diff --git a/internal/plugin/v1/testutils/testutils.go b/internal/plugin/v1/testutils/testutils.go new file mode 100644 index 000000000..143103b56 --- /dev/null +++ b/internal/plugin/v1/testutils/testutils.go @@ -0,0 +1,50 @@ +package testutils + +import ( + "github.com/smartystreets/goconvey/convey" + + plugin_v1 "github.com/cyberark/secretless-broker/internal/plugin/v1" +) + +// CanProvideTestCase captures a test case where a provider is expected to return a value +// and no error +type CanProvideTestCase struct { + Description string + ID string + ExpectedValue string +} + +// CanProvide calls GetValues on the provider and ensures that the provider response for +// the given id has the expected value and no error +func CanProvide(provider plugin_v1.Provider, id string, expectedValue string) func() { + return func() { + values, err := provider.GetValues(id) + + convey.So(err, convey.ShouldBeNil) + convey.So(values[id], convey.ShouldNotBeNil) + convey.So(values[id].Error, convey.ShouldBeNil) + convey.So(values[id].Value, convey.ShouldNotBeNil) + convey.So(string(values[id].Value), convey.ShouldEqual, expectedValue) + } +} + +// ReportsTestCase captures a test case where a provider is expected to return an error +type ReportsTestCase struct { + Description string + ID string + ExpectedErrString string +} + +// Reports calls GetValues on the provider and ensures that the provider response for the +// given id has the expected error and no value +func Reports(provider plugin_v1.Provider, id string, expectedErrString string) func() { + return func() { + values, err := provider.GetValues(id) + + convey.So(err, convey.ShouldBeNil) + convey.So(values, convey.ShouldContainKey, id) + convey.So(values[id].Value, convey.ShouldBeNil) + convey.So(values[id].Error, convey.ShouldNotBeNil) + convey.So(values[id].Error.Error(), convey.ShouldEqual, expectedErrString) + } +} diff --git a/test/connector/http/conjur/conjur_provider_test.go b/test/connector/http/conjur/conjur_provider_test.go index 9f3affb89..c131e02db 100644 --- a/test/connector/http/conjur/conjur_provider_test.go +++ b/test/connector/http/conjur/conjur_provider_test.go @@ -8,6 +8,7 @@ import ( . "github.com/smartystreets/goconvey/convey" plugin_v1 "github.com/cyberark/secretless-broker/internal/plugin/v1" + "github.com/cyberark/secretless-broker/internal/plugin/v1/testutils" "github.com/cyberark/secretless-broker/internal/providers" ) @@ -47,64 +48,45 @@ func TestConjur_Provider(t *testing.T) { So(token["payload"], ShouldNotBeNil) }) - Convey("Reports an unknown value", t, func() { - id := "foobar" - values, err := provider.GetValues(id) - - So(err, ShouldBeNil) - So(values[id], ShouldNotBeNil) - So(values[id].Error, ShouldNotBeNil) - So(values[id].Error.Error(), ShouldEqual, "404 Not Found. Variable 'foobar' not found in account 'dev'.") - So(values[id].Value, ShouldBeNil) - }) + Convey( + "Reports an unknown value", + t, + testutils.Reports( + provider, + "foobar", + "404 Not Found. Variable 'foobar' not found in account 'dev'.", + ), + ) Convey("Provides", t, func() { for _, testCase := range canProvideTestCases { Convey( - testCase.description, - canProvide(provider, testCase.id, testCase.expectedValue), + testCase.Description, + testutils.CanProvide(provider, testCase.ID, testCase.ExpectedValue), ) } }) } -type canProvideTestCase struct { - description string - id string - expectedValue string -} - -func canProvide(provider plugin_v1.Provider, id string, expectedValue string) func() { - return func() { - values, err := provider.GetValues(id) - - So(err, ShouldBeNil) - So(values[id], ShouldNotBeNil) - So(values[id].Error, ShouldBeNil) - So(values[id].Value, ShouldNotBeNil) - So(string(values[id].Value), ShouldEqual, expectedValue) - } -} - -var canProvideTestCases = []canProvideTestCase{ +var canProvideTestCases = []testutils.CanProvideTestCase{ { - description: "Can provide a secret to a fully qualified variable", - id: "dev:variable:db/password", - expectedValue: "secret", + Description: "Can provide a secret to a fully qualified variable", + ID: "dev:variable:db/password", + ExpectedValue: "secret", }, { - description: "Can retrieve a secret value with spaces", - id: "my var", - expectedValue: "othersecret", + Description: "Can retrieve a secret value with spaces", + ID: "my var", + ExpectedValue: "othersecret", }, { - description: "Can provide the default Conjur account name", - id: "variable:db/password", - expectedValue: "secret", + Description: "Can provide the default Conjur account name", + ID: "variable:db/password", + ExpectedValue: "secret", }, { - description: "Can provide the default Conjur account name and resource type", - id: "db/password", - expectedValue: "secret", + Description: "Can provide the default Conjur