chore(secrets): update tests to reflect new Match function

go-vela · Jan 31, 2024 · d70c62a · d70c62a
1 parent 7a77ed7
commit d70c62a
Show file tree

Hide file tree

Showing 3 changed files with 128 additions and 428 deletions.
diff --git a/executor/linux/secret_test.go b/executor/linux/secret_test.go
@@ -15,6 +15,7 @@ import (
 	"github.com/go-vela/server/mock/server"
 	"github.com/go-vela/types/constants"
 	"github.com/go-vela/types/library"
+	"github.com/go-vela/types/library/actions"
 	"github.com/go-vela/types/pipeline"
 	"github.com/go-vela/worker/internal/message"
 	"github.com/go-vela/worker/runtime"
@@ -941,6 +942,7 @@ func TestLinux_Secret_stream(t *testing.T) {
 func TestLinux_Secret_injectSecret(t *testing.T) {
 	// name and value of secret
 	v := "foo"
+	tBool := true
 
 	// setup types
 	tests := []struct {
@@ -967,26 +969,48 @@ func TestLinux_Secret_injectSecret(t *testing.T) {
 			name: "secret with matching image ACL injected",
 			step: &pipeline.Container{
 				Image:       "alpine:latest",
-				Environment: make(map[string]string),
+				Environment: map[string]string{"VELA_BUILD_EVENT": "push"},
 				Secrets:     pipeline.StepSecretSlice{{Source: "FOO", Target: "FOO"}},
 			},
-			msec: map[string]*library.Secret{"FOO": {Name: &v, Value: &v, Images: &[]string{"alpine"}}},
+			msec: map[string]*library.Secret{
+				"FOO": {
+					Name:   &v,
+					Value:  &v,
+					Images: &[]string{"alpine"},
+					AllowEvents: &library.Events{
+						Push: &actions.Push{
+							Branch: &tBool,
+						},
+					},
+				},
+			},
 			want: &pipeline.Container{
 				Image:       "alpine:latest",
-				Environment: map[string]string{"FOO": "foo"},
+				Environment: map[string]string{"FOO": "foo", "VELA_BUILD_EVENT": "push"},
 			},
 		},
 		{
 			name: "secret with matching image:tag ACL injected",
 			step: &pipeline.Container{
 				Image:       "alpine:latest",
-				Environment: make(map[string]string),
+				Environment: map[string]string{"VELA_BUILD_EVENT": "push"},
 				Secrets:     pipeline.StepSecretSlice{{Source: "FOO", Target: "FOO"}},
 			},
-			msec: map[string]*library.Secret{"FOO": {Name: &v, Value: &v, Images: &[]string{"alpine:latest"}}},
+			msec: map[string]*library.Secret{
+				"FOO": {
+					Name:   &v,
+					Value:  &v,
+					Images: &[]string{"alpine:latest"},
+					AllowEvents: &library.Events{
+						Push: &actions.Push{
+							Branch: &tBool,
+						},
+					},
+				},
+			},
 			want: &pipeline.Container{
 				Image:       "alpine:latest",
-				Environment: map[string]string{"FOO": "foo"},
+				Environment: map[string]string{"FOO": "foo", "VELA_BUILD_EVENT": "push"},
 			},
 		},
 		{
@@ -1011,7 +1035,18 @@ func TestLinux_Secret_injectSecret(t *testing.T) {
 				Environment: map[string]string{"VELA_BUILD_EVENT": "push"},
 				Secrets:     pipeline.StepSecretSlice{{Source: "FOO", Target: "FOO"}},
 			},
-			msec: map[string]*library.Secret{"FOO": {Name: &v, Value: &v, Events: &[]string{"push"}}},
+			msec: map[string]*library.Secret{
+				"FOO": {
+					Name:   &v,
+					Value:  &v,
+					Images: &[]string{"alpine:latest"},
+					AllowEvents: &library.Events{
+						Push: &actions.Push{
+							Branch: &tBool,
+						},
+					},
+				},
+			},
 			want: &pipeline.Container{
 				Image:       "alpine:latest",
 				Environment: map[string]string{"FOO": "foo", "VELA_BUILD_EVENT": "push"},
