配置管理>> virga>> 返回
项目作者: gurdulu

项目描述 :
Virga tests your Cloud resources
高级语言: Python
项目地址: git://github.com/gurdulu/virga.git
创建时间: 2017-09-19T20:07:46Z
项目社区:https://github.com/gurdulu/virga
开源协议:MIT License
下载


Virga

Virga tests your Cloud resources.

Travis CI
CodeClimate maintainability
CodeClimate code coverage

What is Virga

In meteorology, Virga is an observable streak or shaft of precipitation falling from a cloud that evaporates or
sublimates before reaching the ground. Wikipedia

This piece of software is not about a weather phenomenon.

Virga is a tool for analysing your Cloud infrastructure before the rain catastrophically reaches the ground.

This project is still in pre-alpha

There are many things still missing:

  • the documentation needs to be completed
  • the definition files are just a draft for testing purposes

Providers supported

At the moment only AWS.

Requirements

Specific for AWS

  • an AWS working account
  • boto3

Quick start

  1. Install Virga pip install virga
  2. Create and edit the file tests.yaml
  3. Launch the command virga-asserts -p aws -t tests.yaml

tests.yaml is a test file.

Configuration files

See This project is still in pre-alpha

There are two types of configuration files.

The definitions (see docs/definition_file.md) are specific to the provider and define
the way we want to filter the resources to check. These files are unlikely to be changed.

The tests are the actual tests we want to implement.

Test files

Let’s start with an use case: you want to test that the subnet with the id subnet-0123456789 has:

  • the CIDR block equals to 10.0.0.0/24
  • the tag environment has value staging
  • the tag Name has value my-subnet

and then you want to know if the EC2 instances with the tag name starting with the value my-app are in the subnet
my-subnet.

  1. subnets:
  2. - id: subnet-0123456789
  3.   assertions:
  4.   - CidrBlock=='10.0.0.0/24'
  5.   - Tags[?Key=='environment' && Value=='staging']
  6.   - Tags[?Key=='Name' && Value=='my-subnet']
  8. instances:
  9. - name: my-app-*
  10.   assertions:
  11.   - SubnetId=="_lookup('subnets', 'name', 'my-subnet')"

The keys id and name are identifiers declared in the definitions file.

The assertions are the actual tests: each item of the list represents a condition to verify using
JMESPath.

In the assertions above there is a spurious case

  1. SubnetId=="_lookup('subnets', 'name', 'my-subnet')"

_lookup is not a standard JMESPath construct but a Virga function (see _lookup function).

_lookup function

The _lookup function filters a single resource returning the ID.

In the example above instead of declaring the equality

  1. SubnetId=="subnet-0123456789"

we have filtered the subnet by the tag:Name.

The argument passed to the function are:

  • the resource type
  • the identifier (eg. name)
  • the value to search

If no result is found, the test fails.

virga-asserts options

Following the list of options of virga-asserts

  1. usage: virga-asserts [-h] -p {aws} [-t TESTFILE [TESTFILE ...]] [-d DEFINITIONS] [-l LOGFILE] [-s] [-o OUTPUT] [--debug]
  3. optional arguments:
  4.   -h, --help            show this help message and exit
  5.   -p {aws}, --provider {aws}
  6.                         provider
  7.   -t TESTFILE [TESTFILE ...], --testfile TESTFILE [TESTFILE ...]
  8.                         test file
  9.   -d DEFINITIONS, --definitions DEFINITIONS
  10.                         custom definitions path
  11.   -l LOGFILE, --logfile LOGFILE
  12.                         redirect the output to a log file
  13.   -s, --silent          do not output results
  14.   -o OUTPUT, --output OUTPUT
  15.                         save the resource info into the specified directory
  16.   --debug               show debug

The command requires a valid provider and at least one test file (see Test files).

Sample generation

Virga comes with a tool for generating test files out of resources.

virga-samples requires:

  • a valid provider
  • the ID of the resource to exemplify

Example

The command virga-assert -p aws -s instances -r i-0123456789 will generate a valid test file for the resource
i-0123456789.

Options

  1. usage: virga-samples [-h] -p PROVIDER -s SECTION -r RESOURCE [-d DEFINITIONS]
  3. optional arguments:
  4.   -h, --help            show this help message and exit
  5.   -p PROVIDER, --provider PROVIDER
  6.                         provider
  7.   -s SECTION, --section SECTION
  8.                         section
  9.   -r RESOURCE, --resource RESOURCE
  10.                         resource id
  11.   -d DEFINITIONS, --definitions DEFINITIONS
  12.                         definitions path

FAQ

See This project is still in pre-alpha

AWS credentials settings

Even if AWS requires appropriate credentials, Virga does not explicitly requires any
credentials setting.

There are several ways to set AWS credentials, if you have some doubts about it, we suggest you to spend some time
studying this topic before using AWS.

A quick way is using AWS CLI

  1. pip install awscli --upgrade --user
  2. aws configure

For more information refer to boto3 documentation.

Why my test is failing

See This project is still in pre-alpha

Resource mapping

Advanced topics