jprdonnelly/opentf
1
0
Fork 0
mirror of https://github.com/opentffoundation/opentf.git synced 2025-12-19 17:59:05 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
b2bf39802afd16d3e77f8ea610abb8d09e227394
opentf/internal/encryption/method/external/compliance_test.go
Christian Mesh b2bf39802a Implement the first part of RFC 20250303-linter-policy (#2577) 
Signed-off-by: Christian Mesh <christianmesh1@gmail.com>
2025-03-10 13:16:27 -04:00

94 lines
2.6 KiB
Go
Raw Blame History

// Copyright (c) The OpenTofu Authors
// SPDX-License-Identifier: MPL-2.0
// Copyright (c) 2023 HashiCorp, Inc.
// SPDX-License-Identifier: MPL-2.0
package external
import (
"fmt"
"slices"
"strings"
"testing"
"github.com/opentofu/opentofu/internal/encryption/keyprovider"
"github.com/opentofu/opentofu/internal/encryption/method/compliancetest"
"github.com/opentofu/opentofu/internal/encryption/method/external/testmethod"
)
func TestComplianceBinary(t *testing.T) {
runTest(t, testmethod.Go(t))
}
func TestCompliancePython(t *testing.T) {
runTest(t, testmethod.Python(t))
}
func runTest(t *testing.T, cmd []string) {
cmd = slices.Clip(cmd) // Make sure that the following appends are forced to allocate capacity
encryptCommand := append(cmd, "--encrypt")
decryptCommand := append(cmd, "--decrypt")
compliancetest.ComplianceTest(t, compliancetest.TestConfiguration[*descriptor, *Config, *command]{
Descriptor: New().(*descriptor), //nolint:errcheck //This is safe.
HCLParseTestCases: map[string]compliancetest.HCLParseTestCase[*descriptor, *Config, *command]{
"empty": {
HCL: `method "external" "foo" {}`,
ValidHCL: false,
ValidBuild: false,
Validate: nil,
},
"empty-command": {
HCL: `method "external" "foo" {
encrypt_command = []
decrypt_command = []
}`,
ValidHCL: true,
},
"command": {
HCL: fmt.Sprintf(`method "external" "foo" {
encrypt_command = ["%s"]
decrypt_command = ["%s"]
}`, strings.Join(encryptCommand, `","`), strings.Join(decryptCommand, `","`)),
ValidHCL: true,
ValidBuild: true,
Validate: func(config *Config, method *command) error {
if !slices.Equal(config.EncryptCommand, encryptCommand) {
return fmt.Errorf("incorrect encrypt command after HCL parsing")
}
if !slices.Equal(config.DecryptCommand, decryptCommand) {
return fmt.Errorf("incorrect decrypt command after HCL parsing")
}
return nil
},
},
},
ConfigStructTestCases: map[string]compliancetest.ConfigStructTestCase[*Config, *command]{
"empty": {
Config: &Config{},
ValidBuild: false,
Validate: nil,
},
},
EncryptDecryptTestCase: compliancetest.EncryptDecryptTestCase[*Config, *command]{
ValidEncryptOnlyConfig: &Config{
Keys: &keyprovider.Output{
EncryptionKey: []byte{20},
DecryptionKey: nil,
},
EncryptCommand: encryptCommand,
DecryptCommand: decryptCommand,
},
ValidFullConfig: &Config{
Keys: &keyprovider.Output{
EncryptionKey: []byte{20},
DecryptionKey: []byte{20},
},
EncryptCommand: encryptCommand,
DecryptCommand: decryptCommand,
},
DecryptCannotBeVerified: true,
},
})
}
Reference in New Issue View Git Blame Copy Permalink