tests(trace): normalize VPCSC configuration in systests (#9618)

tseaver · web-flow · commit 7bdc2564cc04 · 2019-11-11T17:11:00.000-05:00
Toward #9580.
diff --git a/packages/google-cloud-trace/noxfile.py b/packages/google-cloud-trace/noxfile.py
@@ -121,19 +121,11 @@ def system(session):
     session.install("-e", "../test_utils/")
     session.install("-e", ".")
 
-    # Additional setup for VPCSC system tests
-    env = {
-        "PROJECT_ID": os.environ.get(
-            "PROJECT_ID"
-        ),
-        "GOOGLE_CLOUD_TESTS_VPCSC_OUTSIDE_PERIMETER_PROJECT": "secure-gcp-test-project-4",
-    }
-
     # Run py.test against the system tests.
     if system_test_exists:
-        session.run("py.test", "--quiet", system_test_path, env=env, *session.posargs)
+        session.run("py.test", "--quiet", system_test_path, *session.posargs)
     if system_test_folder_exists:
-        session.run("py.test", "--quiet", system_test_folder_path, env=env, *session.posargs)
+        session.run("py.test", "--quiet", system_test_folder_path, *session.posargs)
 
 
 @nox.session(python="3.7")
diff --git a/packages/google-cloud-trace/tests/system/gapic/v1/test_system_trace_service_v1_vpcsc.py b/packages/google-cloud-trace/tests/system/gapic/v1/test_system_trace_service_v1_vpcsc.py
@@ -21,68 +21,52 @@
 
 from google.api_core import exceptions
 from google.cloud import trace_v1
+from test_utils.vpcsc_config import vpcsc_config
 
-PROJECT_INSIDE = os.environ.get("PROJECT_ID", None)
-PROJECT_OUTSIDE = os.environ.get(
-    "GOOGLE_CLOUD_TESTS_VPCSC_OUTSIDE_PERIMETER_PROJECT", None
-)
-
-
-class TestVPCServiceControlV1(object):
-    @staticmethod
-    def _is_rejected(call):
-        try:
-            responses = call()
-        except exceptions.PermissionDenied as e:
-            return e.message == "Request is prohibited by organization's policy"
-        except:
-            return False
-        return False
-
-    @pytest.mark.skipif(
-        PROJECT_INSIDE is None, reason="Missing environment variable: PROJECT_ID"
-    )
-    @pytest.mark.skipif(
-        PROJECT_OUTSIDE is None,
-        reason="Missing environment variable: GOOGLE_CLOUD_TESTS_VPCSC_OUTSIDE_PERIMETER_PROJECT",
-    )
-    def test_list_traces(self):
-        client = trace_v1.TraceServiceClient()
-
-        list_inside = lambda: list(client.list_traces(PROJECT_INSIDE))
-        list_outside = lambda: list(client.list_traces(PROJECT_OUTSIDE))
-
-        assert not TestVPCServiceControlV1._is_rejected(list_inside)
-        assert TestVPCServiceControlV1._is_rejected(list_outside)
-
-    @pytest.mark.skipif(
-        PROJECT_INSIDE is None, reason="Missing environment variable: PROJECT_ID"
-    )
-    @pytest.mark.skipif(
-        PROJECT_OUTSIDE is None,
-        reason="Missing environment variable: GOOGLE_CLOUD_TESTS_VPCSC_OUTSIDE_PERIMETER_PROJECT",
-    )
-    def test_get_trace(self):
-        client = trace_v1.TraceServiceClient()
-
-        get_inside = lambda: client.get_trace(PROJECT_INSIDE, "")
-        get_outside = lambda: client.get_trace(PROJECT_OUTSIDE, "")
-
-        assert not TestVPCServiceControlV1._is_rejected(get_inside)
-        assert TestVPCServiceControlV1._is_rejected(get_outside)
-
-    @pytest.mark.skipif(
-        PROJECT_INSIDE is None, reason="Missing environment variable: PROJECT_ID"
-    )
-    @pytest.mark.skipif(
-        PROJECT_OUTSIDE is None,
-        reason="Missing environment variable: GOOGLE_CLOUD_TESTS_VPCSC_OUTSIDE_PERIMETER_PROJECT",
-    )
-    def test_patch_traces(self):
-        client = trace_v1.TraceServiceClient()
-
-        patch_inside = lambda: client.patch_traces(PROJECT_INSIDE, {})
-        patch_outside = lambda: client.patch_traces(PROJECT_OUTSIDE, {})
-
-        assert not TestVPCServiceControlV1._is_rejected(patch_inside)
-        assert TestVPCServiceControlV1._is_rejected(patch_outside)
+_VPCSC_PROHIBITED_MESSAGE = "Request is prohibited by organization's policy."
+
+
+@pytest.fixture
+def client():
+    return trace_v1.TraceServiceClient()
+
+
+@vpcsc_config.skip_unless_inside_vpcsc
+def test_list_traces_w_inside(client):
+    list(client.list_traces(vpcsc_config.project_inside))  # no perms issue
+
+
+@vpcsc_config.skip_unless_inside_vpcsc
+def test_list_traces_w_outside(client):
+    with pytest.raises(exceptions.PermissionDenied) as exc:
+        list(client.list_traces(vpcsc_config.project_outside))
+
+    assert _VPCSC_PROHIBITED_MESSAGE in exc.value.message
+
+
+@vpcsc_config.skip_unless_inside_vpcsc
+def test_get_trace_w_inside(client):
+    with pytest.raises(exceptions.InvalidArgument):
+        client.get_trace(vpcsc_config.project_inside, "")  # no perms issue
+
+
+@vpcsc_config.skip_unless_inside_vpcsc
+def test_get_trace_w_outside(client):
+    with pytest.raises(exceptions.PermissionDenied) as exc:
+        client.get_trace(vpcsc_config.project_outside, "")
+
+    assert _VPCSC_PROHIBITED_MESSAGE in exc.value.message
+
+
+@vpcsc_config.skip_unless_inside_vpcsc
+def test_patch_traces_w_inside(client):
+    with pytest.raises(exceptions.InvalidArgument):
+        client.patch_traces(vpcsc_config.project_inside, {})  # no perms issue
+
+
+@vpcsc_config.skip_unless_inside_vpcsc
+def test_patch_traces_w_ouside(client):
+    with pytest.raises(exceptions.PermissionDenied) as exc:
+        client.patch_traces(vpcsc_config.project_outside, {})
+
+    assert _VPCSC_PROHIBITED_MESSAGE in exc.value.message
diff --git a/packages/google-cloud-trace/tests/system/gapic/v2/test_system_trace_service_v2_vpcsc.py b/packages/google-cloud-trace/tests/system/gapic/v2/test_system_trace_service_v2_vpcsc.py
@@ -21,40 +21,27 @@
 
