Skip to content

Commit

Permalink
Merge pull request #579 from inspec/support-azure-service-fabric-mesh…
Browse files Browse the repository at this point in the history
…-service

RESOURCE-117 Support azure service fabric mesh service
  • Loading branch information
soumyo13 authored Mar 12, 2022
2 parents 9d53b86 + a3cd17a commit 275e228
Show file tree
Hide file tree
Showing 9 changed files with 343 additions and 0 deletions.
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -410,6 +410,8 @@ The following is a list of static resources.
- [azure_security_center_policies](docs/resources/azure_security_center_policies.md)
- [azure_sentinel_alert_rule_template](docs/resources/azure_sentinel_alert_rule_template.md)
- [azure_sentinel_alert_rule_templates](docs/resources/azure_sentinel_alert_rule_templates.md)
- [azure_service_fabric_mesh_service](docs/resources/azure_service_fabric_mesh_service.md)
- [azure_service_fabric_mesh_services](docs/resources/azure_service_fabric_mesh_services.md)
- [azure_service_fabric_mesh_replica](docs/resources/azure_service_fabric_mesh_replica.md)
- [azure_service_fabric_mesh_replicas](docs/resources/azure_service_fabric_mesh_replicas.md)
- [azure_service_fabric_mesh_volume](docs/resources/azure_service_fabric_mesh_volume.md)
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,105 @@
+++
title = "azure_service_fabric_mesh_service Resource"
platform = "azure"
draft = false
gh_repo = "inspec-azure"

[menu.inspec]
title = "azure_service_fabric_mesh_service"
identifier = "inspec/resources/azure/azure_service_fabric_mesh_service Resource"
parent = "inspec/resources/azure"
+++

Use the `azure_service_fabric_mesh_service` InSpec audit resource to test properties of an Azure Service Fabric Mesh service.

## Azure REST API Version, Endpoint, and HTTP Client Parameters

{{% inspec_azure_common_parameters %}}

## Installation

{{% inspec_azure_install %}}

## Syntax

```ruby
describe azure_service_fabric_mesh_service(resource_group: 'RESOURCE_GROUP', name: 'SERVICE_FABRIC_MESH_SERVICE_NAME') do
it { should exist }
its('type') { should eq 'Microsoft.ServiceFabricMesh/applications' }
end
```

```ruby
describe azure_service_fabric_mesh_service(resource_group: 'RESOURCE_GROUP', name: 'SERVICE_FABRIC_MESH_SERVICE_NAME') do
it { should exist }
end
```

## Parameters

`name` _(required)_
: Name of the Azure Service Fabric Mesh service to test.

`resource_group` _(required)_
: Azure resource group that the targeted resource resides in.

## Properties

`id`
: Resource Id.

`name`
: Resource name.

`type`
: Resource type. `Microsoft.ServiceFabricMesh/services`.

`properties`
: The properties of the SERVICE FABRIC MESH SERVICE.

`properties.osType`
: The Operating system type required by the code in service.

`properties.replicaCount`
: The number of replicas of the service to create. Defaults to 1 if not specified.

`properties.healthState`
: Describes the health state of an services resource.


For properties applicable to all resources, such as `type`, `name`, `id`, `properties`, refer to [`azure_generic_resource`]({{< relref "azure_generic_resource.md#properties" >}}).

Also, refer to [Azure documentation](https://docs.microsoft.com/en-us/rest/api/servicefabric/sfmeshrp-api-service_get) for other properties available.

