Mock AWS_DEFAULT_REGION for all unit tests #1710
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov Report
@@ Coverage Diff @@
## develop #1710 +/- ##
===========================================
- Coverage 83.62% 83.60% -0.03%
===========================================
Files 104 104
Lines 9951 9961 +10
===========================================
+ Hits 8322 8328 +6
- Misses 1629 1633 +4
Continue to review full report at Codecov.
|
Pull Request Test Coverage Report for Build 8098
💛 - Coveralls |
jessebrennan
approved these changes
Apr 16, 2020
hannes-ucsc
reviewed
Apr 16, 2020
test/azul_test_case.py
Outdated
| @@ -52,6 +56,10 @@ class AzulTestCase(TestCase): | |||
| get_credentials_boto3 = None | |||
| _saved_boto3_default_session = None | |||
|
|
|||
| # Region corresponds to south asia (Mumbai). Must be a real region because | |||
| # SQS will verify this. | |||
There was a problem hiding this comment.
Moto checks this, not SQS.
There was a problem hiding this comment.
True, but moto defers to boto when retrieving the list of valid regions.
hannes-ucsc
requested changes
Apr 17, 2020
test/azul_test_case.py
Outdated
| @@ -52,6 +56,10 @@ class AzulTestCase(TestCase): | |||
| get_credentials_boto3 = None | |||
| _saved_boto3_default_session = None | |||
|
|
|||
| # Region corresponds to south asia (Mumbai). Must be a real region because | |||
| # SQS will verify this. | |||
| _aws_region_mock = patch.dict(os.environ, AWS_DEFAULT_REGION='ap-south-1') | |||
There was a problem hiding this comment.
Suggested change
| _aws_region_mock = patch.dict(os.environ, AWS_DEFAULT_REGION='ap-south-1') | |
| _aws_region_mock = patch.dict(os.environ, AWS_DEFAULT_REGION='us-gov-west-1') |
we are pretty much guaranteed to not have access to that region.
There was a problem hiding this comment.
Moto/boto does not consider this to be a valid region in certain contexts:
======================================================================
ERROR: test_versioning (service.test_version_service.TestVersionService)
----------------------------------------------------------------------
Traceback (most recent call last):
File "/home/travis/build/DataBiosphere/azul/test/service/test_version_service.py", line 19, in setUp
super().setUp()
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/moto/core/models.py", line 80, in wrapper
result = func(*args, **kwargs)
File "/home/travis/build/DataBiosphere/azul/test/version_table_test_case.py", line 23, in setUp
dict(AttributeName=VersionService.key_name, KeyType='HASH'),
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/client.py", line 357, in _api_call
return self._make_api_call(operation_name, kwargs)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/client.py", line 648, in _make_api_call
operation_model, request_dict, request_context)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/client.py", line 667, in _make_request
return self._endpoint.make_request(operation_model, request_dict)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/endpoint.py", line 102, in make_request
return self._send_request(request_dict, operation_model)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/endpoint.py", line 137, in _send_request
success_response, exception):
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/endpoint.py", line 231, in _needs_retry
caught_exception=caught_exception, request_dict=request_dict)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/hooks.py", line 356, in emit
return self._emitter.emit(aliased_event_name, **kwargs)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/hooks.py", line 228, in emit
return self._emit(event_name, kwargs)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/hooks.py", line 211, in _emit
response = handler(**kwargs)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/retryhandler.py", line 183, in __call__
if self._checker(attempts, response, caught_exception):
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/retryhandler.py", line 251, in __call__
caught_exception)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/retryhandler.py", line 269, in _should_retry
return self._checker(attempt_number, response, caught_exception)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/retryhandler.py", line 317, in __call__
caught_exception)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/retryhandler.py", line 223, in __call__
attempt_number, caught_exception)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/retryhandler.py", line 359, in _check_caught_exception
raise caught_exception
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/endpoint.py", line 197, in _do_get_response
responses = self._event_emitter.emit(event_name, request=request)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/hooks.py", line 356, in emit
return self._emitter.emit(aliased_event_name, **kwargs)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/hooks.py", line 228, in emit
return self._emit(event_name, kwargs)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/botocore/hooks.py", line 211, in _emit
response = handler(**kwargs)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/moto/core/models.py", line 298, in __call__
status, headers, body = response_callback(request, request.url, request.headers)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/moto/core/responses.py", line 117, in dispatch
return cls()._dispatch(*args, **kwargs)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/moto/core/responses.py", line 207, in _dispatch
return self.call_action()
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/moto/core/utils.py", line 264, in _wrapper
response = f(*args, **kwargs)
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/moto/dynamodb2/responses.py", line 65, in call_action
response = getattr(self, endpoint)()
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/moto/dynamodb2/responses.py", line 119, in create_table
table = self.dynamodb_backend.create_table(table_name,
File "/home/travis/virtualenv/python3.6.7/lib/python3.6/site-packages/moto/dynamodb2/responses.py", line 57, in dynamodb_backend
return dynamodb_backends[self.region]
KeyError: 'us-gov-west-1'
----------------------------------------------------------------------
Ran 322 tests in 817.926s
There was a problem hiding this comment.
I believe the list of regions that will not trigger this error can be found in .venv/lib/python3.6/site-packages/botocore/data/endpoints.json
There was a problem hiding this comment.
