added tests

test/.gitignore

@@ -0,0 +1,3 @@
+target/
+.idea/
+*.iml

test/README.md

@@ -0,0 +1,61 @@
+# S3 VirusScan
+
+Tests for our S3 VirusScan. The goal of this tests is to ensure that our templates are always working. The test are implemented in Java 8 and run in JUnit 4.
+
+If you run this tests, many AWS CloudFormation tests are created and **charges will apply**!
+
+[widdix GmbH](https://widdix.net) sponsors the test runs on every push and once per week to ensure that everything is working as expected.
+
+## Supported env variables
+
+* `IAM_ROLE_ARN` if the tests should assume an IAM role before they run supply the ARN of the IAM role
+* `TEMPLATE_DIR` Load templates from local disk (instead of S3 bucket `widdix-aws-cf-templates`). Must end with an `/`. See `BUCKET_NAME` as well.
+* `DELETION_POLICY` (default `delete`, allowed values [`delete`, `retain`]) should resources be deleted?
+
+## Usage
+
+### AWS credentials
+
+The AWS credentials are passed in as defined by the AWS SDK for Java: http://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/credentials.html
+
+One addition: you can supply the env variable `IAM_ROLE_ARN` which let's the tests assume a role with the default credentials before running the tests.
+
+### Region selection
+
+The region selection works like defined by the AWS SDK for Java: http://docs.aws.amazon.com/sdk-for-java/v1/developer-guide/java-dg-region-selection.html
+
+### Run all tests
+
+```
+AWS_REGION="us-east-1" mvn test
+```
+
+### Run a single test suite
+
+to run the `TestJenkins` tests:
+
+```
+AWS_REGION="us-east-1" mvn -Dtest=TestS3VirusScan test
+```
+
+### Run a single test
+
+to run the `TestS3VirusScan.test` test:
+
+```
+AWS_REGION="us-east-1" mvn -Dtest=TestS3VirusScan#testWithoutFileDeletion test
+```
+
+### Load templates from local file system
+
+```
+AWS_REGION="us-east-1" TEMPLATE_DIR="/path/to/widdix-aws-s3-virusscan/" mvn test
+```
+
+### Assume role
+
+This is useful if you run on a integration server like Jenkins and want to assume a different IAM role for this tests.
+
+```
+IAM_ROLE_ARN="arn:aws:iam::ACCOUNT_ID:role/ROLE_NAME" mvn test
+```

test/pom.xml

@@ -0,0 +1,82 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>de.widdix</groupId>
+    <artifactId>awss3virusscan-tests</artifactId>
+    <version>1.0-SNAPSHOT</version>
+
+    <dependencies>
+        <dependency>
+            <groupId>com.amazonaws</groupId>
+            <artifactId>aws-java-sdk-cloudformation</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>com.amazonaws</groupId>
+            <artifactId>aws-java-sdk-s3</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>com.amazonaws</groupId>
+            <artifactId>aws-java-sdk-sts</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>de.taimos</groupId>
+            <artifactId>httputils</artifactId>
+            <version>1.10</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>com.evanlennick</groupId>
+            <artifactId>retry4j</artifactId>
+            <version>0.6.2</version>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <version>4.12</version>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+
+    <dependencyManagement>
+        <dependencies>
+            <dependency>
+                <groupId>com.amazonaws</groupId>
+                <artifactId>aws-java-sdk-bom</artifactId>
+                <version>1.11.133</version>
+                <type>pom</type>
+                <scope>import</scope>
+            </dependency>
+        </dependencies>
+    </dependencyManagement>
+
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <version>3.6.1</version>
+                <configuration>
+                    <source>1.8</source>
+                    <target>1.8</target>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <version>2.20</version>
+                <configuration>
+                    <parallel>methods</parallel>
+                    <threadCount>2</threadCount>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+
+</project>

