From 0c3e6200977406684e1e4e66bebd5307949a3f33 Mon Sep 17 00:00:00 2001 From: Easton Crupper <65553218+ecrupper@users.noreply.github.com> Date: Fri, 15 Mar 2024 11:20:59 -0400 Subject: [PATCH] fix(vault): add update logic for allow events and allow substitution (#1085) * fix(vault): add update logic for allow events and allow substitution * fix tests --- secret/vault/create_test.go | 21 +++++++++++++++++++++ secret/vault/get_test.go | 21 +++++++++++++++++++++ secret/vault/list_test.go | 21 +++++++++++++++++++++ secret/vault/testdata/v1/org.json | 9 ++++++++- secret/vault/testdata/v1/repo.json | 19 ++++++++++--------- secret/vault/testdata/v1/shared.json | 19 ++++++++++--------- secret/vault/testdata/v2/org.json | 19 ++++++++++--------- secret/vault/testdata/v2/repo.json | 19 ++++++++++--------- secret/vault/testdata/v2/shared.json | 19 ++++++++++--------- secret/vault/update.go | 8 ++++++++ secret/vault/update_test.go | 21 +++++++++++++++++++++ 11 files changed, 150 insertions(+), 46 deletions(-) diff --git a/secret/vault/create_test.go b/secret/vault/create_test.go index bcb41b60a..129b0e487 100644 --- a/secret/vault/create_test.go +++ b/secret/vault/create_test.go @@ -52,6 +52,13 @@ func TestVault_Create_Org(t *testing.T) { sec.SetType("org") sec.SetImages([]string{"foo", "bar"}) sec.SetEvents([]string{"foo", "bar"}) + sec.SetAllowCommand(true) + sec.SetAllowSubstitution(true) + sec.SetAllowEvents(library.NewEventsFromMask(1)) + sec.SetCreatedAt(1563474077) + sec.SetCreatedBy("octocat") + sec.SetUpdatedAt(1563474079) + sec.SetUpdatedBy("octocat2") type args struct { version string @@ -136,6 +143,13 @@ func TestVault_Create_Repo(t *testing.T) { sec.SetType("repo") sec.SetImages([]string{"foo", "bar"}) sec.SetEvents([]string{"foo", "bar"}) + sec.SetAllowCommand(true) + sec.SetAllowSubstitution(true) + sec.SetAllowEvents(library.NewEventsFromMask(3)) + sec.SetCreatedAt(1563474077) + sec.SetCreatedBy("octocat") + sec.SetUpdatedAt(1563474079) + sec.SetUpdatedBy("octocat2") type args struct { version string @@ -221,6 +235,13 @@ func TestVault_Create_Shared(t *testing.T) { sec.SetType("shared") sec.SetImages([]string{"foo", "bar"}) sec.SetEvents([]string{"foo", "bar"}) + sec.SetAllowCommand(false) + sec.SetAllowSubstitution(false) + sec.SetAllowEvents(library.NewEventsFromMask(1)) + sec.SetCreatedAt(1563474077) + sec.SetCreatedBy("octocat") + sec.SetUpdatedAt(1563474079) + sec.SetUpdatedBy("octocat2") type args struct { version string diff --git a/secret/vault/get_test.go b/secret/vault/get_test.go index 66f582727..2c811e9fd 100644 --- a/secret/vault/get_test.go +++ b/secret/vault/get_test.go @@ -52,6 +52,13 @@ func TestVault_Get_Org(t *testing.T) { want.SetType("org") want.SetImages([]string{"foo", "bar"}) want.SetEvents([]string{"foo", "bar"}) + want.SetAllowCommand(true) + want.SetAllowSubstitution(true) + want.SetAllowEvents(library.NewEventsFromMask(1)) + want.SetCreatedAt(1563474077) + want.SetCreatedBy("octocat") + want.SetUpdatedAt(1563474079) + want.SetUpdatedBy("octocat2") type args struct { version string @@ -136,6 +143,13 @@ func TestVault_Get_Repo(t *testing.T) { want.SetType("repo") want.SetImages([]string{"foo", "bar"}) want.SetEvents([]string{"foo", "bar"}) + want.SetAllowCommand(true) + want.SetAllowSubstitution(true) + want.SetAllowEvents(library.NewEventsFromMask(3)) + want.SetCreatedAt(1563474077) + want.SetCreatedBy("octocat") + want.SetUpdatedAt(1563474079) + want.SetUpdatedBy("octocat2") type args struct { version string @@ -220,6 +234,13 @@ func TestVault_Get_Shared(t *testing.T) { want.SetType("shared") want.SetImages([]string{"foo", "bar"}) want.SetEvents([]string{"foo", "bar"}) + want.SetAllowCommand(false) + want.SetAllowSubstitution(false) + want.SetAllowEvents(library.NewEventsFromMask(1)) + want.SetCreatedAt(1563474077) + want.SetCreatedBy("octocat") + want.SetUpdatedAt(1563474079) + want.SetUpdatedBy("octocat2") type args struct { version string diff --git