@@ -1034,13 +1069,24 @@ func TestLinux_Secret_injectSecret(t *testing.T) {
 			name: "secret with matching pull_request event ACL injected",
 			step: &pipeline.Container{
 				Image:       "alpine:latest",
-				Environment: map[string]string{"VELA_BUILD_EVENT": "pull_request"},
+				Environment: map[string]string{"VELA_BUILD_EVENT": "pull_request", "VELA_BUILD_EVENT_ACTION": "opened"},
 				Secrets:     pipeline.StepSecretSlice{{Source: "FOO", Target: "FOO"}},
 			},
-			msec: map[string]*library.Secret{"FOO": {Name: &v, Value: &v, Events: &[]string{"pull_request"}}},
+			msec: map[string]*library.Secret{
+				"FOO": {
+					Name:   &v,
+					Value:  &v,
+					Images: &[]string{"alpine:latest"},
+					AllowEvents: &library.Events{
+						PullRequest: &actions.Pull{
+							Opened: &tBool,
+						},
+					},
+				},
+			},
 			want: &pipeline.Container{
 				Image:       "alpine:latest",
-				Environment: map[string]string{"FOO": "foo", "VELA_BUILD_EVENT": "pull_request"},
+				Environment: map[string]string{"FOO": "foo", "VELA_BUILD_EVENT": "pull_request", "VELA_BUILD_EVENT_ACTION": "opened"},
 			},
 		},
 		{
@@ -1063,7 +1109,18 @@ func TestLinux_Secret_injectSecret(t *testing.T) {
 				Environment: map[string]string{"VELA_BUILD_EVENT": "tag"},
 				Secrets:     pipeline.StepSecretSlice{{Source: "FOO", Target: "FOO"}},
 			},
-			msec: map[string]*library.Secret{"FOO": {Name: &v, Value: &v, Events: &[]string{"tag"}}},
+			msec: map[string]*library.Secret{
+				"FOO": {
+					Name:   &v,
+					Value:  &v,
+					Images: &[]string{"alpine:latest"},
+					AllowEvents: &library.Events{
+						Push: &actions.Push{
+							Tag: &tBool,
+						},
+					},
+				},
+			},
 			want: &pipeline.Container{
 				Image:       "alpine:latest",
 				Environment: map[string]string{"FOO": "foo", "VELA_BUILD_EVENT": "tag"},
@@ -1089,7 +1146,18 @@ func TestLinux_Secret_injectSecret(t *testing.T) {
 				Environment: map[string]string{"VELA_BUILD_EVENT": "deployment"},
 				Secrets:     pipeline.StepSecretSlice{{Source: "FOO", Target: "FOO"}},
 			},
-			msec: map[string]*library.Secret{"FOO": {Name: &v, Value: &v, Events: &[]string{"deployment"}}},
+			msec: map[string]*library.Secret{
+				"FOO": {
+					Name:   &v,
+					Value:  &v,
+					Images: &[]string{"alpine:latest"},
+					AllowEvents: &library.Events{
+						Deployment: &actions.Deploy{
+							Created: &tBool,
+						},
+					},
+				},
+			},
 			want: &pipeline.Container{
 				Image:       "alpine:latest",
 				Environment: map[string]string{"FOO": "foo", "VELA_BUILD_EVENT": "deployment"},
@@ -1143,7 +1211,18 @@ func TestLinux_Secret_injectSecret(t *testing.T) {
 				Environment: map[string]string{"VELA_BUILD_EVENT": "push"},
 				Secrets:     pipeline.StepSecretSlice{{Source: "FOO", Target: "FOO"}},
 			},
-			msec: map[string]*library.Secret{"FOO": {Name: &v, Value: &v, Events: &[]string{"push"}, Images: &[]string{"alpine"}}},
+			msec: map[string]*library.Secret{
+				"FOO": {
+					Name:   &v,
+					Value:  &v,
+					Images: &[]string{"alpine:latest"},
+					AllowEvents: &library.Events{
+						Push: &actions.Push{
+							Branch: &tBool,
+						},
+					},
+				},
+			},
 			want: &pipeline.Container{
 				Image:       "alpine:latest",
 				Environment: map[string]string{"FOO": "foo", "VELA_BUILD_EVENT": "push"},