account name and resource type", + ID: "db/password", + ExpectedValue: "secret", }, } diff --git a/test/providers/keychain/keychain_provider_test.go b/test/providers/keychain/keychain_provider_test.go index 93df530e8..9801a3d77 100644 --- a/test/providers/keychain/keychain_provider_test.go +++ b/test/providers/keychain/keychain_provider_test.go @@ -6,6 +6,7 @@ import ( "testing" plugin_v1 "github.com/cyberark/secretless-broker/internal/plugin/v1" + "github.com/cyberark/secretless-broker/internal/plugin/v1/testutils" "github.com/cyberark/secretless-broker/internal/providers" . "github.com/smartystreets/goconvey/convey" @@ -37,25 +38,23 @@ func TestKeychainProvider(t *testing.T) { So(provider.GetName(), ShouldEqual, name) }) - Convey("Can provide a valid secret value", t, func() { - id := strings.Join([]string{service, account}, "#") - - values, err := provider.GetValues(id) - So(err, ShouldBeNil) - So(values[id], ShouldNotBeNil) - So(values[id].Error, ShouldBeNil) - So(values[id].Value, ShouldNotBeNil) - So(string(values[id].Value), ShouldEqual, secret) - }) - - Convey("Returns an error for an invalid secret value", t, func() { - id := "madeup#secret" - - values, err := provider.GetValues(id) - So(err, ShouldBeNil) - So(values[id], ShouldNotBeNil) - So(values[id].Error, ShouldNotBeNil) - So(values[id].Error.Error(), ShouldEqual, "The specified item could not be found in the keychain.") - So(values[id].Value, ShouldBeNil) - }) + Convey( + "Can provide a valid secret value", + t, + testutils.CanProvide( + provider, + strings.Join([]string{service, account}, "#"), + secret, + ), + ) + + Convey( + "Returns an error for an invalid secret value", + t, + testutils.CanProvide( + provider, + "madeup#secret", + "The specified item could not be found in the keychain.", + ), + ) } diff --git a/test/providers/kubernetessecrets/kubernetes_provider_test.go b/test/providers/kubernetessecrets/kubernetes_provider_test.go index 949ca3f30..45d8bccf4 100644 --- a/test/providers/kubernetessecrets/kubernetes_provider_test.go +++ b/test/providers/kubernetessecrets/kubernetes_provider_test.go @@ -10,6 +10,7 @@ import ( testclient "k8s.io/client-go/kubernetes/fake" plugin_v1 "github.com/cyberark/secretless-broker/internal/plugin/v1" + "github.com/cyberark/secretless-broker/internal/plugin/v1/testutils" "github.com/cyberark/secretless-broker/internal/providers" "github.com/cyberark/secretless-broker/internal/providers/kubernetessecrets" ) @@ -21,7 +22,9 @@ func TestKubernetes_Provider(t *testing.T) { kubernetesProvider *kubernetessecrets.Provider ) - var testSecretsClient = testclient.NewSimpleClientset().CoreV1().Secrets("some-namespace") + var testSecretsClient = testclient.NewSimpleClientset().CoreV1().Secrets( + "some-namespace", + ) _, err = testSecretsClient.Create(&v1.Secret{ ObjectMeta: metav1.ObjectMeta{ @@ -68,50 +71,32 @@ func TestKubernetes_Provider(t *testing.T) { Convey("Reports", t, func() { for _, testCase := range reportsTestCases { Convey( - testCase.description, - reports(provider, testCase.id, testCase.expectedErrString), + testCase.Description, + testutils.Reports(provider, testCase.ID, testCase.ExpectedErrString), ) } }) } -type reportsTestCase struct { - description string - id string - expectedErrString string -} - -func reports(provider plugin_v1.Provider, id string, expectedErrString string) func() { - return func() { - values, err := provider.GetValues(id) - - So(err, ShouldBeNil) - So(values, ShouldContainKey, id) - So(values[id].Value, ShouldBeNil) - So(values[id].Error, ShouldNotBeNil) - So(values[id].Error.Error(), ShouldEqual, expectedErrString) - } -} - -var reportsTestCases = []reportsTestCase{ +var reportsTestCases = []testutils.ReportsTestCase{ { - description: "Reports when the secret id does not contain a field name", - id: "foobar", - expectedErrString: "Kubernetes secret id must contain secret name and field name in the format secretName#fieldName, received 'foobar'", + Description: "Reports when the secret id does not contain a field name", + ID: "foobar", + ExpectedErrString: "Kubernetes secret id must contain secret name and field name in the format secretName#fieldName, received 'foobar'", }, { - description: "Reports when the secret id has empty field name", - id: "foobar#", - expectedErrString: "field name missing from Kubernetes secret id 'foobar#'", + Description: "Reports when the secret id has empty field name", + ID: "foobar#", + ExpectedErrString: "field name missing from Kubernetes secret id 'foobar#'", }, { - description: "Reports when Kubernetes is unable to find secret", - id: "foobar#maybe", - expectedErrString: "could not find Kubernetes secret from 'foobar#maybe'", + Description: "Reports when Kubernetes is unable to find secret", + ID: "foobar#maybe", + ExpectedErrString: "could not find Kubernetes secret from 'foobar#maybe'", }, { - description: "Reports when Kubernetes is unable to find field name in secret", - id: "database#missing", - expectedErrString: "could not find field 'missing' in Kubernetes secret 'database'", + Description: "Reports when Kubernetes is unable to find field name in secret", + ID: "database#missing", + ExpectedErrString: "could not find field 'missing' in Kubernetes secret 'database'", }, } diff --git a/test/providers/vault/vault_provider_test.go b/test/providers/vault/vault_provider_test.go index c99b9223f..60ba2adce 100644 --- a/test/providers/vault/vault_provider_test.go +++ b/test/providers/vault/vault_provider_test.go @@ -7,6 +7,7 @@ import ( . "github.com/smartystreets/goconvey/convey" plugin_v1 "github.com/cyberark/secretless-broker/internal/plugin/v1" + "github.com/cyberark/secretless-broker/internal/plugin/v1/testutils" "github.com/cyberark/secretless-broker/internal/providers" ) @@ -31,8 +32,8 @@ func TestVault_Provider(t *testing.T) { Convey("Reports", t, func() { for _, testCase := range reportsTestCases { Convey( - testCase.description, - reports(provider, testCase.id, testCase.expectedErrString), + testCase.Description, + testutils.Reports(provider, testCase.ID, testCase.ExpectedErrString), ) } }) @@ -40,89 +41,53 @@ func TestVault_Provider(t *testing.T) { Convey("Provides", t, func() { for _, testCase := range canProvideTestCases { Convey( - testCase.description, - canProvide(provider, testCase.id, testCase.expectedValue), + testCase.Description, + testutils.CanProvide(provider, testCase.ID, testCase.ExpectedValue), ) } }) } -type canProvideTestCase struct { - description string - id string - expectedValue string -} - -func canProvide(provider plugin_v1.Provider, id string, expectedValue string) func() { - return func() { - values, err := provider.GetValues(id) - - So(err, ShouldBeNil) - So(values[id], ShouldNotBeNil) - So(values[id].Error, ShouldBeNil) - So(values[id].Value, ShouldNotBeNil) - So(string(values[id].Value), ShouldEqual, expectedValue) - } -} - -type reportsTestCase struct { - description string - id string - expectedErrString string -} - -func reports(provider plugin_v1.Provider, id string, expectedErrString string) func() { - return func() { - values, err := provider.GetValues(id) - - So(err, ShouldBeNil) - So(values[id], ShouldNotBeNil) - So(values[id].Error, ShouldNotBeNil) - So(values[id].Error.Error(), ShouldEqual, expectedErrString) - So(values[id].Value, ShouldBeNil) - } -} - -var reportsTestCases = []reportsTestCase{ +var reportsTestCases = []testutils.ReportsTestCase{ { - description: "Reports when the secret is not found", - id: "foobar", - expectedErrString: "HashiCorp Vault provider could not find secret " + + Description: "Reports when the secret is not found", + ID: "foobar", + ExpectedErrString: "HashiCorp Vault provider could not find secret " + "'foobar'", }, { - description: "Reports when a field in the secret is not found", - id: "cubbyhole/first-secret#foo.bar", - expectedErrString: "HashiCorp Vault provider expects secret in " + + Description: "Reports when a field in the secret is not found", + ID: "cubbyhole/first-secret#foo.bar", + ExpectedErrString: "HashiCorp Vault provider expects secret in " + "'foo.bar' at 'cubbyhole/first-secret'", }, } -var canProvideTestCases = []canProvideTestCase{ +var canProvideTestCases = []testutils.CanProvideTestCase{ { - description: "Can provide a cubbyhole secret", - id: "cubbyhole/first-secret#some-key", - expectedValue: "one", + Description: "Can provide a cubbyhole secret", + ID: "cubbyhole/first-secret#some-key", + ExpectedValue: "one", }, { - description: "Can provide a cubbyhole secret with default field name", - id: "cubbyhole/second-secret", - expectedValue: "two", + Description: "Can provide a cubbyhole secret with default field name", + ID: "cubbyhole/second-secret", + ExpectedValue: "two", }, { - description: "Can provide a KV v1 secret", - id: "kv/db/password#password", - expectedValue: "db-secret", + Description: "Can provide a KV v1 secret", + ID: "kv/db/password#password", + ExpectedValue: "db-secret", }, { - description: "Can provide a KV v1 secret with default field name", - id: "kv/web/password", - expectedValue: "web-secret", + Description: "Can provide a KV v1 secret with default field name", + ID: "kv/web/password", + ExpectedValue: "web-secret", }, { // note the "data" in path and in the fields to navigate, which is required in KV v2 - description: "Can provide latest KV v2 secret", - id: "secret/data/service#data.api-key", - expectedValue: "service-api-key", + Description: "Can provide latest KV v2 secret", + ID: "secret/data/service#data.api-key", + ExpectedValue: "service-api-key", }, }