Skip to content

Commit

Permalink
update e2e test for storage access outputs (#2063)
Browse files Browse the repository at this point in the history
* update backend output test for storage access outputs

* move assertion to post deployment
  • Loading branch information
rtpascual authored Sep 27, 2024
1 parent 970d555 commit b7ac6a3
Show file tree
Hide file tree
Showing 5 changed files with 42 additions and 1 deletion.
2 changes: 2 additions & 0 deletions .changeset/healthy-planes-live.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,2 @@
---
---
Original file line number Diff line number Diff line change
Expand Up @@ -24,6 +24,11 @@ import { DataStorageAuthWithTriggerTestProjectCreator } from '../test-project-se
import { SQSClient } from '@aws-sdk/client-sqs';
import { setupDeployedBackendClient } from '../test-project-setup/setup_deployed_backend_client.js';

/**
* This E2E test is to check whether current (aka latest) repository content introduces breaking changes
* for our deployed backend client to read outputs.
*/

// Different root test dir to avoid race conditions with e2e deployment tests
const rootTestDir = fileURLToPath(
new URL('../e2e-outputs-tests', import.meta.url)
Expand Down Expand Up @@ -83,7 +88,6 @@ void describe(

await testProject.deploy(branchBackendIdentifier, sharedSecretsEnv);
await testProject.assertPostDeployment(branchBackendIdentifier);

await testProject.assertDeployedClientOutputs(branchBackendIdentifier);
});
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ import {
SQSClient,
} from '@aws-sdk/client-sqs';
import { e2eToolingClientConfig } from '../e2e_tooling_client_config.js';
import isMatch from 'lodash.ismatch';

/**
* Creates test projects with data, storage, and auth categories.
Expand Down Expand Up @@ -298,6 +299,31 @@ class DataStorageAuthWithTriggerTestProject extends TestProjectBase {
);
assert.ok(fileContent.includes('newKey: string;')); // Env var added via addEnvironment
assert.ok(fileContent.includes('TEST_SECRET: string;')); // Env var added via defineFunction

// assert storage access paths are correct in stack outputs
const outputsObject = JSON.parse(
await fs.readFile(
path.join(this.projectDirPath, 'amplify_outputs.json'),
'utf-8'
)
);
assert.ok(
isMatch(outputsObject.storage.buckets[0].paths, {
'public/*': {
guest: ['get', 'list'],
authenticated: ['get', 'list', 'write'],
groupsAdmins: ['get', 'list', 'write', 'delete'],
},
'protected/*': {
authenticated: ['get', 'list'],
groupsAdmins: ['get', 'list', 'write', 'delete'],
},
'protected/${cognito-identity.amazonaws.com:sub}/*': {
// eslint-disable-next-line spellcheck/spell-checker
entityidentity: ['get', 'list', 'write', 'delete'],
},
})
);
}

private getUpdateReplacementDefinition = (suffix: string) => ({
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -24,4 +24,5 @@ export const auth = defineAuth({
triggers: {
postConfirmation: defaultNodeFunc,
},
groups: ['Admins'],
});
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,14 @@ export const storage = defineStorage({
'public/*': [
allow.resource(defaultNodeFunc).to(['read', 'write']),
allow.resource(node16Func).to(['read', 'write']),
allow.guest.to(['read']),
allow.authenticated.to(['read', 'write']),
allow.groups(['Admins']).to(['read', 'write', 'delete']),
],
'protected/{entity_id}/*': [
allow.authenticated.to(['read']),
allow.entity('identity').to(['read', 'write', 'delete']),
allow.groups(['Admins']).to(['read', 'write', 'delete']),
],
}),
});

0 comments on commit b7ac6a3

Please sign in to comment.