diff options
author | Alex Auvolat <alex@adnab.me> | 2024-01-15 17:30:30 +0100 |
---|---|---|
committer | Alex Auvolat <alex@adnab.me> | 2024-01-15 17:30:30 +0100 |
commit | 97bae7213aa214022b68b65094c3e152826de408 (patch) | |
tree | f7b5eac5953039e7a6263a8586bec3024192bbc6 | |
parent | 7228695ee288012103355589caa1ab5dd666b164 (diff) | |
download | garage-97bae7213aa214022b68b65094c3e152826de408.tar.gz garage-97bae7213aa214022b68b65094c3e152826de408.zip |
config: additional tests for secret sourcing
-rw-r--r-- | src/garage/secrets.rs | 42 |
1 files changed, 40 insertions, 2 deletions
diff --git a/src/garage/secrets.rs b/src/garage/secrets.rs index c40c3cc9..e96be9e4 100644 --- a/src/garage/secrets.rs +++ b/src/garage/secrets.rs @@ -200,10 +200,9 @@ mod tests { let config = fill_secrets(config, Secrets::default())?; assert_eq!("foo", config.rpc_secret.unwrap()); + // ---- Check non world-readable secrets config ---- #[cfg(unix)] { - // Check non world-readable secrets config - let secrets_allow_world_readable = Secrets { allow_world_readable_secrets: Some(true), ..Default::default() @@ -240,7 +239,46 @@ mod tests { assert!(fill_secrets(config, secrets_no_allow_world_readable).is_err()); } + // ---- Check alternative secrets specified on CLI ---- + + let path_secret2 = mktemp::Temp::new_file()?; + let mut file_secret2 = File::create(path_secret2.as_path())?; + writeln!(file_secret2, "bar")?; + drop(file_secret2); + + let config = read_config(path_config.to_path_buf())?; + let config = fill_secrets( + config, + Secrets { + rpc_secret: Some("baz".into()), + ..Default::default() + }, + )?; + assert_eq!(config.rpc_secret.as_deref(), Some("baz")); + + let config = read_config(path_config.to_path_buf())?; + let config = fill_secrets( + config, + Secrets { + rpc_secret_file: Some(path_secret2.display().to_string()), + ..Default::default() + }, + )?; + assert_eq!(config.rpc_secret.as_deref(), Some("bar")); + + let config = read_config(path_config.to_path_buf())?; + assert!(fill_secrets( + config, + Secrets { + rpc_secret: Some("baz".into()), + rpc_secret_file: Some(path_secret2.display().to_string()), + ..Default::default() + } + ) + .is_err()); + drop(path_secret); + drop(path_secret2); drop(path_config); drop(path_config_allow_world_readable); |