Почетна Преглед Помоћ
Пријавите се
akillibulut
/
porter
огледало од https://github.com/porter-dev/porter
2
0
Креирај огранак 0
Датотеке Дискусије 0 Вики
Преглед изворни кода

fix up test cases

Alexander Belanger пре 4 година
родитељ
fb745f6147
комит
0b0bfa90e3
5 измењених фајлова са 64 додато и 18 уклоњено
Подељен поглед Покажи статистику Diff
  1. 1 1
      api/server/handlers/credentials/get_credentials_ce.go
  2. 2 0
      ee/api/server/handlers/credentials/get_credentials.go
  3. 2 0
      ee/migrate/migrate_vault.go
  4. 44 16
      internal/repository/gorm/auth_test.go
  5. 15 1
      services/usage/usage.go

+ 1 - 1
api/server/handlers/credentials/get_credentials_ce.go
Прегледај датотеку 

@@ -20,5 +20,5 @@ func NewGetCredentialsHandler(
 
 	decoderValidator shared.RequestDecoderValidator,
 
 	writer shared.ResultWriter,
 
 ) http.Handler {
 
-	return handlers.NewUnavailable(config, "invite_update_role")
 
+	return handlers.NewUnavailable(config, "get_credential")
 
 }

+ 2 - 0
ee/api/server/handlers/credentials/get_credentials.go
Прегледај датотеку 

@@ -1,3 +1,5 @@
 
+// +build ee
 
+
 
 package credentials
 
 
 import (

+ 2 - 0
ee/migrate/migrate_vault.go
Прегледај датотеку 

@@ -1,3 +1,5 @@
 
+// +build ee
 
+
 
 package migrate
 
 
 import (

+ 44 - 16
internal/repository/gorm/auth_test.go
Прегледај датотеку 

@@ -81,7 +81,7 @@ func TestListKubeIntegrationsByProjectID(t *testing.T) {
 
 		Mechanism:  ints.KubeLocal,
 
 		ProjectID:  tester.initProjects[0].ID,
 
 		UserID:     tester.initUsers[0].ID,
 
-		Kubeconfig: []byte("current-context: testing\n"),
 
+		Kubeconfig: []byte(""),
 
 	}
 
 
 	ki := kis[0]
 
@@ -89,6 +89,9 @@ func TestListKubeIntegrationsByProjectID(t *testing.T) {
 
 	// reset fields for reflect.DeepEqual
 
 	ki.Model = orm.Model{}
 
 
+	// list methods don't decrypt, so don't check those
 
+	ki.Kubeconfig = []byte("")
 
+
 
 	if diff := deep.Equal(expKI, *ki); diff != nil {
 
 		t.Errorf("incorrect kube integration")
 
 		t.Error(diff)
 
@@ -166,8 +169,8 @@ func TestListBasicIntegrationsByProjectID(t *testing.T) {
 
 	expBasic := ints.BasicIntegration{
 
 		ProjectID: tester.initProjects[0].ID,
 
 		UserID:    tester.initUsers[0].ID,
 
-		Username:  []byte("username"),
 
-		Password:  []byte("password"),
 
+		Username:  []byte(""),
 
+		Password:  []byte(""),
 
 	}
 
 
 	basic := basics[0]
 
@@ -175,6 +178,10 @@ func TestListBasicIntegrationsByProjectID(t *testing.T) {
 
 	// reset fields for reflect.DeepEqual
 
 	basic.Model = orm.Model{}
 
 
+	// list methods don't decrypt, so don't check those
 
+	basic.Username = []byte("")
 
+	basic.Password = []byte("")
 
+
 
 	if diff := deep.Equal(expBasic, *basic); diff != nil {
 
 		t.Errorf("incorrect basic integration")
 
 		t.Error(diff)
 
@@ -257,11 +264,11 @@ func TestListOIDCIntegrationsByProjectID(t *testing.T) {
 
 		Client:       ints.OIDCKube,
 
 		ProjectID:    tester.initProjects[0].ID,
 
 		UserID:       tester.initUsers[0].ID,
 
-		IssuerURL:    []byte("https://oidc.example.com"),
 
-		ClientID:     []byte("exampleclientid"),
 
-		ClientSecret: []byte("exampleclientsecret"),
 
-		IDToken:      []byte("idtoken"),
 
-		RefreshToken: []byte("refreshtoken"),
 
+		IssuerURL:    []byte(""),
 
+		ClientID:     []byte(""),
 
+		ClientSecret: []byte(""),
 
+		IDToken:      []byte(""),
 
+		RefreshToken: []byte(""),
 
 	}
 
 
 	oidc := oidcs[0]
 
@@ -269,6 +276,13 @@ func TestListOIDCIntegrationsByProjectID(t *testing.T) {
 
 	// reset fields for reflect.DeepEqual
 
 	oidc.Model = orm.Model{}
 
 
+	// list methods don't decrypt, so don't check those
 
+	oidc.IssuerURL = []byte("")
 
+	oidc.ClientID = []byte("")
 
+	oidc.ClientSecret = []byte("")
 
+	oidc.IDToken = []byte("")
 
+	oidc.RefreshToken = []byte("")
 
+
 
 	if diff := deep.Equal(expOIDC, *oidc); diff != nil {
 
 		t.Errorf("incorrect oidc integration")
 
 		t.Error(diff)
 
