Fix for the auditor permissions tests.

AWS SDK is not returning all the roles at once while calling get-account-authorization-details, but is paginating the results. This is a fix that iterates over all the pages of the response. [#184632801] Add AssumeRole support to bosh-aws-cpi Signed-off-by: Daniel Felipe Ochoa <danielfelipo@vmware.com>
cloudfoundry · Apr 25, 2023 · 868e754 · 868e754
1 parent 72ed37e
commit 868e754
Showing 1 changed file with 10 additions and 2 deletions.
diff --git a/src/bosh_aws_cpi/spec/integration/spec_helper.rb b/src/bosh_aws_cpi/spec/integration/spec_helper.rb
@@ -23,7 +23,15 @@ def validate_minimum_permissions(logger)
       logger: logger
     )
 
-    account_details = iam_client.get_account_authorization_details(filter: ['Role']).role_detail_list.find { |role|
+
+    ##
+    # The following lines are a workaround for the fact that the AWS SDK does not return all the results at once.
+    role_list = []
+    iam_client.get_account_authorization_details(filter: ['Role']).each{ | response |
+      role_list += response.role_detail_list
+    }
+
+    account_details = role_list.find { |role|
       role.arn == 'arn:aws:iam::' + integration_test_user.account + ':role/' + integration_test_user.arn.split('/')[1]
     }
 
@@ -46,7 +54,7 @@ def validate_minimum_permissions(logger)
       s['Action']
     end.flatten.uniq
 
-    expect(actions).to include(*minimum_action)
+    expect(actions).to match_array(minimum_action)
   end
 end