diff --git a/go.mod b/go.mod
@@ -8,9 +8,9 @@ require (
 	github.com/docker/docker v24.0.8+incompatible
 	github.com/docker/go-units v0.5.0
 	github.com/gin-gonic/gin v1.9.1
-	github.com/go-vela/sdk-go v0.22.0
-	github.com/go-vela/server v0.22.2
-	github.com/go-vela/types v0.22.0
+	github.com/go-vela/sdk-go v0.23.0-rc1
+	github.com/go-vela/server v0.23.0-rc1
+	github.com/go-vela/types v0.23.0-rc1
 	github.com/golang-jwt/jwt/v5 v5.2.0
 	github.com/google/go-cmp v0.6.0
 	github.com/joho/godotenv v1.5.1
@@ -33,7 +33,7 @@ require (
 	github.com/PuerkitoBio/purell v1.1.1 // indirect
 	github.com/PuerkitoBio/urlesc v0.0.0-20170810143723-de5bf2ad4578 // indirect
 	github.com/alicebob/gopher-json v0.0.0-20200520072559-a9ecdc9d1d3a // indirect
-	github.com/alicebob/miniredis/v2 v2.31.0 // indirect
+	github.com/alicebob/miniredis/v2 v2.31.1 // indirect
 	github.com/beorn7/perks v1.0.1 // indirect
 	github.com/buildkite/yaml v0.0.0-20230306222819-0e4e032d4835 // indirect
 	github.com/bytedance/sonic v1.9.1 // indirect
@@ -63,10 +63,10 @@ require (
 	github.com/gogo/protobuf v1.3.2 // indirect
 	github.com/golang/protobuf v1.5.3 // indirect
 	github.com/google/gnostic-models v0.6.8 // indirect
-	github.com/google/go-github/v56 v56.0.0 // indirect
+	github.com/google/go-github/v58 v58.0.0 // indirect
 	github.com/google/go-querystring v1.1.0 // indirect
 	github.com/google/gofuzz v1.2.0 // indirect
-	github.com/google/uuid v1.4.0 // indirect
+	github.com/google/uuid v1.6.0 // indirect
 	github.com/goware/urlx v0.3.2 // indirect
 	github.com/hashicorp/errwrap v1.1.0 // indirect
 	github.com/hashicorp/go-cleanhttp v0.5.2 // indirect
@@ -94,26 +94,26 @@ require (
 	github.com/prometheus/client_model v0.5.0 // indirect
 	github.com/prometheus/common v0.45.0 // indirect
 	github.com/prometheus/procfs v0.12.0 // indirect
-	github.com/redis/go-redis/v9 v9.3.0 // indirect
+	github.com/redis/go-redis/v9 v9.4.0 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 	github.com/shopspring/decimal v1.2.0 // indirect
-	github.com/spf13/afero v1.10.0 // indirect
+	github.com/spf13/afero v1.11.0 // indirect
 	github.com/spf13/cast v1.3.1 // indirect
 	github.com/spf13/pflag v1.0.5 // indirect
 	github.com/twitchyliquid64/golang-asm v0.15.1 // indirect
 	github.com/ugorji/go/codec v1.2.11 // indirect
 	github.com/xrash/smetrics v0.0.0-20201216005158-039620a65673 // indirect
 	github.com/yuin/gopher-lua v1.1.0 // indirect
-	go.starlark.net v0.0.0-20231101134539-556fd59b42f6 // indirect
+	go.starlark.net v0.0.0-20240123142251-f86470692795 // indirect
 	golang.org/x/arch v0.3.0 // indirect
 	golang.org/x/crypto v0.18.0 // indirect
 	golang.org/x/mod v0.14.0 // indirect
-	golang.org/x/net v0.19.0 // indirect
-	golang.org/x/oauth2 v0.14.0 // indirect
+	golang.org/x/net v0.20.0 // indirect
+	golang.org/x/oauth2 v0.16.0 // indirect
 	golang.org/x/sys v0.16.0 // indirect
 	golang.org/x/term v0.16.0 // indirect
 	golang.org/x/text v0.14.0 // indirect
-	golang.org/x/time v0.3.0 // indirect
+	golang.org/x/time v0.5.0 // indirect
 	golang.org/x/tools v0.16.1 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/protobuf v1.31.0 // indirect