MCPcopy Index your code
hub / github.com/getsops/sops / TestMasterKey_createKMSConfig

Function TestMasterKey_createKMSConfig

kms/keysource_test.go:435–548  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

433}
434
435func TestMasterKey_createKMSConfig(t *testing.T) {
436 tests := []struct {
437 name string
438 key MasterKey
439 envFunc func(t *testing.T)
440 assertFunc func(t *testing.T, cfg *aws.Config, err error)
441 fallback bool
442 }{
443 {
444 name: "valid config with credentials provider",
445 key: MasterKey{
446 credentialsProvider: credentials.NewStaticCredentialsProvider("test-id", "test-secret", "test-token"),
447 Arn: "arn:aws:kms:us-west-2:107501996527:key/612d5f0p-p1l3-45e6-aca6-a5b005693a48",
448 },
449 assertFunc: func(t *testing.T, cfg *aws.Config, err error) {
450 assert.NoError(t, err)
451 assert.Equal(t, "us-west-2", cfg.Region)
452
453 creds, err := cfg.Credentials.Retrieve(context.TODO())
454 assert.NoError(t, err)
455 assert.Equal(t, "test-id", creds.AccessKeyID)
456 assert.Equal(t, "test-secret", creds.SecretAccessKey)
457 assert.Equal(t, "test-token", creds.SessionToken)
458 },
459 },
460 {
461 name: "valid config with profile",
462 key: MasterKey{
463 AwsProfile: "test-profile",
464 Arn: "arn:aws:kms:us-west-2:107501996527:key/612d5f0p-p1l3-45e6-aca6-a5b005693a48",
465 },
466 envFunc: func(t *testing.T) {
467 credentialsFile := filepath.Join(t.TempDir(), ".aws", "credentials")
468 assert.NoError(t, os.MkdirAll(filepath.Dir(credentialsFile), 0o700))
469 assert.NoError(t, os.WriteFile(credentialsFile, []byte(`[test-profile]
470aws_access_key_id = test-id
471aws_secret_access_key = test-secret`), 0600))
472
473 t.Setenv("AWS_SHARED_CREDENTIALS_FILE", credentialsFile)
474 },
475 assertFunc: func(t *testing.T, cfg *aws.Config, err error) {
476 assert.NoError(t, err)
477
478 creds, err := cfg.Credentials.Retrieve(context.TODO())
479 assert.NoError(t, err)
480 assert.Equal(t, "test-id", creds.AccessKeyID)
481 assert.Equal(t, "test-secret", creds.SecretAccessKey)
482
483 // ConfigSources is a slice of config.Config, which in turn is an interface.
484 // Since we use a LoadOptions object, we assert the type of cfgSrc and then
485 // check if the expected profile is present.
486 for _, cfgSrc := range cfg.ConfigSources {
487 if src, ok := cfgSrc.(config.LoadOptions); ok {
488 assert.Equal(t, "test-profile", src.SharedConfigProfile)
489 }
490 }
491 },
492 },

Callers

nothing calls this directly

Calls 2

createKMSConfigMethod · 0.80
ErrorMethod · 0.45

Tested by

no test coverage detected