-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
π Load configuration files in YAML format (#72)
* π Load configuration files in YAML format Closes #71 Signed-off-by: Salim Afiune Maya <[email protected]> * βͺοΈ swap yaml package to sigs.k8s.io/yaml Signed-off-by: Salim Afiune Maya <[email protected]> --------- Signed-off-by: Salim Afiune Maya <[email protected]>
- Loading branch information
Showing
5 changed files
with
121 additions
and
3 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,42 @@ | ||
// Copyright (c) Mondoo, Inc. | ||
// SPDX-License-Identifier: BUSL-1.1 | ||
|
||
package signer | ||
|
||
import ( | ||
"crypto/ecdsa" | ||
"crypto/elliptic" | ||
"crypto/rand" | ||
"crypto/x509" | ||
"encoding/pem" | ||
"testing" | ||
|
||
"github.com/stretchr/testify/assert" | ||
) | ||
|
||
func TestPrivateKeyFromBytes(t *testing.T) { | ||
t.Run("Valid ECDSA Private Key", func(t *testing.T) { | ||
privKey, _ := ecdsa.GenerateKey(elliptic.P256(), rand.Reader) | ||
privKeyBytes, _ := x509.MarshalPKCS8PrivateKey(privKey) | ||
pemBlock := pem.EncodeToMemory(&pem.Block{Type: "PRIVATE KEY", Bytes: privKeyBytes}) | ||
|
||
key, err := privateKeyFromBytes(pemBlock) | ||
assert.NoError(t, err) | ||
assert.NotNil(t, key) | ||
assert.IsType(t, &ecdsa.PrivateKey{}, key) | ||
}) | ||
|
||
t.Run("Invalid PEM Format", func(t *testing.T) { | ||
_, err := privateKeyFromBytes([]byte("invalid-pem")) | ||
assert.ErrorIs(t, err, ErrAuthKeyNotPem) | ||
}) | ||
|
||
t.Run("Invalid Private Key Type", func(t *testing.T) { | ||
// Generate an RSA private key (unsupported for this function) | ||
rsaKey, _ := x509.MarshalPKCS8PrivateKey(&struct{}{}) | ||
pemBlock := pem.EncodeToMemory(&pem.Block{Type: "PRIVATE KEY", Bytes: rsaKey}) | ||
|
||
_, err := privateKeyFromBytes(pemBlock) | ||
assert.ErrorContains(t, err, "syntax error: sequence truncated") | ||
}) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,59 @@ | ||
// Copyright (c) Mondoo, Inc. | ||
// SPDX-License-Identifier: BUSL-1.1 | ||
|
||
package signer_test | ||
|
||
import ( | ||
"testing" | ||
|
||
"github.com/stretchr/testify/assert" | ||
|
||
subject "go.mondoo.com/mondoo-go/internal/signer" | ||
) | ||
|
||
func TestNewServiceAccountTokenSource(t *testing.T) { | ||
t.Run("Invalid Data", func(t *testing.T) { | ||
data := []byte("invalid-yaml-data") | ||
|
||
tokenSource, creds, err := subject.NewServiceAccountTokenSource(data) | ||
|
||
assert.Nil(t, tokenSource) | ||
assert.Nil(t, creds) | ||
assert.Error(t, err) | ||
assert.Equal(t, "valid service account needs to be provided", err.Error()) | ||
}) | ||
|
||
t.Run("Invalid Private Key", func(t *testing.T) { | ||
credentials := []byte(` | ||
certificate: | | ||
-----BEGIN CERTIFICATE----- | ||
foo | ||
-----END CERTIFICATE----- | ||
force: false | ||
mrn: //test.api.mondoo.app/spaces/test-796596/serviceaccounts/abc | ||
private_key: | | ||
invalid-pem-key | ||
space_mrn: //captain.api.mondoo.app/spaces/test-796596 | ||
`) | ||
|
||
tokenSource, creds, err := subject.NewServiceAccountTokenSource(credentials) | ||
|
||
assert.Nil(t, tokenSource) | ||
assert.Nil(t, creds) | ||
assert.Error(t, err) | ||
assert.Contains(t, err.Error(), "valid service account needs to be provided") | ||
}) | ||
|
||
t.Run("Missing Private Key in Credentials in YAML format", func(t *testing.T) { | ||
credentials := []byte(` | ||
mrn: //test.api.mondoo.app/spaces/test-796596/serviceaccounts/abc | ||
space_mrn: //captain.api.mondoo.app/spaces/test-796596 | ||
`) | ||
|
||
tokenSource, creds, err := subject.NewServiceAccountTokenSource(credentials) | ||
assert.Nil(t, tokenSource) | ||
assert.Nil(t, creds) | ||
assert.Error(t, err) | ||
assert.Contains(t, err.Error(), "cannot load retrieved key") | ||
}) | ||
} |