grafana/pkg/services/secrets/kvstore/plugin_test.go

package kvstore

import (
	"context"
	"testing"

	"github.com/stretchr/testify/assert"
	"github.com/stretchr/testify/require"

	"github.com/grafana/grafana/pkg/plugins/backendplugin/secretsmanagerplugin"
	"github.com/grafana/grafana/pkg/tests/testsuite"
)

func TestMain(m *testing.M) {
	testsuite.Run(m)
}

// Set fatal flag to true, then simulate a plugin start failure
// Should result in an error from the secret store provider
func TestFatalPluginErr_PluginFailsToStartWithFatalFlagSet(t *testing.T) {
	p, err := SetupFatalCrashTest(t, true, true, false)
	assert.Error(t, err)
	assert.Equal(t, "mocked failed to start", err.Error())
	assert.Nil(t, p.SecretsKVStore)
}

// Set fatal flag to false, then simulate a plugin start failure
// Should result in the secret store provider returning the sql impl
func TestFatalPluginErr_PluginFailsToStartWithFatalFlagNotSet(t *testing.T) {
	p, err := SetupFatalCrashTest(t, true, false, false)
	assert.NoError(t, err)
	require.IsType(t, &CachedKVStore{}, p.SecretsKVStore)

	cachedKv, _ := p.SecretsKVStore.(*CachedKVStore)
	store, err := GetUnwrappedStoreFromCache(cachedKv)
	require.NoError(t, err)
	assert.IsType(t, &SecretsKVStoreSQL{}, store)
}

// With fatal flag not set, store a secret in the plugin while backwards compatibility is disabled
// Should result in the fatal flag going from unset -> set to true
func TestFatalPluginErr_FatalFlagGetsSetWithBackwardsCompatDisabled(t *testing.T) {
	p, err := SetupFatalCrashTest(t, false, false, true)
	assert.NoError(t, err)
	require.NotNil(t, p.SecretsKVStore)

	err = p.SecretsKVStore.Set(context.Background(), 0, "datasource", "postgres", "my secret")
	assert.NoError(t, err)

	isFatal, err := IsPluginStartupErrorFatal(context.Background(), GetNamespacedKVStore(p.KVStore))
	assert.NoError(t, err)
	assert.True(t, isFatal)
}

// With fatal flag set, retrieve a secret from the plugin while backwards compatibility is enabled
// Should result in the fatal flag going from set to true -> unset
func TestFatalPluginErr_FatalFlagGetsUnSetWithBackwardsCompatEnabled(t *testing.T) {
	p, err := SetupFatalCrashTest(t, false, true, false)
	assert.NoError(t, err)
	require.NotNil(t, p.SecretsKVStore)

	// setup - store secret and manually bypassing the remote plugin impl
	_, err = p.PluginManager.SecretsManager(context.Background()).SecretsManager.SetSecret(context.Background(), &secretsmanagerplugin.SetSecretRequest{
		KeyDescriptor: &secretsmanagerplugin.Key{
			OrgId:     0,
			Namespace: "postgres",
			Type:      "datasource",
		},
		Value: "bogus",
	})
	assert.NoError(t, err)

	// retrieve the secret and check values
	val, exists, err := p.SecretsKVStore.Get(context.Background(), 0, "postgres", "datasource")
	assert.NoError(t, err)
	assert.NotNil(t, val)
	assert.True(t, exists)

	isFatal, err := IsPluginStartupErrorFatal(context.Background(), GetNamespacedKVStore(p.KVStore))
	assert.NoError(t, err)
	assert.False(t, isFatal)
}
Chore: Refactor secrets kvstore to organize testing and migrations (#54249) * Refactor migrations and tests for secrets kvstore * Use fake secrets store as a shortcut on tests * Update wire * Use global migration logger * Fix ds proxy tests * Fix linting issues * Rename data source test setup function 2022-08-25 18:04:44 -03:00			`package kvstore`

			`import (`
			`"context"`
			`"testing"`

			`"github.com/stretchr/testify/assert"`
			`"github.com/stretchr/testify/require"`
Chore: Fix goimports grouping in pkg/services (#62420) * fix goimports * fix goimports order 2023-01-30 09:21:27 +01:00
			`"github.com/grafana/grafana/pkg/plugins/backendplugin/secretsmanagerplugin"`
Chore: Update test database initialization (#81673) * streamline initialization of test databases, support on-disk sqlite test db * clean up test databases * introduce testsuite helper * use testsuite everywhere we use a test db * update documentation * improve error handling * disable entity integration test until we can figure out locking error 2024-02-09 09:35:39 -05:00			`"github.com/grafana/grafana/pkg/tests/testsuite"`
Chore: Refactor secrets kvstore to organize testing and migrations (#54249) * Refactor migrations and tests for secrets kvstore * Use fake secrets store as a shortcut on tests * Update wire * Use global migration logger * Fix ds proxy tests * Fix linting issues * Rename data source test setup function 2022-08-25 18:04:44 -03:00			`)`

