Skip to content

Commit

Permalink
pr remark, refactoring
Browse files Browse the repository at this point in the history
  • Loading branch information
@paullatzelsperger
paullatzelsperger committed Jul 6, 2023
1 parent a50fca9 commit 536dfba
Show file tree
Hide file tree
Showing 3 changed files with 51 additions and 156 deletions.
137 changes: 12 additions & 125 deletions ...ashicorp/src/test/java/org/eclipse/edc/vault/hashicorp/HashicorpVaultIntegrationTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,15 +19,6 @@
import org.eclipse.edc.junit.extensions.EdcExtension;
import org.eclipse.edc.spi.security.CertificateResolver;
import org.eclipse.edc.spi.security.Vault;
import org.eclipse.edc.spi.system.ServiceExtension;
import org.eclipse.edc.spi.system.ServiceExtensionContext;
import org.eclipse.edc.spi.system.health.HealthCheckResult;
import org.eclipse.edc.spi.system.health.HealthCheckService;
import org.eclipse.edc.spi.system.health.HealthStatus;
import org.eclipse.edc.spi.system.health.LivenessProvider;
import org.eclipse.edc.spi.system.health.ReadinessProvider;
import org.eclipse.edc.spi.system.health.StartupStatusProvider;
import org.junit.ClassRule;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.DisplayName;
import org.junit.jupiter.api.Test;
Expand All @@ -36,18 +27,14 @@
import org.junit.jupiter.params.provider.ValueSource;
import org.testcontainers.junit.jupiter.Container;
import org.testcontainers.junit.jupiter.Testcontainers;
import org.testcontainers.shaded.org.bouncycastle.operator.OperatorCreationException;
import org.testcontainers.vault.VaultContainer;

import java.io.IOException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.UUID;
import java.util.stream.Collectors;

import static java.lang.String.format;
import static org.assertj.core.api.Assertions.assertThat;
Expand All @@ -67,32 +54,25 @@ class HashicorpVaultIntegrationTest {
static final String TOKEN = UUID.randomUUID().toString();

@Container
@ClassRule
public static final VaultContainer<?> VAULTCONTAINER = new VaultContainer<>(DOCKER_IMAGE_NAME)
.withVaultToken(TOKEN)
.withSecretInVault("secret/" + VAULT_ENTRY_KEY, format("%s=%s", VAULT_DATA_ENTRY_NAME, VAULT_ENTRY_VALUE));

private final TestExtension testExtension = new TestExtension();

@BeforeEach
final void beforeEach(EdcExtension extension) {
void beforeEach(EdcExtension extension) {
extension.setConfiguration(getConfig());
extension.registerServiceMock(HealthCheckService.class, new MyHealthCheckService());
extension.registerSystemExtension(ServiceExtension.class, testExtension);
}

@Test
@DisplayName("Resolve a secret that exists")
void testResolveSecret_exists() {
var vault = getVault();
void testResolveSecret_exists(Vault vault) {
var secretValue = vault.resolveSecret(VAULT_ENTRY_KEY);
assertThat(secretValue).isEqualTo(VAULT_ENTRY_VALUE);
}

@Test
@DisplayName("Resolve a secret from a sub directory")
void testResolveSecret_inSubDirectory() {
var vault = getVault();
void testResolveSecret_inSubDirectory(Vault vault) {
var key = "sub/" + VAULT_ENTRY_KEY;
var value = key + "value";

Expand All @@ -104,30 +84,26 @@ void testResolveSecret_inSubDirectory() {
@ParameterizedTest
@ValueSource(strings = { "foo!bar", "foo.bar", "foo[bar]", "sub/foo{bar}" })
@DisplayName("Resolve a secret with url encoded characters")
void testResolveSecret_withUrlEncodedCharacters(String key) {
var vault = getVault();
void testResolveSecret_withUrlEncodedCharacters(String key, Vault vault) {
var value = key + "value";

vault.storeSecret(key, value);
var secretValue = vault.resolveSecret(key);
assertThat(secretValue).isEqualTo(value);
}

@Test
@DisplayName("Resolve a secret that does not exist")
void testResolveSecret_doesNotExist() {
var vault = getVault();
void testResolveSecret_doesNotExist(Vault vault) {
assertThat(vault.resolveSecret("wrong_key")).isNull();
}

@Test
@DisplayName("Update a secret that exists")
void testSetSecret_exists() {
void testSetSecret_exists(Vault vault) {
var key = UUID.randomUUID().toString();
var value1 = UUID.randomUUID().toString();
var value2 = UUID.randomUUID().toString();

var vault = getVault();
vault.storeSecret(key, value1);
vault.storeSecret(key, value2);
var secretValue = vault.resolveSecret(key);
Expand All @@ -136,23 +112,21 @@ void testSetSecret_exists() {

