From 65b2611846d4548ff43a9238bb9377c236c1a701 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=BCdiger=20Schmitz?= <152157960+bahkauv70@users.noreply.github.com> Date: Wed, 22 Jan 2025 16:24:38 +0100 Subject: [PATCH 1/5] fix: reset user directory for tests to avoid automatic lookup of real keys during test --- core/auth/auth_test.go | 2 ++ 1 file changed, 2 insertions(+) diff --git a/core/auth/auth_test.go b/core/auth/auth_test.go index f48858471..de84db758 100644 --- a/core/auth/auth_test.go +++ b/core/auth/auth_test.go @@ -503,6 +503,7 @@ func TestKeyAuth(t *testing.T) { t.Setenv("STACKIT_SERVICE_ACCOUNT_KEY_PATH", "") t.Setenv("STACKIT_PRIVATE_KEY", "") t.Setenv("STACKIT_PRIVATE_KEY_PATH", "") + t.Setenv("HOME", t.TempDir()) var saKey string if test.serviceAccountKey != nil { @@ -843,6 +844,7 @@ func TestGetServiceAccountKey(t *testing.T) { }, } { t.Run(test.name, func(t *testing.T) { + t.Setenv("HOME", t.TempDir()) t.Setenv("STACKIT_CREDENTIALS_PATH", test.credentialsFilePath) if test.envServiceAccountKeyPathSet { From 1e228753db86889787d2395ef03ee84bc1a7965e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=BCdiger=20Schmitz?= <152157960+bahkauv70@users.noreply.github.com> Date: Thu, 23 Jan 2025 11:04:25 +0100 Subject: [PATCH 2/5] fix: encapsulated homedir retrieval to allow testing without interfering with real user home --- core/auth/auth.go | 4 +++- core/auth/auth_test.go | 25 +++++++++++++++++++++++-- 2 files changed, 26 insertions(+), 3 deletions(-) diff --git a/core/auth/auth.go b/core/auth/auth.go index 8eb30d1c3..9330d49b7 100644 --- a/core/auth/auth.go +++ b/core/auth/auth.go @@ -27,6 +27,8 @@ const ( privateKeyPathCredentialType credentialType = "private_key_path" ) +var userHomeDir = os.UserHomeDir + // SetupAuth sets up authentication based on the configuration. The different options are // custom authentication, no authentication, explicit key flow, explicit token flow or default authentication func SetupAuth(cfg *config.Configuration) (rt http.RoundTripper, err error) { @@ -195,7 +197,7 @@ func readCredentialsFile(path string) (*Credentials, error) { customPath, customPathSet := os.LookupEnv("STACKIT_CREDENTIALS_PATH") if !customPathSet || customPath == "" { path = credentialsFilePath - home, err := os.UserHomeDir() + home, err := userHomeDir() if err != nil { return nil, fmt.Errorf("getting home directory: %w", err) } diff --git a/core/auth/auth_test.go b/core/auth/auth_test.go index de84db758..4f098d283 100644 --- a/core/auth/auth_test.go +++ b/core/auth/auth_test.go @@ -448,6 +448,7 @@ func TestKeyAuth(t *testing.T) { envVarPrivateKey string expectedPrivateKey string isValid bool + homeDir func(*testing.T) string }{ { desc: "configured_private_key", @@ -484,6 +485,7 @@ func TestKeyAuth(t *testing.T) { serviceAccountKey: nil, configuredPrivateKey: configuredPrivateKey, isValid: false, + homeDir: func(t *testing.T) string { return t.TempDir() }, }, { desc: "missing_private_key", @@ -496,6 +498,7 @@ func TestKeyAuth(t *testing.T) { serviceAccountKey: nil, configuredPrivateKey: "", isValid: false, + homeDir: func(t *testing.T) string { return t.TempDir() }, }, } { t.Run(test.desc, func(t *testing.T) { @@ -503,7 +506,15 @@ func TestKeyAuth(t *testing.T) { t.Setenv("STACKIT_SERVICE_ACCOUNT_KEY_PATH", "") t.Setenv("STACKIT_PRIVATE_KEY", "") t.Setenv("STACKIT_PRIVATE_KEY_PATH", "") - t.Setenv("HOME", t.TempDir()) + if homeDir := test.homeDir; homeDir != nil { + old := userHomeDir + t.Cleanup(func() { + userHomeDir = old + }) + userHomeDir = func() (string, error) { + return test.homeDir(t), nil + } + } var saKey string if test.serviceAccountKey != nil { @@ -770,6 +781,7 @@ func TestGetServiceAccountKey(t *testing.T) { credentialsFilePath string wantErr bool expectedKey string + userHomeDir func(*testing.T) string }{ { name: "cfg_sa_key", @@ -841,11 +853,20 @@ func TestGetServiceAccountKey(t *testing.T) { cfg: &config.Configuration{}, wantErr: true, expectedKey: "", + userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, } { t.Run(test.name, func(t *testing.T) { - t.Setenv("HOME", t.TempDir()) t.Setenv("STACKIT_CREDENTIALS_PATH", test.credentialsFilePath) + if homeDir := test.userHomeDir; homeDir != nil { + old := userHomeDir + t.Cleanup(func() { + userHomeDir = old + }) + userHomeDir = func() (string, error) { + return homeDir(t), nil + } + } if test.envServiceAccountKeyPathSet { t.Setenv("STACKIT_SERVICE_ACCOUNT_KEY_PATH", "test_resources/test_string_key.txt") From a764d671840cbdc7547bafe398a8c260e78d3e70 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=BCdiger=20Schmitz?= <152157960+bahkauv70@users.noreply.github.com> Date: Fri, 7 Feb 2025 09:04:46 +0100 Subject: [PATCH 3/5] fix: Add review findings --- core/auth/auth_test.go | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/core/auth/auth_test.go b/core/auth/auth_test.go index 4f098d283..29c4f096e 100644 --- a/core/auth/auth_test.go +++ b/core/auth/auth_test.go @@ -456,6 +456,8 @@ func TestKeyAuth(t *testing.T) { configuredPrivateKey: string(configuredPrivateKey), expectedPrivateKey: string(configuredPrivateKey), isValid: true, + homeDir: func(t *testing.T) string { return t.TempDir() }, + }, { desc: "included_private_key", @@ -463,6 +465,8 @@ func TestKeyAuth(t *testing.T) { includedPrivateKey: &includedPrivateKey, expectedPrivateKey: includedPrivateKey, isValid: true, + homeDir: func(t *testing.T) string { return t.TempDir() }, + }, { desc: "empty_configured_use_included_private_key", @@ -471,6 +475,8 @@ func TestKeyAuth(t *testing.T) { configuredPrivateKey: "", expectedPrivateKey: includedPrivateKey, isValid: true, + homeDir: func(t *testing.T) string { return t.TempDir() }, + }, { desc: "configured_over_included_private_key", @@ -479,6 +485,8 @@ func TestKeyAuth(t *testing.T) { configuredPrivateKey: configuredPrivateKey, expectedPrivateKey: configuredPrivateKey, isValid: true, + homeDir: func(t *testing.T) string { return t.TempDir() }, + }, { desc: "no_sa_key", @@ -492,6 +500,7 @@ func TestKeyAuth(t *testing.T) { serviceAccountKey: fixtureServiceAccountKey(), configuredPrivateKey: "", isValid: false, + homeDir: func(t *testing.T) string { return t.TempDir() }, }, { desc: "no_keys", @@ -790,6 +799,7 @@ func TestGetServiceAccountKey(t *testing.T) { }, wantErr: false, expectedKey: "key", + userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, { name: "cfg_sa_key_path", @@ -798,6 +808,7 @@ func TestGetServiceAccountKey(t *testing.T) { }, wantErr: false, expectedKey: "key", + userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, { name: "env_sa_key_path", @@ -805,6 +816,7 @@ func TestGetServiceAccountKey(t *testing.T) { envServiceAccountKeyPathSet: true, wantErr: false, expectedKey: "key", + userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, { name: "credentials_file_sa_key_path", @@ -812,6 +824,7 @@ func TestGetServiceAccountKey(t *testing.T) { credentialsFilePath: "test_resources/test_credentials_foo.json", wantErr: false, expectedKey: "foo_key", + userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, { name: "cfg_sa_key_precedes_path", @@ -821,6 +834,7 @@ func TestGetServiceAccountKey(t *testing.T) { }, wantErr: false, expectedKey: "cfg_key", + userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, { name: "cfg_sa_key_precedes_env", @@ -830,6 +844,7 @@ func TestGetServiceAccountKey(t *testing.T) { envServiceAccountKeyPathSet: true, wantErr: false, expectedKey: "cfg_key", + userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, { name: "cfg_sa_key_precedes_creds_file", @@ -839,6 +854,7 @@ func TestGetServiceAccountKey(t *testing.T) { credentialsFilePath: "test_resources/test_credentials_foo.json", wantErr: false, expectedKey: "cfg_key", + userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, { name: "env_sa_key_precedes_creds_file", @@ -846,6 +862,7 @@ func TestGetServiceAccountKey(t *testing.T) { envServiceAccountKeyPathSet: true, credentialsFilePath: "test_resources/test_credentials_foo.json", wantErr: false, + userHomeDir: func(t *testing.T) string { return t.TempDir() }, expectedKey: "key", }, { From 7b18d12c95beca6dea70ef11813861f9fd325959 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=BCdiger=20Schmitz?= <152157960+bahkauv70@users.noreply.github.com> Date: Tue, 25 Feb 2025 14:58:13 +0100 Subject: [PATCH 4/5] fixed linting issue --- core/auth/auth_test.go | 16 ++++++---------- 1 file changed, 6 insertions(+), 10 deletions(-) diff --git a/core/auth/auth_test.go b/core/auth/auth_test.go index 29c4f096e..e1b6bfacc 100644 --- a/core/auth/auth_test.go +++ b/core/auth/auth_test.go @@ -457,7 +457,6 @@ func TestKeyAuth(t *testing.T) { expectedPrivateKey: string(configuredPrivateKey), isValid: true, homeDir: func(t *testing.T) string { return t.TempDir() }, - }, { desc: "included_private_key", @@ -465,8 +464,7 @@ func TestKeyAuth(t *testing.T) { includedPrivateKey: &includedPrivateKey, expectedPrivateKey: includedPrivateKey, isValid: true, - homeDir: func(t *testing.T) string { return t.TempDir() }, - + homeDir: func(t *testing.T) string { return t.TempDir() }, }, { desc: "empty_configured_use_included_private_key", @@ -476,7 +474,6 @@ func TestKeyAuth(t *testing.T) { expectedPrivateKey: includedPrivateKey, isValid: true, homeDir: func(t *testing.T) string { return t.TempDir() }, - }, { desc: "configured_over_included_private_key", @@ -486,7 +483,6 @@ func TestKeyAuth(t *testing.T) { expectedPrivateKey: configuredPrivateKey, isValid: true, homeDir: func(t *testing.T) string { return t.TempDir() }, - }, { desc: "no_sa_key", @@ -816,7 +812,7 @@ func TestGetServiceAccountKey(t *testing.T) { envServiceAccountKeyPathSet: true, wantErr: false, expectedKey: "key", - userHomeDir: func(t *testing.T) string { return t.TempDir() }, + userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, { name: "credentials_file_sa_key_path", @@ -824,7 +820,7 @@ func TestGetServiceAccountKey(t *testing.T) { credentialsFilePath: "test_resources/test_credentials_foo.json", wantErr: false, expectedKey: "foo_key", - userHomeDir: func(t *testing.T) string { return t.TempDir() }, + userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, { name: "cfg_sa_key_precedes_path", @@ -844,7 +840,7 @@ func TestGetServiceAccountKey(t *testing.T) { envServiceAccountKeyPathSet: true, wantErr: false, expectedKey: "cfg_key", - userHomeDir: func(t *testing.T) string { return t.TempDir() }, + userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, { name: "cfg_sa_key_precedes_creds_file", @@ -854,7 +850,7 @@ func TestGetServiceAccountKey(t *testing.T) { credentialsFilePath: "test_resources/test_credentials_foo.json", wantErr: false, expectedKey: "cfg_key", - userHomeDir: func(t *testing.T) string { return t.TempDir() }, + userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, { name: "env_sa_key_precedes_creds_file", @@ -862,7 +858,7 @@ func TestGetServiceAccountKey(t *testing.T) { envServiceAccountKeyPathSet: true, credentialsFilePath: "test_resources/test_credentials_foo.json", wantErr: false, - userHomeDir: func(t *testing.T) string { return t.TempDir() }, + userHomeDir: func(t *testing.T) string { return t.TempDir() }, expectedKey: "key", }, { From 8c92c6ab3d6965254db071c41b3d8cf4bb6b2f82 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?R=C3=BCdiger=20Schmitz?