b0M1N2NUdGVwZzRIazRlK2tIWHNaME10MApyb3NzcjhFM1ROeExETnNJTThGL1cwdjhsTGNCbWRPcjQyV2VuTjFHZXJnaDNSZ2wzR3JIazBnNTU0SjFWenJZCm9hTi8zODFUczlOTFF2QTBXb0xIcjBFRlZpTFdSZEoyZ3lXaC9ybDVyOFNDOHZaQXg1YW1BU0hVd01aTFpWRC8KTDBpOW4wRVM0MkpVdzQyQmxHOEdpd3NhTkJWV3lUTHZKclNhRXlDSHFtVVZaUTFDZkFXUjl0L3JleVVOVXM3TApWV1FqM3BFbk9RMitMSWJrc0RzQ0F3RUFBYU1qTUNFd0RnWURWUjBQQVFIL0JBUURBZ0trTUE4R0ExVWRFd0VCCi93UUZNQU1CQWY4d0RRWUpLb1pJaHZjTkFRRUxCUUFEZ2dFQkFNZ3RsQ1dIQ2U2YzVHMXl2YlFTS0Q4K2hUalkKSm1NSG56L2EvRGt0WG9YUjFVQzIrZUgzT1BZWmVjRVZZZHVaSlZCckNNQ2VWR0ZkeWdBYlNLc1FxWDg0S2RXbAp1MU5QaERDSmEyRHliN2pVMUV6VThTQjFGZUZ5ZFE3a0hNS1E1blpBRVFQOTY4S01hSGUrSm0yQ2x1UFJWbEJVCjF4WlhTS1gzTVZ0K1Q0SU1EV2d6c3JRSjVuQkRjdEtLcUZtM3pKdVVubHo5ZEpVckdscEltMjVJWXJDckxYUFgKWkUwRUtRNWEzMHhkVWNrTHRGQkQrOEtBdFdqSS9yZUZPNzM1YnBMdVoyOTBaNm42QlF3elRrS0p4cnhVc3QvOAppNGsxcnlsaUdWMm5SSjBUYjNORkczNHgrYWdzYTRoSTFPbU90TFM0TmgvRXJxT3lIUXNDc2hEQUtKUT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=',
|
||||
}),
|
||||
created_at: Time.at(0),
|
||||
endpoint: 'https://A0DCCD80A04F01705DD065655C30CC3D.yl4.aq-south-3.eks.amazonaws.com',
|
||||
resources_vpc_config: OpenStruct.new({
|
||||
security_group_ids: %w[sg-6975fe18 sg-6479fe18],
|
||||
subnet_ids: [],
|
||||
vpc_id: 'vpc-366723ec',
|
||||
}),
|
||||
role_arn: 'arn:aws:iam::012345678910:role/eks-service-role-AWSServiceRoleForAmazonEKS-J7ONKE3BQ4PI',
|
||||
status: 'FAILED',
|
||||
})
|
||||
]
|
||||
if query[:name]
|
||||
result = fixtures.select do |clst|
|
||||
query[:name].include? clst.name
|
||||
end
|
||||
if result.empty?
|
||||
raise Aws::EKS::Errors::ResourceNotFoundException.new(nil,nil)
|
||||
else
|
||||
OpenStruct.new({ cluster: result[0] })
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
||||
end
|
Loading…
Reference in a new issue