Skip to content

Commit 5e3794c

Browse files
mraerinomraerino
committed
Add tests
Signed-off-by: Marcus Weiner <[email protected]>
1 parent 05f99a5 commit 5e3794c

File tree

1 file changed

+62
-0
lines changed

1 file changed

+62
-0
lines changed

internal/decryptor/decryptor_test.go

Lines changed: 62 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -88,6 +88,7 @@ func TestDecryptor_ImportKeys(t *testing.T) {
8888
secret *corev1.Secret
8989
wantErr bool
9090
inspectFunc func(g *GomegaWithT, decryptor *Decryptor)
91+
env map[string]string
9192
}{
9293
{
9394
name: "PGP key",
@@ -169,6 +170,54 @@ func TestDecryptor_ImportKeys(t *testing.T) {
169170
g.Expect(decryptor.ageIdentities).To(HaveLen(0))
170171
},
171172
},
173+
{
174+
name: "age key from env",
175+
decryption: &kustomizev1.Decryption{
176+
Provider: provider,
177+
},
178+
env: map[string]string{
179+
"FLUX_SOPS_AGE_KEY": string(ageKey),
180+
},
181+
inspectFunc: func(g *GomegaWithT, decryptor *Decryptor) {
182+
g.Expect(decryptor.ageIdentities).To(HaveLen(1))
183+
},
184+
},
185+
{
186+
name: "age key from env invalid",
187+
decryption: &kustomizev1.Decryption{
188+
Provider: provider,
189+
},
190+
env: map[string]string{
191+
"FLUX_SOPS_AGE_KEY": "invalid-key",
192+
},
193+
inspectFunc: func(g *GomegaWithT, decryptor *Decryptor) {
194+
g.Expect(decryptor.ageIdentities).To(HaveLen(0))
195+
},
196+
},
197+
{
198+
name: "age key from env and secret",
199+
decryption: &kustomizev1.Decryption{
200+
Provider: provider,
201+
SecretRef: &meta.LocalObjectReference{
202+
Name: "age-secret",
203+
},
204+
},
205+
env: map[string]string{
206+
"FLUX_SOPS_AGE_KEY": string(ageKey),
207+
},
208+
secret: &corev1.Secret{
209+
ObjectMeta: metav1.ObjectMeta{
210+
Name: "age-secret",
211+
Namespace: provider,
212+
},
213+
Data: map[string][]byte{
214+
"age" + DecryptionAgeExt: ageKey,
215+
},
216+
},
217+
inspectFunc: func(g *GomegaWithT, decryptor *Decryptor) {
218+
g.Expect(decryptor.ageIdentities).To(HaveLen(2))
219+
},
220+
},
172221
{
173222
name: "HC Vault token",
174223
decryption: &kustomizev1.Decryption{
@@ -376,6 +425,19 @@ clientSecret: some-client-secret`),
376425
},
377426
}
378427

428+
for envName, envVal := range tt.env {
429+
cleanName := envName
430+
prevValue, wasPresent := os.LookupEnv(envName)
431+
t.Cleanup(func() {
432+
if wasPresent {
433+
os.Setenv(cleanName, prevValue)
434+
} else {
435+
os.Unsetenv(cleanName)
436+
}
437+
})
438+
os.Setenv(envName, envVal)
439+
}
440+
379441
d, cleanup, err := NewTempDecryptor("", cb.Build(), &kustomization)
380442
g.Expect(err).ToNot(HaveOccurred())
381443
t.Cleanup(cleanup)

0 commit comments

Comments
 (0)