Initial implementation

Author: Bastian Schwarz

src/Settings/SettingsInterface.php

@@ -0,0 +1,72 @@
+<?php declare(strict_types=1);
+/*
+ *   Copyright 2023 Bastian Schwarz <bastian@codename-php.de>.
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *         http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
+
+namespace de\codenamephp\deployer\secrets\Settings;
+
+use de\codenamephp\platform\secretsManager\base\Secret\SecretInterface;
+use Deployer\Host\Host;
+
+/**
+ * Interface to set settings either globally or on hosts
+ *
+ * @psalm-api
+ */
+interface SettingsInterface {
+
+  /**
+   * Resolves the given secret and sets it either on all hosts or if no hosts are given as a global setting
+   *
+   * Implementations should make use of the \de\codenamephp\platform\secretsManager\base\Client\ClientInterface to resolve the secret
+   *
+   * @param string $settingsKey The key to set the payload of the secret to
+   * @param SecretInterface $secret The secret to get the payload for
+   * @param Host ...$hosts Hosts to set the secret on. If no hosts are given the secret will be set globally
+   * @return void
+   */
+  public function set(string $settingsKey, SecretInterface $secret, Host ...$hosts) : void;
+
+  /**
+   * An array of settings keys and secrets to set. The array key is used as settings key.
+   *
+   * Resolves the given secrets and sets them either on all hosts or if no hosts are given as global settings
+   *
+   * Implementations should make use of the \de\codenamephp\platform\secretsManager\base\Client\ClientInterface to resolve the secrets
+   *
+   * @param array<string, SecretInterface> $secretsToSet The key/secrets mapping
+   * @param Host ...$hosts Hosts to set the secrets on. If no hosts are given the secrets will be set globally
+   * @return void
+   */
+  public function setMultiple(array $secretsToSet, Host ...$hosts) : void;
+
+  /**
+   * Fetches the payload content of the given secret. Implementations should use the \de\codenamephp\platform\secretsManager\base\Client\ClientInterface to
+   * resolve the secret
+   *
+   * @param SecretInterface $secret The secret to fetch the payload for
+   * @return string The payload content
+   */
+  public function fetch(SecretInterface $secret) : string;
+
+  /**
+   * Fetches the payload content of the given secrets. Implementations should use the \de\codenamephp\platform\secretsManager\base\Client\ClientInterface to
+   * resolve the secrets. Implementations MUST preserve the order and array keys of the given array as they may be used to identify the secrets
+   *
+   * @param array<SecretInterface> $secretsToResolve The secrets to fetch the payload for
+   * @return array<string> The payload content of the secrets with the keys preserved
+   */
+  public function fetchMultiple(array $secretsToResolve) : array;
+}

src/Settings/WithClient.php

@@ -0,0 +1,50 @@
+<?php declare(strict_types=1);
+/*
+ *   Copyright 2023 Bastian Schwarz <bastian@codename-php.de>.
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *         http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
+
+namespace de\codenamephp\deployer\secrets\Settings;
+
+use de\codenamephp\deployer\base\functions\All;
+use de\codenamephp\deployer\base\functions\iSet;
+use de\codenamephp\platform\secretsManager\base\Client\ClientInterface;
+use de\codenamephp\platform\secretsManager\base\Secret\SecretInterface;
+use Deployer\Host\Host;
+
+/**
+ * Settings implementation that uses a client to fetch the payload of a secret and then sets it on the hosts or as global settings
+ *
+ * @psalm-api
+ */
+final class WithClient implements SettingsInterface {
+
+  public function __construct(public readonly ClientInterface $client, public readonly iSet $deployerFunctions = new All()) {}
+
+  public function fetch(SecretInterface $secret) : string {
+    return $this->client->fetchPayload($secret)->getContent();
+  }
+  public function fetchMultiple(array $secretsToResolve) : array {
+    return array_map(fn(SecretInterface $secret) : string => $this->fetch($secret), $secretsToResolve);
+
+  }
+  public function set(string $settingsKey, SecretInterface $secret, Host ...$hosts) : void {
+    $payload = $this->fetch($secret);
+    $hosts ? array_map(static fn(Host $host) => $host->set($settingsKey, $payload), $hosts) : $this->deployerFunctions->set($settingsKey, $payload);
+  }
+
+  public function setMultiple(array $secretsToSet, Host ...$hosts) : void {
+    foreach($secretsToSet as $settingsKey => $secret) $this->set($settingsKey, $secret, ...$hosts);
+  }
+}

