github.com/nilium/gitlab-runner@v12.5.0+incompatible/cache/s3/minio_test.go (about) 1 package s3 2 3 import ( 4 "errors" 5 "testing" 6 7 "github.com/minio/minio-go" 8 "github.com/minio/minio-go/pkg/credentials" 9 "github.com/stretchr/testify/assert" 10 "github.com/stretchr/testify/require" 11 12 "gitlab.com/gitlab-org/gitlab-runner/common" 13 ) 14 15 type minioClientInitializationTest struct { 16 errorOnInitialization bool 17 configurationFactory func() *common.CacheConfig 18 19 expectedToUseIAM bool 20 expectedInsecure bool 21 } 22 23 func TestMinioClientInitialization(t *testing.T) { 24 tests := map[string]minioClientInitializationTest{ 25 "error-on-initialization": { 26 errorOnInitialization: true, 27 configurationFactory: defaultCacheFactory, 28 }, 29 "all-credentials-empty": { 30 configurationFactory: emptyCredentialsCacheFactory, 31 expectedToUseIAM: true, 32 }, 33 "serverAddress-empty": { 34 configurationFactory: emptyServerAddressFactory, 35 expectedToUseIAM: true, 36 }, 37 "accessKey-empty": { 38 configurationFactory: emptyAccessKeyFactory, 39 expectedToUseIAM: true, 40 }, 41 "secretKey-empty": { 42 configurationFactory: emptySecretKeyFactory, 43 expectedToUseIAM: true, 44 }, 45 "only-ServerAddress-defined": { 46 configurationFactory: onlyServerAddressFactory, 47 expectedToUseIAM: true, 48 }, 49 "only-AccessKey-defined": { 50 configurationFactory: onlyAccessKeyFactory, 51 expectedToUseIAM: true, 52 }, 53 "only-SecretKey-defined": { 54 configurationFactory: onlySecretKeyFactory, 55 expectedToUseIAM: true, 56 }, 57 "should-use-explicit-credentials": { 58 configurationFactory: defaultCacheFactory, 59 }, 60 "should-use-explicit-credentials-with-insecure": { 61 configurationFactory: insecureCacheFactory, 62 expectedInsecure: true, 63 }, 64 } 65 66 for testName, test := range tests { 67 t.Run(testName, func(t *testing.T) { 68 cleanupMinioMock := runOnFakeMinio(t, test) 69 defer cleanupMinioMock() 70 71 cleanupMinioCredentialsMock := runOnFakeMinioWithCredentials(t, test) 72 defer cleanupMinioCredentialsMock() 73 74 cacheConfig := test.configurationFactory() 75 client, err := newMinioClient(cacheConfig.S3) 76 77 if test.errorOnInitialization { 78 assert.Error(t, err, "test error") 79 return 80 } 81 82 require.NoError(t, err) 83 assert.NotNil(t, client) 84 }) 85 } 86 } 87 88 func insecureCacheFactory() *common.CacheConfig { 89 cacheConfig := defaultCacheFactory() 90 cacheConfig.S3.Insecure = true 91 92 return cacheConfig 93 } 94 95 func emptyCredentialsCacheFactory() *common.CacheConfig { 96 cacheConfig := defaultCacheFactory() 97 cacheConfig.S3.ServerAddress = "" 98 cacheConfig.S3.AccessKey = "" 99 cacheConfig.S3.SecretKey = "" 100 101 return cacheConfig 102 } 103 104 func emptyServerAddressFactory() *common.CacheConfig { 105 cacheConfig := emptyCredentialsCacheFactory() 106 cacheConfig.S3.AccessKey = "TOKEN" 107 cacheConfig.S3.SecretKey = "TOKEN" 108 109 return cacheConfig 110 } 111 112 func emptyAccessKeyFactory() *common.CacheConfig { 113 cacheConfig := emptyCredentialsCacheFactory() 114 cacheConfig.S3.ServerAddress = "s3.amazonaws.com" 115 cacheConfig.S3.SecretKey = "TOKEN" 116 117 return cacheConfig 118 } 119 120 func emptySecretKeyFactory() *common.CacheConfig { 121 cacheConfig := emptyCredentialsCacheFactory() 122 cacheConfig.S3.ServerAddress = "s3.amazonaws.com" 123 cacheConfig.S3.AccessKey = "TOKEN" 124 125 return cacheConfig 126 } 127 128 func onlyServerAddressFactory() *common.CacheConfig { 129 cacheConfig := emptyCredentialsCacheFactory() 130 cacheConfig.S3.ServerAddress = "s3.amazonaws.com" 131 132 return cacheConfig 133 } 134 135 func onlyAccessKeyFactory() *common.CacheConfig { 136 cacheConfig := emptyCredentialsCacheFactory() 137 cacheConfig.S3.AccessKey = "TOKEN" 138 139 return cacheConfig 140 } 141 142 func onlySecretKeyFactory() *common.CacheConfig { 143 cacheConfig := emptyCredentialsCacheFactory() 144 cacheConfig.S3.SecretKey = "TOKEN" 145 146 return cacheConfig 147 } 148 149 func runOnFakeMinio(t *testing.T, test minioClientInitializationTest) func() { 150 oldNewMinio := newMinio 151 newMinio = func(endpoint string, accessKeyID string, secretAccessKey string, secure bool) (*minio.Client, error) { 152 if test.expectedToUseIAM { 153 t.Error("Should not use regular minio client initializator") 154 } 155 156 if test.errorOnInitialization { 157 return nil, errors.New("test error") 158 } 159 160 if test.expectedInsecure { 161 assert.False(t, secure) 162 } else { 163 assert.True(t, secure) 164 } 165 166 client, err := minio.New(endpoint, accessKeyID, secretAccessKey, secure) 167 require.NoError(t, err) 168 169 return client, nil 170 } 171 172 return func() { 173 newMinio = oldNewMinio 174 } 175 } 176 177 func runOnFakeMinioWithCredentials(t *testing.T, test minioClientInitializationTest) func() { 178 oldNewMinioWithCredentials := newMinioWithCredentials 179 newMinioWithCredentials = func(endpoint string, creds *credentials.Credentials, secure bool, region string) (*minio.Client, error) { 180 if !test.expectedToUseIAM { 181 t.Error("Should not use minio with IAM client initializator") 182 } 183 184 if test.errorOnInitialization { 185 return nil, errors.New("test error") 186 } 187 188 assert.Equal(t, "s3.amazonaws.com", endpoint) 189 assert.True(t, secure) 190 assert.Empty(t, region) 191 192 client, err := minio.NewWithCredentials(endpoint, creds, secure, region) 193 require.NoError(t, err) 194 195 return client, nil 196 } 197 198 return func() { 199 newMinioWithCredentials = oldNewMinioWithCredentials 200 } 201 }