test: Add synchronization tests for GCP DNS zones and record sets

wahid18-maqs · wahid18-maqs · commit 9585422c6c2b · 2025-08-07T20:09:12.000+05:30
diff --git a/tests/integration/cartography/intel/gcp/test_crm.py b/tests/integration/cartography/intel/gcp/test_crm.py
@@ -84,3 +84,132 @@ def test_load_gcp_projects_without_parent(neo4j_session):
     )
     actual_nodes = {(n["d.id"]) for n in nodes}
     assert actual_nodes == expected_nodes
+
+
+def test_sync_gcp_organizations(neo4j_session):
+    """
+    Test that sync_gcp_organizations correctly syncs GCP organizations to Neo4j.
+    """
+    common_job_parameters = {"UPDATE_TAG": TEST_UPDATE_TAG}
+
+    # Load organizations
+    cartography.intel.gcp.crm.load_gcp_organizations(
+        neo4j_session,
+        tests.data.gcp.crm.GCP_ORGANIZATIONS,
+        TEST_UPDATE_TAG,
+    )
+
+    # Verify organizations are loaded correctly
+    expected_nodes = {"organizations/1337"}
+    nodes = neo4j_session.run("MATCH (o:GCPOrganization) RETURN o.id")
+    actual_nodes = {n["o.id"] for n in nodes}
+    assert actual_nodes == expected_nodes
+
+    #  Verify organization properties
+    org_query = """
+    MATCH (o:GCPOrganization{id: 'organizations/1337'}) 
+    RETURN o.displayname, o.lifecyclestate, o.lastupdated
+    """
+    result = neo4j_session.run(org_query).single()
+    assert result["o.displayname"] == "example.com"
+    assert result["o.lifecyclestate"] == "ACTIVE"
+    assert result["o.lastupdated"] == TEST_UPDATE_TAG
+
+
+def test_sync_gcp_folders(neo4j_session):
+    """
+    Test that sync_gcp_folders correctly syncs GCP folders to Neo4j.
+    """
+    # Load parent organization
+    cartography.intel.gcp.crm.load_gcp_organizations(
+        neo4j_session,
+        tests.data.gcp.crm.GCP_ORGANIZATIONS,
+        TEST_UPDATE_TAG,
+    )
+
+    common_job_parameters = {"UPDATE_TAG": TEST_UPDATE_TAG}
+
+    # Load folders
+    cartography.intel.gcp.crm.load_gcp_folders(
+        neo4j_session,
+        tests.data.gcp.crm.GCP_FOLDERS,
+        TEST_UPDATE_TAG,
+    )
+
+    # Verify folders are loaded correctly
+    expected_nodes = {"folders/1414"}
+    nodes = neo4j_session.run("MATCH (f:GCPFolder) RETURN f.id")
+    actual_nodes = {n["f.id"] for n in nodes}
+    assert actual_nodes == expected_nodes
+
+    # Verify folder properties
+    folder_query = """
+    MATCH (f:GCPFolder{id: 'folders/1414'}) 
+    RETURN f.displayname, f.lifecyclestate, f.lastupdated
+    """
+    result = neo4j_session.run(folder_query).single()
+    assert result["f.displayname"] == "my-folder"
+    assert result["f.lifecyclestate"] == "ACTIVE"
+    assert result["f.lastupdated"] == TEST_UPDATE_TAG
+
+    # Verify relationship: Organization -> Folder
+    relationship_query = """
+    MATCH (o:GCPOrganization{id: 'organizations/1337'})-[:RESOURCE]->(f:GCPFolder{id: 'folders/1414'})
+    RETURN COUNT(*) as count
+    """
+    result = neo4j_session.run(relationship_query).single()
+    assert result["count"] == 1
+
+
+def test_sync_gcp_projects(neo4j_session):
+    """
+    Test that sync_gcp_projects correctly syncs GCP projects to Neo4j.
