@@ -155,6 +155,61 @@ func TestKeychain(t *testing.T) {
155155 assert .EqualValues (t , expected , actual )
156156 })
157157
158+ t .Run ("filter credentials" , func (t * testing.T ) {
159+ ks := setupKeychain (t , nil )
160+ moreCreds := map [string ]* mocks.MockCredential {
161+ "com.test.test/test/bob" : {
162+ Username : "bob" ,
163+ Password : "bob-password" ,
164+ Attributes : map [string ]string {
165+ "role" : "admin" ,
166+ "favcolor" : "green" ,
167+ },
168+ },
169+ "com.test.test/test/jeff" : {
170+ Username : "jeff" ,
171+ Password : "jeff-password" ,
172+ },
173+ "com.test.test/test/pete" : {
174+ Username : "pete" ,
175+ Password : "pete-password" ,
176+ Attributes : map [string ]string {
177+ "role" : "maintainer" ,
178+ "favcolor" : "green" ,
179+ },
180+ },
181+ }
182+ for id , anotherCred := range moreCreds {
183+ require .NoError (t , ks .Save (t .Context (), store .MustParseID (id ), anotherCred ))
184+ }
185+
186+ t .Cleanup (func () {
187+ for id := range moreCreds {
188+ assert .NoError (t , ks .Delete (t .Context (), store .MustParseID (id )))
189+ }
190+ })
191+
192+ t .Run ("can use recursive pattern" , func (t * testing.T ) {
193+ actual , err := ks .Filter (t .Context (), store .MustParsePattern ("com.test.test/**" ))
194+ require .NoError (t , err )
195+ assert .Len (t , actual , 3 )
196+ })
197+
198+ t .Run ("can use subset pattern" , func (t * testing.T ) {
199+ actual , err := ks .Filter (t .Context (), store .MustParsePattern ("com.test.test/test/*" ))
200+ require .NoError (t , err )
201+ assert .Len (t , actual , 3 )
202+ })
203+
204+ t .Run ("exact id match should still return exactly one secret" , func (t * testing.T ) {
205+ actual , err := ks .Filter (t .Context (), store .MustParsePattern ("com.test.test/test/pete" ))
206+ require .NoError (t , err )
207+ assert .Len (t , actual , 1 )
208+ _ , ok := actual ["com.test.test/test/pete" ]
209+ assert .True (t , ok )
210+ })
211+ })
212+
158213 t .Run ("delete credential" , func (t * testing.T ) {
159214 ks := setupKeychain (t , nil )
160215 id := store .MustParseID ("com.test.test/test/bob" )
@@ -211,10 +266,10 @@ func TestKeychain(t *testing.T) {
211266}
212267
213268func TestSafelySetMetadata (t * testing.T ) {
214- kc := & keychainStore [ * mocks. MockCredential ]{
215- serviceGroup : "com.test.test" ,
216- serviceName : "test" ,
217- }
269+ var (
270+ serviceGroup = "com.test.test"
271+ serviceName = "test"
272+ )
218273
219274 t .Run ("avoid clashing by adding prefix" , func (t * testing.T ) {
220275 attributes := map [string ]string {
@@ -223,13 +278,12 @@ func TestSafelySetMetadata(t *testing.T) {
223278 "id" : "avoid clash" ,
224279 "x_already-prefixed" : "prefixed" ,
225280 }
226- kc . safelySetMetadata ("username" , attributes )
281+ safelySetMetadata (serviceGroup , serviceName , attributes )
227282 assert .EqualValues (t , map [string ]string {
228283 "x_color" : "blue" ,
229284 "x_game" : "elden ring" ,
230285 "x_id" : "avoid clash" ,
231286 "x_x_already-prefixed" : "prefixed" ,
232- secretIDKey : "username" ,
233287 serviceGroupKey : "com.test.test" ,
234288 serviceNameKey : "test" ,
235289 }, attributes )
@@ -239,7 +293,7 @@ func TestSafelySetMetadata(t *testing.T) {
239293 attributes := map [string ]string {
240294 "" : "something" ,
241295 }
242- kc . safelySetMetadata ("" , attributes )
296+ safelySetMetadata (serviceGroup , serviceName , attributes )
243297 assert .EqualValues (t , map [string ]string {
244298 "x_" : "something" ,
245299 serviceGroupKey : "com.test.test" ,