$ cat .venv/lib/python3.6/site-packages/botocore/data/endpoints.json | jq .partitions[].regions | jq keys[]
"ap-east-1"
"ap-northeast-1"
"ap-northeast-2"
"ap-south-1"
"ap-southeast-1"
"ap-southeast-2"
"ca-central-1"
"eu-central-1"
"eu-north-1"
"eu-west-1"
"eu-west-2"
"eu-west-3"
"me-south-1"
"sa-east-1"
"us-east-1"
"us-east-2"
"us-west-1"
"us-west-2"
"cn-north-1"
"cn-northwest-1"
"us-gov-east-1"
"us-gov-west-1"
"us-iso-east-1"
"us-isob-east-1"
There was a problem hiding this comment.
More directly and correctly:
>>> import moto.dynamodb2.models as m
>>> m.dynamodb_backends.keys()
dict_keys(['ap-east-1', 'ap-northeast-1', 'ap-northeast-2', 'ap-south-1', 'ap-southeast-1', 'ap-southeast-2', 'ca-central-1', 'eu-central-1', 'eu-north-1', 'eu-west-1', 'eu-west-2', 'eu-west-3', 'me-south-1', 'sa-east-1', 'us-east-1', 'us-east-2', 'us-west-1', 'us-west-2'])
nadove-ucsc
force-pushed
the
issues/noah-aviel-dove/1498-unit-tests-special-region
branch
from
78e893a
to
0dd96b2
Compare
hannes-ucsc
requested changes
Apr 17, 2020
test/azul_test_case.py
Outdated
| @@ -82,8 +87,15 @@ def dummy_get_credentials(self): | |||
| botocore.session.Session.get_credentials = dummy_get_credentials | |||
| boto3.session.Session.get_credentials = dummy_get_credentials | |||
|
|
|||
| # Ensure that mock leakages fail by targeting another region | |||
| # Moto will verify that region is valid. | |||
There was a problem hiding this comment.
Suggested change
| # Moto will verify that region is valid. | |
| # We can't use an artificial region name since Moto validates it. |
test/azul_test_case.py
Outdated
| # Ensure that mock leakages fail by targeting another region | ||
| # Moto will verify that region is valid. | ||
| # We are pretty much guaranteed not to have access to this region. | ||
| cls._aws_region_mock = patch.dict(os.environ, AWS_DEFAULT_REGION='us-gov-west-1') |
There was a problem hiding this comment.
Any other gov region we could use?
There was a problem hiding this comment.
I don't believe so: #1710 (comment)
If it's that important I could try to mock moto's internals so that a made-up region is mapped to a valid backend.
There was a problem hiding this comment.
Actually that almost certainly won't work. Moto retrieves the list of available regions from boto at import time so it's too late for setUpClass to patch anything. Furthermore the separate moto services (e.g. dynamodb, sqs) have their own regions lists, so to overwrite boto's list we'd need to patch each each individually, which seems very brittle and tedious. My current belief is that our best option is to select one the regions listed above.
nadove-ucsc
force-pushed
the
issues/noah-aviel-dove/1498-unit-tests-special-region
branch
from
0dd96b2
to
9b394b3
Compare
hannes-ucsc
reviewed
Apr 24, 2020
test/azul_test_case.py
Outdated
| # Ensure that mock leakages fail by targeting another region. | ||
| # Moto verifies the region against a list of supported backends, so we | ||
| # can't use an artifical one (see site-packages/boto/endpoints.json). | ||
| cls._aws_region_mock = patch.dict(os.environ, AWS_DEFAULT_REGION='ap-south-1') |
There was a problem hiding this comment.
Unfortunately, because this is an real region in the default AWS partition, this doesn't actually prevent access to real resources. I understand the difficulty in patching all of the region info code in moto, boto and boto3 and don't have a good solution either but I don't see how this buys us any additional security.
|
Moved to icebox. Considering closing it. |
hannes-ucsc
requested changes
Apr 27, 2020
|
@hannes-ucsc You are correct. There are only two classes that fail when the region mock is set to |
|
In that case, we should use a region from the |
nadove-ucsc
force-pushed
the
issues/noah-aviel-dove/1498-unit-tests-special-region
branch
from
9b394b3
to
6de519f
Compare
hannes-ucsc
requested changes
May 1, 2020
test/azul_test_case.py
Outdated
| boto3.session.Session.get_credentials = cls.get_credentials_boto3 | ||
| botocore.session.Session.get_credentials = cls.get_credentials_botocore | ||
| boto3.DEFAULT_SESSION = cls._saved_boto3_default_session | ||
| os.environ['AZUL_AWS_ACCOUNT_ID'] = cls.aws_account_id | ||
| super().tearDownClass() | ||
|
|
||
| @classmethod | ||
| def get_aws_mock_region(cls): |
There was a problem hiding this comment.
Can you try a simple class attribute, not a class method?
hannes-ucsc
added
2 reviews
nadove-ucsc
force-pushed
the
issues/noah-aviel-dove/1498-unit-tests-special-region
branch
from
6de519f
to
8ee14c4
Compare
hannes-ucsc
approved these changes
May 2, 2020
hannes-ucsc
added
the
hold warm
hannes-ucsc
force-pushed
the
issues/noah-aviel-dove/1498-unit-tests-special-region
branch
from
8ee14c4
to
fe45f8c
Compare
hannes-ucsc
added
sandbox
hannes-ucsc
force-pushed
the
issues/noah-aviel-dove/1498-unit-tests-special-region
branch
from
fe45f8c
to
6722202
Compare
hannes-ucsc
deleted the
issues/noah-aviel-dove/1498-unit-tests-special-region
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.