public async Task AddOrUpdateFunctionSecrets_WithScope_UsesSecretandPersistsHostFile(string scope, Func <HostSecrets, IList <Key> > keySelector, TempDirectory directory)
{
string secretName = "TestSecret";
string expectedTraceMessage = string.Format(Resources.TraceAddOrUpdateFunctionSecret, "Host", secretName, scope, "Created");
Mock <IKeyValueConverterFactory> mockValueConverterFactory = GetConverterFactoryMock(false);
KeyOperationResult result;
ISecretsRepository repository = new FileSystemSecretsRepository(directory.Path);
using (var secretManager = new SecretManager(repository, mockValueConverterFactory.Object, NullLogger.Instance))
{
result = await secretManager.AddOrUpdateFunctionSecretAsync(secretName, "TestSecretValue", scope, ScriptSecretsType.Host);
}
string secretsJson = File.ReadAllText(Path.Combine(directory.Path, ScriptConstants.HostMetadataFileName));
HostSecrets persistedSecrets = ScriptSecretSerializer.DeserializeSecrets <HostSecrets>(secretsJson);
Key newSecret = keySelector(persistedSecrets).FirstOrDefault(k => string.Equals(k.Name, secretName, StringComparison.Ordinal));
Assert.Equal(OperationResult.Created, result.Result);
Assert.Equal("TestSecretValue", result.Secret, StringComparer.Ordinal);
Assert.NotNull(persistedSecrets);
Assert.NotNull(newSecret);
Assert.Equal(result.Secret, newSecret.Value);
Assert.Equal(secretName, newSecret.Name, StringComparer.Ordinal);
Assert.NotNull(persistedSecrets.MasterKey);
}
public async Task AddOrUpdateFunctionSecrets_WithFunctionNameAndProvidedSecret_UsesSecretAndPersistsFile()
{
using (var directory = new TempDirectory())
{
string secretName = "TestSecret";
string functionName = "TestFunction";
string expectedTraceMessage = string.Format(Resources.TraceAddOrUpdateFunctionSecret, "Function", secretName, functionName, "Created");
Mock <IKeyValueConverterFactory> mockValueConverterFactory = GetConverterFactoryMock(false);
KeyOperationResult result;
ISecretsRepository repository = new FileSystemSecretsRepository(directory.Path);
using (var secretManager = new SecretManager(repository, mockValueConverterFactory.Object, NullLogger.Instance))
{
result = await secretManager.AddOrUpdateFunctionSecretAsync(secretName, "TestSecretValue", functionName, ScriptSecretsType.Function);
}
string secretsJson = File.ReadAllText(Path.Combine(directory.Path, "testfunction.json"));
FunctionSecrets persistedSecrets = ScriptSecretSerializer.DeserializeSecrets <FunctionSecrets>(secretsJson);
Assert.Equal(OperationResult.Created, result.Result);
Assert.Equal("TestSecretValue", result.Secret, StringComparer.Ordinal);
Assert.NotNull(persistedSecrets);
Assert.Equal(result.Secret, persistedSecrets.Keys.First().Value);
Assert.Equal(secretName, persistedSecrets.Keys.First().Name, StringComparer.Ordinal);
}
}
public async Task AddOrUpdateFunctionSecrets_WithNoFunctionNameAndProvidedSecret_UsesSecretAndPersistsHostFile()
{
using (var directory = new TempDirectory())
{
string secretName = "TestSecret";
string expectedTraceMessage = string.Format(Resources.TraceAddOrUpdateFunctionSecret, "Host", secretName, "host", "Created");
Mock <IKeyValueConverterFactory> mockValueConverterFactory = GetConverterFactoryMock(false);
KeyOperationResult result;
var traceWriter = new TestTraceWriter(TraceLevel.Verbose);
ISecretsRepository repository = new FileSystemSecretsRepository(directory.Path);
using (var secretManager = new SecretManager(repository, mockValueConverterFactory.Object, traceWriter))
{
result = await secretManager.AddOrUpdateFunctionSecretAsync(secretName, "TestSecretValue");
}
string secretsJson = File.ReadAllText(Path.Combine(directory.Path, ScriptConstants.HostMetadataFileName));
HostSecrets persistedSecrets = ScriptSecretSerializer.DeserializeSecrets <HostSecrets>(secretsJson);
Key newSecret = persistedSecrets.FunctionKeys.FirstOrDefault(k => string.Equals(k.Name, secretName, StringComparison.Ordinal));
Assert.Equal(OperationResult.Created, result.Result);
Assert.Equal("TestSecretValue", result.Secret, StringComparer.Ordinal);
Assert.NotNull(persistedSecrets);
Assert.NotNull(newSecret);
Assert.Equal(result.Secret, newSecret.Value);
Assert.Equal(secretName, newSecret.Name, StringComparer.Ordinal);
Assert.NotNull(persistedSecrets.MasterKey);
