1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
|
//go:build !integration
// +build !integration
package vault
import (
"testing"
"github.com/stretchr/testify/assert"
"gitlab.com/gitlab-org/gitlab-runner/common"
"gitlab.com/gitlab-org/gitlab-runner/helpers/secrets"
"gitlab.com/gitlab-org/gitlab-runner/helpers/vault/service"
)
func TestResolver_Name(t *testing.T) {
r := newResolver(common.Secret{})
assert.Equal(t, resolverName, r.Name())
}
func TestResolver_IsSupported(t *testing.T) {
tests := map[string]struct {
secret common.Secret
expectedVault bool
}{
"supported secret": {
secret: common.Secret{
Vault: &common.VaultSecret{},
},
expectedVault: true,
},
"unsupported secret": {
secret: common.Secret{},
expectedVault: false,
},
}
for tn, tt := range tests {
t.Run(tn, func(t *testing.T) {
r := newResolver(tt.secret)
assert.Equal(t, tt.expectedVault, r.IsSupported())
})
}
}
func TestResolver_Resolve(t *testing.T) {
secret := common.Secret{
Vault: &common.VaultSecret{
Server: common.VaultServer{
URL: "test_url",
Namespace: "test_namespace",
},
},
}
tests := map[string]struct {
secret common.Secret
vaultServiceCreationError error
assertVaultServiceMock func(s *service.MockVault)
expectedValue string
expectedError error
}{
"error on support detection": {
expectedError: new(secrets.ResolvingUnsupportedSecretError),
},
"error on vault service creation": {
secret: secret,
vaultServiceCreationError: assert.AnError,
expectedError: assert.AnError,
},
"error on field resolving": {
secret: secret,
assertVaultServiceMock: func(s *service.MockVault) {
s.On("GetField", secret.Vault, secret.Vault).
Return(nil, assert.AnError).
Once()
},
expectedError: assert.AnError,
},
"field resolved properly": {
secret: secret,
assertVaultServiceMock: func(s *service.MockVault) {
s.On("GetField", secret.Vault, secret.Vault).
Return(struct{ Date string }{Date: "2020-08-24"}, nil).
Once()
},
expectedValue: "{2020-08-24}",
expectedError: nil,
},
}
for tn, tt := range tests {
t.Run(tn, func(t *testing.T) {
serviceMock := new(service.MockVault)
defer serviceMock.AssertExpectations(t)
if tt.assertVaultServiceMock != nil {
tt.assertVaultServiceMock(serviceMock)
}
oldNewVaultService := newVaultService
defer func() {
newVaultService = oldNewVaultService
}()
newVaultService = func(url string, namespace string, auth service.Auth) (service.Vault, error) {
assert.Equal(t, tt.secret.Vault.Server.URL, url)
assert.Equal(t, tt.secret.Vault, auth)
assert.Equal(t, tt.secret.Vault.Server.Namespace, namespace)
return serviceMock, tt.vaultServiceCreationError
}
r := newResolver(tt.secret)
value, err := r.Resolve()
if tt.expectedError != nil {
assert.ErrorAs(t, err, &tt.expectedError)
return
}
assert.NoError(t, err)
assert.Equal(t, tt.expectedValue, value)
})
}
}
|
