116 lines
2.6 KiB
Go
116 lines
2.6 KiB
Go
package cli
|
|
|
|
import (
|
|
"errors"
|
|
"strings"
|
|
"testing"
|
|
|
|
"forge.lclr.dev/AI/mcp-framework/secretstore"
|
|
)
|
|
|
|
func TestWriteSetupSecretVerifiedPersistsAndConfirmsReadability(t *testing.T) {
|
|
store := &setupSecretStore{secrets: map[string]string{}}
|
|
|
|
err := WriteSetupSecretVerified(SetupSecretWriteOptions{
|
|
Store: store,
|
|
SecretName: "api-token",
|
|
SecretLabel: "API token",
|
|
Value: SetupValue{
|
|
Type: SetupFieldSecret,
|
|
String: "secret-v1",
|
|
Set: true,
|
|
},
|
|
})
|
|
if err != nil {
|
|
t.Fatalf("WriteSetupSecretVerified returned error: %v", err)
|
|
}
|
|
|
|
if got := store.secrets["api-token"]; got != "secret-v1" {
|
|
t.Fatalf("stored secret = %q, want secret-v1", got)
|
|
}
|
|
}
|
|
|
|
func TestWriteSetupSecretVerifiedReturnsContextForReadOnlyStores(t *testing.T) {
|
|
store := &setupSecretStore{
|
|
secrets: map[string]string{},
|
|
setErr: secretstore.ErrReadOnly,
|
|
}
|
|
|
|
err := WriteSetupSecretVerified(SetupSecretWriteOptions{
|
|
Store: store,
|
|
SecretName: "api-token",
|
|
TokenEnv: "GRAYLOG_MCP_API_TOKEN",
|
|
Value: SetupValue{
|
|
Type: SetupFieldSecret,
|
|
String: "secret-v1",
|
|
Set: true,
|
|
},
|
|
})
|
|
if err == nil {
|
|
t.Fatal("expected error")
|
|
}
|
|
if !errors.Is(err, secretstore.ErrReadOnly) {
|
|
t.Fatalf("error = %v, want ErrReadOnly", err)
|
|
}
|
|
if !strings.Contains(err.Error(), "GRAYLOG_MCP_API_TOKEN") {
|
|
t.Fatalf("error = %v, want token env remediation", err)
|
|
}
|
|
}
|
|
|
|
func TestWriteSetupSecretVerifiedValidatesKeptStoredSecret(t *testing.T) {
|
|
store := &setupSecretStore{
|
|
secrets: map[string]string{},
|
|
getErr: secretstore.ErrNotFound,
|
|
}
|
|
|
|
err := WriteSetupSecretVerified(SetupSecretWriteOptions{
|
|
Store: store,
|
|
SecretName: "api-token",
|
|
TokenEnv: "GRAYLOG_MCP_API_TOKEN",
|
|
Value: SetupValue{
|
|
Type: SetupFieldSecret,
|
|
String: "stored-token",
|
|
Set: true,
|
|
KeptStoredSecret: true,
|
|
},
|
|
})
|
|
if err == nil {
|
|
t.Fatal("expected error")
|
|
}
|
|
if !errors.Is(err, secretstore.ErrNotFound) {
|
|
t.Fatalf("error = %v, want ErrNotFound", err)
|
|
}
|
|
if !strings.Contains(err.Error(), "GRAYLOG_MCP_API_TOKEN") {
|
|
t.Fatalf("error = %v, want token env remediation", err)
|
|
}
|
|
}
|
|
|
|
type setupSecretStore struct {
|
|
secrets map[string]string
|
|
setErr error
|
|
getErr error
|
|
}
|
|
|
|
func (s *setupSecretStore) SetSecret(name, label, secret string) error {
|
|
if s.setErr != nil {
|
|
return s.setErr
|
|
}
|
|
s.secrets[name] = secret
|
|
return nil
|
|
}
|
|
|
|
func (s *setupSecretStore) GetSecret(name string) (string, error) {
|
|
if s.getErr != nil {
|
|
return "", s.getErr
|
|
}
|
|
value, ok := s.secrets[name]
|
|
if !ok {
|
|
return "", secretstore.ErrNotFound
|
|
}
|
|
return value, nil
|
|
}
|
|
|
|
func (s *setupSecretStore) DeleteSecret(name string) error {
|
|
delete(s.secrets, name)
|
|
return nil
|
|
}
|