Revert "feat: Implement multi provider support (bank-vaults#59)"

This reverts commit e41283e.

Signed-off-by: Bence Csati <[email protected]>

README.md

@@ -33,7 +33,6 @@ Run the test suite:
 
 ```shell
 make test
-make test-e2e
 ```
 
 Run linters:

common/config.go

@@ -36,6 +36,7 @@ type Config struct {
 	LogServer string        `json:"log_server"`
 	Daemon    bool          `json:"daemon"`
 	Delay     time.Duration `json:"delay"`
+	Provider  string        `json:"provider"`
 }
 
 func LoadConfig() (*Config, error) {
@@ -45,5 +46,6 @@ func LoadConfig() (*Config, error) {
 		LogServer: os.Getenv(LogServerEnv),
 		Daemon:    cast.ToBool(os.Getenv(DaemonEnv)),
 		Delay:     cast.ToDuration(os.Getenv(DelayEnv)),
+		Provider:  os.Getenv(ProviderEnv),
 	}, nil
 }

common/config_test.go

@@ -34,12 +34,14 @@ func TestConfig(t *testing.T) {
 				JSONLogEnv:   "true",
 				LogServerEnv: "",
 				DaemonEnv:    "true",
+				ProviderEnv:  "vault",
 			},
 			wantConfig: &Config{
 				LogLevel:  "debug",
 				JSONLog:   true,
 				LogServer: "",
 				Daemon:    true,
+				Provider:  "vault",
 			},
 		},
 	}
@@ -50,12 +52,16 @@ func TestConfig(t *testing.T) {
 			for envKey, envVal := range ttp.env {
 				os.Setenv(envKey, envVal)
 			}
-			defer os.Clearenv()
 
 			config, err := LoadConfig()
 			assert.Nil(t, err, "Unexpected error")
 
 			assert.Equal(t, ttp.wantConfig, config, "Unexpected config")
+
+			// unset envs for the next test
+			for envKey := range ttp.env {
+				os.Unsetenv(envKey)
+			}
 		})
 	}
 }

e2e/file-provider.bats

@@ -2,40 +2,30 @@ setup() {
   bats_load_library bats-support
   bats_load_library bats-assert
 
+  setup_pod
+
   run go build
   assert_success
 }
 
-setup_file_provider() {
-  add_secret_file
+setup_pod() {
+  TMPFILE=$(mktemp)
+  printf "secret-value" > "$TMPFILE"
 
+  export SECRET_INIT_PROVIDER="file"
   export FILE_MOUNT_PATH="/"
-
-  export FILE_SECRET="file:$TMPFILE_SECRET"
-}
-
-add_secret_file() {
-  TMPFILE_SECRET=$(mktemp)
-  printf "secret-value" > "$TMPFILE_SECRET"
+  export Secret="file:$TMPFILE"
 }
 
 teardown() {
-  rm -f "$TMPFILE_SECRET"
+  rm -f "$TMPFILE"
   rm -f secret-init
 }
 
-assert_output_contains() {
-  local expected=$1
-  local output=$2
-
-  echo "$output" | grep -qF "$expected" || fail "Expected line not found: $expected"
-}
-
-@test "secret successfully loaded from file" {
-  setup_file_provider
-
-  run_output=$(./secret-init env | grep FILE_SECRET)
+@test "secret successfully loaded" {
+  run_output=$(./secret-init env | grep Secret)
   assert_success
+  expected_output="Secret=secret-value"
 
-  assert_output_contains "FILE_SECRET=secret-value" "$run_output"
+  assert_equal "$run_output" "$expected_output"
 }

e2e/vault-provider.bats

@@ -4,22 +4,12 @@ setup() {
   bats_load_library bats-support
   bats_load_library bats-assert
 
