github.com/docker/app@v0.9.1-beta3.0.20210611140623-a48f773ab002/internal/validator/rules/externalsecrets_test.go

github.com/docker/app@v0.9.1-beta3.0.20210611140623-a48f773ab002/internal/validator/rules/externalsecrets_test.go (about)

     1  package rules
     2  
     3  import (
     4  	"testing"
     5  
     6  	"gotest.tools/assert"
     7  )
     8  
     9  func TestExternalSecrets(t *testing.T) {
    10  	s := NewExternalSecretsRule()
    11  
    12  	t.Run("should accept secrets", func(t *testing.T) {
    13  		// The secrets key is on the root path, that's why it doesn't
    14  		// have a parent
    15  		assert.Equal(t, s.Accept("", "secrets"), true)
    16  	})
    17  
    18  	t.Run("should return nil if all secrets are external", func(t *testing.T) {
    19  		input := map[string]interface{}{
    20  			"my_secret": map[string]interface{}{
    21  				"external": "true",
    22  			},
    23  		}
    24  
    25  		errs := s.Validate(input)
    26  		assert.Equal(t, len(errs), 0)
    27  	})
    28  
    29  	t.Run("should return error if no external secrets", func(t *testing.T) {
    30  		input := map[string]interface{}{
    31  			"my_secret": map[string]interface{}{
    32  				"file": "./my_secret.txt",
    33  			},
    34  		}
    35  
    36  		errs := s.Validate(input)
    37  		assert.Equal(t, len(errs), 1)
    38  		assert.ErrorContains(t, errs[0], `secret "my_secret" must be external`)
    39  	})
    40  
    41  	t.Run("should return all errors", func(t *testing.T) {
    42  		input := map[string]interface{}{
    43  			"my_secret": map[string]interface{}{
    44  				"file": "./my_secret.txt",
    45  			},
    46  			"my_other_secret": map[string]interface{}{
    47  				"file": "./my_secret.txt",
    48  			},
    49  		}
    50  
    51  		errs := s.Validate(input)
    52  		assert.Equal(t, len(errs), 2)
    53  	})
    54  
    55  }