Chore: Update test database initialization (#81673) * streamline initialization of test databases, support on-disk sqlite test db * clean up test databases * introduce testsuite helper * use testsuite everywhere we use a test db * update documentation * improve error handling * disable entity integration test until we can figure out locking error 2024-02-09 09:35:39 -05:00			`func TestMain(m *testing.M) {`
			`testsuite.Run(m)`
			`}`

Chore: Refactor secrets kvstore to organize testing and migrations (#54249) * Refactor migrations and tests for secrets kvstore * Use fake secrets store as a shortcut on tests * Update wire * Use global migration logger * Fix ds proxy tests * Fix linting issues * Rename data source test setup function 2022-08-25 18:04:44 -03:00			`// Set fatal flag to true, then simulate a plugin start failure`
			`// Should result in an error from the secret store provider`
			`func TestFatalPluginErr_PluginFailsToStartWithFatalFlagSet(t *testing.T) {`
			`p, err := SetupFatalCrashTest(t, true, true, false)`
			`assert.Error(t, err)`
			`assert.Equal(t, "mocked failed to start", err.Error())`
			`assert.Nil(t, p.SecretsKVStore)`
			`}`

			`// Set fatal flag to false, then simulate a plugin start failure`
			`// Should result in the secret store provider returning the sql impl`
			`func TestFatalPluginErr_PluginFailsToStartWithFatalFlagNotSet(t *testing.T) {`
			`p, err := SetupFatalCrashTest(t, true, false, false)`
			`assert.NoError(t, err)`
			`require.IsType(t, &CachedKVStore{}, p.SecretsKVStore)`

			`cachedKv, _ := p.SecretsKVStore.(*CachedKVStore)`
Secrets: Implement secrets manager plugin fallback store (#54496) * Refactor fallback to be isolated to plugin secret store * Check for error value on replace fallback test helper * Move ResetPlugin from test_helpers.go to plugin.go * Add check to GetUnwrappedStoreFromCache * Add fallback GetAll query to WithFallbackEnabled * Add mutex lock to WithFallbackEnabled * Add cache to fallback store * Fix linter issues * Fix linter issues * Fix linter issues 2022-09-02 12:39:18 -03:00			`store, err := GetUnwrappedStoreFromCache(cachedKv)`
			`require.NoError(t, err)`
			`assert.IsType(t, &SecretsKVStoreSQL{}, store)`
Chore: Refactor secrets kvstore to organize testing and migrations (#54249) * Refactor migrations and tests for secrets kvstore * Use fake secrets store as a shortcut on tests * Update wire * Use global migration logger * Fix ds proxy tests * Fix linting issues * Rename data source test setup function 2022-08-25 18:04:44 -03:00			`}`

			`// With fatal flag not set, store a secret in the plugin while backwards compatibility is disabled`
			`// Should result in the fatal flag going from unset -> set to true`
			`func TestFatalPluginErr_FatalFlagGetsSetWithBackwardsCompatDisabled(t *testing.T) {`
			`p, err := SetupFatalCrashTest(t, false, false, true)`
			`assert.NoError(t, err)`
			`require.NotNil(t, p.SecretsKVStore)`

			`err = p.SecretsKVStore.Set(context.Background(), 0, "datasource", "postgres", "my secret")`
			`assert.NoError(t, err)`

			`isFatal, err := IsPluginStartupErrorFatal(context.Background(), GetNamespacedKVStore(p.KVStore))`
			`assert.NoError(t, err)`
			`assert.True(t, isFatal)`
			`}`

			`// With fatal flag set, retrieve a secret from the plugin while backwards compatibility is enabled`
			`// Should result in the fatal flag going from set to true -> unset`
			`func TestFatalPluginErr_FatalFlagGetsUnSetWithBackwardsCompatEnabled(t *testing.T) {`
			`p, err := SetupFatalCrashTest(t, false, true, false)`
			`assert.NoError(t, err)`
			`require.NotNil(t, p.SecretsKVStore)`

			`// setup - store secret and manually bypassing the remote plugin impl`
manager exposes renderer + secrets manager (#54629) 2022-09-02 14:20:10 +02:00			`_, err = p.PluginManager.SecretsManager(context.Background()).SecretsManager.SetSecret(context.Background(), &secretsmanagerplugin.SetSecretRequest{`
Chore: Refactor secrets kvstore to organize testing and migrations (#54249) * Refactor migrations and tests for secrets kvstore * Use fake secrets store as a shortcut on tests * Update wire * Use global migration logger * Fix ds proxy tests * Fix linting issues * Rename data source test setup function 2022-08-25 18:04:44 -03:00			`KeyDescriptor: &secretsmanagerplugin.Key{`
			`OrgId: 0,`
			`Namespace: "postgres",`
			`Type: "datasource",`
			`},`
			`Value: "bogus",`
			`})`
			`assert.NoError(t, err)`

			`// retrieve the secret and check values`
			`val, exists, err := p.SecretsKVStore.Get(context.Background(), 0, "postgres", "datasource")`
			`assert.NoError(t, err)`
			`assert.NotNil(t, val)`
			`assert.True(t, exists)`

			`isFatal, err := IsPluginStartupErrorFatal(context.Background(), GetNamespacedKVStore(p.KVStore))`
			`assert.NoError(t, err)`
			`assert.False(t, isFatal)`
			`}`