qontract-reconcile 0.10.1rc1202__py3-none-any.whl → 0.10.2.dev1__py3-none-any.whl

tools/cli_commands/test/test_cost_management_api.py

@@ -1,326 +0,0 @@
-from collections.abc import Callable
-from decimal import Decimal
-from typing import Any
-
-import pytest
-import requests
-from pytest_httpserver import HTTPServer
-from pytest_mock import MockerFixture
-from requests import HTTPError
-
-from tools.cli_commands.cost_report.cost_management_api import CostManagementApi
-from tools.cli_commands.cost_report.response import (
-    AwsReportCostResponse,
-    CostResponse,
-    CostTotalResponse,
-    DeltaResponse,
-    MoneyResponse,
-    OpenShiftCostResponse,
-    OpenShiftReportCostResponse,
-    ProjectCostResponse,
-    ProjectCostValueResponse,
-    ReportMetaResponse,
-    ServiceCostResponse,
-    ServiceCostValueResponse,
-    TotalMetaResponse,
-)
-from tools.cli_commands.test.conftest import (
-    COST_MANAGEMENT_API_HOST,
-    COST_REPORT_SECRET,
-    OPENSHIFT_COST_OPTIMIZATION_RESPONSE,
-)
-
-
-@pytest.fixture
-def mock_session(mocker: MockerFixture) -> Any:
-    return mocker.patch(
-        "tools.cli_commands.cost_report.cost_management_api.OAuth2BackendApplicationSession",
-        autospec=True,
-    )
-
-
-@pytest.fixture
-def base_url(httpserver: HTTPServer) -> str:
-    return httpserver.url_for("/")
-
-
-TOKEN_URL = "token_url"
-CLIENT_ID = COST_REPORT_SECRET["client_id"]
-CLIENT_SECRET = COST_REPORT_SECRET["client_secret"]
-SCOPE = ["scope"]
-
-
-def test_cost_management_api_create_from_secret(
-    mock_session: Any,
-) -> None:
-    api = CostManagementApi.create_from_secret(COST_REPORT_SECRET)
-
-    assert api.host == COST_MANAGEMENT_API_HOST
-    assert api.base_url == COST_REPORT_SECRET["api_base_url"]
-    assert api.session == mock_session.return_value
-    mock_session.assert_called_once_with(
-        client_id=CLIENT_ID,
-        client_secret=CLIENT_SECRET,
-        token_url=TOKEN_URL,
-        scope=SCOPE,
-    )
-
-
-def test_cost_management_api_init(mock_session: Any, base_url: str) -> None:
-    with CostManagementApi(
-        base_url=base_url,
-        token_url=TOKEN_URL,
-        client_id=CLIENT_ID,
-        client_secret=CLIENT_SECRET,
-        scope=SCOPE,
-    ) as api:
-        pass
-
-    assert api.base_url == base_url
-    assert api.session == mock_session.return_value
-
-    mock_session.assert_called_once_with(
-        client_id=CLIENT_ID,
-        client_secret=CLIENT_SECRET,
-        token_url=TOKEN_URL,
-        scope=SCOPE,
-    )
-    assert mock_session.return_value.mount.call_count == 2
-    mock_session.return_value.close.assert_called_once_with()
-
-
-@pytest.fixture
-def cost_management_api(mock_session: Any, base_url: str) -> CostManagementApi:
-    # swap to requests.request to skip oauth2 logic
-    mock_session.return_value.request.side_effect = requests.request
-    return CostManagementApi(
-        base_url=base_url,
-        token_url=TOKEN_URL,
-        client_id=CLIENT_ID,
-        client_secret=CLIENT_SECRET,
-        scope=SCOPE,
-    )
-
-
-EXPECTED_REPORT_COST_RESPONSE = AwsReportCostResponse(
-    meta=ReportMetaResponse(
-        delta=DeltaResponse(
-            value=Decimal(100),
-            percent=10,
-        ),
-        total=TotalMetaResponse(
-            cost=CostTotalResponse(
-                total=MoneyResponse(
-                    value=Decimal(1000),
-                    units="USD",
-                )
-            )
-        ),
-    ),
-    data=[
-        CostResponse(
-            date="2024-02",
-            services=[
-                ServiceCostResponse(
-                    service="AmazonEC2",
-                    values=[
-                        ServiceCostValueResponse(
-                            delta_percent=10,
-                            delta_value=Decimal(200),
-                            cost=CostTotalResponse(
-                                total=MoneyResponse(
-                                    value=Decimal(800),
-                                    units="USD",
-                                )
-                            ),
-                        )
-                    ],
-                ),
-                ServiceCostResponse(
-                    service="AmazonS3",
-                    values=[
