openstack
/
puppet-barbican
Code Issues Proposed changes
puppet-barbican/spec/classes/barbican_plugins_vault_spec.rb

123 lines
4.5 KiB
Ruby
Raw Blame History

#
# Copyright (C) 2019 Matthew J. Black
#
# Author: Matthew J. Black <mjblack@gmail.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
#
# Unit tests for barbican::plugins::vault class
#
require 'spec_helper'
describe 'barbican::plugins::vault' do
shared_examples_for 'barbican plugins vault' do
describe 'with minimal parameters passed into vault plugin' do
let :params do
{
:vault_url => 'http://127.0.0.1:8200',
:root_token_id => 'barbican_root_token_id',
:global_default => true,
}
end
it 'is_expected.to set vault plugin parameters' do
is_expected.to contain_barbican_config('vault_plugin/vault_url') \
.with_value(params[:vault_url])
is_expected.to contain_barbican_config(
'secretstore:vault/secret_store_plugin') \
.with_value('vault_plugin')
is_expected.to contain_barbican_config(
'secretstore:vault/global_default') \
.with_value('true')
end
end
describe 'with approle parameters passed into vault plugin' do
let :params do
{
:vault_url => 'https://127.0.0.1:8200',
:use_ssl => true,
:approle_role_id => 'barbican_approle_role_id',
:approle_secret_id => 'barbican_approle_secret_id',
:kv_mountpoint => 'barbican_secrets',
}
end
it 'is_expected.to set vault plugin parameters' do
is_expected.to contain_barbican_config('vault_plugin/vault_url') \
.with_value(params[:vault_url])
is_expected.to contain_barbican_config('vault_plugin/use_ssl') \
.with_value(params[:use_ssl])
is_expected.to contain_barbican_config('vault_plugin/approle_role_id') \
.with_value(params[:approle_role_id])
is_expected.to contain_barbican_config('vault_plugin/approle_secret_id') \
.with_value(params[:approle_secret_id])
is_expected.to contain_barbican_config('vault_plugin/kv_mountpoint') \
.with_value(params[:kv_mountpoint])
is_expected.to contain_barbican_config(
'secretstore:vault/secret_store_plugin') \
.with_value('vault_plugin')
is_expected.to contain_barbican_config(
'secretstore:vault/global_default') \
.with_value('false')
end
end
describe 'with no parameter passed into vault plugin' do
let :params do
{}
end
it 'is_expected.to set default vault parameters' do
is_expected.to contain_barbican_config('vault_plugin/vault_url') \
.with_value('<SERVICE DEFAULT>')
is_expected.to contain_barbican_config('vault_plugin/root_token_id') \
.with_value('<SERVICE DEFAULT>')
is_expected.to contain_barbican_config('vault_plugin/approle_role_id') \
.with_value('<SERVICE DEFAULT>')
is_expected.to contain_barbican_config('vault_plugin/approle_secret_id') \
.with_value('<SERVICE DEFAULT>')
is_expected.to contain_barbican_config('vault_plugin/kv_mountpoint') \
.with_value('<SERVICE DEFAULT>')
is_expected.to contain_barbican_config('vault_plugin/use_ssl') \
.with_value('false')
is_expected.to contain_barbican_config('vault_plugin/ssl_ca_crt_file') \
.with_value('<SERVICE DEFAULT>')
is_expected.to contain_barbican_config(
'secretstore:vault/secret_store_plugin') \
.with_value('vault_plugin')
is_expected.to contain_barbican_config(
'secretstore:vault/global_default') \
.with_value('false')
end
end
end
on_supported_os({
:supported_os => OSDefaults.get_supported_os
}).each do |os,facts|
context "on #{os}" do
let (:facts) do
facts.merge(OSDefaults.get_facts({
:processorcount => 8,
:fqdn => 'some.host.tld',
:concat_basedir => '/var/lib/puppet/concat',
}))
end
it_configures 'barbican plugins vault'
end
end
end
View Git Blame Copy Permalink