Assert.True(traceWriter.Traces.Any(t => t.Level == TraceLevel.Info && t.Message.IndexOf(expectedTraceMessage) > -1),
"Expected Trace message not found");
}
}
public async Task AddOrUpdateFunctionSecrets_WithFunctionNameAndNoSecret_GeneratesFunctionSecretsAndPersistsFile()
{
using (var directory = new TempDirectory())
{
string secretName = "TestSecret";
string functionName = "TestFunction";
string expectedTraceMessage = string.Format(Resources.TraceAddOrUpdateFunctionSecret, "Function", secretName, functionName, "Created");
Mock <IKeyValueConverterFactory> mockValueConverterFactory = GetConverterFactoryMock(false);
KeyOperationResult result;
var traceWriter = new TestTraceWriter(TraceLevel.Verbose);
ISecretsRepository repository = new FileSystemSecretsRepository(directory.Path);
using (var secretManager = new SecretManager(repository, mockValueConverterFactory.Object, traceWriter))
{
result = await secretManager.AddOrUpdateFunctionSecretAsync(secretName, null, functionName);
}
string secretsJson = File.ReadAllText(Path.Combine(directory.Path, "testfunction.json"));
FunctionSecrets persistedSecrets = ScriptSecretSerializer.DeserializeSecrets <FunctionSecrets>(secretsJson);
Assert.Equal(OperationResult.Created, result.Result);
Assert.NotNull(result.Secret);
Assert.NotNull(persistedSecrets);
Assert.Equal(result.Secret, persistedSecrets.Keys.First().Value);
Assert.Equal(secretName, persistedSecrets.Keys.First().Name, StringComparer.Ordinal);
Assert.True(traceWriter.Traces.Any(t => t.Level == TraceLevel.Info && t.Message.IndexOf(expectedTraceMessage) > -1),
"Expected Trace message not found");
}
}
public async Task AddOrUpdateFunctionSecret_ClearsCache_WhenHostSystemSecretAdded()
{
using (var directory = new TempDirectory())
{
CreateTestSecrets(directory.Path);
Mock <IKeyValueConverterFactory> mockValueConverterFactory = GetConverterFactoryMock(false);
KeyOperationResult result;
ISecretsRepository repository = new FileSystemSecretsRepository(directory.Path);
using (var secretManager = new SecretManager(repository, mockValueConverterFactory.Object, _logger, new TestMetricsLogger(), _hostNameProvider))
{
var hostKeys = await secretManager.GetHostSecretsAsync();
Assert.Equal(2, hostKeys.SystemKeys.Count);
// add a new key
result = await secretManager.AddOrUpdateFunctionSecretAsync("host-system-3", "123", HostKeyScopes.SystemKeys, ScriptSecretsType.Host);
}
string secretsJson = File.ReadAllText(Path.Combine(directory.Path, "host.json"));
var persistedSecrets = ScriptSecretSerializer.DeserializeSecrets <HostSecrets>(secretsJson);
Assert.Equal(OperationResult.Created, result.Result);
Assert.Equal(result.Secret, "123");
var logs = _loggerProvider.GetAllLogMessages();
Assert.Equal(1, logs.Count(p => p.FormattedMessage == "Host keys change detected. Clearing cache."));
Assert.Equal(1, logs.Count(p => p.FormattedMessage == "Host secret 'host-system-3' for 'systemkeys' Created."));
}
}
public async Task AddOrUpdateFunctionSecret_ClearsCache_WhenFunctionSecretAdded()
{
using (var directory = new TempDirectory())
{
CreateTestSecrets(directory.Path);
Mock <IKeyValueConverterFactory> mockValueConverterFactory = GetConverterFactoryMock(false);
KeyOperationResult result;
ISecretsRepository repository = new FileSystemSecretsRepository(directory.Path);
using (var secretManager = new SecretManager(repository, mockValueConverterFactory.Object, _logger, new TestMetricsLogger(), _hostNameProvider))
{
var keys = await secretManager.GetFunctionSecretsAsync("testfunction");
Assert.Equal(2, keys.Count);
// add a new key
result = await secretManager.AddOrUpdateFunctionSecretAsync("function-key-3", "9876", "TestFunction", ScriptSecretsType.Function);
}
string secretsJson = File.ReadAllText(Path.Combine(directory.Path, "testfunction.json"));
var persistedSecrets = ScriptSecretSerializer.DeserializeSecrets <FunctionSecrets>(secretsJson);
Assert.Equal(OperationResult.Created, result.Result);
Assert.Equal(result.Secret, "9876");
var logs = _loggerProvider.GetAllLogMessages();
Assert.Equal(1, logs.Count(p => string.Equals(p.FormattedMessage, "Function keys change detected. Clearing cache for function 'TestFunction'.", StringComparison.OrdinalIgnoreCase)));
Assert.Equal(1, logs.Count(p => p.FormattedMessage == "Function secret 'function-key-3' for 'TestFunction' Created."));
}
}