mirror of https://github.com/apache/nifi.git
NIFI-10971: improved edge case handling while fetching objects using Azure Key Vault Client and added unit tests
Signed-off-by: Pierre Villard <pierre.villard.fr@gmail.com> This closes #6780.
This commit is contained in:
parent
beb90ba8a6
commit
bf24d575b3
|
@ -132,8 +132,10 @@ public class AzureKeyVaultSecretsParameterProvider extends AbstractParameterProv
|
||||||
final List<KeyVaultSecret> secrets = new ArrayList<>();
|
final List<KeyVaultSecret> secrets = new ArrayList<>();
|
||||||
|
|
||||||
for (final SecretProperties secretProperties : secretClient.listPropertiesOfSecrets()) {
|
for (final SecretProperties secretProperties : secretClient.listPropertiesOfSecrets()) {
|
||||||
KeyVaultSecret secretWithValue = secretClient.getSecret(secretProperties.getName(), secretProperties.getVersion());
|
if (secretProperties.isEnabled()) {
|
||||||
secrets.add(secretWithValue);
|
KeyVaultSecret secretWithValue = secretClient.getSecret(secretProperties.getName(), secretProperties.getVersion());
|
||||||
|
secrets.add(secretWithValue);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return secrets;
|
return secrets;
|
||||||
|
@ -145,7 +147,12 @@ public class AzureKeyVaultSecretsParameterProvider extends AbstractParameterProv
|
||||||
final String parameterName = secret.getName();
|
final String parameterName = secret.getName();
|
||||||
final String parameterValue = secret.getValue();
|
final String parameterValue = secret.getValue();
|
||||||
|
|
||||||
final String parameterGroupName = secret.getProperties().getTags().get(GROUP_NAME_TAG);
|
final Map<String, String> tags = secret.getProperties().getTags();
|
||||||
|
if (tags == null) {
|
||||||
|
getLogger().debug("Secret with parameter name [{}] not recognized as a valid parameter since it does not have tags");
|
||||||
|
continue;
|
||||||
|
}
|
||||||
|
final String parameterGroupName = tags.get(GROUP_NAME_TAG);
|
||||||
if (parameterGroupName == null) {
|
if (parameterGroupName == null) {
|
||||||
getLogger().debug("Secret with parameter name [{}] not recognized as a valid parameter since it " +
|
getLogger().debug("Secret with parameter name [{}] not recognized as a valid parameter since it " +
|
||||||
"does not have the [{}] tag", parameterName, GROUP_NAME_TAG);
|
"does not have the [{}] tag", parameterName, GROUP_NAME_TAG);
|
||||||
|
|
|
@ -96,6 +96,59 @@ public class TestAzureKeyVaultSecretsParameterProvider {
|
||||||
runProviderTest( 8, ConfigVerificationResult.Outcome.SUCCESSFUL);
|
runProviderTest( 8, ConfigVerificationResult.Outcome.SUCCESSFUL);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testFetchDisabledParameters() throws IOException, InitializationException {
|
||||||
|
final List<SecretProperties> secretPropertiesList = new ArrayList<>();
|
||||||
|
for (final ParameterGroup group : mockParameterGroups) {
|
||||||
|
for (final Parameter parameter : group.getParameters()) {
|
||||||
|
final SecretProperties secretProperties = mock(SecretProperties.class);
|
||||||
|
|
||||||
|
when(secretProperties.isEnabled()).thenReturn(false);
|
||||||
|
|
||||||
|
secretPropertiesList.add(secretProperties);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
final PagedIterable<SecretProperties> mockIterable = mock(PagedIterable.class);
|
||||||
|
when(secretClient.listPropertiesOfSecrets()).thenReturn(mockIterable);
|
||||||
|
when(mockIterable.iterator()).thenReturn(secretPropertiesList.iterator());
|
||||||
|
runProviderTest( 0, ConfigVerificationResult.Outcome.SUCCESSFUL);
|
||||||
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testFetchParametersWithNullTagsShouldNotThrowError() throws IOException, InitializationException {
|
||||||
|
final List<SecretProperties> secretPropertiesList = new ArrayList<>();
|
||||||
|
for (final ParameterGroup group : mockParameterGroups) {
|
||||||
|
for (final Parameter parameter : group.getParameters()) {
|
||||||
|
final String parameterName = parameter.getDescriptor().getName();
|
||||||
|
final String parameterValue = parameter.getValue();
|
||||||
|
final KeyVaultSecret secret = mock(KeyVaultSecret.class);
|
||||||
|
when(secret.getName()).thenReturn(parameterName);
|
||||||
|
when(secret.getValue()).thenReturn(parameterValue);
|
||||||
|
|
||||||
|
final SecretProperties secretProperties = mock(SecretProperties.class);
|
||||||
|
when(secret.getProperties()).thenReturn(secretProperties);
|
||||||
|
|
||||||
|
final Map<String, String> tags = null;
|
||||||
|
when(secretProperties.getTags()).thenReturn(tags);
|
||||||
|
|
||||||
|
when(secretProperties.getName()).thenReturn(parameterName);
|
||||||
|
when(secretProperties.getVersion()).thenReturn(null);
|
||||||
|
when(secretProperties.isEnabled()).thenReturn(true);
|
||||||
|
when(secretClient.getSecret(eq(parameterName), any())).thenReturn(secret);
|
||||||
|
|
||||||
|
secretPropertiesList.add(secretProperties);
|
||||||
|
}
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
final PagedIterable<SecretProperties> mockIterable = mock(PagedIterable.class);
|
||||||
|
when(secretClient.listPropertiesOfSecrets()).thenReturn(mockIterable);
|
||||||
|
when(mockIterable.iterator()).thenReturn(secretPropertiesList.iterator());
|
||||||
|
runProviderTest( 0, ConfigVerificationResult.Outcome.SUCCESSFUL);
|
||||||
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testFetchParametersListFailure() throws IOException, InitializationException {
|
public void testFetchParametersListFailure() throws IOException, InitializationException {
|
||||||
when(secretClient.listPropertiesOfSecrets()).thenThrow(new RuntimeException("Fake RuntimeException"));
|
when(secretClient.listPropertiesOfSecrets()).thenThrow(new RuntimeException("Fake RuntimeException"));
|
||||||
|
@ -129,6 +182,7 @@ public class TestAzureKeyVaultSecretsParameterProvider {
|
||||||
|
|
||||||
when(secretProperties.getName()).thenReturn(parameterName);
|
when(secretProperties.getName()).thenReturn(parameterName);
|
||||||
when(secretProperties.getVersion()).thenReturn(null);
|
when(secretProperties.getVersion()).thenReturn(null);
|
||||||
|
when(secretProperties.isEnabled()).thenReturn(true);
|
||||||
when(secretClient.getSecret(eq(parameterName), any())).thenReturn(secret);
|
when(secretClient.getSecret(eq(parameterName), any())).thenReturn(secret);
|
||||||
|
|
||||||
secretPropertiesList.add(secretProperties);
|
secretPropertiesList.add(secretProperties);
|
||||||
|
|
Loading…
Reference in New Issue