From ec4d99d020605c55f27eb0d383eca51ff3048de8 Mon Sep 17 00:00:00 2001 From: ragona Date: Sat, 27 Jul 2019 11:27:56 -0700 Subject: [PATCH 1/3] Fixed KMS master key provider tests for users who have their default AWS region configured --- .../test_providers_kms_master_key_provider.py | 26 ++++++++++++++----- 1 file changed, 20 insertions(+), 6 deletions(-) diff --git a/test/unit/test_providers_kms_master_key_provider.py b/test/unit/test_providers_kms_master_key_provider.py index 48802a36f..7961d77c4 100644 --- a/test/unit/test_providers_kms_master_key_provider.py +++ b/test/unit/test_providers_kms_master_key_provider.py @@ -70,17 +70,20 @@ def test_init_with_region_names(self, mock_add_clients): @patch("aws_encryption_sdk.key_providers.kms.KMSMasterKeyProvider.add_regional_client") def test_init_with_default_region_found(self, mock_add_regional_client): test = KMSMasterKeyProvider() - assert test.default_region is None + if not default_region_is_set(): + assert test.default_region is None with patch.object( test.config.botocore_session, "get_config_variable", return_value=sentinel.default_region ) as mock_get_config: test._process_config() mock_get_config.assert_called_once_with("region") assert test.default_region is sentinel.default_region - mock_add_regional_client.assert_called_once_with(sentinel.default_region) + mock_add_regional_client.assert_called_with(sentinel.default_region) @patch("aws_encryption_sdk.key_providers.kms.KMSMasterKeyProvider.add_regional_client") def test_init_with_default_region_not_found(self, mock_add_regional_client): + if default_region_is_set(): + pytest.skip("User has configured a default region") test = KMSMasterKeyProvider() assert test.default_region is None with patch.object(test.config.botocore_session, "get_config_variable", return_value=None) as mock_get_config: @@ -93,11 +96,13 @@ def test_add_regional_client_new(self): test = KMSMasterKeyProvider() test._regional_clients = {} test.add_regional_client("ex_region_name") - self.mock_boto3_session.assert_called_once_with(region_name="ex_region_name", botocore_session=ANY) - self.mock_boto3_session_instance.client.assert_called_once_with("kms", config=test._user_agent_adding_config) + self.mock_boto3_session.assert_called_with(region_name="ex_region_name", botocore_session=ANY) + self.mock_boto3_session_instance.client.assert_called_with("kms", config=test._user_agent_adding_config) assert test._regional_clients["ex_region_name"] is self.mock_boto3_client_instance def test_add_regional_client_exists(self): + if default_region_is_set(): + pytest.skip("User has configured a default region") test = KMSMasterKeyProvider() test._regional_clients["ex_region_name"] = sentinel.existing_client test.add_regional_client("ex_region_name") @@ -114,7 +119,7 @@ def test_client_valid_region_name(self, mock_add_client): test = KMSMasterKeyProvider() test._regional_clients["us-east-1"] = self.mock_boto3_client_instance client = test._client("arn:aws:kms:us-east-1:222222222222:key/aaaaaaaa-1111-2222-3333-bbbbbbbbbbbb") - mock_add_client.assert_called_once_with("us-east-1") + mock_add_client.assert_called_with("us-east-1") assert client is self.mock_boto3_client_instance @patch("aws_encryption_sdk.key_providers.kms.KMSMasterKeyProvider.add_regional_client") @@ -124,9 +129,11 @@ def test_client_no_region_name_with_default(self, mock_add_client): test._regional_clients[sentinel.default_region] = sentinel.default_client client = test._client("") assert client is sentinel.default_client - mock_add_client.assert_called_once_with(sentinel.default_region) + mock_add_client.assert_called_with(sentinel.default_region) def test_client_no_region_name_without_default(self): + if default_region_is_set(): + pytest.skip("User has configured a default region") test = KMSMasterKeyProvider() with pytest.raises(UnknownRegionError) as excinfo: test._client("") @@ -141,3 +148,10 @@ def test_new_master_key(self, mock_client): key = test._new_master_key(key_info) check_key = KMSMasterKey(key_id=key_info, client=self.mock_boto3_client_instance) assert key != check_key + + +def default_region_is_set(): + """Returns whether a user has their default AWS region set. This is useful for + testing logic around setting the region; there are some assertions which assume + the region starts out as `None`.""" + return KMSMasterKeyProvider().default_region is not None From 26a4b4679950a96d9ccde09d528ca8fe922d589e Mon Sep 17 00:00:00 2001 From: ragona Date: Mon, 29 Jul 2019 15:22:09 -0700 Subject: [PATCH 2/3] created fixture for botocore session with no region set --- .../test_providers_kms_master_key_provider.py | 26 +++++-------------- 1 file changed, 7 insertions(+), 19 deletions(-) diff --git a/test/unit/test_providers_kms_master_key_provider.py b/test/unit/test_providers_kms_master_key_provider.py index 7961d77c4..50b23724d 100644 --- a/test/unit/test_providers_kms_master_key_provider.py +++ b/test/unit/test_providers_kms_master_key_provider.py @@ -12,6 +12,7 @@ # language governing permissions and limitations under the License. """Unit test suite from aws_encryption_sdk.key_providers.kms.KMSMasterKeyProvider""" import botocore.client +import botocore.session import pytest from mock import ANY, MagicMock, call, patch, sentinel @@ -32,6 +33,7 @@ def test_init_with_regionless_key_ids_and_region_names(): class TestKMSMasterKeyProvider(object): @pytest.fixture(autouse=True) def apply_fixtures(self): + self.botocore_no_region_session = botocore.session.Session(session_vars={"region": (None, None, None, None)}) self.mock_botocore_session_patcher = patch("aws_encryption_sdk.key_providers.kms.botocore.session.Session") self.mock_botocore_session = self.mock_botocore_session_patcher.start() self.mock_boto3_session_patcher = patch("aws_encryption_sdk.key_providers.kms.boto3.session.Session") @@ -69,9 +71,8 @@ def test_init_with_region_names(self, mock_add_clients): @patch("aws_encryption_sdk.key_providers.kms.KMSMasterKeyProvider.add_regional_client") def test_init_with_default_region_found(self, mock_add_regional_client): - test = KMSMasterKeyProvider() - if not default_region_is_set(): - assert test.default_region is None + test = KMSMasterKeyProvider(botocore_session=self.botocore_no_region_session) + assert test.default_region is None with patch.object( test.config.botocore_session, "get_config_variable", return_value=sentinel.default_region ) as mock_get_config: @@ -82,9 +83,7 @@ def test_init_with_default_region_found(self, mock_add_regional_client): @patch("aws_encryption_sdk.key_providers.kms.KMSMasterKeyProvider.add_regional_client") def test_init_with_default_region_not_found(self, mock_add_regional_client): - if default_region_is_set(): - pytest.skip("User has configured a default region") - test = KMSMasterKeyProvider() + test = KMSMasterKeyProvider(botocore_session=self.botocore_no_region_session) assert test.default_region is None with patch.object(test.config.botocore_session, "get_config_variable", return_value=None) as mock_get_config: test._process_config() @@ -101,9 +100,7 @@ def test_add_regional_client_new(self): assert test._regional_clients["ex_region_name"] is self.mock_boto3_client_instance def test_add_regional_client_exists(self): - if default_region_is_set(): - pytest.skip("User has configured a default region") - test = KMSMasterKeyProvider() + test = KMSMasterKeyProvider(botocore_session=self.botocore_no_region_session) test._regional_clients["ex_region_name"] = sentinel.existing_client test.add_regional_client("ex_region_name") assert not self.mock_boto3_session.called @@ -132,9 +129,7 @@ def test_client_no_region_name_with_default(self, mock_add_client): mock_add_client.assert_called_with(sentinel.default_region) def test_client_no_region_name_without_default(self): - if default_region_is_set(): - pytest.skip("User has configured a default region") - test = KMSMasterKeyProvider() + test = KMSMasterKeyProvider(botocore_session=self.botocore_no_region_session) with pytest.raises(UnknownRegionError) as excinfo: test._client("") excinfo.match("No default region found and no region determinable from key id: *") @@ -148,10 +143,3 @@ def test_new_master_key(self, mock_client): key = test._new_master_key(key_info) check_key = KMSMasterKey(key_id=key_info, client=self.mock_boto3_client_instance) assert key != check_key - - -def default_region_is_set(): - """Returns whether a user has their default AWS region set. This is useful for - testing logic around setting the region; there are some assertions which assume - the region starts out as `None`.""" - return KMSMasterKeyProvider().default_region is not None From c8d808b93a4a34044c379c2312efa10479802373 Mon Sep 17 00:00:00 2001 From: mattsb42-aws Date: Thu, 1 Aug 2019 20:09:47 -0700 Subject: [PATCH 3/3] add auto-used fixture in KMS master key provider unit tests to test against both with and without default region --- test/unit/test_providers_kms_master_key_provider.py | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/test/unit/test_providers_kms_master_key_provider.py b/test/unit/test_providers_kms_master_key_provider.py index 50b23724d..9a122e622 100644 --- a/test/unit/test_providers_kms_master_key_provider.py +++ b/test/unit/test_providers_kms_master_key_provider.py @@ -23,6 +23,19 @@ pytestmark = [pytest.mark.unit, pytest.mark.local] +@pytest.fixture(autouse=True, params=[True, False], ids=["default region", "no default region"]) +def patch_default_region(request, monkeypatch): + """Run all tests in this module both with a default region set and no default region set. + + This ensures that we do not regress on default region handling. + https://github.com/aws/aws-encryption-sdk-python/issues/31 + """ + if request.param: + monkeypatch.setenv("AWS_DEFAULT_REGION", "us-west-2") + else: + monkeypatch.delenv("AWS_DEFAULT_REGION", raising=False) + + def test_init_with_regionless_key_ids_and_region_names(): key_ids = ("alias/key_1",) region_names = ("test-region-1",)