-                        ServiceCostValueResponse(
-                            delta_percent=-10,
-                            delta_value=Decimal(-100),
-                            cost=CostTotalResponse(
-                                total=MoneyResponse(
-                                    value=Decimal(200),
-                                    units="USD",
-                                )
-                            ),
-                        )
-                    ],
-                ),
-            ],
-        ),
-    ],
-)
-
-
-def test_get_aws_costs_report(
-    cost_management_api: CostManagementApi,
-    fx: Callable,
-    httpserver: HTTPServer,
-    base_url: str,
-) -> None:
-    response_body = fx("aws_cost_report.json")
-    httpserver.expect_request(
-        "/reports/aws/costs/",
-        query_string={
-            "cost_type": "calculated_amortized_cost",
-            "delta": "cost",
-            "filter[resolution]": "monthly",
-            "filter[tag:app]": "test",
-            "filter[time_scope_units]": "month",
-            "filter[time_scope_value]": "-2",
-            "group_by[service]": "*",
-        },
-    ).respond_with_data(response_body)
-
-    report_cost_response = cost_management_api.get_aws_costs_report(app="test")
-
-    assert report_cost_response == EXPECTED_REPORT_COST_RESPONSE
-
-
-def test_get_aws_costs_report_error(
-    cost_management_api: CostManagementApi,
-    fx: Callable,
-    httpserver: HTTPServer,
-) -> None:
-    httpserver.expect_request("/reports/aws/costs/").respond_with_data(status=500)
-
-    with pytest.raises(HTTPError) as error:
-        cost_management_api.get_aws_costs_report(app="test")
-
-    assert error.value.response.status_code == 500
-
-
-EXPECTED_OPENSHIFT_REPORT_COST_RESPONSE = OpenShiftReportCostResponse(
-    meta=ReportMetaResponse(
-        delta=DeltaResponse(
-            value=Decimal(100),
-            percent=10,
-        ),
-        total=TotalMetaResponse(
-            cost=CostTotalResponse(
-                total=MoneyResponse(
-                    value=Decimal(1000),
-                    units="USD",
-                )
-            )
-        ),
-    ),
-    data=[
-        OpenShiftCostResponse(
-            date="2024-02",
-            projects=[
-                ProjectCostResponse(
-                    project="some-project",
-                    values=[
-                        ProjectCostValueResponse(
-                            delta_percent=10,
-                            delta_value=Decimal(100),
-                            clusters=["some-cluster"],
-                            cost=CostTotalResponse(
-                                total=MoneyResponse(
-                                    value=Decimal(1000),
-                                    units="USD",
-                                )
-                            ),
-                        )
-                    ],
-                ),
-            ],
-        ),
-    ],
-)
-
-
-def test_get_openshift_costs_report(
-    cost_management_api: CostManagementApi,
-    fx: Callable,
-    httpserver: HTTPServer,
-) -> None:
-    response_body = fx("openshift_cost_report.json")
-    project = "some-project"
-    cluster = "some-cluster-uuid"
-    httpserver.expect_request(
-        "/reports/openshift/costs/",
-        query_string={
-            "delta": "cost",
-            "filter[resolution]": "monthly",
-            "filter[cluster]": cluster,
-            "filter[exact:project]": project,
-            "filter[time_scope_units]": "month",
-            "filter[time_scope_value]": "-2",
-            "group_by[project]": "*",
-        },
-    ).respond_with_data(response_body)
-
-    report_cost_response = cost_management_api.get_openshift_costs_report(
-        cluster=cluster,
-        project=project,
-    )
-
-    assert report_cost_response == EXPECTED_OPENSHIFT_REPORT_COST_RESPONSE
-
-
-def test_get_openshift_costs_report_error(
-    cost_management_api: CostManagementApi,
-    fx: Callable,
-    httpserver: HTTPServer,
-) -> None:
-    httpserver.expect_request("/reports/openshift/costs/").respond_with_data(status=500)
-
-    with pytest.raises(HTTPError) as error:
-        cost_management_api.get_openshift_costs_report(
-            cluster="some-cluster",
