github.com/diggerhq/digger/libs@v0.0.0-20240604170430-9d61cdf01cc5/orchestrator/aws_test.go

github.com/diggerhq/digger/libs@v0.0.0-20240604170430-9d61cdf01cc5/orchestrator/aws_test.go (about)

     1  package orchestrator
     2  
     3  import (
     4  	"context"
     5  	"testing"
     6  	"time"
     7  
     8  	"github.com/aws/aws-sdk-go-v2/aws"
     9  	"github.com/stretchr/testify/assert"
    10  )
    11  
    12  type AwsRoleProviderMock struct {
    13  	AwsKey          string
    14  	AwsSecret       string
    15  	AwsSessionToken string
    16  	AwsProviderName string
    17  }
    18  
    19  func (a *AwsRoleProviderMock) Retrieve() (aws.Credentials, error) {
    20  	return aws.Credentials{
    21  		AccessKeyID:     a.AwsKey,
    22  		SecretAccessKey: a.AwsSecret,
    23  		SessionToken:    a.AwsSessionToken,
    24  	}, nil
    25  }
    26  
    27  func (a *AwsRoleProviderMock) ExpiresAt() time.Time {
    28  	return time.Time{}
    29  }
    30  
    31  func (a *AwsRoleProviderMock) RetrieveWithContext(context.Context) (aws.Credentials, error) {
    32  	return aws.Credentials{
    33  		AccessKeyID:     a.AwsKey,
    34  		SecretAccessKey: a.AwsSecret,
    35  		SessionToken:    a.AwsSessionToken,
    36  	}, nil
    37  }
    38  
    39  func (a *AwsRoleProviderMock) IsExpired() bool { return false }
    40  
    41  // TODO: uncomment this test after figuring out how to create a mock compatible with WebIdentityRoleProvider
    42  //func TestPopulationForAwsRoleToAssumeSetsValueOfKeys(t *testing.T) {
    43  //	stateEnvVars := make(map[string]string)
    44  //	commandEnvVars := make(map[string]string)
    45  //
    46  //	x := AwsRoleProviderMock{
    47  //		AwsKey:          "statekey",
    48  //		AwsSecret:       "stateSecret",
    49  //		AwsSessionToken: "stateSessionToken",
    50  //	}.(stscreds.WebIdentityRoleProvider)
    51  //	job := Job{
    52  //		StateEnvProvider: &x,
    53  //		CommandEnvProvider: AwsRoleProviderMock{
    54  //			AwsKey:          "commandkey",
    55  //			AwsSecret:       "commandSecret",
    56  //			AwsSessionToken: "commandSessionToken",
    57  //		},
    58  //
    59  //		StateEnvVars:   stateEnvVars,
    60  //		CommandEnvVars: commandEnvVars,
    61  //	}
    62  //
    63  //	job.PopulateAwsCredentialsEnvVarsForJob()
    64  //	assert.Equal(t, job.CommandEnvVars["AWS_ACCESS_KEY_ID"], "KEY")
    65  //	assert.Equal(t, job.CommandEnvVars["AWS_SECRET_ACCESS_KEY"], "SECRET")
    66  //	assert.Equal(t, job.CommandEnvVars["AWS_SESSION_TOKEN"], "TOKEN")
    67  //	assert.Equal(t, job.StateEnvVars["AWS_ACCESS_KEY_ID"], "KEY")
    68  //	assert.Equal(t, job.StateEnvVars["AWS_SECRET_ACCESS_KEY"], "SECRET")
    69  //	assert.Equal(t, job.StateEnvVars["AWS_SESSION_TOKEN"], "TOKEN")
    70  //}
    71  
    72  func TestPopulationForNoAwsRoleToAssumeDoesNotSetValueOfKeys(t *testing.T) {
    73  	stateEnvVars := make(map[string]string)
    74  	commandEnvVars := make(map[string]string)
    75  
    76  	job := Job{
    77  		StateEnvVars:   stateEnvVars,
    78  		CommandEnvVars: commandEnvVars,
    79  	}
    80  
    81  	job.PopulateAwsCredentialsEnvVarsForJob()
    82  	assert.NotContains(t, job.CommandEnvVars, "AWS_ACCESS_KEY_ID")
    83  	assert.NotContains(t, job.CommandEnvVars, "AWS_SECRET_ACCESS_KEY")
    84  	assert.NotContains(t, job.CommandEnvVars, "AWS_SESSION_TOKEN")
    85  	assert.NotContains(t, job.StateEnvVars, "AWS_ACCESS_KEY_ID")
    86  	assert.NotContains(t, job.StateEnvVars, "AWS_SECRET_ACCESS_KEY")
    87  	assert.NotContains(t, job.StateEnvVars, "AWS_SESSION_TOKEN")
    88  }