-  run go build
-  assert_success
-}
-
-setup_vault_provider() {
-  TMPFILE_TOKEN=$(mktemp)
-  printf "227e1cce-6bf7-30bb-2d2a-acc854318caf" > "$TMPFILE_TOKEN"
-
-  export VAULT_ADDR="http://127.0.0.1:8200"
-  export VAULT_TOKEN_FILE="$TMPFILE_TOKEN"
+  start_vault
 
-  export MYSQL_PASSWORD=vault:secret/data/test/mysql#MYSQL_PASSWORD
-  export AWS_SECRET_ACCESS_KEY=vault:secret/data/test/aws#AWS_SECRET_ACCESS_KEY
-  export AWS_ACCESS_KEY_ID=vault:secret/data/test/aws#AWS_ACCESS_KEY_ID
+  setup_pod
 
-  start_vault
+  run go build
+  assert_success
 }
 
 start_vault() {
@@ -36,6 +26,19 @@ start_vault() {
   done
 }
 
+setup_pod() {
+  TMPFILE=$(mktemp)
+  printf "227e1cce-6bf7-30bb-2d2a-acc854318caf" > "$TMPFILE"
+
+  export SECRET_INIT_PROVIDER="vault"
+  export VAULT_ADDR="http://127.0.0.1:8200"
+  export VAULT_TOKEN_FILE="$TMPFILE"
+
+  export MYSQL_PASSWORD=vault:secret/data/test/mysql#MYSQL_PASSWORD
+  export AWS_SECRET_ACCESS_KEY=vault:secret/data/test/aws#AWS_SECRET_ACCESS_KEY
+  export AWS_ACCESS_KEY_ID=vault:secret/data/test/aws#AWS_ACCESS_KEY_ID
+}
+
 set_vault_token() {
   local token=$1
   export VAULT_TOKEN="$token"
@@ -50,15 +53,10 @@ add_secrets_to_vault() {
   docker exec "$vault_container_name" vault kv put secret/test/aws AWS_ACCESS_KEY_ID=secretId AWS_SECRET_ACCESS_KEY=s3cr3t
 }
 
-remove_secrets_from_vault() {
-  docker exec "$vault_container_name" vault kv delete secret/test/mysql
-  docker exec "$vault_container_name" vault kv delete secret/test/aws
-}
-
 teardown() {
   stop_vault
 
-  rm -f "$TMPFILE_TOKEN"
+  rm -f "$TMPFILE"
   rm -f secret-init
 }
 
@@ -67,6 +65,11 @@ stop_vault() {
   docker compose down
 }
 
+remove_secrets_from_vault() {
+  docker exec "$vault_container_name" vault kv delete secret/test/mysql
+  docker exec "$vault_container_name" vault kv delete secret/test/aws
+}
+
 assert_output_contains() {
   local expected=$1
   local output=$2
@@ -86,7 +89,6 @@ check_process_status() {
 
 
 @test "secrets successfully loaded from vault" {
-  setup_vault_provider
   set_vault_token 227e1cce-6bf7-30bb-2d2a-acc854318caf
   add_secrets_to_vault
 
@@ -99,7 +101,6 @@ check_process_status() {
 }
 
 @test "secrets successfully loaded from vault using vault:login as token" {
-  setup_vault_provider
   set_vault_token "vault:login"
   add_secrets_to_vault
 
@@ -112,7 +113,6 @@ check_process_status() {
 }
 
 @test "secrets successfully loaded from vault using vault:login as token and daemon mode enabled" {
-  setup_vault_provider
   set_vault_token "vault:login"
   set_daemon_mode
   add_secrets_to_vault
@@ -135,7 +135,6 @@ check_process_status() {
   unset AWS_SECRET_ACCESS_KEY
   unset AWS_ACCESS_KEY_ID
 
-  setup_vault_provider
   set_vault_token 227e1cce-6bf7-30bb-2d2a-acc854318caf
   add_secrets_to_vault
   export VAULT_FROM_PATH="secret/data/test/mysql,secret/data/test/aws"