Skip to content

Commit 34a5bd5

Browse files
pohlypohly
committed
protosanitizer: add test for converted message
One real use case is that users of an older spec can receive a message based on a new spec (possible as long as backwards compatibility is preserved) without logging any secrets added in the new spec. It is unlikely, but it is nonetheless better to have a test for it.
1 parent 1628ab5 commit 34a5bd5

File tree

1 file changed

+58
-39
lines changed

1 file changed

+58
-39
lines changed

protosanitizer/protosanitizer_test.go

Lines changed: 58 additions & 39 deletions
Original file line numberDiff line numberDiff line change
@@ -21,13 +21,16 @@ import (
2121
"testing"
2222

2323
"github.com/container-storage-interface/spec/lib/go/csi"
24+
"github.com/golang/protobuf/proto"
2425
"github.com/kubernetes-csi/csi-lib-utils/protosanitizer/test/csitest"
2526
"github.com/stretchr/testify/assert"
2627
)
2728

2829
func TestStripSecrets(t *testing.T) {
2930
secretName := "secret-abc"
3031
secretValue := "123"
32+
33+
// Current spec.
3134
createVolume := &csi.CreateVolumeRequest{
3235
AccessibilityRequirements: &csi.TopologyRequirement{
3336
Requisite: []*csi.Topology{
@@ -63,9 +66,50 @@ func TestStripSecrets(t *testing.T) {
6366
},
6467
}
6568

66-
cases := []struct {
69+
// Revised spec with more secret fields.
70+
createVolumeFuture := &csitest.CreateVolumeRequest{
71+
CapacityRange: &csitest.CapacityRange{
72+
RequiredBytes: 1024,
73+
},
74+
MaybeSecretMap: map[int64]*csitest.VolumeCapability{
75+
1: &csitest.VolumeCapability{ArraySecret: "aaa"},
76+
2: &csitest.VolumeCapability{ArraySecret: "bbb"},
77+
},
78+
Name: "foo",
79+
NewSecretInt: 42,
80+
Seecreets: map[string]string{
81+
secretName: secretValue,
82+
"secret-xyz": "987",
83+
},
84+
VolumeCapabilities: []*csitest.VolumeCapability{
85+
&csitest.VolumeCapability{
86+
AccessType: &csitest.VolumeCapability_Mount{
87+
Mount: &csitest.VolumeCapability_MountVolume{
88+
FsType: "ext4",
89+
},
90+
},
91+
ArraySecret: "knock knock",
92+
},
93+
&csitest.VolumeCapability{
94+
ArraySecret: "Who's there?",
95+
},
96+
},
97+
VolumeContentSource: &csitest.VolumeContentSource{
98+
Type: &csitest.VolumeContentSource_Volume{
99+
Volume: &csitest.VolumeContentSource_VolumeSource{
100+
VolumeId: "abc",
101+
OneofSecretField: "hello",
102+
},
103+
},
104+
NestedSecretField: "world",
105+
},
106+
}
107+
108+
type testcase struct {
67109
original, stripped interface{}
68-
}{
110+
}
111+
112+
cases := []testcase{
69113
{nil, "null"},
70114
{1, "1"},
71115
{"hello world", `"hello world"`},
@@ -99,43 +143,7 @@ func TestStripSecrets(t *testing.T) {
99143
}, `{"accessibility_requirements":{},"capacity_range":{"limit_bytes":1024,"required_bytes":1024},"name":"test-volume","parameters":{"param1":"param1","param2":"param2"},"secrets":"***stripped***","volume_capabilities":[{"AccessType":{"Mount":{"fs_type":"ext4","mount_flags":["flag1","flag2","flag3"]}},"access_mode":{"mode":5}}],"volume_content_source":{"Type":null}}`},
100144
{createVolume, `{"accessibility_requirements":{"requisite":[{"segments":{"foo":"bar","x":"y"}},{"segments":{"a":"b"}}]},"capacity_range":{"required_bytes":1024},"name":"foo","secrets":"***stripped***","volume_capabilities":[{"AccessType":{"Mount":{"fs_type":"ext4"}}}]}`},
101145
{&csitest.CreateVolumeRequest{}, `{}`},
102-
{&csitest.CreateVolumeRequest{
103-
CapacityRange: &csitest.CapacityRange{
104-
RequiredBytes: 1024,
105-
},
106-
MaybeSecretMap: map[int64]*csitest.VolumeCapability{
107-
1: &csitest.VolumeCapability{ArraySecret: "aaa"},
108-
2: &csitest.VolumeCapability{ArraySecret: "bbb"},
109-
},
110-
Name: "foo",
111-
NewSecretInt: 42,
112-
Seecreets: map[string]string{
113-
secretName: secretValue,
114-
"secret-xyz": "987",
115-
},
116-
VolumeCapabilities: []*csitest.VolumeCapability{
117-
&csitest.VolumeCapability{
118-
AccessType: &csitest.VolumeCapability_Mount{
119-
Mount: &csitest.VolumeCapability_MountVolume{
120-
FsType: "ext4",
121-
},
122-
},
123-
ArraySecret: "knock knock",
124-
},
125-
&csitest.VolumeCapability{
126-
ArraySecret: "Who's there?",
127-
},
128-
},
129-
VolumeContentSource: &csitest.VolumeContentSource{
130-
Type: &csitest.VolumeContentSource_Volume{
131-
Volume: &csitest.VolumeContentSource_VolumeSource{
132-
VolumeId: "abc",
133-
OneofSecretField: "hello",
134-
},
135-
},
136-
NestedSecretField: "world",
137-
},
138-
},
146+
{createVolumeFuture,
139147
// Secrets are *not* removed from all fields yet. This will have to be fixed one way or another
140148
// before the CSI spec can start using secrets there (currently it doesn't).
141149
// The test is still useful because it shows that also complicated fields get serialized.
@@ -144,6 +152,17 @@ func TestStripSecrets(t *testing.T) {
144152
},
145153
}
146154

155+
// Message from revised spec as received by a sidecar based on the current spec.
156+
// The XXX_unrecognized field contains secrets and must not get logged.
157+
unknownFields := &csi.CreateVolumeRequest{}
158+
data, err := proto.Marshal(createVolumeFuture)
159+
if assert.NoError(t, err, "marshall future message") &&
160+
assert.NoError(t, proto.Unmarshal(data, unknownFields), "unmarshal with unknown fields") {
161+
cases = append(cases, testcase{unknownFields,
162+
`{"capacity_range":{"required_bytes":1024},"name":"foo","secrets":"***stripped***","volume_capabilities":[{"AccessType":{"Mount":{"fs_type":"ext4"}}},{"AccessType":null}],"volume_content_source":{"Type":{"Volume":{"volume_id":"abc"}}}}`,
163+
})
164+
}
165+
147166
for _, c := range cases {
148167
before := fmt.Sprint(c.original)
149168
stripped := StripSecrets(c.original)

0 commit comments

Comments
 (0)