-            project="some-project",
-        )
-
-    assert error.value.response.status_code == 500
-
-
-def test_get_openshift_cost_optimization_report(
-    cost_management_api: CostManagementApi,
-    fx: Callable,
-    httpserver: HTTPServer,
-) -> None:
-    response_body = fx("openshift_cost_optimization_report.json")
-    project = "some-project"
-    cluster = "some-cluster-uuid"
-    httpserver.expect_request(
-        "/recommendations/openshift",
-        query_string={
-            "cluster": cluster,
-            "project": project,
-            "limit": "100",
-            "memory-unit": "MiB",
-            "cpu-unit": "millicores",
-        },
-    ).respond_with_data(response_body)
-
-    report_cost_response = cost_management_api.get_openshift_cost_optimization_report(
-        cluster=cluster,
-        project=project,
-    )
-
-    assert report_cost_response == OPENSHIFT_COST_OPTIMIZATION_RESPONSE
-
-
-def test_get_openshift_cost_optimization_report_error(
-    cost_management_api: CostManagementApi,
-    fx: Callable,
-    httpserver: HTTPServer,
-) -> None:
-    httpserver.expect_request("/recommendations/openshift").respond_with_data(
-        status=500
-    )
-
-    with pytest.raises(HTTPError) as error:
-        cost_management_api.get_openshift_cost_optimization_report(
-            cluster="some-cluster",
-            project="some-project",
-        )
-
-    assert error.value.response.status_code == 500

tools/cli_commands/test/test_gpg_encrypt.py

@@ -1,235 +0,0 @@
-import json
-from collections.abc import Mapping
-from unittest.mock import (
-    MagicMock,
-    mock_open,
-    patch,
-)
-
-import pytest
-
-from reconcile.queries import UserFilter
-from reconcile.utils.secret_reader import SecretReader
-from tools.cli_commands.gpg_encrypt import (
-    ArgumentException,
-    GPGEncryptCommand,
-    GPGEncryptCommandData,
-    UserException,
-)
-
-
-def craft_command(command_data: GPGEncryptCommandData, secret: Mapping[str, str]):
-    secret_reader = MagicMock(spec=SecretReader)
-    secret_reader.read_all = MagicMock()
-    secret_reader.read_all.side_effect = [secret]
-    command = GPGEncryptCommand.create(
-        command_data=command_data,
-        secret_reader=secret_reader,
-    )
-    return command
-
-
-@patch("reconcile.utils.gpg.gpg_encrypt")
-@patch("reconcile.queries.get_users_by")
-def test_gpg_encrypt_from_vault(get_users_by_mock, gpg_encrypt_mock):
-    vault_secret_path = "app-sre/test"
-    target_user = "testuser"
-    gpg_key = "xyz"
-    secret = {"x": "y"}
-    user_query = {
-        "org_username": target_user,
-        "public_gpg_key": gpg_key,
-    }
-    command = craft_command(
-        command_data=GPGEncryptCommandData(
-            vault_secret_path=vault_secret_path,
-            target_user=target_user,
-        ),
-        secret=secret,
-    )
-    secret_reader_mock = command._secret_reader.read_all
-    get_users_by_mock.side_effect = [[user_query]]
-    gpg_encrypt_mock.side_effect = ["encrypted_content"]
-
-    command.execute()
-
-    secret_reader_mock.assert_called_once_with({"path": vault_secret_path})
-    get_users_by_mock.assert_called_once_with(
-        refs=False,
-        filter=UserFilter(
-            org_username=target_user,
-        ),
-    )
-    gpg_encrypt_mock.assert_called_once_with(
-        content=json.dumps(secret, sort_keys=True, indent=4),
-        public_gpg_key=gpg_key,
-    )
-
-
-@patch("reconcile.utils.gpg.gpg_encrypt")
-@patch("reconcile.queries.get_users_by")
-def test_gpg_encrypt_from_vault_with_version(get_users_by_mock, gpg_encrypt_mock):
-    vault_secret_path = "app-sre/test"
-    target_user = "testuser"
-    gpg_key = "xyz"
-    version = 4
-    secret = {"x": "y"}
-    user_query = {
-        "org_username": target_user,
-        "public_gpg_key": gpg_key,
-    }
-    command = craft_command(
-        command_data=GPGEncryptCommandData(
-            vault_secret_path=vault_secret_path,
-            vault_secret_version=version,
-            target_user=target_user,
-        ),
-        secret=secret,
-    )
-    secret_reader_mock = command._secret_reader.read_all
-    get_users_by_mock.side_effect = [[user_query]]
-    gpg_encrypt_mock.side_effect = ["encrypted_content"]
-
-    command.execute()
-
