aherman
/
boundary
mirror of https://github.com/hashicorp/boundary
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

feat(host/plugin): Support empty host catalog secrets

Browse Source
pull/5137/head
Hugo 2 years ago
parent a5237cc171
commit ec2d5d4285
2 changed files with 56 additions and 8 deletions
Show Stats Download Patch File Download Diff File

14
internal/host/plugin/repository_host_catalog.go
Unescape View File

@ -181,7 +181,7 @@ func (r *Repository) CreateCatalog(ctx context.Context, c *HostCatalog, _ ...Opt
pluginCalledSuccessfully = true
}
if plgResp != nil && plgResp.GetPersisted().GetSecrets() != nil {
if len(plgResp.GetPersisted().GetSecrets().GetFields()) > 0 {
hcSecret, err := newHostCatalogSecret(ctx, id, plgResp.GetPersisted().GetSecrets())
if err != nil {
return errors.Wrap(ctx, err, op)
@ -453,7 +453,7 @@ func (r *Repository) UpdateCatalog(ctx context.Context, c *HostCatalog, version
var updatedPersisted bool
if plgResp != nil && plgResp.GetPersisted().GetSecrets() != nil {
if len(plgResp.GetPersisted().GetSecrets().GetFields()) == 0 {
// Flag the secret to be deleted.
// Flag the secret to be deleted if it exists.
hcSecret, err := newHostCatalogSecret(ctx, currentCatalog.GetPublicId(), plgResp.GetPersisted().GetSecrets())
if err != nil {
return errors.Wrap(ctx, err, op)
@ -466,11 +466,13 @@ func (r *Repository) UpdateCatalog(ctx context.Context, c *HostCatalog, version
if err != nil {
return errors.Wrap(ctx, err, op)
}
if secretsDeleted != 1 {
return errors.New(ctx, errors.MultipleRecords, op, fmt.Sprintf("expected 1 catalog secret to be deleted, got %d", secretsDeleted))
if secretsDeleted > 1 {
return errors.New(ctx, errors.MultipleRecords, op, fmt.Sprintf("expected 0 or 1 catalog secret to be deleted, got %d", secretsDeleted))
}
if secretsDeleted == 1 {
updatedPersisted = true
msgs = append(msgs, &sOplogMsg)
}
updatedPersisted = true
msgs = append(msgs, &sOplogMsg)
} else {
hcSecret, err := newHostCatalogSecret(ctx, currentCatalog.GetPublicId(), plgResp.GetPersisted().GetSecrets())
if err != nil {

50
internal/host/plugin/repository_host_catalog_test.go
Unescape View File

@ -260,6 +260,36 @@ func TestRepository_CreateCatalog(t *testing.T) {
}(),
wantPluginCalled: true,
},
{
name: "valid-empty-secrets",
in: &HostCatalog{
HostCatalog: &store.HostCatalog{
Description: "test-description-repo",
ProjectId: prj.GetPublicId(),
PluginId: plg.GetPublicId(),
Attributes: []byte{},
},
Secrets: func() *structpb.Struct {
st, err := structpb.NewStruct(map[string]any{})
require.NoError(t, err)
return st
}(),
},
want: &HostCatalog{
HostCatalog: &store.HostCatalog{
Description: "test-description-repo",
ProjectId: prj.GetPublicId(),
PluginId: plg.GetPublicId(),
Attributes: []byte{},
},
},
wantSecret: func() *structpb.Struct {
st, err := structpb.NewStruct(map[string]any{})
require.NoError(t, err)
return st
}(),
wantPluginCalled: true,
},
}
for _, tt := range tests {
@ -358,8 +388,8 @@ func TestRepository_CreateCatalog(t *testing.T) {
cSecret := allocHostCatalogSecret()
err = rw.LookupWhere(ctx, &cSecret, "catalog_id=?", []any{got.GetPublicId()})
if tt.wantSecret == nil {
assert.Nil(got.Secrets)
if tt.wantSecret == nil || len(tt.wantSecret.Fields) == 0 {
assert.Empty(got.Secrets.GetFields())
require.Error(err)
require.True(errors.IsNotFoundError(err))
return
@ -1135,6 +1165,22 @@ func TestRepository_UpdateCatalog(t *testing.T) {
checkNumUpdated(1),
},
},
{
name: "update secrets, return empty secrets from plugin",
changeFuncs: []changeHostCatalogFunc{changeSecrets(map[string]any{})},
version: 2,
fieldMask: []string{"secrets"},
wantCheckFuncs: []checkFunc{
checkVersion(3),
checkSecretsHmac(false),
checkUpdateCatalogRequestPersistedSecrets(map[string]any{
"one": "two",
}),
checkUpdateCatalogRequestSecrets(map[string]any{}),
checkSecretsDeleted(),
checkNumUpdated(1),
},
},
{
name: "delete secrets",
changeFuncs: []changeHostCatalogFunc{changeSecrets(map[string]any{})},

Write Preview
Loading…
Cancel
Save