## Examples

**Test that the SERVICE FABRIC MESH SERVICE is healthy.**

```ruby
describe azure_service_fabric_mesh_service(resource_group: 'RESOURCE_GROUP', name: 'SERVICE_FABRIC_MESH_SERVICE_NAME') do
its('properties.healthState') { should eq 'Ok' }
end
```

## Matchers

{{% inspec_matchers_link %}}

### exists

```ruby
# If a SERVICE FABRIC MESH SERVICE is found it will exist

describe azure_service_fabric_mesh_service(resource_group: 'RESOURCE_GROUP', name: 'SERVICE_FABRIC_MESH_SERVICE_NAME') do
it { should exist }
end
# if SERVICE FABRIC MESH SERVICE is not found it will not exist

describe azure_service_fabric_mesh_service(resource_group: 'RESOURCE_GROUP', name: 'SERVICE_FABRIC_MESH_SERVICE_NAME') do
it { should_not exist }
end
```

## Azure Permissions

{{% azure_permissions_service_principal role="reader" %}}
Original file line number Diff line number Diff line change
@@ -0,0 +1,118 @@
+++
title = "azure_service_fabric_mesh_services Resource"
platform = "azure"
draft = false
gh_repo = "inspec-azure"

[menu.inspec]
title = "azure_service_fabric_mesh_services"
identifier = "inspec/resources/azure/azure_service_fabric_mesh_services Resource"
parent = "inspec/resources/azure"
+++

Use the `azure_service_fabric_mesh_services` InSpec audit resource to test properties of all Azure service Fabric Mesh services within a project.

## Azure REST API Version, Endpoint, and HTTP Client Parameters

{{% inspec_azure_common_parameters %}}

## Installation

{{% inspec_azure_install %}}

## Syntax

An `azure_service_fabric_mesh_services` resource block returns all Azure service Fabric Mesh services within a project.

```ruby
describe azure_service_fabric_mesh_services do
#...
end
```

## Parameters

`resource_group` _(optional)_
: Azure resource group that the targeted resource resides in.

## Properties

`ids`
: A list of resource IDs.

: **Field**: `id`

`names`
: A list of resource Names.

: **Field**: `name`

`types`
: A list of the resource types.

: **Field**: `type`

`properties`
: A list of Properties for all the service Fabric Mesh services.

: **Field**: `properties`

`osTypes`
: The Operating system type required by the code in services.

: **Field**: `replicaCount`

`replicaCounts`
: The number of replicas of the service to create. Defaults to 1 if not specified.

: **Field**: `metricId`

`healthStates`
: health state of an services resource.

: **Field**: `healthState`

{{% inspec_filter_table %}}

## Examples

**Loop through service Fabric Mesh services by their names.**

```ruby
azure_service_fabric_mesh_services(resource_group: 'RESOURCE_GROUP').names.each do |name|
describe azure_service_fabric_mesh_service(resource_group: 'RESOURCE_GROUP', name: name) do
it { should exist }
end
end
```

**Test that there are service Fabric Mesh services that are healthy.**

```ruby
describe azure_service_fabric_mesh_services(resource_group: 'RESOURCE_GROUP').where(replicaCounts: 2) do
it { should exist }
end
```

## Matchers

{{% inspec_matchers_link %}}

### exists

```ruby
# Should not exist if no service Fabric Mesh services are present

describe azure_service_fabric_mesh_services(resource_group: 'RESOURCE_GROUP') do
it { should_not exist }
end
# Should exist if the filter returns at least one service Fabric Mesh services

describe azure_service_fabric_mesh_services(resource_group: 'RESOURCE_GROUP') do
it { should exist }
end
```

## Azure Permissions

{{% azure_permissions_service_principal role="reader" %}}
23 changes: 23 additions & 0 deletions libraries/azure_service_fabric_mesh_service.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
require 'azure_generic_resource'

class AzureServiceFabricMeshService < AzureGenericResource
name 'azure_service_fabric_mesh_service'
desc 'Retrieves and verifies the settings of an Azure Service Fabric Mesh Service.'
example <<-EXAMPLE
describe azure_service_fabric_mesh_service(application_name: 'fabric-svc', name: 'svc') do
it { should exist }
end
EXAMPLE

def initialize(opts = {})
raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)

opts[:resource_provider] = specific_resource_constraint('Microsoft.ServiceFabricMesh/applications', opts)
opts[:resource_path] = [opts[:application_name], 'services'].join('/')
super(opts, true)
end