test/Settings/WithClientTest.php

@@ -0,0 +1,180 @@
+<?php declare(strict_types=1);
+/*
+ *   Copyright 2023 Bastian Schwarz <bastian@codename-php.de>.
+ *
+ *   Licensed under the Apache License, Version 2.0 (the "License");
+ *   you may not use this file except in compliance with the License.
+ *   You may obtain a copy of the License at
+ *
+ *         http://www.apache.org/licenses/LICENSE-2.0
+ *
+ *   Unless required by applicable law or agreed to in writing, software
+ *   distributed under the License is distributed on an "AS IS" BASIS,
+ *   WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ *   See the License for the specific language governing permissions and
+ *   limitations under the License.
+ */
+
+namespace de\codenamephp\deployer\secrets\test\Settings;
+
+use de\codenamephp\deployer\base\functions\iSet;
+use de\codenamephp\deployer\secrets\Settings\WithClient;
+use de\codenamephp\platform\secretsManager\base\Client\ClientInterface;
+use de\codenamephp\platform\secretsManager\base\Secret\Payload\PayloadInterface;
+use de\codenamephp\platform\secretsManager\base\Secret\SecretInterface;
+use Deployer\Host\Host;
+use Mockery;
+use Mockery\Adapter\Phpunit\MockeryPHPUnitIntegration;
+use PHPUnit\Framework\TestCase;
+
+final class WithClientTest extends TestCase {
+
+  use MockeryPHPUnitIntegration;
+
+  public function testSetMultiple() : void {
+    $payload1 = $this->createConfiguredMock(PayloadInterface::class, ['getContent' => 'secret1']);
+    $payload2 = $this->createConfiguredMock(PayloadInterface::class, ['getContent' => 'secret2']);
+    $payload3 = $this->createConfiguredMock(PayloadInterface::class, ['getContent' => 'secret3']);
+
+    $secret1 = $this->createMock(SecretInterface::class);
+    $secret2 = $this->createMock(SecretInterface::class);
+    $secret3 = $this->createMock(SecretInterface::class);
+
+    $client = Mockery::mock(ClientInterface::class);
+    $client->allows('fetchPayload')->once()->ordered()->with($secret1)->andReturn($payload1);
+    $client->allows('fetchPayload')->once()->ordered()->with($secret2)->andReturn($payload2);
+    $client->allows('fetchPayload')->once()->ordered()->with($secret3)->andReturn($payload3);
+
+    $deployerFunctions = Mockery::mock(iSet::class);
+    $deployerFunctions->allows('set')->once()->ordered()->with('key1', 'secret1');
+    $deployerFunctions->allows('set')->once()->ordered()->with('key2', 'secret2');
+    $deployerFunctions->allows('set')->once()->ordered()->with('key3', 'secret3');
+
+    $sut = new WithClient($client, $deployerFunctions);
+
+    $sut->setMultiple(['key1' => $secret1, 'key2' => $secret2, 'key3' => $secret3]);
+  }
+
+  public function testSetMultiple_withHosts() : void {
+    $host1 = Mockery::mock(Host::class);
+    $host1->allows('set')->once()->ordered()->with('key1', 'secret1');
+    $host1->allows('set')->once()->ordered()->with('key2', 'secret2');
+    $host1->allows('set')->once()->ordered()->with('key3', 'secret3');
+    $host2 = Mockery::mock(Host::class);
+    $host2->allows('set')->once()->ordered()->with('key1', 'secret1');
+    $host2->allows('set')->once()->ordered()->with('key2', 'secret2');
+    $host2->allows('set')->once()->ordered()->with('key3', 'secret3');
+    $host3 = Mockery::mock(Host::class);
+    $host3->allows('set')->once()->ordered()->with('key1', 'secret1');
+    $host3->allows('set')->once()->ordered()->with('key2', 'secret2');
+    $host3->allows('set')->once()->ordered()->with('key3', 'secret3');
+
+    $payload1 = $this->createConfiguredMock(PayloadInterface::class, ['getContent' => 'secret1']);
+    $payload2 = $this->createConfiguredMock(PayloadInterface::class, ['getContent' => 'secret2']);
+    $payload3 = $this->createConfiguredMock(PayloadInterface::class, ['getContent' => 'secret3']);
+
+    $secret1 = $this->createMock(SecretInterface::class);
+    $secret2 = $this->createMock(SecretInterface::class);
+    $secret3 = $this->createMock(SecretInterface::class);
+
+    $client = Mockery::mock(ClientInterface::class);
+    $client->allows('fetchPayload')->once()->ordered()->with($secret1)->andReturn($payload1);
+    $client->allows('fetchPayload')->once()->ordered()->with($secret2)->andReturn($payload2);
