cbrand/ps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c34cead304
ps/Modules/Alkami.DevOps.SystemEngineering/Public/Update-AWSProfile.tests.ps1

232 lines
14 KiB
PowerShell
Raw Normal View History

First full commit
2023-05-30 22:51:22 -07:00
. $PSScriptRoot\..\..\Load-PesterModules.ps1
$here = Split-Path -Parent $MyInvocation.MyCommand.Path
$sut = (Split-Path -Leaf $MyInvocation.MyCommand.Path) -replace '\.tests\.', '.'
$functionPath = Join-Path -Path $here -ChildPath $sut
Write-Host "Overriding SUT: $functionPath"
Import-Module $functionPath -Force
$moduleForMock = ""
Describe "Update-AWSProfile" {
Mock -CommandName Get-LogLeadName -ModuleName $moduleForMock -MockWith { return 'Update-AWSProfile.tests' }
Mock -CommandName Write-Error -ModuleName $moduleForMock -MockWith {}
Mock -CommandName Import-AWSModule -ModuleName $moduleForMock -MockWith {}
Context "Logic" {
Mock -CommandName Read-Host -ModuleName $moduleForMock -MockWith { return '123456' }
It "Returns Early If Credential Is Still Valid" {
Mock -CommandName Get-STSCallerIdentity -ModuleName $moduleForMock -MockWith {}
Mock -CommandName Use-STSRole -ModuleName $moduleForMock -MockWith {}
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @() }
Update-AWSProfile -Profile "Test"
Assert-MockCalled -CommandName Get-STSCallerIdentity `
-ParameterFilter { $ProfileName -eq "temp-test" } -Times 1 -Exactly -Scope It
Assert-MockCalled -CommandName Get-AWSCredential -Times 0 -Exactly -Scope It
Assert-MockCalled -CommandName Use-STSRole -Times 0 -Exactly -Scope It
}
It "Writes Error and Aborts if Default Profile Location Not Found" {
Mock -CommandName Get-STSCallerIdentity -ModuleName $moduleForMock -MockWith { throw "Test Error" }
Mock -CommandName Use-STSRole -ModuleName $moduleForMock -MockWith {}
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @() }
Update-AWSProfile -Profile "Test"
Assert-MockCalled -CommandName Write-Error `
-ParameterFilter { $Message -match "Unable to locate default profile location" } -Times 1 -Exactly -Scope It
Assert-MockCalled -CommandName Get-AWSCredential -Times 1 -Exactly -Scope It
Assert-MockCalled -CommandName Use-STSRole -Times 0 -Exactly -Scope It
}
It "Writes Error and Aborts if Profile Not Found" {
Mock -CommandName Get-STSCallerIdentity -ModuleName $moduleForMock -MockWith { throw "Test Error" }
Mock -CommandName Use-STSRole -ModuleName $moduleForMock -MockWith {}
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @( @{ProfileLocation = "C:\Temp\test.txt"; ProfileName = "default"}) } `
-ParameterFilter { $PSBoundParameters.ContainsKey( 'ListProfileDetail' ) }
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return $null} `
-ParameterFilter { $PSBoundParameters.ContainsKey( 'ProfileName' ) }
Update-AWSProfile -Profile "Test"
Assert-MockCalled -CommandName Write-Error `
-ParameterFilter { $Message -match "Unable to locate the profile named \[Test\]" } -Times 1 -Exactly -Scope It
Assert-MockCalled -CommandName Get-AWSCredential -Times 2 -Exactly -Scope It
Assert-MockCalled -CommandName Use-STSRole -Times 0 -Exactly -Scope It
}
It "Writes Error and Aborts if Profile ARN Not Found" {
Mock -CommandName Get-STSCallerIdentity -ModuleName $moduleForMock -MockWith { throw "Test Error" }
Mock -CommandName Use-STSRole -ModuleName $moduleForMock -MockWith {}
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @( @{ProfileLocation = "C:\Temp\test.txt"; ProfileName = "default"}) } `
-ParameterFilter { $PSBoundParameters.ContainsKey( 'ListProfileDetail' ) }
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @{}} `
-ParameterFilter { $PSBoundParameters.ContainsKey( 'ProfileName' ) }
Update-AWSProfile -Profile "Test"
Assert-MockCalled -CommandName Write-Error `
-ParameterFilter { $Message -match "Unable to locate the role ARN for \[Test\]" } -Times 1 -Exactly -Scope It
Assert-MockCalled -CommandName Get-AWSCredential -Times 2 -Exactly -Scope It
Assert-MockCalled -CommandName Use-STSRole -Times 0 -Exactly -Scope It
}
It "Writes Error and Aborts if Profile MFA Serial Number Not Found" {
Mock -CommandName Get-STSCallerIdentity -ModuleName $moduleForMock -MockWith { throw "Test Error" }
