(ref) #26 adds tests for encryption package

benammann · Sep 3, 2022 · c1e9bb5 · c1e9bb5
1 parent 63ede0e
commit c1e9bb5
Show file tree

Hide file tree

Showing 4 changed files with 80 additions and 10 deletions.
diff --git a/pkg/encryption/engine_aes.go b/pkg/encryption/engine_aes.go
@@ -12,7 +12,7 @@ type AesEngine struct {
 	secretResolver SecretResolver
 }
 
-func NewAesEngine(secretResolver SecretResolver) Engine {
+func NewAesEngine(secretResolver SecretResolver) *AesEngine {
 	return &AesEngine{
 		secretResolver: secretResolver,
 	}

diff --git a/pkg/encryption/engine_aes_test.go b/pkg/encryption/engine_aes_test.go
@@ -1,21 +1,51 @@
 package encryption
 
 import (
+	"github.com/stretchr/testify/assert"
+	"os"
 	"testing"
 )
 
-func TestAesEngine_DecodeValue(t *testing.T) {
+func newTestAesEngine(t *testing.T) *AesEngine {
+	assert.NoError(t, os.Setenv("SR_ENV", "aju1ZieThohngii4eem4saeCh2fieral"))
+	sr := NewEnvSecretResolver("SR_ENV")
+	return NewAesEngine(sr)
+}
 
+func TestAesEngine_DecodeValue(t *testing.T) {
+	engine := newTestAesEngine(t)
+	t.Run("fail if unable to decode string", func(t *testing.T) {
+		_, errDecode := engine.DecodeValue("abcdefg")
+		assert.Error(t, errDecode)
+	})
+	t.Run("decode encrypted values", func(t *testing.T) {
+		str := "hello world"
+		encodedValue, errEncode := engine.EncodeValue(str)
+		assert.NoError(t, errEncode)
+		decodedValue, errDecode := engine.DecodeValue(encodedValue)
+		assert.NoError(t, errDecode)
+		assert.Equal(t, str, decodedValue)
+	})
 }
 
 func TestAesEngine_EncodeValue(t *testing.T) {
-
+	engine := newTestAesEngine(t)
+	t.Run("encode values", func(t *testing.T) {
+		str := "hello world"
+		encodedValue, errEncode := engine.EncodeValue(str)
+		assert.NoError(t, errEncode)
+		decodedValue, errDecode := engine.DecodeValue(encodedValue)
+		assert.NoError(t, errDecode)
+		assert.Equal(t, str, decodedValue)
+	})
 }
 
 func TestAesEngine_newGcm(t *testing.T) {
-
+	engine := newTestAesEngine(t)
+	_, _, errGcm := engine.newGcm()
+	assert.NoError(t, errGcm)
 }
 
 func TestNewAesEngine(t *testing.T) {
-
+	newTestAesEngine(t)
 }
diff --git a/pkg/encryption/engine_secret_resolver.go b/pkg/encryption/engine_secret_resolver.go
@@ -34,7 +34,7 @@ func (m *MergedSecretResolver) GetPlainSecret() (secret []byte, errResolve error
 
 }
 
-func NewMergedSecretResolver(requestedSecretName string, globalConfig *global_config.GlobalConfigProvider, overwrites map[string]string) SecretResolver {
+func NewMergedSecretResolver(requestedSecretName string, globalConfig *global_config.GlobalConfigProvider, overwrites map[string]string) *MergedSecretResolver {
 	return &MergedSecretResolver{
 		requestedSecretName: requestedSecretName,
 		globalConfig:        globalConfig,
@@ -47,7 +47,7 @@ type FromEnvSecretResolver struct {
 	envName string
 }
 
-func NewEnvSecretResolver(envName string) SecretResolver {
+func NewEnvSecretResolver(envName string) *FromEnvSecretResolver {
 	return &FromEnvSecretResolver{
 		envName: envName,
 	}

diff --git a/pkg/encryption/engine_secret_resolver_test.go b/pkg/encryption/engine_secret_resolver_test.go
@@ -1,21 +1,61 @@
 package encryption
 
 import (
+	global_config "github.com/benammann/git-secrets/pkg/config/global"
+	"github.com/stretchr/testify/assert"
+	"os"
 	"testing"
 )
 
 func TestFromEnvSecretResolver_GetPlainSecret(t *testing.T) {
 
+	globalConfig := global_config.NewGlobalConfigProvider(global_config.NewMemoryStorageProvider())
+	_ = globalConfig.SetSecret("overwritten", "riz9ohg9IefeeG8sha0quoa6it6uan6b", false)
+	_ = globalConfig.SetSecret("original", "Ohqu7lahn4AiQu3reecoo1ausoo7aiy0", false)
+	mergeGlobalSecrets := make(map[string]string)
+	mergeGlobalSecrets["overwritten"] = "iepheam7aech9Wah5ahng5aix5Thumai"
+
+	t.Run("should resolve the overwritten value", func(t *testing.T) {
+		sr := NewMergedSecretResolver("overwritten", globalConfig, mergeGlobalSecrets)
+		value, err := sr.GetPlainSecret()
+		assert.NoError(t, err)
+		assert.Equal(t, []byte("iepheam7aech9Wah5ahng5aix5Thumai"), value)
+	})
+	t.Run("should resolve the original value", func(t *testing.T) {
+		sr := NewMergedSecretResolver("original", globalConfig, mergeGlobalSecrets)
+		value, err := sr.GetPlainSecret()
+		assert.NoError(t, err)
+		assert.Equal(t, []byte("Ohqu7lahn4AiQu3reecoo1ausoo7aiy0"), value)
+	})
+	t.Run("should fail if secret does not exists", func(t *testing.T) {
+		sr := NewMergedSecretResolver("missing", globalConfig, mergeGlobalSecrets)
+		_, err := sr.GetPlainSecret()
+		assert.Error(t, err)
+	})
+
 }
 
 func TestMergedSecretResolver_GetPlainSecret(t *testing.T) {
-
+	t.Run("should return env value", func(t *testing.T) {
+		assert.NoError(t, os.Setenv("ENV_NAME", "value"))
+		sr := NewEnvSecretResolver("ENV_NAME")
+		value, err := sr.GetPlainSecret()
+		assert.NoError(t, err)
+		assert.Equal(t, []byte("value"), value)
+	})
+	t.Run("should fail if env is not set", func(t *testing.T) {
+		sr := NewEnvSecretResolver("MISSING")
+		_, err := sr.GetPlainSecret()
+		assert.Error(t, err)
+	})
 }
 
 func TestNewEnvSecretResolver(t *testing.T) {
-
+	sr := NewEnvSecretResolver("ENV_NAME")
+	assert.NotNil(t, sr)
 }
 
 func TestNewMergedSecretResolver(t *testing.T) {
-
+	sr := NewMergedSecretResolver("secretName", nil, nil)
+	assert.NotNil(t, sr)
 }