@Test
@DisplayName("Create a secret that does not exist")
void testSetSecret_doesNotExist() {
void testSetSecret_doesNotExist(Vault vault) {
var key = UUID.randomUUID().toString();
var value = UUID.randomUUID().toString();

var vault = getVault();
vault.storeSecret(key, value);
var secretValue = vault.resolveSecret(key);
assertThat(secretValue).isEqualTo(value);
}

@Test
@DisplayName("Delete a secret that exists")
void testDeleteSecret_exists() {
void testDeleteSecret_exists(Vault vault) {
var key = UUID.randomUUID().toString();
var value = UUID.randomUUID().toString();

var vault = getVault();
vault.storeSecret(key, value);
vault.deleteSecret(key);

Expand All @@ -161,129 +135,42 @@ void testDeleteSecret_exists() {

@Test
@DisplayName("Try to delete a secret that does not exist")
void testDeleteSecret_doesNotExist() {
void testDeleteSecret_doesNotExist(Vault vault) {
var key = UUID.randomUUID().toString();

var vault = getVault();
vault.deleteSecret(key);

assertThat(vault.resolveSecret(key)).isNull();
}

@Test
void resolveCertificate_success() throws CertificateException, IOException, NoSuchAlgorithmException, OperatorCreationException, org.bouncycastle.operator.OperatorCreationException {
void resolveCertificate_success(Vault vault, CertificateResolver resolver) throws CertificateException, IOException, NoSuchAlgorithmException, org.bouncycastle.operator.OperatorCreationException {
var key = UUID.randomUUID().toString();
var certificateExpected = generateCertificate(5, "Test");
var pem = convertToPem(certificateExpected);

var vault = getVault();
vault.storeSecret(key, pem);
var resolver = getCertificateResolver();
var certificateResult = resolver.resolveCertificate(key);

assertThat(certificateExpected).isEqualTo(certificateResult);
}

@Test
void resolveCertificate_malformed() {
void resolveCertificate_malformed(Vault vault, CertificateResolver resolver) {
var key = UUID.randomUUID().toString();
var value = UUID.randomUUID().toString();
var vault = getVault();
vault.storeSecret(key, value);

var resolver = getCertificateResolver();
var certificateResult = resolver.resolveCertificate(key);
assertThat(certificateResult).isNull();
}

protected Vault getVault() {
return testExtension.getVault();
}

protected CertificateResolver getCertificateResolver() {
return testExtension.getCertificateResolver();
}

protected Map<String, String> getConfig() {
private Map<String, String> getConfig() {
return new HashMap<>() {
{
put(VAULT_URL, format("http://%s:%s", VAULTCONTAINER.getHost(), VAULTCONTAINER.getFirstMappedPort()));
put(VAULT_TOKEN, TOKEN);
}
};
}

private static class TestExtension implements ServiceExtension {
private Vault vault;
private CertificateResolver certificateResolver;

@Override
public void initialize(ServiceExtensionContext context) {
vault = context.getService(Vault.class);
certificateResolver = context.getService(CertificateResolver.class);
}

public CertificateResolver getCertificateResolver() {
return certificateResolver;
}

public Vault getVault() {
return vault;
}
}

private static class MyHealthCheckService implements HealthCheckService {
private final List<LivenessProvider> livenessProviders = new ArrayList<>();
private final List<ReadinessProvider> readinessProviders = new ArrayList<>();
private final List<StartupStatusProvider> startupStatusProviders = new ArrayList<>();

@Override
public void addLivenessProvider(LivenessProvider provider) {
livenessProviders.add(provider);
}

@Override
public void addReadinessProvider(ReadinessProvider provider) {
readinessProviders.add(provider);
}

@Override
public void addStartupStatusProvider(StartupStatusProvider provider) {
startupStatusProviders.add(provider);
}

@Override
public HealthStatus isLive() {
return new HealthStatus(
livenessProviders.stream()
.map(
p ->
p.get().failed() ? HealthCheckResult.failed("") : HealthCheckResult.success())
.collect(Collectors.toList()));
}

@Override
public HealthStatus isReady() {
return new HealthStatus(
readinessProviders.stream()
.map(
p ->
p.get().failed() ? HealthCheckResult.failed("") : HealthCheckResult.success())
.collect(Collectors.toList()));
}

@Override
public HealthStatus getStartupStatus() {
return new HealthStatus(
startupStatusProviders.stream()
.map(
p ->
p.get().failed() ? HealthCheckResult.failed("") : HealthCheckResult.success())
.collect(Collectors.toList()));
}

