public void Keys_can_be_customized_via_options(SecretListEntry testEntry, string newKey) { var secretListResponse = fixture.Build <ListSecretsResponse>() .With(p => p.SecretList, new List <SecretListEntry> { testEntry }) .With(p => p.NextToken, null) .Create(); var getSecretValueResponse = fixture.Build <GetSecretValueResponse>() .With(p => p.SecretString) .Without(p => p.SecretBinary) .Create(); mockSecretsManager.Setup(p => p.ListSecretsAsync(It.IsAny <ListSecretsRequest>(), It.IsAny <CancellationToken>())).ReturnsAsync(secretListResponse); mockSecretsManager.Setup(p => p.GetSecretValueAsync(It.IsAny <GetSecretValueRequest>(), It.IsAny <CancellationToken>())).ReturnsAsync(getSecretValueResponse); var options = new SecretsManagerConfigurationProviderOptions { KeyGenerator = (entry, key) => newKey }; var sut = CreateSystemUnderTest(options); sut.Load(); Assert.That(sut.Get(testEntry.Name), Is.Null); Assert.That(sut.Get(newKey), Is.EqualTo(getSecretValueResponse.SecretString)); }
public void Build_can_create_a_IConfigurationProvider_with_options(SecretsManagerConfigurationProviderOptions options, IConfigurationBuilder configurationBuilder) { var sut = new SecretsManagerConfigurationSource(options: options); var provider = sut.Build(configurationBuilder); Assert.That(provider, Is.Not.Null); Assert.That(provider, Is.InstanceOf <SecretsManagerConfigurationProvider>()); }
public void Build_invokes_config_client_method(IConfigurationBuilder configurationBuilder, Action <AmazonSecretsManagerConfig> secretsManagerConfiguration) { var options = new SecretsManagerConfigurationProviderOptions { ConfigureSecretsManagerConfig = secretsManagerConfiguration }; var sut = new SecretsManagerConfigurationSource(options: options); var provider = sut.Build(configurationBuilder); Mock.Get(secretsManagerConfiguration).Verify(p => p(It.Is <AmazonSecretsManagerConfig>(c => c != null)), Times.Once()); }
public static IConfigurationBuilder AddSecretsManager(this IConfigurationBuilder configurationBuilder, AWSCredentials credentials = null, RegionEndpoint region = null, Action<SecretsManagerConfigurationProviderOptions> configurator = null) { var options = new SecretsManagerConfigurationProviderOptions(); configurator?.Invoke(options); var source = new SecretsManagerConfigurationSource(credentials, options); if (region != null) { source.Region = region; } configurationBuilder.Add(source); return configurationBuilder; }
public void Secrets_can_be_filtered_out_via_options(SecretListEntry testEntry) { var secretListResponse = fixture.Build <ListSecretsResponse>() .With(p => p.SecretList, new List <SecretListEntry> { testEntry }) .With(p => p.NextToken, null) .Create(); mockSecretsManager.Setup(p => p.ListSecretsAsync(It.IsAny <ListSecretsRequest>(), It.IsAny <CancellationToken>())).ReturnsAsync(secretListResponse); var options = new SecretsManagerConfigurationProviderOptions { SecretFilter = entry => false }; var sut = CreateSystemUnderTest(options); sut.Load(); mockSecretsManager.Verify(p => p.GetSecretValueAsync(It.IsAny <GetSecretValueRequest>(), It.IsAny <CancellationToken>()), Times.Never); Assert.That(sut.Get(testEntry.Name), Is.Null); }
private SecretsManagerConfigurationProvider CreateSystemUnderTest(SecretsManagerConfigurationProviderOptions options = null) { options = options ?? new SecretsManagerConfigurationProviderOptions(); return(new SecretsManagerConfigurationProvider(mockSecretsManager.Object, options)); }