= <152157960+bahkauv70@users.noreply.github.com> Date: Tue, 25 Feb 2025 15:09:21 +0100 Subject: [PATCH 5/5] fix: save home directory for every testcase --- core/auth/auth_test.go | 56 ++++++++++++++---------------------------- 1 file changed, 19 insertions(+), 37 deletions(-) diff --git a/core/auth/auth_test.go b/core/auth/auth_test.go index e1b6bfacc..1464381fc 100644 --- a/core/auth/auth_test.go +++ b/core/auth/auth_test.go @@ -16,6 +16,16 @@ import ( "github.com/stackitcloud/stackit-sdk-go/core/config" ) +func setTemporaryHome(t *testing.T) { + old := userHomeDir + t.Cleanup(func() { + userHomeDir = old + }) + userHomeDir = func() (string, error) { + return t.TempDir(), nil + } +} + func fixtureServiceAccountKey(mods ...func(*clients.ServiceAccountKeyResponse)) *clients.ServiceAccountKeyResponse { validUntil := time.Now().Add(time.Hour) serviceAccountKeyResponse := &clients.ServiceAccountKeyResponse{ @@ -150,6 +160,7 @@ func TestSetupAuth(t *testing.T) { }, } { t.Run(test.desc, func(t *testing.T) { + setTemporaryHome(t) if test.setKeys { t.Setenv("STACKIT_SERVICE_ACCOUNT_KEY_PATH", saKeyFile.Name()) t.Setenv("STACKIT_PRIVATE_KEY_PATH", privateKeyFile.Name()) @@ -232,6 +243,7 @@ func TestReadCredentials(t *testing.T) { }, } { t.Run(test.desc, func(t *testing.T) { + setTemporaryHome(t) t.Setenv("STACKIT_CREDENTIALS_PATH", test.pathEnv) var credential string @@ -342,6 +354,7 @@ func TestDefaultAuth(t *testing.T) { }, } { t.Run(test.desc, func(t *testing.T) { + setTemporaryHome(t) if test.setKeys { t.Setenv("STACKIT_SERVICE_ACCOUNT_KEY_PATH", saKeyFile.Name()) t.Setenv("STACKIT_PRIVATE_KEY_PATH", privateKeyFile.Name()) @@ -406,6 +419,7 @@ func TestTokenAuth(t *testing.T) { }, } { t.Run(test.desc, func(t *testing.T) { + setTemporaryHome(t) t.Setenv("STACKIT_SERVICE_ACCOUNT_TOKEN", "") t.Setenv("STACKIT_CREDENTIALS_PATH", "test-path") @@ -448,7 +462,6 @@ func TestKeyAuth(t *testing.T) { envVarPrivateKey string expectedPrivateKey string isValid bool - homeDir func(*testing.T) string }{ { desc: "configured_private_key", @@ -456,7 +469,6 @@ func TestKeyAuth(t *testing.T) { configuredPrivateKey: string(configuredPrivateKey), expectedPrivateKey: string(configuredPrivateKey), isValid: true, - homeDir: func(t *testing.T) string { return t.TempDir() }, }, { desc: "included_private_key", @@ -464,7 +476,6 @@ func TestKeyAuth(t *testing.T) { includedPrivateKey: &includedPrivateKey, expectedPrivateKey: includedPrivateKey, isValid: true, - homeDir: func(t *testing.T) string { return t.TempDir() }, }, { desc: "empty_configured_use_included_private_key", @@ -473,7 +484,6 @@ func TestKeyAuth(t *testing.T) { configuredPrivateKey: "", expectedPrivateKey: includedPrivateKey, isValid: true, - homeDir: func(t *testing.T) string { return t.TempDir() }, }, { desc: "configured_over_included_private_key", @@ -482,44 +492,32 @@ func TestKeyAuth(t *testing.T) { configuredPrivateKey: configuredPrivateKey, expectedPrivateKey: configuredPrivateKey, isValid: true, - homeDir: func(t *testing.T) string { return t.TempDir() }, }, { desc: "no_sa_key", serviceAccountKey: nil, configuredPrivateKey: configuredPrivateKey, isValid: false, - homeDir: func(t *testing.T) string { return t.TempDir() }, }, { desc: "missing_private_key", serviceAccountKey: fixtureServiceAccountKey(), configuredPrivateKey: "", isValid: false, - homeDir: func(t *testing.T) string { return t.TempDir() }, }, { desc: "no_keys", serviceAccountKey: nil, configuredPrivateKey: "", isValid: false, - homeDir: func(t *testing.T) string { return t.TempDir() }, }, } { t.Run(test.desc, func(t *testing.T) { + setTemporaryHome(t) t.Setenv("STACKIT_SERVICE_ACCOUNT_KEY", "") t.Setenv("STACKIT_SERVICE_ACCOUNT_KEY_PATH", "") t.Setenv("STACKIT_PRIVATE_KEY", "") t.Setenv("STACKIT_PRIVATE_KEY_PATH", "") - if