From 569252b637567df9d4f5f48550d3bde2a9d28e03 Mon Sep 17 00:00:00 2001 From: averbukh Date: Mon, 15 Mar 2021 09:32:03 +0100 Subject: [PATCH] Add boilerplate, formatting --- .../fixture/rules/common.yaml | 35 +++++++++++++++++++ .../net_vpc_firewall_yaml/test_plan.py | 6 ++-- 2 files changed, 38 insertions(+), 3 deletions(-) create mode 100644 tests/modules/net_vpc_firewall_yaml/fixture/rules/common.yaml diff --git a/tests/modules/net_vpc_firewall_yaml/fixture/rules/common.yaml b/tests/modules/net_vpc_firewall_yaml/fixture/rules/common.yaml new file mode 100644 index 000000000..829556ece --- /dev/null +++ b/tests/modules/net_vpc_firewall_yaml/fixture/rules/common.yaml @@ -0,0 +1,35 @@ +# Copyright 2021 Google LLC +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + + +# allow ingress from GCLB to all instances in the network +lb-health-checks: + allow: + - ports: [] + protocol: tcp + direction: INGRESS + priority: 1001 + source_ranges: + - 35.191.0.0/16 + - 130.211.0.0/22 + +# deny all egress +deny-all: + deny: + - ports: [] + protocol: all + direction: EGRESS + priority: 65535 + destination_ranges: + - 0.0.0.0/0 diff --git a/tests/modules/net_vpc_firewall_yaml/test_plan.py b/tests/modules/net_vpc_firewall_yaml/test_plan.py index 8e86d2c00..684a323eb 100644 --- a/tests/modules/net_vpc_firewall_yaml/test_plan.py +++ b/tests/modules/net_vpc_firewall_yaml/test_plan.py @@ -28,7 +28,7 @@ def test_firewall_simple(plan_runner): 'google_compute_firewall', 'time_static' ]) firewall_values = [r['values'] for r in resources if r['type'] - == 'google_compute_firewall'] + == 'google_compute_firewall'] assert set([f['project'] for f in firewall_values]) == set(['my-project']) assert set([f['network'] for f in firewall_values]) == set(['my-network']) @@ -46,5 +46,5 @@ def test_firewall_log_config(plan_runner): 'google_compute_firewall', 'time_static' ]) firewall_values = [r['values'] for r in resources if r['type'] - == 'google_compute_firewall'] - assert all(f['log_config'] == log_config_value for f in firewall_values) + == 'google_compute_firewall'] + assert all(f['log_config'] == log_config_value for f in firewall_values)