def to_s
super(AzureServiceFabricMeshService)
end
end
35 changes: 35 additions & 0 deletions libraries/azure_service_fabric_mesh_services.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,35 @@
require 'azure_generic_resources'

class AzureServiceFabricMeshServices < AzureGenericResources
name 'azure_service_fabric_mesh_services'
desc 'Verifies settings for a collection of Azure Service Fabric Mesh Services'
example <<-EXAMPLE
describe azure_service_fabric_mesh_services(application_name: 'fabric-svc') do
it { should exist }
end
EXAMPLE

def initialize(opts = {})
raise ArgumentError, 'Parameters must be provided in an Hash object.' unless opts.is_a?(Hash)

opts[:resource_provider] = specific_resource_constraint('Microsoft.ServiceFabricMesh/applications', opts)
opts[:resource_path] = [opts[:application_name], 'services'].join('/')
super(opts, true)
return if failed_resource?

populate_filter_table_from_response
end

def to_s
super(AzureServiceFabricMeshServices)
end

private

def populate_table
@resources.each do |resource|
resource = resource.merge(resource[:properties])
@table << resource.merge(resource[:codePackages]).merge(resource[:networkRefs])
end
end
end
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
resource_group = input(:resource_group, value: '')

control 'test the properties of an Azure Service Fabric Mesh Service' do
describe azure_service_fabric_mesh_service(resource_group: resource_group, name: 'fabric-svc') do
it { should exist }
its('name') { should eq 'fabric-svc' }
its('replicaCount') { should eq '2' }
its('type') { should eq 'Microsoft.ServiceFabricMesh/services' }
its('healthState') { should eq 'Ok' }
end
end
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
resource_group = input(:resource_group, value: '')

control 'test the properties of all Azure Service Fabric Mesh Services' do
describe azure_service_fabric_mesh_services(resource_group: resource_group) do
it { should exist }
its('names') { should include 'fabric-svc' }
its('replicaCounts') { should include '2' }
its('types') { should include 'Microsoft.ServiceFabricMesh/services' }
its('healthStates') { should include 'Ok' }
end
end
17 changes: 17 additions & 0 deletions test/unit/resources/azure_service_fabric_mesh_service_test.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
require_relative 'helper'
require 'azure_service_fabric_mesh_service'

class AzureServiceFabricMeshServiceConstructorTest < Minitest::Test
def test_empty_param_not_ok
assert_raises(ArgumentError) { AzureServiceFabricMeshService.new }
end

# resource_provider should not be allowed.
def test_resource_provider_not_ok
assert_raises(ArgumentError) { AzureServiceFabricMeshService.new(resource_provider: 'some_type') }
end

def test_resource_group_name_alone_not_ok
assert_raises(ArgumentError) { AzureServiceFabricMeshService.new(resource_group: 'test') }
end
end
21 changes: 21 additions & 0 deletions test/unit/resources/azure_service_fabric_mesh_services_test.rb
Original file line number Diff line number Diff line change
@@ -0,0 +1,21 @@
require_relative 'helper'
require 'azure_service_fabric_mesh_services'

class AzureServiceFabricMeshServicesConstructorTest < Minitest::Test
# resource_type should not be allowed.
def test_resource_type_not_ok
assert_raises(ArgumentError) { AzureServiceFabricMeshServices.new(resource_provider: 'some_type') }
end

def tag_value_not_ok
assert_raises(ArgumentError) { AzureServiceFabricMeshServices.new(tag_value: 'some_tag_value') }
end

def tag_name_not_ok
assert_raises(ArgumentError) { AzureServiceFabricMeshServices.new(tag_name: 'some_tag_name') }
end

def test_name_not_ok
assert_raises(ArgumentError) { AzureServiceFabricMeshServices.new(name: 'some_name') }
end
end

0 comments on commit 275e228

Please sign in to comment.