public async Task Should_reload_when_forceReload_called([Frozen] SecretListEntry testEntry, ListSecretsResponse listSecretsResponse, GetSecretValueResponse getSecretValueInitialResponse, GetSecretValueResponse getSecretValueUpdatedResponse, [Frozen] IAmazonSecretsManager secretsManager, [Frozen] SecretsManagerConfigurationProviderOptions options, SecretsManagerConfigurationProvider sut, IFixture fixture, Action <object> changeCallback, object changeCallbackState) { Mock.Get(secretsManager).Setup(p => p.ListSecretsAsync(It.IsAny <ListSecretsRequest>(), It.IsAny <CancellationToken>())).ReturnsAsync(listSecretsResponse); Mock.Get(secretsManager).SetupSequence(p => p.GetSecretValueAsync(It.IsAny <GetSecretValueRequest>(), It.IsAny <CancellationToken>())) .ReturnsAsync(getSecretValueInitialResponse) .ReturnsAsync(getSecretValueUpdatedResponse); sut.GetReloadToken().RegisterChangeCallback(changeCallback, changeCallbackState); sut.Load(); Assert.That(sut.Get(testEntry.Name), Is.EqualTo(getSecretValueInitialResponse.SecretString)); await sut.ForceReloadAsync(CancellationToken.None); Mock.Get(changeCallback).Verify(c => c(changeCallbackState)); Assert.That(sut.Get(testEntry.Name), Is.EqualTo(getSecretValueUpdatedResponse.SecretString)); }
public void Should_poll_and_reload_when_secrets_changed([Frozen] SecretListEntry testEntry, ListSecretsResponse listSecretsResponse, GetSecretValueResponse getSecretValueInitialResponse, GetSecretValueResponse getSecretValueUpdatedResponse, [Frozen] IAmazonSecretsManager secretsManager, [Frozen] SecretsManagerConfigurationProviderOptions options, SecretsManagerConfigurationProvider sut, IFixture fixture, Action <object> changeCallback, object changeCallbackState) { Mock.Get(secretsManager).Setup(p => p.ListSecretsAsync(It.IsAny <ListSecretsRequest>(), It.IsAny <CancellationToken>())).ReturnsAsync(listSecretsResponse); Mock.Get(secretsManager).SetupSequence(p => p.GetSecretValueAsync(It.IsAny <GetSecretValueRequest>(), It.IsAny <CancellationToken>())) .ReturnsAsync(getSecretValueInitialResponse) .ReturnsAsync(getSecretValueUpdatedResponse); options.PollingInterval = TimeSpan.FromMilliseconds(100); sut.GetReloadToken().RegisterChangeCallback(changeCallback, changeCallbackState); sut.Load(); Assert.That(sut.Get(testEntry.Name), Is.EqualTo(getSecretValueInitialResponse.SecretString)); Thread.Sleep(200); Mock.Get(changeCallback).Verify(c => c(changeCallbackState)); Assert.That(sut.Get(testEntry.Name), Is.EqualTo(getSecretValueUpdatedResponse.SecretString)); }
public void Keys_can_be_customized_via_options([Frozen] SecretListEntry testEntry, ListSecretsResponse listSecretsResponse, GetSecretValueResponse getSecretValueResponse, string newKey, [Frozen] IAmazonSecretsManager secretsManager, [Frozen] SecretsManagerConfigurationProviderOptions options, SecretsManagerConfigurationProvider sut, IFixture fixture) { Mock.Get(secretsManager).Setup(p => p.ListSecretsAsync(It.IsAny <ListSecretsRequest>(), It.IsAny <CancellationToken>())).ReturnsAsync(listSecretsResponse); Mock.Get(secretsManager).Setup(p => p.GetSecretValueAsync(It.IsAny <GetSecretValueRequest>(), It.IsAny <CancellationToken>())).ReturnsAsync(getSecretValueResponse); options.KeyGenerator = (entry, key) => newKey; sut.Load(); Assert.That(sut.Get(testEntry.Name), Is.Null); Assert.That(sut.Get(newKey), Is.EqualTo(getSecretValueResponse.SecretString)); }
public void Secrets_can_be_listed_explicitly_and_not_searched([Frozen] SecretListEntry testEntry, ListSecretsResponse listSecretsResponse, GetSecretValueResponse getSecretValueResponse, [Frozen] IAmazonSecretsManager secretsManager, [Frozen] SecretsManagerConfigurationProviderOptions options, SecretsManagerConfigurationProvider sut, IFixture fixture) { const string secretKey = "KEY"; var firstSecretArn = listSecretsResponse.SecretList.Select(x => x.ARN).First(); Mock.Get(secretsManager).Setup(p => p.GetSecretValueAsync(It.Is <GetSecretValueRequest>(x => x.SecretId.Equals(firstSecretArn)), It.IsAny <CancellationToken>())).ReturnsAsync(getSecretValueResponse); options.SecretFilter = entry => true; options.AcceptedSecretArns = new List <string> { firstSecretArn }; options.KeyGenerator = (entry, key) => secretKey; sut.Load(); Mock.Get(secretsManager).Verify(p => p.GetSecretValueAsync(It.Is <GetSecretValueRequest>(x => !x.SecretId.Equals(firstSecretArn)), It.IsAny <CancellationToken>()), Times.Never); Mock.Get(secretsManager).Verify(p => p.ListSecretsAsync(It.IsAny <ListSecretsRequest>(), It.IsAny <CancellationToken>()), Times.Never); Assert.That(sut.Get(testEntry.Name), Is.Null); Assert.That(sut.Get(secretKey), Is.EqualTo(getSecretValueResponse.SecretString)); }
public void Secrets_can_be_filtered_out_via_options([Frozen] SecretListEntry testEntry, ListSecretsResponse listSecretsResponse, [Frozen] IAmazonSecretsManager secretsManager, [Frozen] SecretsManagerConfigurationProviderOptions options, SecretsManagerConfigurationProvider sut, IFixture fixture) { Mock.Get(secretsManager).Setup(p => p.ListSecretsAsync(It.IsAny <ListSecretsRequest>(), It.IsAny <CancellationToken>())).ReturnsAsync(listSecretsResponse); options.SecretFilter = entry => false; sut.Load(); Mock.Get(secretsManager).Verify(p => p.GetSecretValueAsync(It.IsAny <GetSecretValueRequest>(), It.IsAny <CancellationToken>()), Times.Never); Assert.That(sut.Get(testEntry.Name), Is.Null); }
public void Secrets_can_be_filtered_out_via_options_on_fetching([Frozen] SecretListEntry testEntry, ListSecretsResponse listSecretsResponse, GetSecretValueResponse getSecretValueResponse, [Frozen] IAmazonSecretsManager secretsManager, [Frozen] SecretsManagerConfigurationProviderOptions options, SecretsManagerConfigurationProvider sut, IFixture fixture) { options.ListSecretsFilters = new List <Filter> { new Filter { Key = FilterNameStringType.Name, Values = new List <string> { testEntry.Name } } }; Mock.Get(secretsManager).Setup(p => p.ListSecretsAsync(It.Is <ListSecretsRequest>(request => request.Filters == options.ListSecretsFilters), It.IsAny <CancellationToken>())).ReturnsAsync(listSecretsResponse); sut.Load(); Mock.Get(secretsManager).Verify(p => p.ListSecretsAsync(It.Is <ListSecretsRequest>(request => request.Filters == options.ListSecretsFilters), It.IsAny <CancellationToken>())); Assert.That(sut.Get(testEntry.Name), Is.Null); }
public void Secrets_listed_explicitly_and_saved_to_configuration_with_their_names_as_keys([Frozen] SecretListEntry testEntry, ListSecretsResponse listSecretsResponse, GetSecretValueResponse getSecretValueResponse, [Frozen] IAmazonSecretsManager secretsManager, [Frozen] SecretsManagerConfigurationProviderOptions options, SecretsManagerConfigurationProvider sut, IFixture fixture) { Mock.Get(secretsManager).Setup(p => p.GetSecretValueAsync(It.Is <GetSecretValueRequest>(x => x.SecretId.Equals(getSecretValueResponse.ARN)), It.IsAny <CancellationToken>())).ReturnsAsync(getSecretValueResponse); options.AcceptedSecretArns = new List <string> { getSecretValueResponse.ARN }; Assert.DoesNotThrow(sut.Load); Mock.Get(secretsManager).Verify(p => p.GetSecretValueAsync(It.Is <GetSecretValueRequest>(x => !x.SecretId.Equals(getSecretValueResponse.ARN)), It.IsAny <CancellationToken>()), Times.Never); Assert.That(sut.Get(getSecretValueResponse.Name), Is.EqualTo(getSecretValueResponse.SecretString)); }
public void Build_uses_given_client_factory_method(IConfigurationBuilder configurationBuilder, SecretsManagerConfigurationProviderOptions options, Func <IAmazonSecretsManager> clientFactory) { options.CreateClient = clientFactory; var sut = new SecretsManagerConfigurationSource(options: options); var provider = sut.Build(configurationBuilder); Assert.That(provider, Is.Not.Null); Mock.Get(clientFactory).Verify(p => p()); }