diff --git a/api/admin/secret.go b/api/admin/secret.go index d6df890d3..c9e1d8e73 100644 --- a/api/admin/secret.go +++ b/api/admin/secret.go @@ -66,7 +66,7 @@ func UpdateSecret(c *gin.Context) { } // send API call to update the secret - err = database.FromContext(c).UpdateSecret(input) + s, err := database.FromContext(c).UpdateSecret(input) if err != nil { retErr := fmt.Errorf("unable to update secret %d: %w", input.GetID(), err) @@ -75,5 +75,5 @@ func UpdateSecret(c *gin.Context) { return } - c.JSON(http.StatusOK, input) + c.JSON(http.StatusOK, s) } diff --git a/api/secret/create.go b/api/secret/create.go index 3ba5061f9..82a1cac5a 100644 --- a/api/secret/create.go +++ b/api/secret/create.go @@ -229,7 +229,7 @@ func CreateSecret(c *gin.Context) { } // send API call to create the secret - err = secret.FromContext(c, e).Create(t, o, n, input) + s, err := secret.FromContext(c, e).Create(t, o, n, input) if err != nil { retErr := fmt.Errorf("unable to create secret %s for %s service: %w", entry, e, err) @@ -238,7 +238,5 @@ func CreateSecret(c *gin.Context) { return } - s, _ := secret.FromContext(c, e).Get(t, o, n, input.GetName()) - c.JSON(http.StatusOK, s.Sanitize()) } diff --git a/api/secret/update.go b/api/secret/update.go index f71889701..1feaae4c3 100644 --- a/api/secret/update.go +++ b/api/secret/update.go @@ -161,7 +161,7 @@ func UpdateSecret(c *gin.Context) { } // send API call to update the secret - err = secret.FromContext(c, e).Update(t, o, n, input) + secret, err := secret.FromContext(c, e).Update(t, o, n, input) if err != nil { retErr := fmt.Errorf("unable to update secret %s for %s service: %w", entry, e, err) @@ -170,8 +170,5 @@ func UpdateSecret(c *gin.Context) { return } - // send API call to capture the updated secret - secret, _ := secret.FromContext(c, e).Get(t, o, n, input.GetName()) - c.JSON(http.StatusOK, secret.Sanitize()) } diff --git a/api/webhook/post.go b/api/webhook/post.go index 1d6f4edd8..f25fd872b 100644 --- a/api/webhook/post.go +++ b/api/webhook/post.go @@ -849,7 +849,7 @@ func renameRepository(h *library.Hook, r *library.Repo, c *gin.Context, m *types secret.SetOrg(r.GetOrg()) secret.SetRepo(r.GetName()) - err = database.FromContext(c).UpdateSecret(secret) + _, err = database.FromContext(c).UpdateSecret(secret) if err != nil { return nil, fmt.Errorf("unable to update secret for repo %s/%s: %w", prevOrg, prevRepo, err) } diff --git a/database/integration_test.go b/database/integration_test.go index 5d7fbe0cb..0f1e9808d 100644 --- a/database/integration_test.go +++ b/database/integration_test.go @@ -1053,7 +1053,7 @@ func testSecrets(t *testing.T, db Interface, resources *Resources) { // create the secrets for _, secret := range resources.Secrets { - err := db.CreateSecret(secret) + _, err := db.CreateSecret(secret) if err != nil { t.Errorf("unable to create secret %d: %v", secret.GetID(), err) } @@ -1226,16 +1226,11 @@ func testSecrets(t *testing.T, db Interface, resources *Resources) { // update the secrets for _, secret := range resources.Secrets { secret.SetUpdatedAt(time.Now().UTC().Unix()) - err = db.UpdateSecret(secret) + got, err := db.UpdateSecret(secret) if err != nil { t.Errorf("unable to update secret %d: %v", secret.GetID(), err) } - // lookup the secret by ID - got, err := db.GetSecret(secret.GetID()) - if err != nil { - t.Errorf("unable to get secret %d by ID: %v", secret.GetID(), err) - } if !reflect.DeepEqual(got, secret) { t.Errorf("GetSecret() is %v, want %v", got, secret) } diff --git a/database/secret/count_org_test.go b/database/secret/count_org_test.go index 45e109157..6ce684c5e 100644 --- a/database/secret/count_org_test.go +++ b/database/secret/count_org_test.go @@ -51,12 +51,12 @@ func TestSecret_Engine_CountSecretsForOrg(t *testing.T) { _sqlite := testSqlite(t) defer func() { _sql, _ := _sqlite.client.DB(); _sql.Close() }() - err := _sqlite.CreateSecret(_secretOne) + _, err := _sqlite.CreateSecret(_secretOne) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } - err = _sqlite.CreateSecret(_secretTwo) + _, err = _sqlite.CreateSecret(_secretTwo) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } diff --git a/database/secret/count_repo_test.go b/database/secret/count_repo_test.go index be2dc7a9c..8db30f4c5 100644 --- a/database/secret/count_repo_test.go +++ b/database/secret/count_repo_test.go @@ -62,12 +62,12 @@ func TestSecret_Engine_CountSecretsForRepo(t *testing.T) { _sqlite := testSqlite(t) defer func() { _sql, _ := _sqlite.client.DB(); _sql.Close() }() - err := _sqlite.CreateSecret(_secretOne) + _, err := _sqlite.CreateSecret(_secretOne) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } - err = _sqlite.CreateSecret(_secretTwo) + _, err = _sqlite.CreateSecret(_secretTwo) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } diff --git a/database/secret/count_team_test.go b/database/secret/count_team_test.go index 7b029d9e8..50bad4ae4 100644 --- a/database/secret/count_team_test.go +++ b/database/secret/count_team_test.go @@ -52,12 +52,12 @@ func TestSecret_Engine_CountSecretsForTeam(t *testing.T) { _sqlite := testSqlite(t) defer func() { _sql, _ := _sqlite.client.DB(); _sql.Close() }() - err := _sqlite.CreateSecret(_secretOne) + _, err := _sqlite.CreateSecret(_secretOne) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } - err = _sqlite.CreateSecret(_secretTwo) + _, err = _sqlite.CreateSecret(_secretTwo) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } @@ -158,12 +158,12 @@ func TestSecret_Engine_CountSecretsForTeams(t *testing.T) { _sqlite := testSqlite(t) defer func() { _sql, _ := _sqlite.client.DB(); _sql.Close() }() - err := _sqlite.CreateSecret(_secretOne) + _, err := _sqlite.CreateSecret(_secretOne) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } - err = _sqlite.CreateSecret(_secretTwo) + _, err = _sqlite.CreateSecret(_secretTwo) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } diff --git a/database/secret/count_test.go b/database/secret/count_test.go index b30dcdca2..d3b3f3c48 100644 --- a/database/secret/count_test.go +++ b/database/secret/count_test.go @@ -49,12 +49,12 @@ func TestSecret_Engine_CountSecrets(t *testing.T) { _sqlite := testSqlite(t) defer func() { _sql, _ := _sqlite.client.DB(); _sql.Close() }() - err := _sqlite.CreateSecret(_secretOne) + _, err := _sqlite.CreateSecret(_secretOne) if err != nil { t.Errorf("unable to create test repo for sqlite: %v", err) } - err = _sqlite.CreateSecret(_secretTwo) + _, err = _sqlite.CreateSecret(_secretTwo) if err != nil { t.Errorf("unable to create test repo for sqlite: %v", err) } diff --git a/database/secret/create.go b/database/secret/create.go index e061c36a1..734281cf1 100644 --- a/database/secret/create.go +++ b/database/secret/create.go @@ -15,7 +15,7 @@ import ( ) // CreateSecret creates a new secret in the database. -func (e *engine) CreateSecret(s *library.Secret) error { +func (e *engine) CreateSecret(s *library.Secret) (*library.Secret, error) { // handle the secret based off the type switch s.GetType() { case constants.SecretShared: @@ -44,7 +44,7 @@ func (e *engine) CreateSecret(s *library.Secret) error { // https://pkg.go.dev/github.com/go-vela/types/database#Secret.Validate err := secret.Validate() if err != nil { - return err + return nil, err } // encrypt the fields for the secret @@ -54,15 +54,29 @@ func (e *engine) CreateSecret(s *library.Secret) error { if err != nil { switch s.GetType() { case constants.SecretShared: - return fmt.Errorf("unable to encrypt secret %s/%s/%s/%s: %w", s.GetType(), s.GetOrg(), s.GetTeam(), s.GetName(), err) + return nil, fmt.Errorf("unable to encrypt secret %s/%s/%s/%s: %w", s.GetType(), s.GetOrg(), s.GetTeam(), s.GetName(), err) default: - return fmt.Errorf("unable to encrypt secret %s/%s/%s/%s: %w", s.GetType(), s.GetOrg(), s.GetRepo(), s.GetName(), err) + return nil, fmt.Errorf("unable to encrypt secret %s/%s/%s/%s: %w", s.GetType(), s.GetOrg(), s.GetRepo(), s.GetName(), err) } } - // send query to the database - return e.client. - Table(constants.TableSecret). - Create(secret.Nullify()). - Error + // create secret record + result := e.client.Table(constants.TableSecret).Create(secret.Nullify()) + + if result.Error != nil { + return nil, result.Error + } + + // decrypt the fields for the secret to return + err = secret.Decrypt(e.config.EncryptionKey) + if err != nil { + switch s.GetType() { + case constants.SecretShared: + return nil, fmt.Errorf("unable to decrypt secret %s/%s/%s/%s: %w", s.GetType(), s.GetOrg(), s.GetTeam(), s.GetName(), err) + default: + return nil, fmt.Errorf("unable to decrypt secret %s/%s/%s/%s: %w", s.GetType(), s.GetOrg(), s.GetRepo(), s.GetName(), err) + } + } + + return secret.ToLibrary(), nil } diff --git a/database/secret/create_test.go b/database/secret/create_test.go index 1f6fbd3bd..ec4fa38e3 100644 --- a/database/secret/create_test.go +++ b/database/secret/create_test.go @@ -5,6 +5,7 @@ package secret import ( + "reflect" "testing" "github.com/DATA-DOG/go-sqlmock" @@ -127,7 +128,7 @@ VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14) RETURNING "id"`). // run tests for _, test := range tests { t.Run(test.name, func(t *testing.T) { - err := test.database.CreateSecret(test.secret) + got, err := test.database.CreateSecret(test.secret) if test.failure { if err == nil { @@ -140,6 +141,10 @@ VALUES ($1,$2,$3,$4,$5,$6,$7,$8,$9,$10,$11,$12,$13,$14) RETURNING "id"`). if err != nil { t.Errorf("CreateSecret for %s returned err: %v", test.name, err) } + + if !reflect.DeepEqual(got, test.secret) { + t.Errorf("CreateSecret is %s, want %s", got, test.secret) + } }) } } diff --git a/database/secret/delete_test.go b/database/secret/delete_test.go index c44202544..46def2c55 100644 --- a/database/secret/delete_test.go +++ b/database/secret/delete_test.go @@ -70,17 +70,17 @@ func TestSecret_Engine_DeleteSecret(t *testing.T) { _sqlite := testSqlite(t) defer func() { _sql, _ := _sqlite.client.DB(); _sql.Close() }() - err := _sqlite.CreateSecret(_secretRepo) + _, err := _sqlite.CreateSecret(_secretRepo) if err != nil { t.Errorf("unable to create test repo secret for sqlite: %v", err) } - err = _sqlite.CreateSecret(_secretOrg) + _, err = _sqlite.CreateSecret(_secretOrg) if err != nil { t.Errorf("unable to create test org secret for sqlite: %v", err) } - err = _sqlite.CreateSecret(_secretShared) + _, err = _sqlite.CreateSecret(_secretShared) if err != nil { t.Errorf("unable to create test shared secret for sqlite: %v", err) } diff --git a/database/secret/get_org_test.go b/database/secret/get_org_test.go index 107c2d804..7747838b8 100644 --- a/database/secret/get_org_test.go +++ b/database/secret/get_org_test.go @@ -42,7 +42,7 @@ func TestSecret_Engine_GetSecretForOrg(t *testing.T) { _sqlite := testSqlite(t) defer func() { _sql, _ := _sqlite.client.DB(); _sql.Close() }() - err := _sqlite.CreateSecret(_secret) + _, err := _sqlite.CreateSecret(_secret) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } diff --git a/database/secret/get_repo_test.go b/database/secret/get_repo_test.go index 98b9f1da6..05d872373 100644 --- a/database/secret/get_repo_test.go +++ b/database/secret/get_repo_test.go @@ -52,7 +52,7 @@ func TestSecret_Engine_GetSecretForRepo(t *testing.T) { _sqlite := testSqlite(t) defer func() { _sql, _ := _sqlite.client.DB(); _sql.Close() }() - err := _sqlite.CreateSecret(_secret) + _, err := _sqlite.CreateSecret(_secret) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } diff --git a/database/secret/get_team_test.go b/database/secret/get_team_test.go index 8705a4e96..217415189 100644 --- a/database/secret/get_team_test.go +++ b/database/secret/get_team_test.go @@ -42,7 +42,7 @@ func TestSecret_Engine_GetSecretForTeam(t *testing.T) { _sqlite := testSqlite(t) defer func() { _sql, _ := _sqlite.client.DB(); _sql.Close() }() - err := _sqlite.CreateSecret(_secret) + _, err := _sqlite.CreateSecret(_secret) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } diff --git a/database/secret/get_test.go b/database/secret/get_test.go index c4499c0fc..e19e89291 100644 --- a/database/secret/get_test.go +++ b/database/secret/get_test.go @@ -40,7 +40,7 @@ func TestSecret_Engine_GetSecret(t *testing.T) { _sqlite := testSqlite(t) defer func() { _sql, _ := _sqlite.client.DB(); _sql.Close() }() - err := _sqlite.CreateSecret(_secret) + _, err := _sqlite.CreateSecret(_secret) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } diff --git a/database/secret/interface.go b/database/secret/interface.go index c6bee369a..dfb134d9b 