Skip to content
This repository was archived by the owner on Feb 16, 2023. It is now read-only.

Commit dfa86e5

Browse files
Marton6Marton6
committed
Add tests for new precedence rules
Added a test for checking that --secrets-dir has precedence over the os environment and a tests for checking that .env files have precedence over secrets loaded with --secrets-dir.
1 parent 0345d6a commit dfa86e5

1 file changed

Lines changed: 101 additions & 0 deletions

File tree

internals/secrethub/run_test.go

Lines changed: 101 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -769,6 +769,107 @@ func TestRunCommand_environment(t *testing.T) {
769769
expectedSecrets: []string{"bbb"},
770770
expectedEnv: []string{"TEST=bbb"},
771771
},
772+
"env file has precedence over secrets-dir flag": {
773+
command: RunCommand{
774+
environment: &environment{
775+
newClient: func() (secrethub.ClientInterface, error) {
776+
return fakeclient.Client{
777+
DirService: &fakeclient.DirService{
778+
GetTreeFunc: func(path string, depth int, ancestors bool) (*api.Tree, error) {
779+
return &api.Tree{
780+
ParentPath: "namespace",
781+
RootDir: &api.Dir{
782+
DirID: testUUID1,
783+
Name: "repo",
784+
},
785+
Secrets: map[uuid.UUID]*api.Secret{
786+
testUUID2: {
787+
SecretID: testUUID2,
788+
DirID: testUUID1,
789+
Name: "foo",
790+
},
791+
},
792+
}, nil
793+
},
794+
},
795+
}, nil
796+
},
797+
secretsDir: "namespace/repo",
798+
dontPromptMissingTemplateVar: true,
799+
templateVersion: "2",
800+
osEnv: []string{"FOO=bbb"},
801+
osStat: osStatFunc("secrethub.env", nil),
802+
readFile: readFileFunc("secrethub.env", "FOO= {{ other/secret/path }}"),
803+
},
804+
newClient: func() (secrethub.ClientInterface, error) {
805+
return fakeclient.Client{
806+
SecretService: &fakeclient.SecretService{
807+
VersionService: &fakeclient.SecretVersionService{
808+
GetWithDataFunc: func(path string) (*api.SecretVersion, error) {
809+
if path == "namespace/repo/foo" {
810+
return &api.SecretVersion{Data: []byte("aaa")}, nil
811+
} else if path == "other/secret/path" {
812+
return &api.SecretVersion{Data: []byte("bbb")}, nil
813+
}
814+
return nil, api.ErrSecretNotFound
815+
},
816+
},
817+
},
818+
}, nil
819+
},
820+
},
821+
expectedSecrets: []string{"bbb"},
822+
expectedEnv: []string{"FOO=bbb"},
823+
},
824+
"secrets-dir flag has precedence over os environment": {
825+
command: RunCommand{
826+
environment: &environment{
827+
newClient: func() (secrethub.ClientInterface, error) {
828+
return fakeclient.Client{
829+
DirService: &fakeclient.DirService{
830+
GetTreeFunc: func(path string, depth int, ancestors bool) (*api.Tree, error) {
831+
return &api.Tree{
832+
ParentPath: "namespace",
833+
RootDir: &api.Dir{
834+
DirID: testUUID1,
835+
Name: "repo",
836+
},
837+
Secrets: map[uuid.UUID]*api.Secret{
838+
testUUID2: {
839+
SecretID: testUUID2,
840+
DirID: testUUID1,
841+
Name: "foo",
842+
},
843+
},
844+
}, nil
845+
},
846+
},
847+
}, nil
848+
},
849+
secretsDir: "namespace/repo",
850+
dontPromptMissingTemplateVar: true,
851+
templateVersion: "2",
852+
osEnv: []string{"FOO=bbb"},
853+
osStat: osStatFunc("secrethub.env", os.ErrNotExist),
854+
},
855+
newClient: func() (secrethub.ClientInterface, error) {
856+
return fakeclient.Client{
857+
SecretService: &fakeclient.SecretService{
858+
VersionService: &fakeclient.SecretVersionService{
859+
GetWithDataFunc: func(path string) (*api.SecretVersion, error) {
860+
if path == "namespace/repo/foo" {
861+
return &api.SecretVersion{Data: []byte("aaa")}, nil
862+
}
863+
return nil, api.ErrSecretNotFound
864+
},
865+
},
866+
},
867+
}, nil
868+
},
869+
},
870+
expectedSecrets: []string{"aaa"},
871+
expectedEnv: []string{"FOO=aaa"},
872+
},
772873
// TODO Add test case for: envar flag has precedence over secret reference - requires refactoring of fakeclient
773874
"secret reference has precedence over secrets-dir flag": {
774875
command: RunCommand{

0 commit comments

Comments
 (0)