-    secret_reader_mock.assert_called_once_with({
-        "path": vault_secret_path,
-        "version": str(version),
-    })
-    get_users_by_mock.assert_called_once_with(
-        refs=False,
-        filter=UserFilter(
-            org_username=target_user,
-        ),
-    )
-    gpg_encrypt_mock.assert_called_once_with(
-        content=json.dumps(secret, sort_keys=True, indent=4),
-        public_gpg_key=gpg_key,
-    )
-
-
-@patch("reconcile.queries.get_users_by")
-@patch("reconcile.queries.get_clusters")
-def test_gpg_encrypt_oc_bad_path(get_clusters_mock, get_users_by_mock):
-    target_user = "testuser"
-    user_query = {
-        "org_username": target_user,
-        "public_gpg_key": "xyz",
-    }
-    command = craft_command(
-        command_data=GPGEncryptCommandData(
-            openshift_path="cluster/secret",
-            target_user=target_user,
-        ),
-        secret={},
-    )
-
-    get_users_by_mock.side_effect = [[user_query]]
-    get_clusters_mock.side_effect = [[{"name": "cluster"}]]
-
-    with pytest.raises(ArgumentException) as exc:
-        command.execute()
-    assert "Wrong format!" in str(exc.value)
-
-
-@patch("reconcile.queries.get_users_by")
-@patch("reconcile.queries.get_clusters_by")
-def test_gpg_encrypt_oc_cluster_not_exists(get_clusters_mock, get_users_by_mock):
-    target_user = "testuser"
-    user_query = {
-        "org_username": target_user,
-        "public_gpg_key": "xyz",
-    }
-    command = craft_command(
-        command_data=GPGEncryptCommandData(
-            openshift_path="cluster/namespace/secret",
-            target_user=target_user,
-        ),
-        secret={},
-    )
-
-    get_users_by_mock.side_effect = [[user_query]]
-    get_clusters_mock.side_effect = [[]]
-
-    with pytest.raises(ArgumentException) as exc:
-        command.execute()
-    assert "No cluster found" in str(exc.value)
-
-
-@patch("builtins.open", new_callable=mock_open, read_data="test-data")
-@patch("reconcile.utils.gpg.gpg_encrypt")
-@patch("reconcile.queries.get_users_by")
-def test_gpg_encrypt_from_local_file(
-    get_users_by_mock, gpg_encrypt_mock, mock_file, capsys
-):
-    target_user = "testuser"
-    file_path = "/tmp/tmp"
-    encrypted_content = "encrypted_content"
-    user_query = {
-        "org_username": target_user,
-        "public_gpg_key": "xyz",
-    }
-    command = craft_command(
-        command_data=GPGEncryptCommandData(
-            secret_file_path=file_path,
-            target_user=target_user,
-        ),
-        secret={},
-    )
-    secret_reader_mock = command._secret_reader.read_all
-    get_users_by_mock.side_effect = [[user_query]]
-    gpg_encrypt_mock.side_effect = [encrypted_content]
-
-    command.execute()
-
-    captured = capsys.readouterr()
-    assert captured.out == f"{encrypted_content}\n"
-    mock_file.assert_called_once_with(file_path, encoding="locale")
-    secret_reader_mock.read_all.assert_not_called()
-
-
-@patch("reconcile.queries.get_users_by")
-def test_gpg_encrypt_user_not_found(get_users_by_mock):
-    target_user = "testuser"
-    command = craft_command(
-        command_data=GPGEncryptCommandData(
-            vault_secret_path="/tmp/tmp",
-            target_user=target_user,
-        ),
-        secret={},
-    )
-    get_users_by_mock.side_effect = [[]]
-
-    with pytest.raises(UserException) as exc:
-        command.execute()
-    assert "Expected to find exactly one user" in str(exc.value)
-
-
-@patch("reconcile.queries.get_users_by")
-def test_gpg_encrypt_user_no_gpg_key(get_users_by_mock):
-    target_user = "testuser"
-    command = craft_command(
-        command_data=GPGEncryptCommandData(
-            vault_secret_path="/tmp/tmp",
-            target_user=target_user,
-        ),
-        secret={},
-    )
-    get_users_by_mock.side_effect = [[{"org_username": target_user}]]
-
-    with pytest.raises(UserException) as exc:
-        command.execute()
-    assert "associated GPG key" in str(exc.value)
-
-
-def test_gpg_encrypt_no_secret_specified():
-    command = craft_command(
-        command_data=GPGEncryptCommandData(
-            target_user="one_user",
-        ),
-        secret={},
-    )
-
-    with pytest.raises(ArgumentException) as exc:
-        command.execute()
-    assert "No argument given" in str(exc.value)