Add some extra tests

kapicorp · Oct 17, 2024 · 824a9c0 · 824a9c0
1 parent b73b601
commit 824a9c0
Showing 1 changed file with 44 additions and 0 deletions.
diff --git a/tests/test_vault.py b/tests/test_vault.py
@@ -7,12 +7,16 @@
 
 "vault secrets tests"
 
+import copy
 import logging
 import os
 import shutil
 import tempfile
 import unittest
 
+import pydantic
+import pytest
+
 from kapitan.inventory.model.references import KapitanReferenceVaultKVConfig
 from kapitan.refs.base import RefController, RefParams, Revealer
 from kapitan.refs.secrets.vaultkv import VaultClient, VaultError, VaultSecret
@@ -50,6 +54,46 @@ def test_token_authentication(self):
         self.assertTrue(test_client.is_authenticated(), msg="Authentication with token failed")
         test_client.adapter.close()
 
+    def test_token_authentication_envvar(self):
+        """
+        Authenticate using token (test loading config from environment)
+        """
+        parameters = {"auth": "token"}
+        server_params = copy.deepcopy(self.server.parameters)
+        os.environ["VAULT_ADDR"] = server_params["addr"]
+        del server_params["addr"]
+        env = KapitanReferenceVaultKVConfig(**parameters, **server_params)
+        del os.environ["VAULT_ADDR"]
+
+        test_client = VaultClient(env)
+        self.assertTrue(test_client.is_authenticated(), msg="Authentication with token failed")
+        test_client.adapter.close()
+
+    def test_token_authentication_legacy_config(self):
+        """
+        Authenticate using token (test legacy envvar style inventory config)
+        """
+        server_params = copy.deepcopy(self.server.parameters)
+        parameters = {"auth": "token", "VAULT_ADDR": server_params["addr"]}
+        del server_params["addr"]
+        env = KapitanReferenceVaultKVConfig(**parameters, **server_params)
+
+        test_client = VaultClient(env)
+        self.assertTrue(test_client.is_authenticated(), msg="Authentication with token failed")
+        test_client.adapter.close()
+
+    def test_token_authentication_duplicated_config(self):
+        """
+        Authenticate using token (duplicated configuration with different keys in environment and
+        inventory causes a validation error)
+        """
+        parameters = {"auth": "token"}
+        os.environ["VAULT_ADDR"] = self.server.parameters["addr"]
+        with pytest.raises(pydantic.ValidationError) as exc:
+            env = KapitanReferenceVaultKVConfig(**parameters, **self.server.parameters)
+
+        assert "VAULT_ADDR" in str(exc.value)
+
     def test_userpss_authentication(self):
         """
         Authenticate using userpass