github.com/olli-ai/jx/v2@v2.0.400-0.20210921045218-14731b4dd448/pkg/secreturl/helpers_test.go

github.com/olli-ai/jx/v2@v2.0.400-0.20210921045218-14731b4dd448/pkg/secreturl/helpers_test.go (about)

     1  // +build unit
     2  
     3  package secreturl_test
     4  
     5  import (
     6  	"fmt"
     7  	"regexp"
     8  	"testing"
     9  
    10  	"github.com/olli-ai/jx/v2/pkg/secreturl"
    11  	"github.com/olli-ai/jx/v2/pkg/secreturl/fakevault"
    12  	"github.com/stretchr/testify/assert"
    13  	"github.com/stretchr/testify/require"
    14  )
    15  
    16  var uriRegexp = regexp.MustCompile(`:[\s"]*vault:[-_.\w\/:]*`)
    17  
    18  const schemaPrefix = "vault:"
    19  
    20  func TestReplaceURIs(t *testing.T) {
    21  	secretClient := fakevault.NewFakeClient()
    22  
    23  	testValue := "test"
    24  	testKey := "vault:cluster/admin:password"
    25  	_, err := secretClient.Write("cluster/admin", map[string]interface{}{"password": testValue})
    26  	require.NoError(t, err)
    27  
    28  	testString := `
    29  user: test
    30  password: %s
    31  `
    32  	result, err := secreturl.ReplaceURIs(fmt.Sprintf(testString, testKey), secretClient, uriRegexp, schemaPrefix)
    33  	assert.NoError(t, err, "should replace the URIs without error")
    34  	assert.EqualValues(t, fmt.Sprintf(testString, testValue), result, "should replace the URIs")
    35  }
    36  
    37  func TestReplaceURIsWithQuotation(t *testing.T) {
    38  	secretClient := fakevault.NewFakeClient()
    39  
    40  	testValue := "test"
    41  	testKey := "vault:cluster/admin:password"
    42  	_, err := secretClient.Write("cluster/admin", map[string]interface{}{"password": testValue})
    43  	require.NoError(t, err)
    44  
    45  	testString := `
    46  user: test
    47  password: "%s"
    48  `
    49  	result, err := secreturl.ReplaceURIs(fmt.Sprintf(testString, testKey), secretClient, uriRegexp, schemaPrefix)
    50  	assert.NoError(t, err, "should replace the URIs without error")
    51  	assert.EqualValues(t, fmt.Sprintf(testString, testValue), result, "should replace the URIs")
    52  }
    53  func TestReplaceURIsWithoutReplacements(t *testing.T) {
    54  	secretClient := fakevault.NewFakeClient()
    55  
    56  	testValue := "test"
    57  	testString := `
    58  user: test
    59  password: %s
    60  `
    61  	result, err := secreturl.ReplaceURIs(fmt.Sprintf(testString, testValue), secretClient, uriRegexp, schemaPrefix)
    62  	assert.NoError(t, err, "should replace the URIs without error")
    63  	assert.EqualValues(t, fmt.Sprintf(testString, testValue), result, "should replace the URIs")
    64  }
    65  
    66  func TestReplaceURIsWithoutKey(t *testing.T) {
    67  	secretClient := fakevault.NewFakeClient()
    68  
    69  	testValue := "test"
    70  	testKey := "vault:cluster/admin:"
    71  	_, err := secretClient.Write("cluster/admin", map[string]interface{}{"password": testValue})
    72  	require.NoError(t, err)
    73  
    74  	testString := `
    75  user: test
    76  password: %s
    77  `
    78  	_, err = secreturl.ReplaceURIs(fmt.Sprintf(testString, testKey), secretClient, uriRegexp, schemaPrefix)
    79  	assert.Error(t, err, "should fail when no URIs key is found")
    80  }
    81  
    82  func TestReplaceURIsNoValueFoundInVault(t *testing.T) {
    83  	secretClient := fakevault.NewFakeClient()
    84  
    85  	testKey := "vault:cluster/admin:password"
    86  
    87  	testString := `
    88  user: test
    89  password: %s
    90  `
    91  	_, err := secreturl.ReplaceURIs(fmt.Sprintf(testString, testKey), secretClient, uriRegexp, schemaPrefix)
    92  	assert.Error(t, err, "should fail when no value is found in vault")
    93  }
    94  
    95  func TestReplaceURIsWhenNoSecretFoundInVault(t *testing.T) {
    96  	secretClient := fakevault.NewFakeClient()
    97  
    98  	testValue := "test"
    99  	testKey := "vault:cluster/admin:password"
   100  	_, err := secretClient.Write("cluster/admin", map[string]interface{}{"token": testValue})
   101  	require.NoError(t, err)
   102  
   103  	testString := `
   104  user: test
   105  password: %s
   106  `
   107  	_, err = secreturl.ReplaceURIs(fmt.Sprintf(testString, testKey), secretClient, uriRegexp, schemaPrefix)
   108  	assert.Error(t, err, "should replace the URIs without error")
   109  }
   110  
   111  func TestReplaceURIsSchemaIsYamlKeyWithoutValue(t *testing.T) {
   112  	secretClient := fakevault.NewFakeClient()
   113  
   114  	testString := `
   115  user: test
   116  vault: 
   117    enabled: true
   118  `
   119  	result, err := secreturl.ReplaceURIs(testString, secretClient, uriRegexp, schemaPrefix)
   120  	assert.NoError(t, err, "should replace the URIs without error")
   121  	assert.EqualValues(t, testString, result, "should replace the URIs")
   122  }
   123  
   124  func TestReplaceURIsSchemaIsYamlKeyWithValue(t *testing.T) {
   125  	secretClient := fakevault.NewFakeClient()
   126  
   127  	testString := `
   128  user: test
   129  vault: test 
   130  `
   131  	result, err := secreturl.ReplaceURIs(testString, secretClient, uriRegexp, schemaPrefix)
   132  	assert.NoError(t, err, "should replace the URIs without error")
   133  	assert.EqualValues(t, testString, result, "should replace the URIs")
   134  }
   135  
   136  func TestReplaceURIsWithClusterDotsInName(t *testing.T) {
   137  	secretClient := fakevault.NewFakeClient()
   138  
   139  	testValue := "test"
   140  	testKey := "vault:cluster.kops.k8s.local/admin:password"
   141  	_, err := secretClient.Write("cluster.kops.k8s.local/admin", map[string]interface{}{"password": testValue})
   142  	require.NoError(t, err)
   143  
   144  	testString := `
   145  user: test
   146  password: %s
   147  `
   148  	result, err := secreturl.ReplaceURIs(fmt.Sprintf(testString, testKey), secretClient, uriRegexp, schemaPrefix)
   149  	assert.NoError(t, err, "should replace the URIs without error")
   150  	assert.EqualValues(t, fmt.Sprintf(testString, testValue), result, "should replace the URIs")
   151  }