cbrand/ps
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
c34cead304
ps/Modules/Alkami.DevOps.Common/Public/Get-AwsCredentialConfiguration.tests.ps1
jcolebrand c34cead304 First full commit
2023-05-30 22:51:22 -07:00

114 lines
5.8 KiB
PowerShell
Raw Blame History

. $PSScriptRoot\..\..\Load-PesterModules.ps1
$here = Split-Path -Parent $MyInvocation.MyCommand.Path
$sut = (Split-Path -Leaf $MyInvocation.MyCommand.Path) -replace '\.tests\.', '.'
$functionPath = Join-Path -Path $here -ChildPath $sut
Write-Host "Overriding SUT: $functionPath"
Import-Module $functionPath -Force
$moduleForMock = ""
Describe "Get-AwsCredentialConfiguration" {
# This is a private function, so Pester has a fit
function ConvertTo-AwsCredentialEntry { param([System.Collections.ArrayList]$CredentialData) }
Context "Logic" {
It "Reads from Both Text-Based Credentials Files" {
$expectedFileReads = @("credentials", "config")
Mock -CommandName Get-Content -ModuleName $moduleForMock -MockWith {}
Get-AwsCredentialConfiguration | Should -BeNullOrEmpty
foreach ($fileRead in $expectedFileReads) {
Assert-MockCalled -CommandName Get-Content -Scope It -Times 1 -Exactly -ParameterFilter { $Path -match "$fileRead$"}
}
}
It "Writes a Warning and Exits Early if No Credentials Files Found" {
Mock -CommandName Get-Content -ModuleName $moduleForMock -MockWith {}
Mock -CommandName Write-Warning -ModuleName $moduleForMock -MockWith { }
Mock -CommandName Write-Verbose -ModuleName $moduleForMock -MockWith { }
Mock -CommandName Test-Path -ModuleName $moduleForMock -MockWith { return $false }
Get-AwsCredentialConfiguration -Verbose
Assert-MockCalled -CommandName Write-Warning -Scope It -Times 1 -Exactly -ParameterFilter { $Message -match "Unable to locate any configured AWS credentials sources" }
}
It "Writes a Warning and Exits Early if Credentials Files Found but Empty" {
Mock -CommandName Get-Content -ModuleName $moduleForMock -MockWith { return @() }
Mock -CommandName Write-Warning -ModuleName $moduleForMock -MockWith { }
Mock -CommandName Write-Verbose -ModuleName $moduleForMock -MockWith { }
Mock -CommandName Test-Path -ModuleName $moduleForMock -MockWith { return $true }
Get-AwsCredentialConfiguration -Verbose
Assert-MockCalled -CommandName Write-Warning -Scope It -Times 1 -Exactly -ParameterFilter { $Message -match "Unable to locate any configured AWS credentials sources" }
}
It "Parses the File Contents Appropriately" {
Mock -CommandName Get-Content -ModuleName $moduleForMock -MockWith { return @( "[ErMerGerd]","role_arn=some_value","source_profile=another_value","region=some_region","mfa_serial=12345") } `
-ParameterFilter { $Path -Match "credentials" }
Mock -CommandName Get-Content -ModuleName $moduleForMock -MockWith { return @( "[AllInAll]","role_arn=Its","source_profile=Just","region=Another","mfa_serial=BrickInTheWall") } `
-ParameterFilter { $Path -Match "config" }
Mock -CommandName Test-Path -ModuleName $moduleForMock -MockWith { return $true }
Mock -CommandName ConvertTo-AwsCredentialEntry -ModuleName $moduleForMock -MockWith { return $_ }
$result = Get-AwsCredentialConfiguration
$result | Should -HaveCount 2
$firstResult = $result | Select -First 1
$lastResult = $result | Select -Last 1
$firstResult.Name | Should -BeExactly "AllInAll"
$firstResult.role_arn | Should -BeExactly "Its"
$firstResult.source_profile | Should -BeExactly "Just"
$firstResult.region | Should -BeExactly "Another"
$firstResult.mfa_serial | Should -BeExactly "BrickInTheWall"
$lastResult.Name | Should -BeExactly "ErMerGerd"
$lastResult.role_arn | Should -BeExactly "some_value"
$lastResult.source_profile | Should -BeExactly "another_value"
$lastResult.region | Should -BeExactly "some_region"
$lastResult.mfa_serial | Should -BeExactly "12345"
}
It "Merges Profile Properties Preferring First In When Overlap Occurs" {
Mock -CommandName Get-Content -ModuleName $moduleForMock -MockWith { return @( "[Shmoo]","role_arn=first_value","source_profile=first_value") } `
-ParameterFilter { $Path -Match "config" }
Mock -CommandName Get-Content -ModuleName $moduleForMock -MockWith { return @( "[Shmoo]","role_arn=second_value","region=a_value_not_in_object_one" ) } `
-ParameterFilter { $Path -Match "credentials" }
Mock -CommandName Test-Path -ModuleName $moduleForMock -MockWith { return $true }
Mock -CommandName ConvertTo-AwsCredentialEntry -ModuleName $moduleForMock -MockWith { return $_ }
$result = Get-AwsCredentialConfiguration
$result | Should -HaveCount 1
$result.role_arn | Should -Be "first_value"
$result.source_profile | Should -BeExactly "first_value"
$result.region | Should -BeExactly "a_value_not_in_object_one"
$result.mfa_serial | Should -BeNullOrEmpty
}
It "Refuses to Return Properties Defined as Sensitive" {
Mock -CommandName Test-Path -ModuleName $moduleForMock -MockWith { return $true }
Mock -CommandName ConvertTo-AwsCredentialEntry -ModuleName $moduleForMock -MockWith { return $_ }
$propertiesToIgnore = @("aws_secret_access_key", "aws_session_token")
foreach ($property in $propertiesToIgnore) {
Mock -CommandName Get-Content -ModuleName $moduleForMock -MockWith { return @( "[OhSay]","role_arn=Can","source_profile=You","$property=See") } `
-ParameterFilter { $Path -Match "config" }
$result = Get-AwsCredentialConfiguration
$result[0].$property | Should -BeNullOrEmpty
}
}
}
}
Reference in New Issue View Git Blame Copy Permalink