Skip to content

Commit 884499f

Browse files
authored
feat: add WAF v2 support (#64)
Adds WafV2Config (enabled-only, ServiceKey WAFV2), FlociBuilder.WithWafV2, unit tests, and an integration round-trip (CreateWebACL -> ListWebACLs -> DeleteWebACL) via AmazonWAFV2Client. Env key WAFV2 confirmed against the running 1.5.25 image.
1 parent a2ee8f8 commit 884499f

5 files changed

Lines changed: 160 additions & 0 deletions

File tree

src/Testcontainers.Floci/FlociBuilder.cs

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -509,6 +509,13 @@ public FlociBuilder WithAvailabilityZone(string availabilityZone)
509509
/// <returns>A configured instance of <see cref="FlociBuilder" />.</returns>
510510
public FlociBuilder WithStepFunctions(StepFunctionsConfig config) => WithServiceConfig(config);
511511

512+
/// <summary>
513+
/// Configures Floci's WAF v2 emulation.
514+
/// </summary>
515+
/// <param name="config">The WAF v2 configuration.</param>
516+
/// <returns>A configured instance of <see cref="FlociBuilder" />.</returns>
517+
public FlociBuilder WithWafV2(WafV2Config config) => WithServiceConfig(config);
518+
512519
/// <summary>
513520
/// Configures Floci's SQS emulation.
514521
/// </summary>
Lines changed: 28 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,28 @@
1+
using System.Collections.Generic;
2+
using JetBrains.Annotations;
3+
4+
namespace Testcontainers.Floci;
5+
6+
/// <summary>
7+
/// Configuration for Floci's WAF v2 emulation.
8+
/// </summary>
9+
/// <remarks>
10+
/// Apply via <see cref="FlociBuilder.WithWafV2(WafV2Config)" />:
11+
/// <code>
12+
/// await using var floci = new FlociBuilder(TestImages.Floci)
13+
/// .WithWafV2(new WafV2Config())
14+
/// .Build();
15+
/// </code>
16+
/// </remarks>
17+
[PublicAPI]
18+
public sealed record WafV2Config : FlociServiceConfig
19+
{
20+
/// <inheritdoc />
21+
protected override string ServiceKey => "WAFV2";
22+
23+
/// <inheritdoc />
24+
protected override void AddSettings(IDictionary<string, string> env, string prefix)
25+
{
26+
// WAF v2 is an enabled-only service; there are no additional settings beyond the enabled flag.
27+
}
28+
}

tests/Testcontainers.Floci.IntegrationTests/Testcontainers.Floci.IntegrationTests.csproj

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -61,6 +61,7 @@
6161
<PackageReference Include="AWSSDK.SimpleNotificationService" Version="4.0.3.3" />
6262
<PackageReference Include="AWSSDK.TranscribeService" Version="4.0.7.3" />
6363
<PackageReference Include="AWSSDK.Transfer" Version="4.0.10.3" />
64+
<PackageReference Include="AWSSDK.WAFV2" Version="4.0.9.5" />
6465
<PackageReference Include="AWSSDK.StepFunctions" Version="4.0.4.3" />
6566
<PackageReference Include="AWSSDK.Textract" Version="4.0.4.6" />
6667
<PackageReference Include="AWSSDK.SimpleSystemsManagement" Version="4.0.8.3" />
Lines changed: 89 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,89 @@
1+
using System.Linq;
2+
using System.Net;
3+
using System.Threading.Tasks;
4+
using Amazon.WAFV2;
5+
using Amazon.WAFV2.Model;
6+
using Testcontainers.Floci;
7+
using Xunit;
8+
9+
namespace Testcontainers.Floci.Tests;
10+
11+
public sealed class WafV2ServiceTest : IAsyncLifetime
12+
{
13+
private readonly FlociContainer _floci = new FlociBuilder(TestImages.Floci)
14+
.WithWafV2(new WafV2Config())
15+
.Build();
16+
17+
public Task InitializeAsync() => _floci.StartAsync();
18+
19+
public Task DisposeAsync() => _floci.DisposeAsync().AsTask();
20+
21+
private AmazonWAFV2Client CreateClient()
22+
{
23+
return new AmazonWAFV2Client(
24+
_floci.AccessKey,
25+
_floci.SecretKey,
26+
new AmazonWAFV2Config
27+
{
28+
ServiceURL = _floci.GetEndpoint(),
29+
AuthenticationRegion = _floci.Region,
30+
});
31+
}
32+
33+
[Fact]
34+
public async Task CreatesAndListsWebAcl()
35+
{
36+
using var waf = CreateClient();
37+
const string name = "test-web-acl";
38+
string? id = null;
39+
string? lockToken = null;
40+
41+
try
42+
{
43+
var createResponse = await waf.CreateWebACLAsync(new CreateWebACLRequest
44+
{
45+
Name = name,
46+
Scope = Scope.REGIONAL,
47+
DefaultAction = new DefaultAction { Allow = new AllowAction() },
48+
VisibilityConfig = new VisibilityConfig
49+
{
50+
SampledRequestsEnabled = false,
51+
CloudWatchMetricsEnabled = false,
52+
MetricName = "test",
53+
},
54+
});
55+
56+
Assert.Equal(HttpStatusCode.OK, createResponse.HttpStatusCode);
57+
id = createResponse.Summary.Id;
58+
lockToken = createResponse.Summary.LockToken;
59+
60+
var listResponse = await waf.ListWebACLsAsync(new ListWebACLsRequest
61+
{
62+
Scope = Scope.REGIONAL,
63+
});
64+
65+
Assert.Equal(HttpStatusCode.OK, listResponse.HttpStatusCode);
66+
Assert.Contains(listResponse.WebACLs, acl => acl.Name == name && acl.Id == id);
67+
}
68+
finally
69+
{
70+
if (id != null && lockToken != null)
71+
{
72+
try
73+
{
74+
await waf.DeleteWebACLAsync(new DeleteWebACLRequest
75+
{
76+
Name = name,
77+
Id = id,
78+
LockToken = lockToken,
79+
Scope = Scope.REGIONAL,
80+
});
81+
}
82+
catch (AmazonWAFV2Exception)
83+
{
84+
// Best-effort cleanup.
85+
}
86+
}
87+
}
88+
}
89+
}
Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
using Testcontainers.Floci;
2+
using Xunit;
3+
4+
namespace Testcontainers.Floci.Tests;
5+
6+
public sealed class WafV2ConfigTest
7+
{
8+
[Fact]
9+
public void DefaultsMatchUpstream()
10+
{
11+
var config = new WafV2Config();
12+
13+
Assert.True(config.Enabled);
14+
}
15+
16+
[Fact]
17+
public void DefaultConfigEmitsEnabledFlag()
18+
{
19+
var env = new WafV2Config().BuildEnvironment();
20+
21+
Assert.Equal("true", env["FLOCI_SERVICES_WAFV2_ENABLED"]);
22+
var key = Assert.Single(env.Keys);
23+
Assert.Equal("FLOCI_SERVICES_WAFV2_ENABLED", key);
24+
}
25+
26+
[Fact]
27+
public void DisabledConfigEmitsDisabledFlag()
28+
{
29+
var env = new WafV2Config { Enabled = false }.BuildEnvironment();
30+
31+
Assert.Equal("false", env["FLOCI_SERVICES_WAFV2_ENABLED"]);
32+
var key = Assert.Single(env.Keys);
33+
Assert.Equal("FLOCI_SERVICES_WAFV2_ENABLED", key);
34+
}
35+
}

0 commit comments

Comments
 (0)