+    """
+    # Clear existing project nodes
+    neo4j_session.run("MATCH (p:GCPProject) DETACH DELETE p")
+
+    # Load referenced parent organization and folder
+    cartography.intel.gcp.crm.load_gcp_organizations(
+        neo4j_session,
+        tests.data.gcp.crm.GCP_ORGANIZATIONS,
+        TEST_UPDATE_TAG,
+    )
+    cartography.intel.gcp.crm.load_gcp_folders(
+        neo4j_session,
+        tests.data.gcp.crm.GCP_FOLDERS,
+        TEST_UPDATE_TAG,
+    )
+
+    common_job_parameters = {"UPDATE_TAG": TEST_UPDATE_TAG}
+
+    # Run sync
+    cartography.intel.gcp.crm.sync_gcp_projects(
+        neo4j_session,
+        tests.data.gcp.crm.GCP_PROJECTS,
+        TEST_UPDATE_TAG,
+        common_job_parameters,
+    )
+
+    expected_nodes = {"this-project-has-a-parent-232323"}
+    nodes = neo4j_session.run("MATCH (p:GCPProject) RETURN p.id")
+    actual_nodes = {n["p.id"] for n in nodes}
+    assert actual_nodes == expected_nodes
+
+    # project properties
+    project_query = """
+    MATCH (p:GCPProject{id: 'this-project-has-a-parent-232323'}) 
+    RETURN p.projectnumber, p.displayname, p.lifecyclestate, p.lastupdated
+    """
+    result = neo4j_session.run(project_query).single()
+    assert result["p.projectnumber"] == "232323"
+    assert result["p.displayname"] == "Group 1"
+    assert result["p.lifecyclestate"] == "ACTIVE"
+    assert result["p.lastupdated"] == TEST_UPDATE_TAG
+
+    #  Organization -> Folder -> Project
+    hierarchy_query = """
+    MATCH (o:GCPOrganization{id: 'organizations/1337'})-[:RESOURCE]->(f:GCPFolder{id: 'folders/1414'})-[:RESOURCE]->(p:GCPProject{id: 'this-project-has-a-parent-232323'})
+    RETURN COUNT(*) as count
+    """
+    result = neo4j_session.run(hierarchy_query).single()
+    assert result["count"] == 1
diff --git a/tests/integration/cartography/intel/gcp/test_dns.py b/tests/integration/cartography/intel/gcp/test_dns.py
@@ -131,3 +131,103 @@ def test_rrs_relationships(neo4j_session):
     actual = {(r["n1.id"], r["n2.id"]) for r in result}
 
     assert actual == expected
+
+def test_sync(neo4j_session):
+    """
+    Test that DNS zones and record sets sync correctly into Neo4j.
+    """
+    
+    common_job_parameters = {
+        "UPDATE_TAG": TEST_UPDATE_TAG,
+    }
+
+
+    dns_zones_data = tests.data.gcp.dns.DNS_ZONES
+    dns_rrs_data = tests.data.gcp.dns.DNS_RRS
+
+    # Create test GCPProject
+    neo4j_session.run(
+        """
+        MERGE (gcp:GCPProject {id: $PROJECT_NUMBER})
+        ON CREATE SET gcp.firstseen = timestamp()
+        SET gcp.lastupdated = $UPDATE_TAG
+        """,
+        PROJECT_NUMBER=TEST_PROJECT_NUMBER,
+        UPDATE_TAG=TEST_UPDATE_TAG,
+    )
+
+    # Simulate sync's 
+    cartography.intel.gcp.dns.load_dns_zones(
+        neo4j_session,
+        dns_zones_data,
+        TEST_PROJECT_NUMBER,
+        TEST_UPDATE_TAG,
+    )
+    cartography.intel.gcp.dns.load_rrs(
+        neo4j_session,
+        dns_rrs_data,
+        TEST_PROJECT_NUMBER,
+        TEST_UPDATE_TAG,
+    )
+
+    # Simulate cleanup
+    cartography.intel.gcp.dns.cleanup_dns_records(
+        neo4j_session,
+        common_job_parameters,
+    )
+
+    # Verify DNS Zones
+    expected_zone_nodes = {
+        "111111111111111111111",
+        "2222222222222222222",
+    }
+    zone_nodes = neo4j_session.run(
+        "MATCH (r:GCPDNSZone) RETURN r.id",
+    )
+    actual_zone_nodes = {n["r.id"] for n in zone_nodes}
+    assert actual_zone_nodes == expected_zone_nodes
+
+    # Verify DNS Zone relationships to GCPProject
+    expected_zone_relationships = {
+        (TEST_PROJECT_NUMBER, "111111111111111111111"),
+        (TEST_PROJECT_NUMBER, "2222222222222222222"),
+    }
+    zone_relationships = neo4j_session.run(
+        """
+        MATCH (n1:GCPProject)-[:RESOURCE]->(n2:GCPDNSZone)
+        RETURN n1.id, n2.id
+        """,
+    )
+    actual_zone_relationships = {
+        (r["n1.id"], r["n2.id"]) for r in zone_relationships
+    }
+    assert actual_zone_relationships == expected_zone_relationships
+
+    # Verify Resource Record Sets
+    expected_rrs_nodes = {
+        "a.zone-1.example.com.",
+        "b.zone-1.example.com.",
+        "a.zone-2.example.com.",
+    }
+    rrs_nodes = neo4j_session.run(
+        "MATCH (r:GCPRecordSet) RETURN r.id",
+    )
+    actual_rrs_nodes = {n["r.id"] for n in rrs_nodes}
+    assert actual_rrs_nodes == expected_rrs_nodes
+
+    # Verify Resource Record Set relationships to DNS Zones
+    expected_rrs_relationships = {
+        ("111111111111111111111", "a.zone-1.example.com."),
+        ("111111111111111111111", "b.zone-1.example.com."),
+        ("2222222222222222222", "a.zone-2.example.com."),
+    }
+    rrs_relationships = neo4j_session.run(
+        """
+        MATCH (n1:GCPDNSZone)-[:HAS_RECORD]->(n2:GCPRecordSet)
+        RETURN n1.id, n2.id
+        """,
+    )
+    actual_rrs_relationships = {
+        (r["n1.id"], r["n2.id"]) for r in rrs_relationships
+    }
+    assert actual_rrs_relationships == expected_rrs_relationships