100644 --- a/database/secret/interface.go +++ b/database/secret/interface.go @@ -37,7 +37,7 @@ type SecretInterface interface { // CountSecretsForTeams defines a function that gets the count of secrets by teams within an org. CountSecretsForTeams(string, []string, map[string]interface{}) (int64, error) // CreateSecret defines a function that creates a new secret. - CreateSecret(*library.Secret) error + CreateSecret(*library.Secret) (*library.Secret, error) // DeleteSecret defines a function that deletes an existing secret. DeleteSecret(*library.Secret) error // GetSecret defines a function that gets a secret by ID. @@ -59,5 +59,5 @@ type SecretInterface interface { // ListSecretsForTeams defines a function that gets a list of secrets by teams within an org. ListSecretsForTeams(string, []string, map[string]interface{}, int, int) ([]*library.Secret, int64, error) // UpdateSecret defines a function that updates an existing secret. - UpdateSecret(*library.Secret) error + UpdateSecret(*library.Secret) (*library.Secret, error) } diff --git a/database/secret/list_org_test.go b/database/secret/list_org_test.go index dbf6695a4..23acd7ead 100644 --- a/database/secret/list_org_test.go +++ b/database/secret/list_org_test.go @@ -62,12 +62,12 @@ func TestSecret_Engine_ListSecretsForOrg(t *testing.T) { _sqlite := testSqlite(t) defer func() { _sql, _ := _sqlite.client.DB(); _sql.Close() }() - err := _sqlite.CreateSecret(_secretOne) + _, err := _sqlite.CreateSecret(_secretOne) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } - err = _sqlite.CreateSecret(_secretTwo) + _, err = _sqlite.CreateSecret(_secretTwo) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } diff --git a/database/secret/list_repo_test.go b/database/secret/list_repo_test.go index 10f389f8a..db26d2543 100644 --- a/database/secret/list_repo_test.go +++ b/database/secret/list_repo_test.go @@ -73,12 +73,12 @@ func TestSecret_Engine_ListSecretsForRepo(t *testing.T) { _sqlite := testSqlite(t) defer func() { _sql, _ := _sqlite.client.DB(); _sql.Close() }() - err := _sqlite.CreateSecret(_secretOne) + _, err := _sqlite.CreateSecret(_secretOne) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } - err = _sqlite.CreateSecret(_secretTwo) + _, err = _sqlite.CreateSecret(_secretTwo) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } diff --git a/database/secret/list_team_test.go b/database/secret/list_team_test.go index 39492f52a..546877659 100644 --- a/database/secret/list_team_test.go +++ b/database/secret/list_team_test.go @@ -63,12 +63,12 @@ func TestSecret_Engine_ListSecretsForTeam(t *testing.T) { _sqlite := testSqlite(t) defer func() { _sql, _ := _sqlite.client.DB(); _sql.Close() }() - err := _sqlite.CreateSecret(_secretOne) + _, err := _sqlite.CreateSecret(_secretOne) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } - err = _sqlite.CreateSecret(_secretTwo) + _, err = _sqlite.CreateSecret(_secretTwo) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } @@ -169,12 +169,12 @@ func TestSecret_Engine_ListSecretsForTeams(t *testing.T) { _sqlite := testSqlite(t) defer func() { _sql, _ := _sqlite.client.DB(); _sql.Close() }() - err := _sqlite.CreateSecret(_secretOne) + _, err := _sqlite.CreateSecret(_secretOne) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } - err = _sqlite.CreateSecret(_secretTwo) + _, err = _sqlite.CreateSecret(_secretTwo) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } diff --git a/database/secret/list_test.go b/database/secret/list_test.go index b962925ed..d0f4d9768 100644 --- a/database/secret/list_test.go +++ b/database/secret/list_test.go @@ -59,12 +59,12 @@ func TestSecret_Engine_ListSecrets(t *testing.T) { _sqlite := testSqlite(t) defer func() { _sql, _ := _sqlite.client.DB(); _sql.Close() }() - err := _sqlite.CreateSecret(_secretOne) + _, err := _sqlite.CreateSecret(_secretOne) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } - err = _sqlite.CreateSecret(_secretTwo) + _, err = _sqlite.CreateSecret(_secretTwo) if err != nil { t.Errorf("unable to create test secret for sqlite: %v", err) } diff --git a/database/secret/update.go b/database/secret/update.go index 3f00efb09..823ede644 100644 --- a/database/secret/update.go +++ b/database/secret/update.go @@ -15,7 +15,7 @@ import ( ) // UpdateSecret updates an existing secret in the database. -func (e *engine) UpdateSecret(s *library.Secret) error { +func (e *engine) UpdateSecret(s *library.Secret) (*library.Secret, error) { // handle the secret based off the type switch s.GetType() { case constants.SecretShared: @@ -44,7 +44,7 @@ func (e *engine) UpdateSecret(s *library.Secret) error { // https://pkg.go.dev/github.com/go-vela/types/database#Secret.Validate err := secret.Validate() if err != nil { - return err + return nil, err } // encrypt the fields for the secret @@ -54,15 +54,26 @@ func (e *engine) UpdateSecret(s *library.Secret) error { if err != nil { switch s.GetType() { case constants.SecretShared: - return fmt.Errorf("unable to encrypt secret %s/%s/%s/%s: %w", s.GetType(), s.GetOrg(), s.GetTeam(), s.GetName(), err) + return nil, fmt.Errorf("unable to encrypt secret %s/%s/%s/%s: %w", s.GetType(), s.GetOrg(), s.GetTeam(), s.GetName(), err) default: - return fmt.Errorf("unable to encrypt secret %s/%s/%s/%s: %w", s.GetType(), s.GetOrg(), s.GetRepo(), s.GetName(), err) + return nil, fmt.Errorf("unable to encrypt secret %s/%s/%s/%s: %w", s.GetType(), s.GetOrg(), s.GetRepo(), s.GetName(), err) } } - // send query to the database - return e.client. - Table(constants.TableSecret). - Save(secret.Nullify()). - Error + err = e.client.Table(constants.TableSecret).Save(secret.Nullify()).Error + if err != nil { + return nil, err + } + + err = secret.Decrypt(e.config.EncryptionKey) + if err != nil { + switch s.GetType() { + case constants.SecretShared: + return nil, fmt.Errorf("unable to decrypt secret %s/%s/%s/%s: %w", s.GetType(), s.GetOrg(), s.GetTeam(), s.GetName(), err) + default: + return nil, fmt.Errorf("unable to decrypt secret %s/%s/%s/%s: %w", s.GetType(), s.GetOrg(), s.GetRepo(), s.GetName(), err) + } + } + + return secret.ToLibrary(), nil } diff --git a/database/secret/update_test.go b/database/secret/update_test.go index fd9a24ff6..247b9d229 100644 --- a/database/secret/update_test.go +++ b/database/secret/update_test.go @@ -5,6 +5,7 @@ package secret import ( + "reflect" "testing" "github.com/DATA-DOG/go-sqlmock" @@ -76,17 +77,17 @@ WHERE "id" = $14`). _sqlite := testSqlite(t) defer func() { _sql, _ := _sqlite.client.DB(); _sql.Close() }() - err := _sqlite.CreateSecret(_secretRepo) + _, err := _sqlite.CreateSecret(_secretRepo) if err != nil { t.Errorf("unable to create test repo secret for sqlite: %v", err) } - err = _sqlite.CreateSecret(_secretOrg) + _, err = _sqlite.CreateSecret(_secretOrg) if err != nil { t.Errorf("unable to create test org secret for sqlite: %v", err) } - err = _sqlite.CreateSecret(_secretShared) + _, err = _sqlite.CreateSecret(_secretShared) if err != nil { t.Errorf("unable to create test shared secret for sqlite: %v", err) } @@ -139,7 +140,8 @@ WHERE "id" = $14`). // run tests for _, test := range tests { t.Run(test.name, func(t *testing.T) { - err = test.database.UpdateSecret(test.secret) + got, err := test.database.UpdateSecret(test.secret) + got.SetUpdatedAt(test.secret.GetUpdatedAt()) if test.failure { if err == nil { @@ -152,6 +154,10 @@ WHERE "id" = $14`). if err != nil { t.Errorf("UpdateSecret for %s returned err: %v", test.name, err) } + + if !reflect.DeepEqual(got, test.secret) { + t.Errorf("UpdateSecret for %s is %s, want %s", test.name, got, test.secret) + } }) } } diff --git a/secret/native/count_test.go b/secret/native/count_test.go index 2d1080029..42c71cc9b 100644 --- a/secret/native/count_test.go +++ b/secret/native/count_test.go @@ -38,7 +38,7 @@ func TestNative_Count(t *testing.T) { db.Close() }() - _ = db.CreateSecret(sec) + _, _ = db.CreateSecret(sec) // run test s, err := New( diff --git a/secret/native/create.go b/secret/native/create.go index 6b6c90512..b93869602 100644 --- a/secret/native/create.go +++ b/secret/native/create.go @@ -13,7 +13,7 @@ import ( ) // Create creates a new secret. -func (c *client) Create(sType, org, name string, s *library.Secret) error { +func (c *client) Create(sType, org, name string, s *library.Secret) (*library.Secret, error) { // handle the secret based off the type switch sType { case constants.SecretOrg: @@ -46,6 +46,6 @@ func (c *client) Create(sType, org, name string, s *library.Secret) error { // create the shared secret in the native service return c.Database.CreateSecret(s) default: - return fmt.Errorf("invalid secret type: %s", sType) + return nil, fmt.Errorf("invalid secret type: %s", sType) } } diff --git a/secret/native/create_test.go b/secret/native/create_test.go index 328b22ae0..93c6898a4 100644 --- a/secret/native/create_test.go +++ b/secret/native/create_test.go @@ -49,13 +49,11 @@ func TestNative_Create_Org(t *testing.T) { t.Errorf("New returned err: %v", err) } - err = s.Create("org", "foo", "*", want) + got, err := s.Create("org", "foo", "*", want) if err != nil { t.Errorf("Create returned err: %v", err) } - got, _ := s.Get("org", "foo", "*", "bar") - if !reflect.DeepEqual(got, want) { t.Errorf("Create is %v, want %v", got, want) } @@ -98,13 +96,11 @@ func TestNative_Create_Repo(t *testing.T) { t.Errorf("New returned err: %v", err) } - err = s.Create("repo", "foo", "bar", want) + got, err := s.Create("repo", "foo", "bar", want) if err != nil { t.Errorf("Create returned err: %v", err) } - got, _ := s.Get("repo", "foo", "bar", "baz") - if !reflect.DeepEqual(got, want) { t.Errorf("Create is %v, want %v", got, want) } @@ -147,13 +143,11 @@ func TestNative_Create_Shared(t *testing.T) { t.Errorf("New returned err: %v", err) } - err = s.Create("shared", "foo", "bar", want) + got, err := s.Create("shared", "foo", "bar", want) if err != nil { t.Errorf("Create returned err: %v", err) } - got, _ := s.Get("shared", "foo", "bar", "baz") - if !reflect.DeepEqual(got, want) { t.Errorf("Create is %v, want %v", got, want) } @@ -196,7 +190,7 @@ func TestNative_Create_Invalid(t *testing.T) { t.Errorf("New returned err: %v", err) } - err = s.Create("invalid", "foo", "bar", sec) + _, err = s.Create("invalid", "foo", "bar", sec) if err == nil { t.Errorf("Create should have returned err") } diff --git a/secret/native/delete_test.go b/secret/native/delete_test.go index e1c49c133..e2e21a5f7 100644 --- a/secret/native/delete_test.go +++ b/secret/native/delete_test.go @@ -38,7 +38,7 @@ func TestNative_Delete(t *testing.T) { db.Close() }() - _ = db.CreateSecret(sec) + _, _ = db.CreateSecret(sec) // run test s, err := New( diff --git a/secret/native/get_test.go b/secret/native/get_test.go index 438ede6a7..218236dc6 100644 --- a/secret/native/get_test.go +++ b/secret/native/get_test.go @@ -50,7 +50,7 @@ func TestNative_Get(t *testing.T) { t.Errorf("New returned err: %v", err) } - _ = s.Create("repo", "foo", "bar", want) + _, _ = s.Create("repo", "foo", "bar", want) got, err := s.Get("repo", "foo", "bar", "baz") if err != nil { diff --git a/secret/native/list_test.go b/secret/native/list_test.go index ae0870cd6..2cec7b78e 100644 --- a/secret/native/list_test.go +++ b/secret/native/list_test.go @@ -68,9 +68,9 @@ func TestNative_List(t *testing.T) { t.Errorf("New returned err: %v", err) } - _ = s.Create("repo", "foo", "bar", sOne) + _, _ = s.Create("repo", "foo", "bar", sOne) - _ = s.Create("repo", "foo", "bar", sTwo) + _, _ = s.Create("repo", "foo", "bar", sTwo) got, err := s.List("repo", "foo", "bar", 1, 10, []string{}) if err != nil { diff --git a/secret/native/update.go b/secret/native/update.go index ceda7e842..045b340c2 100644 --- a/secret/native/update.go +++ b/secret/native/update.go @@ -13,11 +13,11 @@ import ( ) // Update updates an existing secret. -func (c *client) Update(sType, org, name string, s *library.Secret) error { +func (c *client) Update(sType, org, name string, s *library.Secret) (*library.Secret, error) { // capture the secret from the native service secret, err := c.Get(sType, org, name, s.GetName()) if err != nil { - return err + return nil, err } // update the events if set @@ -78,6 +78,6 @@ func (c *client) Update(sType, org, name string, s *library.Secret) error { // update the shared secret in the native service return c.Database.UpdateSecret(secret) default: - return fmt.Errorf("invalid secret type: %s", sType) + return nil, fmt.Errorf("invalid secret type: %s", sType) } } diff --git a/secret/native/update_test.go b/secret/native/update_test.go index f8c7bf3cb..66e637ad3 100644 --- a/secret/native/update_test.go +++ b/secret/native/update_test.go @@ -58,7 +58,7 @@ func TestNative_Update(t *testing.T) { db.Close() }() - _ = db.CreateSecret(original) + _, _ = db.CreateSecret(original) // run test s, err := New( @@ -68,13 +68,11 @@ func TestNative_Update(t *testing.T) { t.Errorf("New returned err: %v", err) } - err = s.Update("repo", "foo", "bar", want) + got, err := s.Update("repo", "foo", "bar", want) if err != nil { t.Errorf("Update returned err: %v", err) } - got, _ := s.Get("repo", "foo", "bar", "baz") - if !reflect.DeepEqual(got, want) { t.Errorf("Update is %v, want %v", got, want) } @@ -101,7 +99,7 @@ func TestNative_Update_Invalid(t *testing.T) { t.Errorf("New returned err: %v", err) } - err = s.Update("repo", "foo", "bar", sec) + _, err = s.Update("repo", "foo", "bar", sec) if err == nil { t.Errorf("Update should have returned err") } diff --git a/secret/service.go b/secret/service.go index 855ae1863..aacb9a0d3 100644 --- a/secret/service.go +++ b/secret/service.go @@ -22,9 +22,9 @@ type Service interface { // Count defines a function that counts a list of secrets. Count(string, string, string, []string) (int64, error) // Create defines a function that creates a new secret. - Create(string, string, string, *library.Secret) error + Create(string, string, string, *library.Secret) (*library.Secret, error) // Update defines a function that updates an existing secret. - Update(string, string, string, *library.Secret) error + Update(string, string, string, *library.Secret) (*library.Secret, error) // Delete defines a function that deletes a secret. Delete(string, string, string, string) error diff --git a/secret/vault/create.go b/secret/vault/create.go index bdcde401d..ba34883ef 100644 --- a/secret/vault/create.go +++ b/secret/vault/create.go @@ -16,7 +16,7 @@ import ( ) // Create creates a new secret. -func (c *client) Create(sType, org, name string, s *library.Secret) error { +func (c *client) Create(sType, org, name string, s *library.Secret) (*library.Secret, error) { // create log fields from secret metadata fields := logrus.Fields{ "org": org, @@ -41,7 +41,7 @@ func (c *client) Create(sType, org, name string, s *library.Secret) error { // validate the secret err := database.SecretFromLibrary(s).Validate() if err != nil { - return err + return nil, err } // convert our secret to a Vault secret @@ -56,31 +56,31 @@ func (c *client) Create(sType, org, name string, s *library.Secret) error { case constants.SecretShared: return c.createShared(org, name, s.GetName(), vault.Data) default: - return fmt.Errorf("invalid secret type: %v", sType) + return nil, fmt.Errorf("invalid secret type: %v", sType) } } // createOrg is a helper function to create // the org secret for the provided path. -func (c *client) createOrg(org, path string, data map[string]interface{}) error { +func (c *client) createOrg(org, path string, data map[string]interface{}) (*library.Secret, error) { return c.create(fmt.Sprintf("%s/org/%s/%s", c.config.Prefix, org, path), data) } // createRepo is a helper function to create // the repo secret for the provided path. -func (c *client) createRepo(org, repo, path string, data map[string]interface{}) error { +func (c *client) createRepo(org, repo, path string, data map[string]interface{}) (*library.Secret, error) { return c.create(fmt.Sprintf("%s/repo/%s/%s/%s", c.config.Prefix, org, repo, path), data) } // createShared is a helper function to create // the shared secret for the provided path. -func (c *client) createShared(org, team, path string, data map[string]interface{}) error { +func (c *client) createShared(org, team, path string, data map[string]interface{}) (*library.Secret, error) { return c.create(fmt.Sprintf("%s/shared/%s/%s/%s", c.config.Prefix, org, team, path), data) } // create is a helper function to create // the secret for the provided path. -func (c *client) create(path string, data map[string]interface{}) error { +func (c *client) create(path string, data map[string]interface{}) (*library.Secret, error) { if strings.HasPrefix("secret/data", c.config.Prefix) { data = map[string]interface{}{ "data": data, @@ -88,10 +88,10 @@ func (c *client) create(path string, data map[string]interface{}) error { } // send API call to create the secret - _, err := c.Vault.Logical().Write(path, data) + s, err := c.Vault.Logical().Write(path, data) if err != nil { - return err + return nil, err } - return nil + return secretFromVault(s), nil } diff --git a/secret/vault/create_test.go b/secret/vault/create_test.go index d6e03d920..3213925f1 100644 --- a/secret/vault/create_test.go +++ b/secret/vault/create_test.go @@ -7,6 +7,7 @@ package vault import ( "net/http" "net/http/httptest" + "reflect" "testing" "github.com/go-vela/types/library" @@ -23,15 +24,21 @@ func TestVault_Create_Org(t *testing.T) { // setup mock server engine.PUT("/v1/secret/org/foo/bar", func(c *gin.Context) { - c.String(http.StatusNoContent, "") + c.Header("Content-Type", "application/json") + c.Status(http.StatusOK) + c.File("testdata/v1/org.json") }) engine.PUT("/v1/secret/data/org/foo/bar", func(c *gin.Context) { - c.String(http.StatusNoContent, "") + c.Header("Content-Type", "application/json") + c.Status(http.StatusOK) + c.File("testdata/v2/org.json") }) engine.PUT("/v1/secret/data/prefix/org/foo/bar", func(c *gin.Context) { - c.String(http.StatusNoContent, "") + c.Header("Content-Type", "application/json") + c.Status(http.StatusOK) + c.File("testdata/v2/org.json") }) fake := httptest.NewServer(engine) @@ -41,13 +48,11 @@ func TestVault_Create_Org(t *testing.T) { sec := new(library.Secret) sec.SetOrg("foo") sec.SetRepo("*") - sec.SetTeam("") sec.SetName("bar") sec.SetValue("baz") sec.SetType("org") sec.SetImages([]string{"foo", "bar"}) sec.SetEvents([]string{"foo", "bar"}) - sec.SetAllowCommand(false) type args struct { version string @@ -77,7 +82,7 @@ func TestVault_Create_Org(t *testing.T) { if err != nil { t.Errorf("New returned err: %v", err) } - err = s.Create("org", "foo", "*", sec) + got, err := s.Create("org", "foo", "*", sec) if resp.Code != http.StatusOK { t.Errorf("Create returned %v, want %v", resp.Code, http.StatusOK) @@ -86,6 +91,10 @@ func TestVault_Create_Org(t *testing.T) { if err != nil { t.Errorf("Create returned err: %v", err) } + + if !reflect.DeepEqual(got, sec) { + t.Errorf("Create returned %s, want %s", got, sec) + } }) } } @@ -99,15 +108,21 @@ func TestVault_Create_Repo(t *testing.T) { // setup mock server engine.PUT("/v1/secret/repo/foo/bar/baz", func(c *gin.Context) { - c.String(http.StatusNoContent, "") + c.Header("Content-Type", "application/json") + c.Status(http.StatusOK) + c.File("testdata/v1/repo.json") }) engine.PUT("/v1/secret/data/repo/foo/bar/baz", func(c *gin.Context) { - c.String(http.StatusNoContent, "") + c.Header("Content-Type", "application/json") + c.Status(http.StatusOK) + c.File("testdata/v2/repo.json") }) engine.PUT("/v1/secret/data/prefix/repo/foo/bar/baz", func(c *gin.Context) { - c.String(http.StatusNoContent, "") + c.Header("Content-Type", "application/json") + c.Status(http.StatusOK) + c.File("testdata/v2/repo.json") }) fake := httptest.NewServer(engine) @@ -117,13 +132,11 @@ func TestVault_Create_Repo(t *testing.T) { sec := new(library.Secret) sec.SetOrg("foo") sec.SetRepo("bar") - sec.SetTeam("") sec.SetName("baz") sec.SetValue("foob") sec.SetType("repo") sec.SetImages([]string{"foo", "bar"}) sec.SetEvents([]string{"foo", "bar"}) - sec.SetAllowCommand(false) type args struct { version string @@ -153,7 +166,8 @@ func TestVault_Create_Repo(t *testing.T) { if err != nil { t.Errorf("New returned err: %v", err) } - err = s.Create("repo", "foo", "bar", sec) + + got, err := s.Create("repo", "foo", "bar", sec) if resp.Code != http.StatusOK { t.Errorf("Create returned %v, want %v", resp.Code, http.StatusOK) @@ -162,6 +176,10 @@ func TestVault_Create_Repo(t *testing.T) { if err != nil { t.Errorf("Create returned err: %v", err) } + + if !reflect.DeepEqual(got, sec) { + t.Errorf("Create returned %s, want %s", got, sec) + } }) } } @@ -175,13 +193,21 @@ func TestVault_Create_Shared(t *testing.T) { // setup mock server engine.PUT("/v1/secret/shared/foo/bar/baz", func(c *gin.Context) { - c.String(http.StatusNoContent, "") + c.Header("Content-Type", "application/json") + c.Status(http.StatusOK) + c.File("testdata/v1/shared.json") }) + engine.PUT("/v1/secret/data/shared/foo/bar/baz", func(c *gin.Context) { - c.String(http.StatusNoContent, "") + c.Header("Content-Type", "application/json") + c.Status(http.StatusOK) + c.File("testdata/v2/shared.json") }) + engine.PUT("/v1/secret/data/prefix/shared/foo/bar/baz", func(c *gin.Context) { - c.String(http.StatusNoContent, "") + c.Header("Content-Type", "application/json") + c.Status(http.StatusOK) + c.File("testdata/v2/shared.json") }) fake := httptest.NewServer(engine) @@ -190,14 +216,12 @@ func TestVault_Create_Shared(t *testing.T) { // setup types sec := new(library.Secret) sec.SetOrg("foo") - sec.SetRepo("") sec.SetTeam("bar") sec.SetName("baz") sec.SetValue("foob") sec.SetType("shared") sec.SetImages([]string{"foo", "bar"}) sec.SetEvents([]string{"foo", "bar"}) - sec.SetAllowCommand(false) type args struct { version string @@ -227,7 +251,8 @@ func TestVault_Create_Shared(t *testing.T) { if err != nil { t.Errorf("New returned err: %v", err) } - err = s.Create("shared", "foo", "bar", sec) + + got, err := s.Create("shared", "foo", "bar", sec) if resp.Code != http.StatusOK { t.Errorf("Create returned %v, want %v", resp.Code, http.StatusOK) @@ -236,6 +261,10 @@ func TestVault_Create_Shared(t *testing.T) { if err != nil { t.Errorf("Create returned err: %v", err) } + + if !reflect.DeepEqual(got, sec) { + t.Errorf("Create returned %s, want %s", got, sec) + } }) } } @@ -303,7 +332,8 @@ func TestVault_Create_InvalidSecret(t *testing.T) { if err != nil { t.Errorf("New returned err: %v", err) } - err = s.Create("repo", "foo", "bar", sec) + + _, err = s.Create("repo", "foo", "bar", sec) if resp.Code != http.StatusOK { t.Errorf("Create returned %v, want %v", resp.Code, http.StatusOK) @@ -362,7 +392,7 @@ func TestVault_Create_InvalidType(t *testing.T) { t.Errorf("New returned err: %v", err) } - err = s.Create("invalid", "foo", "bar", sec) + _, err = s.Create("invalid", "foo", "bar", sec) if err == nil { t.Errorf("Create should have returned err") } @@ -416,7 +446,7 @@ func TestVault_Create_ClosedServer(t *testing.T) { t.Errorf("New returned err: %v", err) } - err = s.Create("repo", "foo", "bar", sec) + _, err = s.Create("repo", "foo", "bar", sec) if err == nil { t.Errorf("Create should have returned err") } diff --git a/secret/vault/update.go b/secret/vault/update.go index ef0f1e131..453d15e3e 100644 --- a/secret/vault/update.go +++ b/secret/vault/update.go @@ -16,7 +16,7 @@ import ( ) // Update updates a secret. -func (c *client) Update(sType, org, name string, s *library.Secret) error { +func (c *client) Update(sType, org, name string, s *library.Secret) (*library.Secret, error) { // create log fields from secret metadata fields := logrus.Fields{ "org": org, @@ -41,7 +41,7 @@ func (c *client) Update(sType, org, name string, s *library.Secret) error { // capture the secret from the Vault service sec, err := c.Get(sType, org, name, s.GetName()) if err != nil { - return err + return nil, err } // convert the Vault secret our secret @@ -65,7 +65,7 @@ func (c *client) Update(sType, org, name string, s *library.Secret) error { // validate the secret err = database.SecretFromLibrary(secretFromVault(vault)).Validate() if err != nil { - return err + return nil, err } // update the secret for the Vault service @@ -83,35 +83,35 @@ func (c *client) Update(sType, org, name string, s *library.Secret) error { // updateOrg is a helper function to update // the org secret for the provided path. -func (c *client) updateOrg(org, path string, data map[string]interface{}) error { +func (c *client) updateOrg(org, path string, data map[string]interface{}) (*library.Secret, error) { return c.update(fmt.Sprintf("%s/%s/%s/%s", c.config.Prefix, constants.SecretOrg, org, path), data) } // updateRepo is a helper function to update // the repo secret for the provided path. -func (c *client) updateRepo(org, repo, path string, data map[string]interface{}) error { +func (c *client) updateRepo(org, repo, path string, data map[string]interface{}) (*library.Secret, error) { return