@@ -249,7 +303,8 @@ func TestSafelySetMetadata(t *testing.T) {
249303
250304 t .Run ("empty map will get internal data added" , func (t * testing.T ) {
251305 attributes := map [string ]string {}
252- kc .safelySetMetadata ("username" , attributes )
306+ safelySetMetadata (serviceGroup , serviceName , attributes )
307+ safelySetID (store .MustParseID ("username" ), attributes )
253308 assert .EqualValues (t , map [string ]string {
254309 secretIDKey : "username" ,
255310 serviceGroupKey : "com.test.test" ,
@@ -259,7 +314,7 @@ func TestSafelySetMetadata(t *testing.T) {
259314
260315 t .Run ("empty id parameter won't add the id attribute" , func (t * testing.T ) {
261316 attributes := map [string ]string {}
262- kc . safelySetMetadata ("" , attributes )
317+ safelySetMetadata (serviceGroup , serviceName , attributes )
263318 assert .EqualValues (t , map [string ]string {
264319 serviceGroupKey : "com.test.test" ,
265320 serviceNameKey : "test" ,
@@ -268,10 +323,6 @@ func TestSafelySetMetadata(t *testing.T) {
268323}
269324
270325func TestSafelyCleanMetadata (t * testing.T ) {
271- kc := & keychainStore [* mocks.MockCredential ]{
272- serviceGroup : "com.test.test" ,
273- serviceName : "test" ,
274- }
275326 t .Run ("can remove prefix and internal metadata" , func (t * testing.T ) {
276327 attributes := map [string ]string {
277328 "x_color" : "blue" ,
@@ -282,7 +333,7 @@ func TestSafelyCleanMetadata(t *testing.T) {
282333 serviceGroupKey : "com.test.test" ,
283334 serviceNameKey : "test" ,
284335 }
285- kc . safelyCleanMetadata (attributes )
336+ safelyCleanMetadata (attributes )
286337 assert .EqualValues (t , map [string ]string {
287338 "color" : "blue" ,
288339 "game" : "elden ring" ,
@@ -292,7 +343,7 @@ func TestSafelyCleanMetadata(t *testing.T) {
292343 })
293344 t .Run ("empty map won't cause any panics" , func (t * testing.T ) {
294345 attributes := make (map [string ]string )
295- kc . safelyCleanMetadata (attributes )
346+ safelyCleanMetadata (attributes )
296347 assert .Empty (t , attributes )
297348 })
298349
@@ -302,16 +353,16 @@ func TestSafelyCleanMetadata(t *testing.T) {
302353 serviceGroupKey : "com.test.test" ,
303354 serviceNameKey : "test" ,
304355 }
305- kc . safelyCleanMetadata (attributes )
356+ safelyCleanMetadata (attributes )
306357 assert .Empty (t , attributes )
307358 })
308359}
309360
310361func TestInternalMetadata (t * testing.T ) {
311- kc := & keychainStore [ * mocks. MockCredential ]{
312- serviceGroup : "com.test.test" ,
313- serviceName : "test" ,
314- }
362+ var (
363+ serviceGroup = "com.test.test"
364+ serviceName = "test"
365+ )
315366
316367 t .Run ("metadata can safely be set and cleaned afterwards" , func (t * testing.T ) {
317368 attributes := map [string ]string {
@@ -320,7 +371,8 @@ func TestInternalMetadata(t *testing.T) {
320371 "id" : "avoid clash" ,
321372 "x_already-prefixed" : "prefixed" ,
322373 }
323- kc .safelySetMetadata ("username" , attributes )
374+ safelySetMetadata (serviceGroup , serviceName , attributes )
375+ safelySetID (store .MustParseID ("username" ), attributes )
324376 assert .EqualValues (t , map [string ]string {
325377 "x_color" : "blue" ,
326378 "x_game" : "elden ring" ,
@@ -331,7 +383,7 @@ func TestInternalMetadata(t *testing.T) {
331383 serviceNameKey : "test" ,
332384 }, attributes )
333385
334- kc . safelyCleanMetadata (attributes )
386+ safelyCleanMetadata (attributes )
335387 assert .EqualValues (t , map [string ]string {
336388 "color" : "blue" ,
337389 "game" : "elden ring" ,
0 commit comments