data-dot-all / dataall

A modern data marketplace that makes collaboration among diverse users (like business, analysts and engineers) easier, increasing efficiency and agility in data projects on AWS.
https://data-dot-all.github.io/dataall/
Apache License 2.0
231 stars 82 forks source link

Integration tests executed on a real deployment as part of the CICD - Shares #1376

Open dlpzx opened 4 months ago

dlpzx commented 4 months ago

Same as for https://github.com/data-dot-all/dataall/issues/1220.

This issue is to track the progress for the Shares modules. It has its own dedicated issue because of the challenge of validating the shares

dlpzx commented 4 months ago

Required tests for basic coverage

For fresh deployments

For each of the following API calls we need to test authorized and unauthorized scenarios as well as all possible configurations (e.g. autoapproval...)

Full coverage [WIP]

For fresh deployments

For backwards compatibility

For updated Dataset stacks:

SofiaSazonova commented 1 month ago

Current progress Happy path shares

SofiaSazonova commented 1 month ago

Happy path tests:

New Shares:

Persistent Shares:

SofiaSazonova commented 1 month ago

Share 'breaks' tests:

  1. S3 bucket policy is manually changed 1.a. Permissions are insufficient 1.b. More permissions are granted
  2. IAM role policy is manually changed 1.a. Permissions are insufficient 1.b. More permissions are granted
SofiaSazonova commented 1 month ago

Resource are missing test:

  1. Share principal IAM role is deleted
  2. S3 bucket/ AccessPoint/Folder/Table/DB is deleted
SofiaSazonova commented 1 month ago

User Managed policy test: Share principal - consumption role without data.all managed policies