-
Notifications
You must be signed in to change notification settings - Fork 18
/
ec2_test.clj
83 lines (79 loc) · 3.98 KB
/
ec2_test.clj
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
(ns crucible.aws.ec2-test
(:require [clojure.test :refer :all]
[crucible.aws.ec2 :as ec2]
[crucible.resources :as res]
[cheshire.core :as json]
[clojure.spec.alpha :as s]
[crucible.core :refer [template encode parameter xref]]))
(deftest vpc-test
(testing "minimal spec"
(is (s/valid? ::res/resource (second (ec2/vpc {::ec2/cidr-block "1.2.3.4/24"}))))))
(deftest igw-test
(testing "minimal spec"
(is (s/valid? ::res/resource (second (ec2/internet-gateway {}))))))
(deftest nat-gateway-test
(testing "minimal spec"
(is (s/valid? ::res/resource (second (ec2/nat-gateway {::ec2/allocation-id "id"
::ec2/subnet-id "id"})))))
(testing "full spec"
(is (s/valid? ::res/resource (second (ec2/nat-gateway {::ec2/allocation-id "id"
::ec2/subnet-id "id"
::ec2/tags [{::res/key "key" ::res/value "value"}]})))))
(testing "template with multiple conditions"
(is (= {"AWSTemplateFormatVersion" "2010-09-09"
"Description" "t"
"Resources" {"NatGateway" {"Type" "AWS::EC2::NatGateway"
"Properties" {"AllocationId" "id"
"SubnetId" "id"}}}}
(cheshire.core/decode
(encode
(template "t"
:nat-gateway (ec2/nat-gateway {::ec2/allocation-id "id"
::ec2/subnet-id "id"}))))))))
(deftest sg-test
(testing "encode"
(is (= {"AWSTemplateFormatVersion" "2010-09-09"
"Description" "minimal"
"Resources"
{"MySecurityGroup"
{"Type" "AWS::EC2::SecurityGroup"
"Properties" {"GroupDescription"
"Enable SSH access and HTTP from the load balancer only"
"SecurityGroupIngress"
[{"IpProtocol" "tcp"
"FromPort" 22
"ToPort" 22
"CidrIp" "0.0.0.0/0"}
{"IpProtocol" "tcp"
"FromPort" { "Ref" "WebServerPort" }
"ToPort" { "Ref" "WebServerPort" }
"SourceSecurityGroupOwnerId" {"Fn::GetAtt"
["ElasticLoadBalancer"
"SourceSecurityGroup.OwnerAlias"]}
"SourceSecurityGroupName" {"Fn::GetAtt"
["ElasticLoadBalancer"
"SourceSecurityGroup.GroupName"]}}]}
}}
"Parameters" {"ElasticLoadBalancer" {"Type" "String"}
"WebServerPort" {"Type" "String"}}}
(json/decode
(encode
(template
"minimal"
:elastic-load-balancer (parameter)
:web-server-port (parameter)
:my-security-group
(ec2/security-group
{::ec2/group-description "Enable SSH access and HTTP from the load balancer only"
::ec2/security-group-ingress
[{::ec2/ip-protocol "tcp"
::ec2/from-port 22
::ec2/to-port 22
::ec2/cidr-ip "0.0.0.0/0"}
{::ec2/ip-protocol "tcp"
::ec2/from-port (xref :web-server-port)
::ec2/to-port (xref :web-server-port)
::ec2/source-security-group-owner-id
(xref :elastic-load-balancer (keyword "SourceSecurityGroup.OwnerAlias"))
:source-security-group-name
(xref :elastic-load-balancer (keyword "SourceSecurityGroup.GroupName"))}]}))))))))