a/secret/vault/list_test.go b/secret/vault/list_test.go index 127a127a2..3a6c2ab60 100644 --- a/secret/vault/list_test.go +++ b/secret/vault/list_test.go @@ -67,6 +67,13 @@ func TestVault_List_Org(t *testing.T) { sec.SetType("org") sec.SetImages([]string{"foo", "bar"}) sec.SetEvents([]string{"foo", "bar"}) + sec.SetAllowCommand(true) + sec.SetAllowSubstitution(true) + sec.SetAllowEvents(library.NewEventsFromMask(1)) + sec.SetCreatedAt(1563474077) + sec.SetCreatedBy("octocat") + sec.SetUpdatedAt(1563474079) + sec.SetUpdatedBy("octocat2") want := []*library.Secret{sec} @@ -198,6 +205,13 @@ func TestVault_List_Repo(t *testing.T) { sec.SetType("repo") sec.SetImages([]string{"foo", "bar"}) sec.SetEvents([]string{"foo", "bar"}) + sec.SetAllowCommand(true) + sec.SetAllowSubstitution(true) + sec.SetAllowEvents(library.NewEventsFromMask(3)) + sec.SetCreatedAt(1563474077) + sec.SetCreatedBy("octocat") + sec.SetUpdatedAt(1563474079) + sec.SetUpdatedBy("octocat2") want := []*library.Secret{sec} @@ -314,6 +328,13 @@ func TestVault_List_Shared(t *testing.T) { sec.SetType("shared") sec.SetImages([]string{"foo", "bar"}) sec.SetEvents([]string{"foo", "bar"}) + sec.SetAllowCommand(false) + sec.SetAllowSubstitution(false) + sec.SetAllowEvents(library.NewEventsFromMask(1)) + sec.SetCreatedAt(1563474077) + sec.SetCreatedBy("octocat") + sec.SetUpdatedAt(1563474079) + sec.SetUpdatedBy("octocat2") want := []*library.Secret{sec} diff --git a/secret/vault/testdata/v1/org.json b/secret/vault/testdata/v1/org.json index f73f1769e..bfae2f798 100644 --- a/secret/vault/testdata/v1/org.json +++ b/secret/vault/testdata/v1/org.json @@ -16,7 +16,14 @@ "org": "foo", "repo": "*", "type": "org", - "value": "baz" + "value": "baz", + "allow_command": true, + "allow_substitution": true, + "allow_events": 1, + "created_at": 1563474077, + "created_by": "octocat", + "updated_at": 1563474079, + "updated_by": "octocat2" }, "wrap_info": null, "warnings": null, diff --git a/secret/vault/testdata/v1/repo.json b/secret/vault/testdata/v1/repo.json index f0ef1d417..a4b983696 100644 --- a/secret/vault/testdata/v1/repo.json +++ b/secret/vault/testdata/v1/repo.json @@ -4,19 +4,20 @@ "renewable": false, "lease_duration": 2764800, "data": { - "events": [ - "foo", - "bar" - ], - "images": [ - "foo", - "bar" - ], + "events": ["foo", "bar"], + "images": ["foo", "bar"], "name": "baz", "org": "foo", "repo": "bar", "type": "repo", - "value": "foob" + "value": "foob", + "allow_command": true, + "allow_substitution": true, + "allow_events": 3, + "created_at": 1563474077, + "created_by": "octocat", + "updated_at": 1563474079, + "updated_by": "octocat2" }, "wrap_info": null, "warnings": null, diff --git a/secret/vault/testdata/v1/shared.json b/secret/vault/testdata/v1/shared.json index 6d070ae6f..e070dff61 100644 --- a/secret/vault/testdata/v1/shared.json +++ b/secret/vault/testdata/v1/shared.json @@ -4,19 +4,20 @@ "renewable": false, "lease_duration": 2764800, "data": { - "events": [ - "foo", - "bar" - ], - "images": [ - "foo", - "bar" - ], + "events": ["foo", "bar"], + "images": ["foo", "bar"], "name": "baz", "org": "foo", "team": "bar", "type": "shared", - "value": "foob" + "value": "foob", + "allow_command": false, + "allow_substitution": false, + "allow_events": 1, + "created_at": 1563474077, + "created_by": "octocat", + "updated_at": 1563474079, + "updated_by": "octocat2" }, "wrap_info": null, "warnings": null, diff --git a/secret/vault/testdata/v2/org.json b/secret/vault/testdata/v2/org.json index 8aabdab2c..0ae9c8bd1 100644 --- a/secret/vault/testdata/v2/org.json +++ b/secret/vault/testdata/v2/org.json @@ -5,19 +5,20 @@ "renewable": false, "data": { "data": { - "events": [ - "foo", - "bar" - ], - "images": [ - "foo", - "bar" - ], + "events": ["foo", "bar"], + "images": ["foo", "bar"], "name": "bar", "org": "foo", "repo": "*", "type": "org", - "value": "baz" + "value": "baz", + "allow_command": true, + "allow_substitution": true, + "allow_events": 