aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAlex Auvolat <alex@adnab.me>2024-01-15 17:30:30 +0100
committerAlex Auvolat <alex@adnab.me>2024-01-15 17:30:30 +0100
commit97bae7213aa214022b68b65094c3e152826de408 (patch)
treef7b5eac5953039e7a6263a8586bec3024192bbc6
parent7228695ee288012103355589caa1ab5dd666b164 (diff)
downloadgarage-97bae7213aa214022b68b65094c3e152826de408.tar.gz
garage-97bae7213aa214022b68b65094c3e152826de408.zip
config: additional tests for secret sourcing
-rw-r--r--src/garage/secrets.rs42
1 files changed, 40 insertions, 2 deletions
diff --git a/src/garage/secrets.rs b/src/garage/secrets.rs
index c40c3cc9..e96be9e4 100644
--- a/src/garage/secrets.rs
+++ b/src/garage/secrets.rs
@@ -200,10 +200,9 @@ mod tests {
let config = fill_secrets(config, Secrets::default())?;
assert_eq!("foo", config.rpc_secret.unwrap());
+ // ---- Check non world-readable secrets config ----
#[cfg(unix)]
{
- // Check non world-readable secrets config
-
let secrets_allow_world_readable = Secrets {
allow_world_readable_secrets: Some(true),
..Default::default()
@@ -240,7 +239,46 @@ mod tests {
assert!(fill_secrets(config, secrets_no_allow_world_readable).is_err());
}
+ // ---- Check alternative secrets specified on CLI ----
+
+ let path_secret2 = mktemp::Temp::new_file()?;
+ let mut file_secret2 = File::create(path_secret2.as_path())?;
+ writeln!(file_secret2, "bar")?;
+ drop(file_secret2);
+
+ let config = read_config(path_config.to_path_buf())?;
+ let config = fill_secrets(
+ config,
+ Secrets {
+ rpc_secret: Some("baz".into()),
+ ..Default::default()
+ },
+ )?;
+ assert_eq!(config.rpc_secret.as_deref(), Some("baz"));
+
+ let config = read_config(path_config.to_path_buf())?;
+ let config = fill_secrets(
+ config,
+ Secrets {
+ rpc_secret_file: Some(path_secret2.display().to_string()),
+ ..Default::default()
+ },
+ )?;
+ assert_eq!(config.rpc_secret.as_deref(), Some("bar"));
+
+ let config = read_config(path_config.to_path_buf())?;
+ assert!(fill_secrets(
+ config,
+ Secrets {
+ rpc_secret: Some("baz".into()),
+ rpc_secret_file: Some(path_secret2.display().to_string()),
+ ..Default::default()
+ }
+ )
+ .is_err());
+
drop(path_secret);
+ drop(path_secret2);
drop(path_config);
drop(path_config_allow_world_readable);