Mock -CommandName Use-STSRole -ModuleName $moduleForMock -MockWith {}
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @( @{ProfileLocation = "C:\Temp\test.txt"; ProfileName = "default"}) } `
-ParameterFilter { $PSBoundParameters.ContainsKey( 'ListProfileDetail' ) }
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @{ RoleArn = "TestRole" }} `
-ParameterFilter { $PSBoundParameters.ContainsKey( 'ProfileName' ) }
Update-AWSProfile -Profile "Test"
Assert-MockCalled -CommandName Write-Error `
-ParameterFilter { $Message -match "Unable to locate the MFA serial number for \[Test\]" } -Times 1 -Exactly -Scope It
Assert-MockCalled -CommandName Get-AWSCredential -Times 2 -Exactly -Scope It
Assert-MockCalled -CommandName Use-STSRole -Times 0 -Exactly -Scope It
}
It "Writes Error and Aborts if Assume Role Fails" {
Mock -CommandName Get-STSCallerIdentity -ModuleName $moduleForMock -MockWith { throw "Test Error" }
Mock -CommandName Use-STSRole -ModuleName $moduleForMock -MockWith {}
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @( @{ProfileLocation = "C:\Temp\test.txt"; ProfileName = "default"}) } `
-ParameterFilter { $PSBoundParameters.ContainsKey( 'ListProfileDetail' ) }
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @{ RoleArn = "TestRole"; Options = @{ MfaSerialNumber = "TestMfa" } } } `
-ParameterFilter { $PSBoundParameters.ContainsKey( 'ProfileName' ) }
Update-AWSProfile -Profile "Test"
Assert-MockCalled -CommandName Write-Error `
-ParameterFilter { $Message -match "Unable to assume role \[TestRole\]" } -Times 1 -Exactly -Scope It
Assert-MockCalled -CommandName Get-AWSCredential -Times 2 -Exactly -Scope It
Assert-MockCalled -CommandName Use-STSRole -Times 1 -Exactly -Scope It
}
It "Writes Error and Aborts if Assume Role Credential Lacks Access Key" {
Mock -CommandName Get-STSCallerIdentity -ModuleName $moduleForMock -MockWith { throw "Test Error" }
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @( @{ProfileLocation = "C:\Temp\test.txt"; ProfileName = "default"}) } `
-ParameterFilter { $PSBoundParameters.ContainsKey( 'ListProfileDetail' ) }
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @{ RoleArn = "TestRole"; Options = @{ MfaSerialNumber = "TestMfa" } } } `
-ParameterFilter { $PSBoundParameters.ContainsKey( 'ProfileName' ) }
Mock -CommandName Use-STSRole -ModuleName $moduleForMock -MockWith {@{Credentials = @{}}}
Mock -CommandName Set-AWSCredential -ModuleName $moduleForMock -MockWith {}
Update-AWSProfile -Profile "Test"
Assert-MockCalled -CommandName Write-Error `
-ParameterFilter { $Message -match "No access key provided by \[TestRole\] credential." } -Times 1 -Exactly -Scope It
Assert-MockCalled -CommandName Get-AWSCredential -Times 2 -Exactly -Scope It
Assert-MockCalled -CommandName Use-STSRole -Times 1 -Exactly -Scope It
Assert-MockCalled -CommandName Set-AWSCredential -Times 0 -Exactly -Scope It
}
It "Writes Error and Aborts if Assume Role Credential Lacks Secret Access Key" {
Mock -CommandName Get-STSCallerIdentity -ModuleName $moduleForMock -MockWith { throw "Test Error" }
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @( @{ProfileLocation = "C:\Temp\test.txt"; ProfileName = "default"}) } `
-ParameterFilter { $PSBoundParameters.ContainsKey( 'ListProfileDetail' ) }
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @{ RoleArn = "TestRole"; Options = @{ MfaSerialNumber = "TestMfa" } } } `
-ParameterFilter { $PSBoundParameters.ContainsKey( 'ProfileName' ) }
Mock -CommandName Use-STSRole -ModuleName $moduleForMock -MockWith {@{Credentials = @{AccessKeyId = "TestAccess"}}}
Mock -CommandName Set-AWSCredential -ModuleName $moduleForMock -MockWith {}
Update-AWSProfile -Profile "Test"
Assert-MockCalled -CommandName Write-Error `
-ParameterFilter { $Message -match "No secret access key provided by \[TestRole\] credential." } -Times 1 -Exactly -Scope It
Assert-MockCalled -CommandName Get-AWSCredential -Times 2 -Exactly -Scope It
Assert-MockCalled -CommandName Use-STSRole -Times 1 -Exactly -Scope It
Assert-MockCalled -CommandName Set-AWSCredential -Times 0 -Exactly -Scope It
}
