github.com/pf-qiu/concourse/v6@v6.7.3-0.20201207032516-1f455d73275f/atc/creds/conjur/conjur_test.go (about) 1 package conjur_test 2 3 import ( 4 "errors" 5 6 "github.com/pf-qiu/concourse/v6/atc/creds" 7 8 "code.cloudfoundry.org/lager" 9 "github.com/pf-qiu/concourse/v6/vars" 10 11 . "github.com/pf-qiu/concourse/v6/atc/creds/conjur" 12 . "github.com/onsi/ginkgo" 13 . "github.com/onsi/gomega" 14 ) 15 16 type MockConjurService struct { 17 IConjurClient 18 19 stubGetParameter func(name string) ([]byte, error) 20 } 21 22 func (mock *MockConjurService) RetrieveSecret(input string) ([]byte, error) { 23 if mock.stubGetParameter == nil { 24 return nil, errors.New("stubGetParameter is not defined") 25 } 26 Expect(input).ToNot(BeNil()) 27 value, err := mock.stubGetParameter(input) 28 if err != nil { 29 return nil, err 30 } 31 return value, nil 32 } 33 34 var _ = Describe("Conjur", func() { 35 var secretAccess *Conjur 36 var variables vars.Variables 37 var varRef vars.Reference 38 var mockService MockConjurService 39 40 JustBeforeEach(func() { 41 varRef = vars.Reference{Path: "cheery"} 42 t1, err := creds.BuildSecretTemplate("t1", DefaultPipelineSecretTemplate) 43 Expect(t1).NotTo(BeNil()) 44 Expect(err).To(BeNil()) 45 t2, err := creds.BuildSecretTemplate("t2", DefaultTeamSecretTemplate) 46 Expect(t2).NotTo(BeNil()) 47 Expect(err).To(BeNil()) 48 secretAccess = NewConjur(lager.NewLogger("conjur_test"), &mockService, []*creds.SecretTemplate{t1, t2}) 49 variables = creds.NewVariables(secretAccess, "alpha", "bogus", false) 50 Expect(secretAccess).NotTo(BeNil()) 51 mockService.stubGetParameter = func(input string) ([]byte, error) { 52 if input == "concourse/alpha/bogus/cheery" { 53 return []byte("secret value"), nil 54 } 55 return nil, errors.New("Variable not found") 56 } 57 }) 58 59 Describe("Get()", func() { 60 It("should get parameter if exists", func() { 61 value, found, err := variables.Get(varRef) 62 Expect(value).To(BeEquivalentTo("secret value")) 63 Expect(found).To(BeTrue()) 64 Expect(err).To(BeNil()) 65 }) 66 67 It("should get team parameter if exists", func() { 68 mockService.stubGetParameter = func(input string) ([]byte, error) { 69 if input != "concourse/alpha/cheery" { 70 return nil, errors.New("Variable not found") 71 } 72 return []byte("team secret"), nil 73 } 74 value, found, err := variables.Get(varRef) 75 Expect(value).To(BeEquivalentTo("team secret")) 76 Expect(found).To(BeTrue()) 77 Expect(err).To(BeNil()) 78 }) 79 80 It("should return not found on error", func() { 81 mockService.stubGetParameter = nil 82 value, found, err := variables.Get(varRef) 83 Expect(value).To(BeNil()) 84 Expect(found).To(BeFalse()) 85 Expect(err).To(BeNil()) 86 }) 87 88 It("should allow empty pipeline name", func() { 89 variables := creds.NewVariables(secretAccess, "alpha", "", false) 90 mockService.stubGetParameter = func(input string) ([]byte, error) { 91 Expect(input).To(Equal("concourse/alpha/cheery")) 92 return []byte("team secret"), nil 93 } 94 value, found, err := variables.Get(varRef) 95 Expect(value).To(BeEquivalentTo("team secret")) 96 Expect(found).To(BeTrue()) 97 Expect(err).To(BeNil()) 98 }) 99 100 It("should allow full variable path when no templates were configured", func() { 101 secretAccess = NewConjur(lager.NewLogger("conjur_test"), &mockService, []*creds.SecretTemplate{}) 102 variables := creds.NewVariables(secretAccess, "", "", false) 103 mockService.stubGetParameter = func(input string) ([]byte, error) { 104 Expect(input).To(Equal("cheery")) 105 return []byte("full path secret"), nil 106 } 107 value, found, err := variables.Get(varRef) 108 Expect(value).To(BeEquivalentTo("full path secret")) 109 Expect(found).To(BeTrue()) 110 Expect(err).To(BeNil()) 111 }) 112 }) 113 })