@@ -99,26 +99,6 @@ func TestNewVaultClient(t *testing.T) {
9999 },
100100 wantErr : false ,
101101 },
102- {
103- name : "K8sAuth_Success" ,
104- authMethod : K8sAuth {
105- Role : "test-role" ,
106- JWT : "test-jwt" ,
107- },
108- setupMock : func (s * httptest.Server ) {
109- s .Config .Handler = http .HandlerFunc (func (w http.ResponseWriter , r * http.Request ) {
110- assert .Equal (t , "/v1/auth/kubernetes/login" , r .URL .Path )
111- assert .Equal (t , http .MethodPut , r .Method )
112- var payload map [string ]interface {}
113- json .NewDecoder (r .Body ).Decode (& payload )
114- assert .Equal (t , "test-role" , payload ["role" ])
115- assert .Equal (t , "test-jwt" , payload ["jwt" ])
116- w .WriteHeader (http .StatusOK )
117- w .Write ([]byte (`{"auth": {"client_token": "test-client-token"}}` ))
118- })
119- },
120- wantErr : false ,
121- },
122102 {
123103 name : "TokenAuth_Failure" ,
124104 authMethod : TokenAuth {Token : "invalid-token" },
@@ -176,20 +156,6 @@ func TestNewVaultClient(t *testing.T) {
176156 },
177157 wantErr : true ,
178158 },
179- {
180- name : "K8sAuth_Failure" ,
181- authMethod : K8sAuth {
182- Role : "invalid-role" ,
183- JWT : "invalid-jwt" ,
184- },
185- setupMock : func (s * httptest.Server ) {
186- s .Config .Handler = http .HandlerFunc (func (w http.ResponseWriter , r * http.Request ) {
187- w .WriteHeader (http .StatusUnauthorized )
188- w .Write ([]byte (`{"errors": ["invalid Kubernetes credentials"]}` ))
189- })
190- },
191- wantErr : true ,
192- },
193159 }
194160
195161 for _ , tt := range tests {
@@ -240,85 +206,6 @@ func TestVaultClient_Operations(t *testing.T) {
240206 expectedErr bool
241207 checkResult func (t * testing.T , result interface {})
242208 }{
243- {
244- name : "ReadSecret_Success" ,
245- operation : "Read" ,
246- path : "secret/data/test" ,
247- setupMock : func (w http.ResponseWriter , r * http.Request ) {
248- assert .Equal (t , "/v1/secret/data/test" , r .URL .Path )
249- assert .Equal (t , http .MethodGet , r .Method )
250- w .WriteHeader (http .StatusOK )
251- w .Write ([]byte (`{"data": {"data": {"foo": "bar"}}}` ))
252- },
253- expectedErr : false ,
254- checkResult : func (t * testing.T , result interface {}) {
255- data , ok := result .(map [string ]interface {})
256- assert .True (t , ok )
257- assert .Equal (t , "bar" , data ["data" ].(map [string ]interface {})["foo" ])
258- },
259- },
260- {
261- name : "ReadSecret_NotFound" ,
262- operation : "Read" ,
263- path : "secret/data/nonexistent" ,
264- setupMock : func (w http.ResponseWriter , r * http.Request ) {
265- assert .Equal (t , "/v1/secret/data/nonexistent" , r .URL .Path )
266- assert .Equal (t , http .MethodGet , r .Method )
267- w .WriteHeader (http .StatusNotFound )
268- },
269- expectedErr : true ,
270- },
271- {
272- name : "WriteSecret_Success" ,
273- operation : "Write" ,
274- path : "secret/data/test" ,
275- input : map [string ]interface {}{"foo" : "bar" },
276- setupMock : func (w http.ResponseWriter , r * http.Request ) {
277- assert .Equal (t , "/v1/secret/data/test" , r .URL .Path )
278- assert .Equal (t , http .MethodPut , r .Method )
279- var payload map [string ]interface {}
280- json .NewDecoder (r .Body ).Decode (& payload )
281- assert .Equal (t , map [string ]interface {}{"foo" : "bar" }, payload )
282- w .WriteHeader (http .StatusNoContent )
283- },
284- expectedErr : false ,
285- },
286- {
287- name : "WriteSecret_Failure" ,
288- operation : "Write" ,
289- path : "secret/data/test" ,
290- input : map [string ]interface {}{"foo" : "bar" },
291- setupMock : func (w http.ResponseWriter , r * http.Request ) {
292- assert .Equal (t , "/v1/secret/data/test" , r .URL .Path )
293- assert .Equal (t , http .MethodPut , r .Method )
294- w .WriteHeader (http .StatusBadRequest )
295- w .Write ([]byte (`{"errors": ["permission denied"]}` ))
296- },
297- expectedErr : true ,
298- },
299- {
300- name : "DeleteSecret_Success" ,
301- operation : "Delete" ,
302- path : "secret/data/test" ,
303- setupMock : func (w http.ResponseWriter , r * http.Request ) {
304- assert .Equal (t , "/v1/secret/data/test" , r .URL .Path )
305- assert .Equal (t , http .MethodDelete , r .Method )
306- w .WriteHeader (http .StatusNoContent )
307- },
308- expectedErr : false ,
309- },
310- {
311- name : "DeleteSecret_Failure" ,
312- operation : "Delete" ,
313- path : "secret/data/test" ,
314- setupMock : func (w http.ResponseWriter , r * http.Request ) {
315- assert .Equal (t , "/v1/secret/data/test" , r .URL .Path )
316- assert .Equal (t , http .MethodDelete , r .Method )
317- w .WriteHeader (http .StatusBadRequest )
318- w .Write ([]byte (`{"errors": ["permission denied"]}` ))
319- },
320- expectedErr : true ,
321- },
322209 {
323210 name : "EnableAuditDevice_Success" ,
324211 operation : "EnableAudit" ,
@@ -385,12 +272,6 @@ func TestVaultClient_Operations(t *testing.T) {
385272 var result interface {}
386273
387274 switch tt .operation {
388- case "Read" :
389- result , err = vaultClient .ReadSecret (tt .path )
390- case "Write" :
391- err = vaultClient .WriteSecret (tt .path , tt .input )
392- case "Delete" :
393- err = vaultClient .DeleteSecret (tt .path )
394275 case "EnableAudit" :
395276 err = vaultClient .EnableAuditDevice (tt .path , tt .input ["type" ].(string ), tt .input ["description" ].(string ), tt .input ["options" ].(map [string ]string ))
396277 }
0 commit comments