@Override
public void refresh() {
}
}
}
41 changes: 21 additions & 20 deletions ...ult/vault-hashicorp/src/test/java/org/eclipse/edc/vault/hashicorp/HashicorpVaultTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,15 +16,16 @@

import org.eclipse.edc.spi.monitor.Monitor;
import org.eclipse.edc.spi.result.Result;
import org.junit.jupiter.api.Assertions;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.mockito.Mockito;

import java.util.UUID;

import static org.assertj.core.api.Assertions.assertThat;
import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.times;
import static org.mockito.Mockito.verify;
import static org.mockito.Mockito.when;

class HashicorpVaultTest {
private static final String KEY = "key";
Expand All @@ -35,88 +36,88 @@ class HashicorpVaultTest {

@BeforeEach
void setup() {
vaultClient = Mockito.mock(HashicorpVaultClient.class);
var monitor = Mockito.mock(Monitor.class);
vaultClient = mock();
var monitor = mock(Monitor.class);
vault = new HashicorpVault(vaultClient, monitor);
}

@Test
void getSecretSuccess() {
// prepare
Mockito.when(vaultClient.getSecretValue(KEY)).thenReturn(Result.success("test-secret"));
when(vaultClient.getSecretValue(KEY)).thenReturn(Result.success("test-secret"));

// invoke
var returnValue = vault.resolveSecret(KEY);

// verify
verify(vaultClient, Mockito.times(1)).getSecretValue(KEY);
verify(vaultClient, times(1)).getSecretValue(KEY);
assertThat(returnValue).isEqualTo("test-secret");
}

@Test
void getSecretFailure() {
// prepare
Mockito.when(vaultClient.getSecretValue(KEY)).thenReturn(Result.failure("test-failure"));
when(vaultClient.getSecretValue(KEY)).thenReturn(Result.failure("test-failure"));

// invoke
var returnValue = vault.resolveSecret(KEY);

// verify
verify(vaultClient, Mockito.times(1)).getSecretValue(KEY);
verify(vaultClient, times(1)).getSecretValue(KEY);
assertThat(returnValue).isNull();
}

@Test
void setSecretSuccess() {
// prepare
var value = UUID.randomUUID().toString();
Mockito.when(vaultClient.setSecret(KEY, value)).thenReturn(Result.success(null));
when(vaultClient.setSecret(KEY, value)).thenReturn(Result.success(null));

// invoke
var returnValue = vault.storeSecret(KEY, value);

// verify
verify(vaultClient, Mockito.times(1)).setSecret(KEY, value);
Assertions.assertTrue(returnValue.succeeded());
verify(vaultClient, times(1)).setSecret(KEY, value);
assertThat(returnValue.succeeded()).isTrue();
}

@Test
void setSecretFailure() {
// prepare
var value = UUID.randomUUID().toString();
Mockito.when(vaultClient.setSecret(KEY, value)).thenReturn(Result.failure("test-failure"));
when(vaultClient.setSecret(KEY, value)).thenReturn(Result.failure("test-failure"));

// invoke
var returnValue = vault.storeSecret(KEY, value);

// verify
verify(vaultClient, Mockito.times(1)).setSecret(KEY, value);
Assertions.assertTrue(returnValue.failed());
verify(vaultClient, times(1)).setSecret(KEY, value);
assertThat(returnValue.failed()).isTrue();
}

@Test
void destroySecretSuccess() {
// prepare
Mockito.when(vaultClient.destroySecret(KEY)).thenReturn(Result.success());
when(vaultClient.destroySecret(KEY)).thenReturn(Result.success());

// invoke
var returnValue = vault.deleteSecret(KEY);

// verify
verify(vaultClient, Mockito.times(1)).destroySecret(KEY);
Assertions.assertTrue(returnValue.succeeded());
verify(vaultClient, times(1)).destroySecret(KEY);
assertThat(returnValue.succeeded()).isTrue();
}

@Test
void destroySecretFailure() {
// prepare
Mockito.when(vaultClient.destroySecret(KEY)).thenReturn(Result.failure("test-failure"));
when(vaultClient.destroySecret(KEY)).thenReturn(Result.failure("test-failure"));

// invoke
var returnValue = vault.deleteSecret(KEY);

// verify
verify(vaultClient, Mockito.times(1)).destroySecret(KEY);
Assertions.assertTrue(returnValue.failed());
verify(vaultClient, times(1)).destroySecret(KEY);
assertThat(returnValue.failed()).isTrue();
}
}
Loading

0 comments on commit 536dfba

Please sign in to comment.