It "Writes Error and Aborts if Assume Role Credential Lacks Secret Access Key" {
Mock -CommandName Get-STSCallerIdentity -ModuleName $moduleForMock -MockWith { throw "Test Error" }
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @( @{ProfileLocation = "C:\Temp\test.txt"; ProfileName = "default"}) } `
-ParameterFilter { $PSBoundParameters.ContainsKey( 'ListProfileDetail' ) }
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @{ RoleArn = "TestRole"; Options = @{ MfaSerialNumber = "TestMfa" } } } `
-ParameterFilter { $PSBoundParameters.ContainsKey( 'ProfileName' ) }
Mock -CommandName Use-STSRole -ModuleName $moduleForMock -MockWith {@{Credentials = @{AccessKeyId = "TestAccess"; SecretAccessKey = "TestSecret"}}}
Mock -CommandName Set-AWSCredential -ModuleName $moduleForMock -MockWith {}
Update-AWSProfile -Profile "Test"
Assert-MockCalled -CommandName Write-Error `
-ParameterFilter { $Message -match "No session token provided by \[TestRole\] credential." } -Times 1 -Exactly -Scope It
Assert-MockCalled -CommandName Get-AWSCredential -Times 2 -Exactly -Scope It
Assert-MockCalled -CommandName Use-STSRole -Times 1 -Exactly -Scope It
Assert-MockCalled -CommandName Set-AWSCredential -Times 0 -Exactly -Scope It
}
It "Saves AWS Credential Upon Success" {
Mock -CommandName Get-STSCallerIdentity -ModuleName $moduleForMock -MockWith { throw "Test Error" }
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @( @{ProfileLocation = "C:\Temp\test.txt"; ProfileName = "default"}) } `
-ParameterFilter { $PSBoundParameters.ContainsKey( 'ListProfileDetail' ) }
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @{ RoleArn = "TestRole"; Options = @{ MfaSerialNumber = "TestMfa" } } } `
-ParameterFilter { $PSBoundParameters.ContainsKey( 'ProfileName' ) }
Mock -CommandName Use-STSRole -ModuleName $moduleForMock -MockWith {@{Credentials = @{AccessKeyId = "TestAccess"; SecretAccessKey = "TestSecret"; SessionToken = "TestSession"}}}
Mock -CommandName Set-AWSCredential -ModuleName $moduleForMock -MockWith {}
Update-AWSProfile -Profile "Test"
Assert-MockCalled -CommandName Write-Error -Times 0 -Exactly -Scope It
Assert-MockCalled -CommandName Get-AWSCredential -Times 2 -Exactly -Scope It
Assert-MockCalled -CommandName Use-STSRole -Times 1 -Exactly -Scope It
Assert-MockCalled -CommandName Set-AWSCredential -Times 1 -Exactly -Scope It
}
}
Context "Input" {
Mock -CommandName Get-STSCallerIdentity -ModuleName $moduleForMock -MockWith { throw "Test Error" }
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @( @{ProfileLocation = "C:\Temp\test.txt"; ProfileName = "default"}) } `
-ParameterFilter { $PSBoundParameters.ContainsKey( 'ListProfileDetail' ) }
Mock -CommandName Get-AWSCredential -ModuleName $moduleForMock -MockWith { return @{ RoleArn = "TestRole"; Options = @{ MfaSerialNumber = "TestMfa" } } } `
-ParameterFilter { $PSBoundParameters.ContainsKey( 'ProfileName' ) }
Mock -CommandName Use-STSRole -ModuleName $moduleForMock -MockWith {@{Credentials = @{AccessKeyId = "TestAccess"; SecretAccessKey = "TestSecret"; SessionToken = "TestSession"}}}
Mock -CommandName Set-AWSCredential -ModuleName $moduleForMock -MockWith {}
Mock -CommandName Read-Host -ModuleName $moduleForMock -MockWith { return '123456' }
It "Does Not Prompt For MFA Code If Parameter Provided" {
Update-AWSProfile -Profile "Test" -MfaCode '123456' | Out-Null
Assert-MockCalled -CommandName Read-Host -Times 0 -Exactly -Scope It
}
It "Prompts For MFA Code If Parameter Not Provided" {
Update-AWSProfile -Profile "Test" | Out-Null
Assert-MockCalled -CommandName Read-Host -Times 1 -Exactly -Scope It
}
It "Uses Default Value for Session Duration If Parameter Not Provided" {
Update-AWSProfile -Profile "Test" -MfaCode '123456' | Out-Null
Assert-MockCalled -CommandName Use-STSRole -Times 1 -Exactly -Scope It `
-ParameterFilter { $DurationInSeconds -eq 43200 }
}
It "Uses Provided Value for Session Duration" {
Update-AWSProfile -Profile "Test" -MfaCode '123456' -SessionDurationSeconds 4321 | Out-Null
Assert-MockCalled -CommandName Use-STSRole -Times 1 -Exactly -Scope It `
-ParameterFilter { $DurationInSeconds -eq 4321 }
}
}
}
Reference in New Issue Copy Permalink