1
0
mirror of https://github.com/SAP/jenkins-library.git synced 2024-12-14 11:03:09 +02:00

Support custom general purpose vault credentials without prefix. (#3779)

Co-authored-by: Anil Keshav <anil.keshav@sap.com>
This commit is contained in:
Martin Zuber 2022-06-27 09:24:52 +02:00 committed by GitHub
parent 78cf40799e
commit 1cb1a203cb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 35 additions and 32 deletions

View File

@ -272,7 +272,7 @@ func populateCredentialsAsEnvs(config *StepConfig, secret map[string]string, key
vaultCredentialEnvPrefix, ok := config.Config["vaultCredentialEnvPrefix"].(string)
isCredentialEnvPrefixDefault := false
if !ok || len(vaultCredentialEnvPrefix) == 0 {
if !ok {
vaultCredentialEnvPrefix = vaultCredentialEnvPrefixDefault
isCredentialEnvPrefixDefault = true
}

View File

@ -255,41 +255,44 @@ func TestResolveVaultTestCredentials(t *testing.T) {
}
})
t.Run("Custom general purpose credential prefix along with fixed standard prefix", func(t *testing.T) {
t.Parallel()
// init
vaultMock := &mocks.VaultMock{}
envPrefix := "CUSTOM_MYCRED_"
standardEnvPrefix := "PIPER_VAULTCREDENTIAL_"
stepConfig := StepConfig{Config: map[string]interface{}{
"vaultPath": "team1",
"vaultCredentialPath": "appCredentials",
"vaultCredentialKeys": []interface{}{"appUser", "appUserPw"},
"vaultCredentialEnvPrefix": envPrefix,
}}
// Test empty and non-empty custom general purpose credential prefix
envPrefixes := []string{"CUSTOM_MYCRED_", ""}
for _, envPrefix := range envPrefixes {
t.Run("Custom general purpose credential prefix along with fixed standard prefix", func(t *testing.T) {
t.Parallel()
// init
vaultMock := &mocks.VaultMock{}
standardEnvPrefix := "PIPER_VAULTCREDENTIAL_"
stepConfig := StepConfig{Config: map[string]interface{}{
"vaultPath": "team1",
"vaultCredentialPath": "appCredentials",
"vaultCredentialKeys": []interface{}{"appUser", "appUserPw"},
"vaultCredentialEnvPrefix": envPrefix,
}}
defer os.Unsetenv("CUSTOM_MYCRED_APPUSER")
defer os.Unsetenv("CUSTOM_MYCRED_APPUSERPW")
defer os.Unsetenv("PIPER_VAULTCREDENTIAL_APPUSER")
defer os.Unsetenv("PIPER_VAULTCREDENTIAL_APPUSERPW")
defer os.Unsetenv(envPrefix + "APPUSER")
defer os.Unsetenv(envPrefix + "APPUSERPW")
defer os.Unsetenv("PIPER_VAULTCREDENTIAL_APPUSER")
defer os.Unsetenv("PIPER_VAULTCREDENTIAL_APPUSERPW")
// mock
vaultData := map[string]string{"appUser": "test-user", "appUserPw": "password1234"}
vaultMock.On("GetKvSecret", "team1/appCredentials").Return(vaultData, nil)
// mock
vaultData := map[string]string{"appUser": "test-user", "appUserPw": "password1234"}
vaultMock.On("GetKvSecret", "team1/appCredentials").Return(vaultData, nil)
// test
resolveVaultCredentials(&stepConfig, vaultMock)
// test
resolveVaultCredentials(&stepConfig, vaultMock)
// assert
for k, v := range vaultData {
env := envPrefix + strings.ToUpper(k)
assert.NotEmpty(t, os.Getenv(env))
assert.Equal(t, os.Getenv(env), v)
standardEnv := standardEnvPrefix + strings.ToUpper(k)
assert.NotEmpty(t, os.Getenv(standardEnv))
assert.Equal(t, os.Getenv(standardEnv), v)
}
})
// assert
for k, v := range vaultData {
env := envPrefix + strings.ToUpper(k)
assert.NotEmpty(t, os.Getenv(env))
assert.Equal(t, os.Getenv(env), v)
standardEnv := standardEnvPrefix + strings.ToUpper(k)
assert.NotEmpty(t, os.Getenv(standardEnv))
assert.Equal(t, os.Getenv(standardEnv), v)
}
})
}
t.Run("Custom test credential prefix", func(t *testing.T) {
t.Parallel()