(t *testing.T)
| 433 | } |
| 434 | |
| 435 | func TestMasterKey_createKMSConfig(t *testing.T) { |
| 436 | tests := []struct { |
| 437 | name string |
| 438 | key MasterKey |
| 439 | envFunc func(t *testing.T) |
| 440 | assertFunc func(t *testing.T, cfg *aws.Config, err error) |
| 441 | fallback bool |
| 442 | }{ |
| 443 | { |
| 444 | name: "valid config with credentials provider", |
| 445 | key: MasterKey{ |
| 446 | credentialsProvider: credentials.NewStaticCredentialsProvider("test-id", "test-secret", "test-token"), |
| 447 | Arn: "arn:aws:kms:us-west-2:107501996527:key/612d5f0p-p1l3-45e6-aca6-a5b005693a48", |
| 448 | }, |
| 449 | assertFunc: func(t *testing.T, cfg *aws.Config, err error) { |
| 450 | assert.NoError(t, err) |
| 451 | assert.Equal(t, "us-west-2", cfg.Region) |
| 452 | |
| 453 | creds, err := cfg.Credentials.Retrieve(context.TODO()) |
| 454 | assert.NoError(t, err) |
| 455 | assert.Equal(t, "test-id", creds.AccessKeyID) |
| 456 | assert.Equal(t, "test-secret", creds.SecretAccessKey) |
| 457 | assert.Equal(t, "test-token", creds.SessionToken) |
| 458 | }, |
| 459 | }, |
| 460 | { |
| 461 | name: "valid config with profile", |
| 462 | key: MasterKey{ |
| 463 | AwsProfile: "test-profile", |
| 464 | Arn: "arn:aws:kms:us-west-2:107501996527:key/612d5f0p-p1l3-45e6-aca6-a5b005693a48", |
| 465 | }, |
| 466 | envFunc: func(t *testing.T) { |
| 467 | credentialsFile := filepath.Join(t.TempDir(), ".aws", "credentials") |
| 468 | assert.NoError(t, os.MkdirAll(filepath.Dir(credentialsFile), 0o700)) |
| 469 | assert.NoError(t, os.WriteFile(credentialsFile, []byte(`[test-profile] |
| 470 | aws_access_key_id = test-id |
| 471 | aws_secret_access_key = test-secret`), 0600)) |
| 472 | |
| 473 | t.Setenv("AWS_SHARED_CREDENTIALS_FILE", credentialsFile) |
| 474 | }, |
| 475 | assertFunc: func(t *testing.T, cfg *aws.Config, err error) { |
| 476 | assert.NoError(t, err) |
| 477 | |
| 478 | creds, err := cfg.Credentials.Retrieve(context.TODO()) |
| 479 | assert.NoError(t, err) |
| 480 | assert.Equal(t, "test-id", creds.AccessKeyID) |
| 481 | assert.Equal(t, "test-secret", creds.SecretAccessKey) |
| 482 | |
| 483 | // ConfigSources is a slice of config.Config, which in turn is an interface. |
| 484 | // Since we use a LoadOptions object, we assert the type of cfgSrc and then |
| 485 | // check if the expected profile is present. |
| 486 | for _, cfgSrc := range cfg.ConfigSources { |
| 487 | if src, ok := cfgSrc.(config.LoadOptions); ok { |
| 488 | assert.Equal(t, "test-profile", src.SharedConfigProfile) |
| 489 | } |
| 490 | } |
| 491 | }, |
| 492 | }, |
nothing calls this directly
no test coverage detected