 from google.api_core import exceptions
 from google.cloud import trace_v2
+from test_utils.vpcsc_config import vpcsc_config
 
-PROJECT_INSIDE = os.environ.get("PROJECT_ID", None)
-PROJECT_OUTSIDE = os.environ.get(
-    "GOOGLE_CLOUD_TESTS_VPCSC_OUTSIDE_PERIMETER_PROJECT", None
-)
-
-
-class TestVPCServiceControlV2(object):
-    @staticmethod
-    def _is_rejected(call):
-        try:
-            responses = call()
-        except exceptions.PermissionDenied as e:
-            return e.message == "Request is prohibited by organization's policy"
-        except:
-            pass
-        return False
-
-    @pytest.mark.skipif(
-        PROJECT_INSIDE is None, reason="Missing environment variable: PROJECT_ID"
-    )
-    @pytest.mark.skipif(
-        PROJECT_OUTSIDE is None,
-        reason="Missing environment variable: GOOGLE_CLOUD_TESTS_VPCSC_OUTSIDE_PERIMETER_PROJECT",
-    )
-    def test_batch_write_spans(self):
-        client = trace_v2.TraceServiceClient()
-
-        proejct_inside = client.project_path(PROJECT_INSIDE)
-        proejct_outside = client.project_path(PROJECT_OUTSIDE)
-        spans = []
-
-        write_inside = lambda: client.batch_write_spans(proejct_inside, spans)
-        write_outside = lambda: client.batch_write_spans(proejct_outside, spans)
-
-        assert not TestVPCServiceControlV2._is_rejected(write_inside)
-        assert TestVPCServiceControlV2._is_rejected(write_outside)
+_VPCSC_PROHIBITED_MESSAGE = "Request is prohibited by organization's policy."
+
+
+@pytest.fixture
+def client():
+    return trace_v2.TraceServiceClient()
+
+
+@vpcsc_config.skip_unless_inside_vpcsc
+def test_batch_write_spans_w_inside(client):
+    project_inside = client.project_path(vpcsc_config.project_inside)
+    client.batch_write_spans(project_inside, [])  # no raise
+
+
+@vpcsc_config.skip_unless_inside_vpcsc
+def test_batch_write_spans_w_outside(client):
+    project_outside = client.project_path(vpcsc_config.project_outside)
+
+    with pytest.raises(exceptions.PermissionDenied) as exc:
+        client.batch_write_spans(project_outside, [])
+
+    assert _VPCSC_PROHIBITED_MESSAGE in exc.value.message