1, + "created_at": 1563474077, + "created_by": "octocat", + "updated_at": 1563474079, + "updated_by": "octocat2" }, "metadata": { "created_time": "2020-08-14T15:43:44.3462581Z", diff --git a/secret/vault/testdata/v2/repo.json b/secret/vault/testdata/v2/repo.json index bec309b84..29b3e7569 100644 --- a/secret/vault/testdata/v2/repo.json +++ b/secret/vault/testdata/v2/repo.json @@ -5,19 +5,20 @@ "renewable": false, "data": { "data": { - "events": [ - "foo", - "bar" - ], - "images": [ - "foo", - "bar" - ], + "events": ["foo", "bar"], + "images": ["foo", "bar"], "name": "baz", "org": "foo", "repo": "bar", "type": "repo", - "value": "foob" + "value": "foob", + "allow_command": true, + "allow_substitution": true, + "allow_events": 3, + "created_at": 1563474077, + "created_by": "octocat", + "updated_at": 1563474079, + "updated_by": "octocat2" }, "metadata": { "created_time": "2020-08-14T15:43:44.3462581Z", diff --git a/secret/vault/testdata/v2/shared.json b/secret/vault/testdata/v2/shared.json index ffb6c84f0..961da3c6b 100644 --- a/secret/vault/testdata/v2/shared.json +++ b/secret/vault/testdata/v2/shared.json @@ -5,19 +5,20 @@ "renewable": false, "data": { "data": { - "events": [ - "foo", - "bar" - ], - "images": [ - "foo", - "bar" - ], + "events": ["foo", "bar"], + "images": ["foo", "bar"], "name": "baz", "org": "foo", "team": "bar", "type": "shared", - "value": "foob" + "value": "foob", + "allow_command": false, + "allow_substitution": false, + "allow_events": 1, + "created_at": 1563474077, + "created_by": "octocat", + "updated_at": 1563474079, + "updated_by": "octocat2" }, "metadata": { "created_time": "2020-08-14T15:43:44.3462581Z", diff --git a/secret/vault/update.go b/secret/vault/update.go index 9082b2ff4..5655dcb9d 100644 --- a/secret/vault/update.go +++ b/secret/vault/update.go @@ -49,6 +49,10 @@ func (c *client) Update(ctx context.Context, sType, org, name string, s *library vault.Data["events"] = s.GetEvents() } + if s.GetAllowEvents().ToDatabase() != 0 { + vault.Data["allow_events"] = s.GetAllowEvents().ToDatabase() + } + if s.Images != nil { vault.Data["images"] = s.GetImages() } @@ -61,6 +65,10 @@ func (c *client) Update(ctx context.Context, sType, org, name string, s *library vault.Data["allow_command"] = s.GetAllowCommand() } + if s.AllowSubstitution != nil { + vault.Data["allow_substitution"] = s.GetAllowSubstitution() + } + // validate the secret err = database.SecretFromLibrary(secretFromVault(vault)).Validate() if err != nil { diff --git a/secret/vault/update_test.go b/secret/vault/update_test.go index c17c2c936..94f247c7e 100644 --- a/secret/vault/update_test.go +++ b/secret/vault/update_test.go @@ -67,6 +67,13 @@ func TestVault_Update_Org(t *testing.T) { sec.SetType("org") sec.SetImages([]string{"foo", "bar"}) sec.SetEvents([]string{"foo", "bar"}) + sec.SetAllowCommand(true) + sec.SetAllowSubstitution(true) + sec.SetAllowEvents(library.NewEventsFromMask(1)) + sec.SetCreatedAt(1563474077) + sec.SetCreatedBy("octocat") + sec.SetUpdatedAt(1563474079) + sec.SetUpdatedBy("octocat2") type args struct { version string @@ -167,6 +174,13 @@ func TestVault_Update_Repo(t *testing.T) { sec.SetType("repo") sec.SetImages([]string{"foo", "bar"}) sec.SetEvents([]string{"foo", "bar"}) + sec.SetAllowCommand(true) + sec.SetAllowSubstitution(true) + sec.SetAllowEvents(library.NewEventsFromMask(3)) + sec.SetCreatedAt(1563474077) + sec.SetCreatedBy("octocat") + sec.SetUpdatedAt(1563474079) + sec.SetUpdatedBy("octocat2") type args struct { version string @@ -267,6 +281,13 @@ func TestVault_Update_Shared(t *testing.T) { sec.SetType("shared") sec.SetImages([]string{"foo", "bar"}) sec.SetEvents([]string{"foo", "bar"}) + sec.SetAllowCommand(false) + sec.SetAllowSubstitution(false) + sec.SetAllowEvents(library.NewEventsFromMask(1)) + sec.SetCreatedAt(1563474077) + sec.SetCreatedBy("octocat") + sec.SetUpdatedAt(1563474079) + sec.SetUpdatedBy("octocat2") type args struct { version string