add test for secrets_manager.py

sinofseven · sinofseven · commit c4f31cc5e769 · 2025-02-15T18:43:00.000+09:00
diff --git a/aws_lambda_powertools/event_handler/async_execution/routes/secrets_manager.py b/aws_lambda_powertools/event_handler/async_execution/routes/secrets_manager.py
@@ -29,8 +29,14 @@ def match(self, event: dict[str, Any]) -> tuple[Callable, SecretsManagerEvent] |
 
         if not secret_id:
             return None
-        elif self.secret_id and self.secret_id == secret_id:
-            return self.func, SecretsManagerEvent(event)
+        elif self.secret_id and self.secret_name_prefix:
+            part = secret_id.split(":")
+            secret_name = part[-1]
+            if self.secret_id == secret_id and secret_name.find(self.secret_name_prefix) == 0:
+                return self.func, SecretsManagerEvent(event)
+        elif self.secret_id:
+            if self.secret_id == secret_id:
+                return self.func, SecretsManagerEvent(event)
         elif self.secret_name_prefix:
             part = secret_id.split(":")
             secret_name = part[-1]
diff --git a/tests/unit/event_handler/_async_execution/_routes/test_secrets_manager.py b/tests/unit/event_handler/_async_execution/_routes/test_secrets_manager.py
@@ -1,10 +1,96 @@
 import pytest
 
 from aws_lambda_powertools.event_handler.async_execution.routes.secrets_manager import SecretsManagerRoute
+from aws_lambda_powertools.utilities.data_classes.secrets_manager_event import SecretsManagerEvent
 from tests.functional.utils import load_event
 
 
 class TestSecretsManagerRoute:
+    def test_constructor_error(self):
+        with pytest.raises(ValueError):
+            SecretsManagerRoute(func=lambda _: None)
+
+    @pytest.mark.parametrize(
+        "event_name, option_constructor, is_match",
+        [
+            # with secret_id and secret_name_prefix
+            # match all
+            (
+                "secretsManagerEvent.json",
+                {
+                    "func": lambda *_: None,
+                    "secret_id": "arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestDatabaseSecret-a1b2c3",
+                    "secret_name_prefix": "MyTestDatabaseSecret",
+                },
+                True,
+            ),
+            # with secret_id and secret_name_prefix
+            # match 1, unmatch 1
+            (
+                "secretsManagerEvent.json",
+                {
+                    "func": lambda *_: None,
+                    "secret_id": "arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestDatabaseSecret-a1b2c3",
+                    "secret_name_prefix": "MyTestDatabaseSecretV2",
+                },
+                False,
+            ),
+            (
+                "secretsManagerEvent.json",
+                {
+                    "func": lambda *_: None,
+                    "secret_id": "arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestDatabaseSecret-999999",
+                    "secret_name_prefix": "MyTestDatabaseSecret",
+                },
+                False,
+            ),
+            # with secret_id and secret_name_prefix
+            # unmatch all
+            (
+                "secretsManagerEvent.json",
+                {
+                    "func": lambda *_: None,
+                    "secret_id": "arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestDatabaseSecret-999999",
+                    "secret_name_prefix": "MyTestDatabaseSecretV2",
+                },
+                False,
+            ),
+            # with secret_id
+            (
+                "secretsManagerEvent.json",
+                {
+                    "func": lambda *_: None,
+                    "secret_id": "arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestDatabaseSecret-a1b2c3",
+                },
+                True,
+            ),
+            (
+                "secretsManagerEvent.json",
+                {
+                    "func": lambda *_: None,
+                    "secret_id": "arn:aws:secretsmanager:us-west-2:123456789012:secret:MyTestDatabaseSecret-999999",
+                },
+                False,
+            ),
+            # with secret_name_prefix
+            ("secretsManagerEvent.json", {"func": lambda *_: None, "secret_name_prefix": "MyTestDatabaseSecret"}, True),
+            (
+                "secretsManagerEvent.json",
+                {"func": lambda *_: None, "secret_name_prefix": "MyTestDatabaseSecretV2"},
+                False,
+            ),
+        ],
+    )
+    def test_match(self, event_name, option_constructor, is_match):
+        event = load_event(file_name=event_name)
+        route = SecretsManagerRoute(**option_constructor)
+        actual = route.match(event=event)
+        if is_match:
+            expected = (route.func, SecretsManagerEvent(event))
+            assert actual == expected
+        else:
+            assert actual is None
+
     @pytest.mark.parametrize(
         "event_name",
         [