homeDir := test.homeDir; homeDir != nil { - old := userHomeDir - t.Cleanup(func() { - userHomeDir = old - }) - userHomeDir = func() (string, error) { - return test.homeDir(t), nil - } - } var saKey string if test.serviceAccountKey != nil { @@ -574,7 +572,7 @@ func TestNoAuth(t *testing.T) { }, } { t.Run(test.desc, func(t *testing.T) { - // Get the default authentication client and ensure that it's not nil + setTemporaryHome(t) // Get the default authentication client and ensure that it's not nil authClient, err := NoAuth() if err != nil { t.Fatalf("Test returned error on valid test case: %v", err) @@ -641,6 +639,7 @@ func TestGetServiceAccountEmail(t *testing.T) { }, } { t.Run(test.description, func(t *testing.T) { + setTemporaryHome(t) if test.envEmailSet { t.Setenv("STACKIT_SERVICE_ACCOUNT_EMAIL", "env_email") } else { @@ -759,6 +758,7 @@ func TestGetPrivateKey(t *testing.T) { }, } { t.Run(test.name, func(t *testing.T) { + setTemporaryHome(t) t.Setenv("STACKIT_CREDENTIALS_PATH", test.credentialsFilePath) if test.envPrivateKeyPathSet { @@ -786,7 +786,6 @@ func TestGetServiceAccountKey(t *testing.T) { credentialsFilePath string wantErr bool expectedKey string - userHomeDir func(*testing.T) string }{ { name: "cfg_sa_key", @@ -795,7 +794,6 @@ func TestGetServiceAccountKey(t *testing.T) { }, wantErr: false, expectedKey: "key", - userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, { name: "cfg_sa_key_path", @@ -804,7 +802,6 @@ func TestGetServiceAccountKey(t *testing.T) { }, wantErr: false, expectedKey: "key", - userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, { name: "env_sa_key_path", @@ -812,7 +809,6 @@ func TestGetServiceAccountKey(t *testing.T) { envServiceAccountKeyPathSet: true, wantErr: false, expectedKey: "key", - userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, { name: "credentials_file_sa_key_path", @@ -820,7 +816,6 @@ func TestGetServiceAccountKey(t *testing.T) { credentialsFilePath: "test_resources/test_credentials_foo.json", wantErr: false, expectedKey: "foo_key", - userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, { name: "cfg_sa_key_precedes_path", @@ -830,7 +825,6 @@ func TestGetServiceAccountKey(t *testing.T) { }, wantErr: false, expectedKey: "cfg_key", - userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, { name: "cfg_sa_key_precedes_env", @@ -840,7 +834,6 @@ func TestGetServiceAccountKey(t *testing.T) { envServiceAccountKeyPathSet: true, wantErr: false, expectedKey: "cfg_key", - userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, { name: "cfg_sa_key_precedes_creds_file", @@ -850,7 +843,6 @@ func TestGetServiceAccountKey(t *testing.T) { credentialsFilePath: "test_resources/test_credentials_foo.json", wantErr: false, expectedKey: "cfg_key", - userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, { name: "env_sa_key_precedes_creds_file", @@ -858,7 +850,6 @@ func TestGetServiceAccountKey(t *testing.T) { envServiceAccountKeyPathSet: true, credentialsFilePath: "test_resources/test_credentials_foo.json", wantErr: false, - userHomeDir: func(t *testing.T) string { return t.TempDir() }, expectedKey: "key", }, { @@ -866,20 +857,11 @@ func TestGetServiceAccountKey(t *testing.T) { cfg: &config.Configuration{}, wantErr: true, expectedKey: "", - userHomeDir: func(t *testing.T) string { return t.TempDir() }, }, } { t.Run(test.name, func(t *testing.T) { + setTemporaryHome(t) t.Setenv("STACKIT_CREDENTIALS_PATH", test.credentialsFilePath) - if homeDir := test.userHomeDir; homeDir != nil { - old := userHomeDir - t.Cleanup(func() { - userHomeDir = old - }) - userHomeDir = func() (string, error) { - return homeDir(t), nil - } - } if test.envServiceAccountKeyPathSet { t.Setenv("STACKIT_SERVICE_ACCOUNT_KEY_PATH", "test_resources/test_string_key.txt")