forked from dapr/components-contrib
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Restored backwards compatibility with 1.3 (dapr#1131)
* Restored backwards compatibility with 1.3 dapr#972 accidentally introduced a backwards-incompatible change with a feature added in 1.3. Before, it was possible to specify an Azure environment for the AKV secret store by passing a FQDN as "vaultName" property that included the suffix for the Azure environment. dapr#972 introduced a better way to handle this (using the "azureEnvironment" metadata property), but accidentally broke the behavior added in 1.3 This patch restores full compatibility with 1.3. Although that behavior should be considered deprecated and thus discouraged (and it will be removed from docs), it will still be supported. * Lint
- Loading branch information
1 parent
418fc72
commit 60f836f
Showing
2 changed files
with
107 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,83 @@ | ||
// ------------------------------------------------------------ | ||
// Copyright (c) Microsoft Corporation and Dapr Contributors. | ||
// Licensed under the MIT License. | ||
// ------------------------------------------------------------ | ||
package keyvault | ||
|
||
import ( | ||
"testing" | ||
|
||
"github.com/dapr/components-contrib/secretstores" | ||
"github.com/dapr/kit/logger" | ||
"github.com/stretchr/testify/assert" | ||
) | ||
|
||
func TestInit(t *testing.T) { | ||
m := secretstores.Metadata{} | ||
s := NewAzureKeyvaultSecretStore(logger.NewLogger("test")) | ||
t.Run("Init with valid metadata", func(t *testing.T) { | ||
m.Properties = map[string]string{ | ||
"vaultName": "foo", | ||
"azureTenantId": "00000000-0000-0000-0000-000000000000", | ||
"azureClientId": "00000000-0000-0000-0000-000000000000", | ||
"azureClientSecret": "passw0rd", | ||
} | ||
err := s.Init(m) | ||
assert.Nil(t, err) | ||
kv, ok := s.(*keyvaultSecretStore) | ||
assert.True(t, ok) | ||
assert.Equal(t, kv.vaultName, "foo") | ||
assert.Equal(t, kv.vaultDNSSuffix, "vault.azure.net") | ||
assert.NotNil(t, kv.vaultClient) | ||
assert.NotNil(t, kv.vaultClient.Authorizer) | ||
}) | ||
t.Run("Init with valid metadata and Azure environment", func(t *testing.T) { | ||
m.Properties = map[string]string{ | ||
"vaultName": "foo", | ||
"azureTenantId": "00000000-0000-0000-0000-000000000000", | ||
"azureClientId": "00000000-0000-0000-0000-000000000000", | ||
"azureClientSecret": "passw0rd", | ||
"azureEnvironment": "AZURECHINACLOUD", | ||
} | ||
err := s.Init(m) | ||
assert.Nil(t, err) | ||
kv, ok := s.(*keyvaultSecretStore) | ||
assert.True(t, ok) | ||
assert.Equal(t, kv.vaultName, "foo") | ||
assert.Equal(t, kv.vaultDNSSuffix, "vault.azure.cn") | ||
assert.NotNil(t, kv.vaultClient) | ||
assert.NotNil(t, kv.vaultClient.Authorizer) | ||
}) | ||
t.Run("Init with Azure environment as part of vaultName FQDN (1) - legacy", func(t *testing.T) { | ||
m.Properties = map[string]string{ | ||
"vaultName": "foo.vault.azure.cn", | ||
"azureTenantId": "00000000-0000-0000-0000-000000000000", | ||
"azureClientId": "00000000-0000-0000-0000-000000000000", | ||
"azureClientSecret": "passw0rd", | ||
} | ||
err := s.Init(m) | ||
assert.Nil(t, err) | ||
kv, ok := s.(*keyvaultSecretStore) | ||
assert.True(t, ok) | ||
assert.Equal(t, kv.vaultName, "foo") | ||
assert.Equal(t, kv.vaultDNSSuffix, "vault.azure.cn") | ||
assert.NotNil(t, kv.vaultClient) | ||
assert.NotNil(t, kv.vaultClient.Authorizer) | ||
}) | ||
t.Run("Init with Azure environment as part of vaultName FQDN (2) - legacy", func(t *testing.T) { | ||
m.Properties = map[string]string{ | ||
"vaultName": "https://foo.vault.usgovcloudapi.net", | ||
"azureTenantId": "00000000-0000-0000-0000-000000000000", | ||
"azureClientId": "00000000-0000-0000-0000-000000000000", | ||
"azureClientSecret": "passw0rd", | ||
} | ||
err := s.Init(m) | ||
assert.Nil(t, err) | ||
kv, ok := s.(*keyvaultSecretStore) | ||
assert.True(t, ok) | ||
assert.Equal(t, kv.vaultName, "foo") | ||
assert.Equal(t, kv.vaultDNSSuffix, "vault.usgovcloudapi.net") | ||
assert.NotNil(t, kv.vaultClient) | ||
assert.NotNil(t, kv.vaultClient.Authorizer) | ||
}) | ||
} |