test/src/test/java/de/widdix/awss3virusscan/AAWSTest.java

@@ -0,0 +1,98 @@
+package de.widdix.awss3virusscan;
+
+import com.amazonaws.auth.AWSCredentialsProvider;
+import com.amazonaws.auth.DefaultAWSCredentialsProviderChain;
+import com.amazonaws.auth.STSAssumeRoleSessionCredentialsProvider;
+import com.amazonaws.regions.DefaultAwsRegionProviderChain;
+import com.amazonaws.services.s3.AmazonS3;
+import com.amazonaws.services.s3.AmazonS3ClientBuilder;
+import com.amazonaws.services.s3.model.*;
+import com.amazonaws.services.securitytoken.AWSSecurityTokenService;
+import com.amazonaws.services.securitytoken.AWSSecurityTokenServiceClientBuilder;
+
+import java.util.EnumSet;
+import java.util.List;
+import java.util.UUID;
+
+public abstract class AAWSTest extends ATest {
+
+    public final static String IAM_SESSION_NAME = "aws-s3-virusscan";
+
+    protected final AWSCredentialsProvider credentialsProvider;
+
+    private final AmazonS3 s3;
+
+    public AAWSTest() {
+        super();
+        if (Config.has(Config.Key.IAM_ROLE_ARN)) {
+            final AWSSecurityTokenService local = AWSSecurityTokenServiceClientBuilder.standard().withCredentials(new DefaultAWSCredentialsProviderChain()).build();
+            this.credentialsProvider = new STSAssumeRoleSessionCredentialsProvider.Builder(Config.get(Config.Key.IAM_ROLE_ARN), IAM_SESSION_NAME).withStsClient(local).build();
+        } else {
+            this.credentialsProvider = new DefaultAWSCredentialsProviderChain();
+        }
+        this.s3 = AmazonS3ClientBuilder.standard().withCredentials(this.credentialsProvider).build();
+    }
+
+    protected final void createBucket(final String name, final String queueArn) {
+        this.s3.createBucket(new CreateBucketRequest(name, Region.fromValue(this.getRegion())));
+        this.s3.setBucketNotificationConfiguration(name, new BucketNotificationConfiguration("test", new QueueConfiguration(queueArn, EnumSet.of(S3Event.ObjectCreated))));
+    }
+
+    protected final void createObject(final String bucketName, final String key, final String body) {
+        this.s3.putObject(bucketName, key, body);
+    }
+
+    protected final boolean doesObjectExist(final String bucketName, final String key) {
+        return this.s3.doesObjectExist(bucketName, key);
+    }
+
+    protected final List<Tag> getObjectTags(final String bucketName, final String key) {
+        return this.s3.getObjectTagging(new GetObjectTaggingRequest(bucketName, key)).getTagSet();
+    }
+
+    protected final void deleteObject(final String bucketName, final String key) {
+        if (Config.get(Config.Key.DELETION_POLICY).equals("delete")) {
+            this.s3.deleteObject(bucketName, key);
+        }
+    }
+
+    private void emptyBucket(final String name) {
+        ObjectListing objectListing = s3.listObjects(name);
+        while (true) {
+            objectListing.getObjectSummaries().forEach((summary) -> s3.deleteObject(name, summary.getKey()));
+            if (objectListing.isTruncated()) {
+                objectListing = s3.listNextBatchOfObjects(objectListing);
+            } else {
+                break;
+            }
+        }
+        VersionListing versionListing = s3.listVersions(new ListVersionsRequest().withBucketName(name));
+        while (true) {
+            versionListing.getVersionSummaries().forEach((vs) -> s3.deleteVersion(name, vs.getKey(), vs.getVersionId()));
+            if (versionListing.isTruncated()) {
+                versionListing = s3.listNextBatchOfVersions(versionListing);
+            } else {
+                break;
+            }
+        }
+    }
+
+    protected final void deleteBucket(final String name) {
+        if (Config.get(Config.Key.DELETION_POLICY).equals("delete")) {
+            this.emptyBucket(name);
+            this.s3.deleteBucket(new DeleteBucketRequest(name));
+        }
+    }
+
+    protected final String getRegion() {
+        return new DefaultAwsRegionProviderChain().getRegion();
+    }
+
+    protected final String random8String() {
+        final String uuid = UUID.randomUUID().toString().replace("-", "").toLowerCase();
+        final int beginIndex = (int) (Math.random() * (uuid.length() - 7));
+        final int endIndex = beginIndex + 7;
+        return "r" + uuid.substring(beginIndex, endIndex); // must begin [a-z]
+    }
+
+}