@@ -349,9 +363,9 @@ func TestListOAuthIntegrationsByProjectID(t *testing.T) {
 
 	// make sure data is correct
 
 	expOAuth := ints.OAuthIntegration{
 
 		SharedOAuthModel: ints.SharedOAuthModel{
 
-			ClientID:     []byte("exampleclientid"),
 
-			AccessToken:  []byte("idtoken"),
 
-			RefreshToken: []byte("refreshtoken"),
 
+			ClientID:     []byte(""),
 
+			AccessToken:  []byte(""),
 
+			RefreshToken: []byte(""),
 
 		},
 
 		Client:    types.OAuthGithub,
 
 		ProjectID: tester.initProjects[0].ID,
 
@@ -363,6 +377,11 @@ func TestListOAuthIntegrationsByProjectID(t *testing.T) {
 
 	// reset fields for reflect.DeepEqual
 
 	oauth.Model = orm.Model{}
 
 
+	// list methods don't decrypt, so don't check those
 
+	oauth.SharedOAuthModel.ClientID = []byte("")
 
+	oauth.SharedOAuthModel.AccessToken = []byte("")
 
+	oauth.SharedOAuthModel.RefreshToken = []byte("")
 
+
 
 	if diff := deep.Equal(expOAuth, *oauth); diff != nil {
 
 		t.Errorf("incorrect oauth integration")
 
 		t.Error(diff)
 
@@ -443,7 +462,7 @@ func TestListGCPIntegrationsByProjectID(t *testing.T) {
 
 		UserID:       tester.initUsers[0].ID,
 
 		GCPProjectID: "test-proj-123456",
 
 		GCPUserEmail: "test@test.it",
 
-		GCPKeyData:   []byte("{\"test\":\"key\"}"),
 
+		GCPKeyData:   []byte(""),
 
 	}
 
 
 	gcp := gcps[0]
 
@@ -451,6 +470,9 @@ func TestListGCPIntegrationsByProjectID(t *testing.T) {
 
 	// reset fields for reflect.DeepEqual
 
 	gcp.Model = orm.Model{}
 
 
+	// list methods don't decrypt, so don't check those
 
+	gcp.GCPKeyData = []byte("")
 
+
 
 	if diff := deep.Equal(expGCP, *gcp); diff != nil {
 
 		t.Errorf("incorrect gcp integration")
 
 		t.Error(diff)
 
@@ -581,10 +603,10 @@ func TestListAWSIntegrationsByProjectID(t *testing.T) {
 
 	expAWS := ints.AWSIntegration{
 
 		ProjectID:          tester.initProjects[0].ID,
 
 		UserID:             tester.initUsers[0].ID,
 
-		AWSClusterID:       []byte("example-cluster-0"),
 
-		AWSAccessKeyID:     []byte("accesskey"),
 
-		AWSSecretAccessKey: []byte("secret"),
 
-		AWSSessionToken:    []byte("optional"),
 
+		AWSClusterID:       []byte(""),
 
+		AWSAccessKeyID:     []byte(""),
 
+		AWSSecretAccessKey: []byte(""),
 
+		AWSSessionToken:    []byte(""),
 
 	}
 
 
 	aws := awss[0]
 
@@ -592,6 +614,12 @@ func TestListAWSIntegrationsByProjectID(t *testing.T) {
 
 	// reset fields for reflect.DeepEqual
 
 	aws.Model = orm.Model{}
 
 
+	// list methods don't decrypt, so don't check those
 
+	aws.AWSClusterID = []byte("")
 
+	aws.AWSAccessKeyID = []byte("")
 
+	aws.AWSSecretAccessKey = []byte("")
 
+	aws.AWSSessionToken = []byte("")
 
+
 
 	if diff := deep.Equal(expAWS, *aws); diff != nil {
 
 		t.Errorf("incorrect aws integration")
 
 		t.Error(diff)

+ 15 - 1
services/usage/usage.go
Прегледај датотеку 

@@ -1,3 +1,5 @@
 
+// +build ee
 
+
 
 package usage
 
 
 import (
 
@@ -6,6 +8,7 @@ import (
 
 
 	"github.com/porter-dev/porter/api/server/shared/config/env"
 
 	"github.com/porter-dev/porter/api/types"
 
+	"github.com/porter-dev/porter/ee/integrations/vault"
 
 	"github.com/porter-dev/porter/internal/adapter"
 
 	"github.com/porter-dev/porter/internal/models"
 
 	"github.com/porter-dev/porter/internal/oauth"
 
@@ -14,6 +17,7 @@ import (
 
 	"golang.org/x/oauth2"
 
 	"gorm.io/gorm"
 
 
+	"github.com/porter-dev/porter/internal/repository/credentials"
 
 	rgorm "github.com/porter-dev/porter/internal/repository/gorm"
 
 )
 
 
@@ -42,13 +46,23 @@ func NewUsageTracker(opts *UsageTrackerOpts) (*UsageTracker, error) {
 
 		return nil, err
 
 	}
 
 
+	var credBackend credentials.CredentialStorage
 
+
 
+	if opts.DBConf.VaultAPIKey != "" && opts.DBConf.VaultServerURL != "" && opts.DBConf.VaultPrefix != "" {
 
+		credBackend = vault.NewClient(
 
+			opts.DBConf.VaultServerURL,
 
+			opts.DBConf.VaultAPIKey,
 
+			opts.DBConf.VaultPrefix,
 
+		)
 
+	}
 
+
 
 	var key [32]byte
 
 
 	for i, b := range []byte(opts.DBConf.EncryptionKey) {
 
 		key[i] = b
 
 	}
 
 
-	repo := rgorm.NewRepository(db, &key)
 
+	repo := rgorm.NewRepository(db, &key, credBackend)
 
 
 	doConf := oauth.NewDigitalOceanClient(&oauth.Config{
 
 		ClientID:     opts.DOClientID,