+    $client->allows('fetchPayload')->once()->ordered()->with($secret3)->andReturn($payload3);
+
+    $deployerFunctions = $this->createMock(iSet::class);
+    $deployerFunctions->expects(self::never())->method('set');
+
+    $sut = new WithClient($client, $deployerFunctions);
+
+    $sut->setMultiple(['key1' => $secret1, 'key2' => $secret2, 'key3' => $secret3], $host1, $host2, $host3);
+  }
+
+  public function testSet() : void {
+    $payload = $this->createConfiguredMock(PayloadInterface::class, ['getContent' => 'secret']);
+    $secret = $this->createMock(SecretInterface::class);
+
+    $client = $this->createMock(ClientInterface::class);
+    $client->expects(self::once())->method('fetchPayload')->with($secret)->willReturn($payload);
+
+    $deployerFunctions = $this->createMock(iSet::class);
+    $deployerFunctions->expects(self::once())->method('set')->with('some.key', 'secret');
+
+    $sut = new WithClient($client, $deployerFunctions);
+
+    $sut->set('some.key', $secret);
+  }
+
+  public function testSet_withHosts() : void {
+    $host1 = $this->createMock(Host::class);
+    $host1->expects(self::once())->method('set')->with('some.key', 'secret');
+    $host2 = $this->createMock(Host::class);
+    $host2->expects(self::once())->method('set')->with('some.key', 'secret');
+    $host3 = $this->createMock(Host::class);
+    $host3->expects(self::once())->method('set')->with('some.key', 'secret');
+
+    $payload = $this->createConfiguredMock(PayloadInterface::class, ['getContent' => 'secret']);
+    $secret = $this->createMock(SecretInterface::class);
+
+    $client = $this->createMock(ClientInterface::class);
+    $client->expects(self::once())->method('fetchPayload')->with($secret)->willReturn($payload);
+
+    $deployerFunctions = $this->createMock(iSet::class);
+    $deployerFunctions->expects(self::never())->method('set');
+
+    $sut = new WithClient($client, $deployerFunctions);
+
+    $sut->set('some.key', $secret, $host1, $host2, $host3);
+  }
+
+  public function testFetchMultiple() : void {
+    $payload1 = $this->createConfiguredMock(PayloadInterface::class, ['getContent' => 'secret1']);
+    $payload2 = $this->createConfiguredMock(PayloadInterface::class, ['getContent' => 'secret2']);
+    $payload3 = $this->createConfiguredMock(PayloadInterface::class, ['getContent' => 'secret3']);
+
+    $secret1 = $this->createMock(SecretInterface::class);
+    $secret2 = $this->createMock(SecretInterface::class);
+    $secret3 = $this->createMock(SecretInterface::class);
+
+    $client = Mockery::mock(ClientInterface::class);
+    $client->allows('fetchPayload')->once()->ordered()->with($secret1)->andReturn($payload1);
+    $client->allows('fetchPayload')->once()->ordered()->with($secret2)->andReturn($payload2);
+    $client->allows('fetchPayload')->once()->ordered()->with($secret3)->andReturn($payload3);
+
+    $sut = new WithClient($client);
+
+    self::assertSame(['key1' => 'secret1', 'key2' => 'secret2', 'key3' => 'secret3'], $sut->fetchMultiple(['key1' => $secret1, 'key2' => $secret2, 'key3' => $secret3]));
+  }
+
+  public function test__construct() : void {
+    $client = $this->createMock(ClientInterface::class);
+    $deployerFunctions = $this->createMock(iSet::class);
+
+    $sut = new WithClient($client, $deployerFunctions);
+
+    self::assertSame($client, $sut->client);
+    self::assertSame($deployerFunctions, $sut->deployerFunctions);
+  }
+
+  public function test__construct_withMinimalParameters() : void {
+    $client = $this->createMock(ClientInterface::class);
+
+    $sut = new WithClient($client);
+
+    self::assertSame($client, $sut->client);
+    self::assertInstanceOf(iSet::class, $sut->deployerFunctions);
+  }
+
+  public function testFetch() : void {
+    $secret = $this->createMock(SecretInterface::class);
+    $payload = $this->createMock(PayloadInterface::class);
+    $payload->expects(self::once())->method('getContent')->willReturn('some secret');
+
+    $client = $this->createMock(ClientInterface::class);
+    $client->expects(self::once())->method('fetchPayload')->with($secret)->willReturn($payload);
+
+    $sut = new WithClient($client);
+
+    self::assertSame('some secret', $sut->fetch($secret));
+  }
+}