-
Notifications
You must be signed in to change notification settings - Fork 28
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
New unit test for referenced security groups
- Loading branch information
Metallion
committed
Apr 25, 2012
1 parent
9656a9d
commit a06c3ed
Showing
5 changed files
with
139 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
65 changes: 65 additions & 0 deletions
65
tests/cucumber/features/firewall/security_group_reference.feature
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,65 @@ | |||
Feature: Security groups referencing other security groups | |||
|
|||
Scenario: Single nic | |||
Given the volume "wmi-secgtest" exists | |||
And the instance_spec "is-demospec" exists for api until 11.12 | |||
And security group A exists with the following rules | |||
""" | |||
tcp:22,22,ip4:0.0.0.0 | |||
""" | |||
And security group B exists with the following rules | |||
""" | |||
tcp:22,22,ip4:0.0.0.0 | |||
tcp:345,345,<Group A> | |||
""" | |||
And security group C exists with the following rules | |||
""" | |||
tcp:22,22,ip4:0.0.0.0 | |||
""" | |||
|
|||
And an instance instB1 is started in group B that listens on tcp port 345 | |||
And an instance instA1 is started in group A that listens on tcp port 345 | |||
And an instance instA2 is started in group A that listens on tcp port 345 | |||
And an instance instC1 is started in group C that listens on tcp port 345 | |||
|
|||
When instance instA1 sends a tcp packet to instance instB1 on port 345 | |||
Then the packet should arrive successfully | |||
|
|||
When instance instA2 sends a tcp packet to instance instB1 on port 345 | |||
Then the packet should arrive successfully | |||
|
|||
When instance instB1 sends a tcp packet to instance instA1 on port 345 | |||
Then the packet should not arrive successfully | |||
|
|||
When instance instB1 sends a tcp packet to instance instA2 on port 345 | |||
Then the packet should not arrive successfully | |||
|
|||
When instance instC1 sends a tcp packet to instance instB1 on port 345 | |||
Then the packet should not arrive successfully | |||
|
|||
When we successfully start an instance instA3 in group A that listens on tcp port 345 | |||
And instance instA3 sends a tcp packet to instance instB1 on port 345 | |||
Then the packet should arrive successfully | |||
|
|||
When we update security group B with the following rules | |||
""" | |||
tcp:22,22,ip4:0.0.0.0 | |||
""" | |||
|
|||
When instance instA1 sends a tcp packet to instance instB1 on port 345 | |||
Then the packet should not arrive successfully | |||
|
|||
When instance instA2 sends a tcp packet to instance instB1 on port 345 | |||
Then the packet should not arrive successfully | |||
|
|||
When instance instA3 sends a tcp packet to instance instB1 on port 345 | |||
Then the packet should not arrive successfully | |||
|
|||
When we successfully terminate instance instA1 | |||
And we successfully terminate instance instA2 | |||
And we successfully terminate instance instA3 | |||
And we successfully terminate instance instB1 | |||
And we successfully terminate instance instC1 | |||
And we successfully delete security group A | |||
And we successfully delete security group B | |||
And we successfully delete security group C |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
53 changes: 53 additions & 0 deletions
53
tests/cucumber/features/firewall/step_definitions/reference_steps.rb
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Original file line | Diff line number | Diff line change |
---|---|---|---|
@@ -0,0 +1,53 @@ | |||
# encoding: utf-8 | |||
begin require 'rspec/expectations'; rescue LoadError; require 'spec/expectations'; end | |||
require 'cucumber/formatter/unicode' | |||
|
|||
Before do | |||
end | |||
|
|||
After do | |||
end | |||
|
|||
require 'socket' | |||
require 'timeout' | |||
|
|||
Given /^an instance (.+) is started in group (.+) that listens on (tcp|udp) port (\d+)$/ do |instance_name, group_name, protocol, port| | |||
steps %Q{ | |||
Given an instance #{instance_name} is started with the following options | |||
| image_id | instance_spec_id | ssh_key_id | security_groups | user_data | | |||
| wmi-secgtest | is-demospec | ssh-demo | <registry:group_#{group_name}> | #{protocol}:#{port} | | |||
} | |||
end | |||
|
|||
When /^we successfully start an instance (.+) in group (.+) that listens on (tcp|udp) port (\d+)$/ do |instance_name, group_name, protocol, port| | |||
steps %Q{ | |||
Given an instance #{instance_name} is started with the following options | |||
| image_id | instance_spec_id | ssh_key_id | security_groups | user_data | | |||
| wmi-secgtest | is-demospec | ssh-demo | <registry:group_#{group_name}> | #{protocol}:#{port} | | |||
Then the started instance should start ssh in 60 seconds or less | |||
} | |||
end | |||
|
|||
When /^instance (.+) sends a (tcp|udp) packet to instance (.+) on port (\d+)$/ do |sender_name, protocol, receiver_name, port| | |||
steps %Q{ | |||
When instance #{sender_name} sends a #{protocol} packet to #{receiver_name}'s inside address on port #{port} | |||
} | |||
end | |||
|
|||
Then /^the packet (should|should\snot) arrive successfully$/ do |result| | |||
if result == "should" | |||
steps %{Then it should use its inside ip} | |||
else | |||
steps %{Then it should fail to send the packet} | |||
end | |||
end | |||
|
|||
When /^we update security group (.+) with the following rules$/ do |group_name,rules| | |||
rules_with_line_breaks = rules.inspect.slice(1,rules.inspect.length-2) | |||
group_uuid = variable_get_value "<registry:group_#{group_name}>" | |||
steps %Q{ | |||
When we make a successful api update call to security_groups/#{group_uuid} with the following options | |||
| rule | | |||
| #{rules_with_line_breaks} | | |||
} | |||
end |