From d4283da067e927b7d38c4d855b39243326aff139 Mon Sep 17 00:00:00 2001 From: Jeremy Rickard Date: Tue, 13 Aug 2019 13:35:40 -0600 Subject: [PATCH 1/2] Properly handle optional credentials Fixes #108 --- credentials/credentialset.go | 14 +++++++------- credentials/credentialset_test.go | 21 ++++++++++++++++++++- 2 files changed, 27 insertions(+), 8 deletions(-) diff --git a/credentials/credentialset.go b/credentials/credentialset.go index e6ae6e0c..5980ce18 100644 --- a/credentials/credentialset.go +++ b/credentials/credentialset.go @@ -25,7 +25,7 @@ func (s Set) Expand(b *bundle.Bundle, stateless bool) (env, files map[string]str for name, val := range b.Credentials { src, ok := s[name] if !ok { - if stateless { + if stateless || !val.Required { continue } err = fmt.Errorf("credential %q is missing from the user-supplied credentials", name) @@ -77,15 +77,15 @@ func Load(path string) (*CredentialSet, error) { // Validate compares the given credentials with the spec. // -// This will result in an error only if: -// - a parameter in the spec is not present in the given set -// - a parameter in the given set does not match the format required by the spec +// This will result in an error only when the following conditions are true: +// - a credential in the spec is not present in the given set +// - the credential is required // // It is allowed for spec to specify both an env var and a file. In such case, if -// the givn set provides either, it will be considered valid. +// the givesn set provides either, it will be considered valid. func Validate(given Set, spec map[string]bundle.Credential) error { - for name := range spec { - if !isValidCred(given, name) { + for name, cred := range spec { + if !isValidCred(given, name) && cred.Required { return fmt.Errorf("bundle requires credential for %s", name) } } diff --git a/credentials/credentialset_test.go b/credentials/credentialset_test.go index d1fba465..7171596f 100644 --- a/credentials/credentialset_test.go +++ b/credentials/credentialset_test.go @@ -117,7 +117,7 @@ func TestCredentialSet_Merge(t *testing.T) { } -func TestCredentialSetMissingCred(t *testing.T) { +func TestCredentialSetMissingRequiredCred(t *testing.T) { b := &bundle.Bundle{ Name: "knapsack", Credentials: map[string]bundle.Credential{ @@ -125,6 +125,7 @@ func TestCredentialSetMissingCred(t *testing.T) { Location: bundle.Location{ EnvironmentVariable: "FIRST_VAR", }, + Required: true, }, }, } @@ -134,3 +135,21 @@ func TestCredentialSetMissingCred(t *testing.T) { _, _, err = cs.Expand(b, true) assert.NoError(t, err) } + +func TestCredentialSetMissingOptionalCred(t *testing.T) { + b := &bundle.Bundle{ + Name: "knapsack", + Credentials: map[string]bundle.Credential{ + "first": { + Location: bundle.Location{ + EnvironmentVariable: "FIRST_VAR", + }, + }, + }, + } + cs := Set{} + _, _, err := cs.Expand(b, false) + assert.NoError(t, err) + _, _, err = cs.Expand(b, true) + assert.NoError(t, err) +} From ed19eeea78a457469aaf17ef90bc0afb4a4e1e79 Mon Sep 17 00:00:00 2001 From: Glyn Normington Date: Wed, 14 Aug 2019 10:46:41 +0100 Subject: [PATCH 2/2] fix typo --- credentials/credentialset.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/credentials/credentialset.go b/credentials/credentialset.go index 5980ce18..ed4db8bd 100644 --- a/credentials/credentialset.go +++ b/credentials/credentialset.go @@ -82,7 +82,7 @@ func Load(path string) (*CredentialSet, error) { // - the credential is required // // It is allowed for spec to specify both an env var and a file. In such case, if -// the givesn set provides either, it will be considered valid. +// the given set provides either, it will be considered valid. func Validate(given Set, spec map[string]bundle.Credential) error { for name, cred := range spec { if !isValidCred(given, name) && cred.Required {