c.update(fmt.Sprintf("%s/%s/%s/%s/%s", c.config.Prefix, constants.SecretRepo, org, repo, path), data) } // updateShared is a helper function to update // the shared secret for the provided path. -func (c *client) updateShared(org, team, path string, data map[string]interface{}) error { +func (c *client) updateShared(org, team, path string, data map[string]interface{}) (*library.Secret, error) { return c.update(fmt.Sprintf("%s/%s/%s/%s/%s", c.config.Prefix, constants.SecretShared, org, team, path), data) } // update is a helper function to update // the secret for the provided path. -func (c *client) update(path string, data map[string]interface{}) error { +func (c *client) update(path string, data map[string]interface{}) (*library.Secret, error) { if strings.HasPrefix("secret/data", c.config.Prefix) { data = map[string]interface{}{ "data": data, } } - _, err := c.Vault.Logical().Write(path, data) + s, err := c.Vault.Logical().Write(path, data) if err != nil { - return err + return nil, err } - return nil + return secretFromVault(s), nil } diff --git a/secret/vault/update_test.go b/secret/vault/update_test.go index a0f54de42..49e04a1b2 100644 --- a/secret/vault/update_test.go +++ b/secret/vault/update_test.go @@ -7,6 +7,7 @@ package vault import ( "net/http" "net/http/httptest" + "reflect" "testing" "github.com/go-vela/types/library" @@ -22,31 +23,37 @@ func TestVault_Update_Org(t *testing.T) { _, engine := gin.CreateTestContext(resp) // setup mock server - engine.GET("/v1/secret/org/foo/bar", func(c *gin.Context) { + engine.PUT("/v1/secret/org/foo/bar", func(c *gin.Context) { c.Header("Content-Type", "application/json") c.Status(http.StatusOK) c.File("testdata/v1/org.json") }) - engine.PUT("/v1/secret/org/foo/bar", func(c *gin.Context) { - c.String(http.StatusNoContent, "") + engine.GET("/v1/secret/org/foo/bar", func(c *gin.Context) { + c.Header("Content-Type", "application/json") + c.Status(http.StatusOK) + c.File("testdata/v1/org.json") }) - engine.GET("/v1/secret/data/org/foo/bar", func(c *gin.Context) { + engine.PUT("/v1/secret/data/org/foo/bar", func(c *gin.Context) { c.Header("Content-Type", "application/json") c.Status(http.StatusOK) c.File("testdata/v2/org.json") }) - engine.PUT("/v1/secret/data/org/foo/bar", func(c *gin.Context) { - c.String(http.StatusNoContent, "") + engine.GET("/v1/secret/data/org/foo/bar", func(c *gin.Context) { + c.Header("Content-Type", "application/json") + c.Status(http.StatusOK) + c.File("testdata/v2/org.json") }) - engine.GET("/v1/secret/data/prefix/org/foo/bar", func(c *gin.Context) { + engine.PUT("/v1/secret/data/prefix/org/foo/bar", func(c *gin.Context) { c.Header("Content-Type", "application/json") c.Status(http.StatusOK) c.File("testdata/v2/org.json") }) - engine.PUT("/v1/secret/data/prefix/org/foo/bar", func(c *gin.Context) { - c.String(http.StatusNoContent, "") + engine.GET("/v1/secret/data/prefix/org/foo/bar", func(c *gin.Context) { + c.Header("Content-Type", "application/json") + c.Status(http.StatusOK) + c.File("testdata/v2/org.json") }) fake := httptest.NewServer(engine) @@ -56,13 +63,11 @@ func TestVault_Update_Org(t *testing.T) { sec := new(library.Secret) sec.SetOrg("foo") sec.SetRepo("*") - sec.SetTeam("") sec.SetName("bar") sec.SetValue("baz") sec.SetType("org") sec.SetImages([]string{"foo", "bar"}) sec.SetEvents([]string{"foo", "bar"}) - sec.SetAllowCommand(false) type args struct { version string @@ -93,7 +98,7 @@ func TestVault_Update_Org(t *testing.T) { t.Errorf("New returned err: %v", err) } - err = s.Update("org", "foo", "*", sec) + got, err := s.Update("org", "foo", "*", sec) if resp.Code != http.StatusOK { t.Errorf("Update returned %v, want %v", resp.Code, http.StatusOK) @@ -102,6 +107,10 @@ func TestVault_Update_Org(t *testing.T) { if err != nil { t.Errorf("Update returned err: %v", err) } + + if !reflect.DeepEqual(got, sec) { + t.Errorf("Update returned %s, want %s", got, sec) + } }) } } @@ -114,31 +123,37 @@ func TestVault_Update_Repo(t *testing.T) { _, engine := gin.CreateTestContext(resp) // setup mock server - engine.GET("/v1/secret/repo/foo/bar/baz", func(c *gin.Context) { + engine.PUT("/v1/secret/repo/foo/bar/baz", func(c *gin.Context) { c.Header("Content-Type", "application/json") c.Status(http.StatusOK) c.File("testdata/v1/repo.json") }) - engine.PUT("/v1/secret/repo/foo/bar/baz", func(c *gin.Context) { - c.String(http.StatusNoContent, "") + engine.GET("/v1/secret/repo/foo/bar/baz", func(c *gin.Context) { + c.Header("Content-Type", "application/json") + c.Status(http.StatusOK) + c.File("testdata/v1/repo.json") }) - engine.GET("/v1/secret/data/repo/foo/bar/baz", func(c *gin.Context) { + engine.PUT("/v1/secret/data/repo/foo/bar/baz", func(c *gin.Context) { c.Header("Content-Type", "application/json") c.Status(http.StatusOK) c.File("testdata/v2/repo.json") }) - engine.PUT("/v1/secret/data/repo/foo/bar/baz", func(c *gin.Context) { - c.String(http.StatusNoContent, "") + engine.GET("/v1/secret/data/repo/foo/bar/baz", func(c *gin.Context) { + c.Header("Content-Type", "application/json") + c.Status(http.StatusOK) + c.File("testdata/v2/repo.json") }) - engine.GET("/v1/secret/data/prefix/repo/foo/bar/baz", func(c *gin.Context) { + engine.PUT("/v1/secret/data/prefix/repo/foo/bar/baz", func(c *gin.Context) { c.Header("Content-Type", "application/json") c.Status(http.StatusOK) c.File("testdata/v2/repo.json") }) - engine.PUT("/v1/secret/data/prefix/repo/foo/bar/baz", func(c *gin.Context) { - c.String(http.StatusNoContent, "") + engine.GET("/v1/secret/data/prefix/repo/foo/bar/baz", func(c *gin.Context) { + c.Header("Content-Type", "application/json") + c.Status(http.StatusOK) + c.File("testdata/v2/repo.json") }) fake := httptest.NewServer(engine) @@ -153,7 +168,6 @@ func TestVault_Update_Repo(t *testing.T) { sec.SetType("repo") sec.SetImages([]string{"foo", "bar"}) sec.SetEvents([]string{"foo", "bar"}) - sec.SetAllowCommand(false) type args struct { version string @@ -184,7 +198,7 @@ func TestVault_Update_Repo(t *testing.T) { t.Errorf("New returned err: %v", err) } - err = s.Update("repo", "foo", "bar", sec) + got, err := s.Update("repo", "foo", "bar", sec) if resp.Code != http.StatusOK { t.Errorf("Update returned %v, want %v", resp.Code, http.StatusOK) @@ -193,6 +207,10 @@ func TestVault_Update_Repo(t *testing.T) { if err != nil { t.Errorf("Update returned err: %v", err) } + + if !reflect.DeepEqual(got, sec) { + t.Errorf("Update returned %s, want %s", got, sec) + } }) } } @@ -205,31 +223,37 @@ func TestVault_Update_Shared(t *testing.T) { _, engine := gin.CreateTestContext(resp) // setup mock server - engine.GET("/v1/secret/shared/foo/bar/baz", func(c *gin.Context) { + engine.PUT("/v1/secret/shared/foo/bar/baz", func(c *gin.Context) { c.Header("Content-Type", "application/json") c.Status(http.StatusOK) c.File("testdata/v1/shared.json") }) - engine.PUT("/v1/secret/shared/foo/bar/baz", func(c *gin.Context) { - c.String(http.StatusNoContent, "") + engine.GET("/v1/secret/shared/foo/bar/baz", func(c *gin.Context) { + c.Header("Content-Type", "application/json") + c.Status(http.StatusOK) + c.File("testdata/v1/shared.json") }) - engine.GET("/v1/secret/data/shared/foo/bar/baz", func(c *gin.Context) { + engine.PUT("/v1/secret/data/shared/foo/bar/baz", func(c *gin.Context) { c.Header("Content-Type", "application/json") c.Status(http.StatusOK) c.File("testdata/v2/shared.json") }) - engine.PUT("/v1/secret/data/shared/foo/bar/baz", func(c *gin.Context) { - c.String(http.StatusNoContent, "") + engine.GET("/v1/secret/data/shared/foo/bar/baz", func(c *gin.Context) { + c.Header("Content-Type", "application/json") + c.Status(http.StatusOK) + c.File("testdata/v2/shared.json") }) - engine.GET("/v1/secret/data/prefix/shared/foo/bar/baz", func(c *gin.Context) { + engine.PUT("/v1/secret/data/prefix/shared/foo/bar/baz", func(c *gin.Context) { c.Header("Content-Type", "application/json") c.Status(http.StatusOK) c.File("testdata/v2/shared.json") }) - engine.PUT("/v1/secret/data/prefix/shared/foo/bar/baz", func(c *gin.Context) { - c.String(http.StatusNoContent, "") + engine.GET("/v1/secret/data/prefix/shared/foo/bar/baz", func(c *gin.Context) { + c.Header("Content-Type", "application/json") + c.Status(http.StatusOK) + c.File("testdata/v2/shared.json") }) fake := httptest.NewServer(engine) @@ -244,7 +268,6 @@ func TestVault_Update_Shared(t *testing.T) { sec.SetType("shared") sec.SetImages([]string{"foo", "bar"}) sec.SetEvents([]string{"foo", "bar"}) - sec.SetAllowCommand(false) type args struct { version string @@ -275,7 +298,7 @@ func TestVault_Update_Shared(t *testing.T) { t.Errorf("New returned err: %v", err) } - err = s.Update("shared", "foo", "bar", sec) + got, err := s.Update("shared", "foo", "bar", sec) if resp.Code != http.StatusOK { t.Errorf("Update returned %v, want %v", resp.Code, http.StatusOK) @@ -284,6 +307,10 @@ func TestVault_Update_Shared(t *testing.T) { if err != nil { t.Errorf("Update returned err: %v", err) } + + if !reflect.DeepEqual(got, sec) { + t.Errorf("Update returned %s, want %s", got, sec) + } }) } } @@ -296,32 +323,23 @@ func TestVault_Update_InvalidSecret(t *testing.T) { _, engine := gin.CreateTestContext(resp) // setup mock server - engine.GET("/v1/secret/repo/foo/bar/baz", func(c *gin.Context) { + engine.PUT("/v1/secret/repo/foo/bar/baz", func(c *gin.Context) { c.Header("Content-Type", "application/json") c.Status(http.StatusOK) c.File("testdata/v1/invalid_repo.json") }) - engine.PUT("/v1/secret/repo/foo/bar/baz", func(c *gin.Context) { - c.String(http.StatusNoContent, "") - }) - engine.GET("/v1/secret/data/repo/foo/bar/baz", func(c *gin.Context) { + engine.PUT("/v1/secret/data/repo/foo/bar/baz", func(c *gin.Context) { c.Header("Content-Type", "application/json") c.Status(http.StatusOK) c.File("testdata/v2/invalid_repo.json") }) - engine.PUT("/v1/secret/data/repo/foo/bar/baz", func(c *gin.Context) { - c.String(http.StatusNoContent, "") - }) - engine.GET("/v1/secret/data/prefix/repo/foo/bar/baz", func(c *gin.Context) { + engine.PUT("/v1/secret/data/prefix/repo/foo/bar/baz", func(c *gin.Context) { c.Header("Content-Type", "application/json") c.Status(http.StatusOK) c.File("testdata/v2/invalid_repo.json") }) - engine.PUT("/v1/secret/data/prefix/repo/foo/bar/baz", func(c *gin.Context) { - c.String(http.StatusNoContent, "") - }) fake := httptest.NewServer(engine) defer fake.Close() @@ -366,7 +384,7 @@ func TestVault_Update_InvalidSecret(t *testing.T) { t.Errorf("New returned err: %v", err) } - err = s.Update("repo", "foo", "bar", sec) + _, err = s.Update("repo", "foo", "bar", sec) if resp.Code != http.StatusOK { t.Errorf("Update returned %v, want %v", resp.Code, http.StatusOK) @@ -423,7 +441,7 @@ func TestVault_Update_InvalidType(t *testing.T) { t.Errorf("New returned err: %v", err) } - err = s.Update("invalid", "foo", "bar", sec) + _, err = s.Update("invalid", "foo", "bar", sec) if err == nil { t.Errorf("Update should have returned err") } @@ -475,7 +493,7 @@ func TestVault_Update_ClosedServer(t *testing.T) { t.Errorf("New returned err: %v", err) } - err = s.Update("repo", "foo", "bar", sec) + _, err = s.Update("repo", "foo", "bar", sec) if err == nil { t.Errorf("Update should have returned err") } @@ -491,29 +509,14 @@ func TestVault_Update_NoWrite(t *testing.T) { _, engine := gin.CreateTestContext(resp) // setup mock server - engine.GET("/v1/secret/repo/foo/bar/baz", func(c *gin.Context) { - c.Header("Content-Type", "application/json") - c.Status(http.StatusOK) - c.File("testdata/v1/repo.json") - }) engine.PUT("/v1/secret/repo/foo/bar/baz", func(c *gin.Context) { c.Status(http.StatusNotFound) }) - engine.GET("/v1/secret/data/repo/foo/bar/baz", func(c *gin.Context) { - c.Header("Content-Type", "application/json") - c.Status(http.StatusOK) - c.File("testdata/v2/repo.json") - }) engine.PUT("/v1/secret/data/repo/foo/bar/baz", func(c *gin.Context) { c.Status(http.StatusNotFound) }) - engine.GET("/v1/secret/data/prefix/repo/foo/bar/baz", func(c *gin.Context) { - c.Header("Content-Type", "application/json") - c.Status(http.StatusOK) - c.File("testdata/v2/repo.json") - }) engine.PUT("/v1/secret/data/prefix/repo/foo/bar/baz", func(c *gin.Context) { c.Status(http.StatusNotFound) }) @@ -560,7 +563,7 @@ func TestVault_Update_NoWrite(t *testing.T) { t.Errorf("New returned err: %v", err) } - err = s.Update("repo", "foo", "bar", sec) + _, err = s.Update("repo", "foo", "bar", sec) if resp.Code != http.StatusOK { t.Errorf("Update returned %v, want %v", resp.Code, http.StatusOK)