functions/configuration/_ResolveDeploymentConfigValues.Tests.ps1
|
# <copyright file="_ResolveDeploymentConfigValues.Tests.ps1" company="Endjin Limited"> # Copyright (c) Endjin Limited. All rights reserved. # </copyright> $here = Split-Path -Parent $MyInvocation.MyCommand.Path $sut = (Split-Path -Leaf $MyInvocation.MyCommand.Path).Replace(".Tests.ps1", ".ps1") . "$here\$sut" # Import other dependency functions . $here/../azure/_EnsureAzureConnection.ps1 # Import the configuration handlers [array]$script:configHandlers = @() foreach ($handler in (Get-ChildItem $here/handlers/*.ps1)) { . $handler.FullName } Describe "_ResolveDeploymentConfigValues Tests" { Context "No resolvable values" { $mockConfig = @{ foo = "bar" bar = $true foobar = 2 } $res = _ResolveDeploymentConfigValues $mockConfig It "should return unmodified configuration values" { $res | should -be $mockConfig } } Context "Key Vault SecretUri Handler" { $mockSecretUri = "https://myvault.vault.azure.net/secrets/mysecret" $mockConfig = @{ foo = "bar" bar = $true foobar = 2 passwd = "@Microsoft.KeyVault(SecretUri=$mockSecretUri)" } Mock _EnsureAzureConnection {} Mock _invokeHandler { "secret-password" } $res = _ResolveDeploymentConfigValues $mockConfig It "should call the KeyVaultSecretUri handler" { Assert-MockCalled _invokeHandler -Times 1 -ParameterFilter { $HandlerName -eq "_keyVaultSecretUriHandler" -and $ValueToResolve -eq $mockSecretUri } } It "should update the configuration object with the resolved value" { $res.passwd | should -be "secret-password" } } Context "Environment Variable Handler" { It "should resolve the correct value" { $mockConfig = @{ foo = "bar" bar = $true foobar = 2 passwd = "@EnvironmentVariable(TEST_ENV_VAR)" } $env:TEST_ENV_VAR = "value-from-env" $res = _ResolveDeploymentConfigValues $mockConfig $res.passwd | should -be "value-from-env" } It "should throw an exception if the environment variable does not exist" { $mockConfig = @{ foo = "bar" bar = $true foobar = 2 passwd = "@EnvironmentVariable(NON_EXISTENT_ENV_VAR)" } { _ResolveDeploymentConfigValues $mockConfig } | should -throw } } } Describe "_ResolveDeploymentConfigValues Integration Tests" -Tag Integration { BeforeAll { $script:testRgName = (New-Guid).Guid $script:testKvName = "x{0}" -f $testRgName.Replace("-","").Substring(0,22) $script:testSecretValue = (New-Guid).Guid | ConvertTo-SecureString -AsPlainText $script:testSecretName = "test-secret" Write-Host "Provisioning test resources..." New-AzResourceGroup -Name $testRgName -Location UKSouth | Out-Null $kv = New-AzKeyVault -ResourceGroupName $testRgName -Name $testKvName -Location UKSouth $script:kvSecret = Set-AzKeyVaultSecret -VaultName $kv.VaultName -Name $testSecretName -SecretValue $testSecretValue } AfterAll { Write-Host "Removing test resources..." Remove-AzResourceGroup -ResourceGroupName $testRgName -Force | Out-Null Remove-AzKeyVault -VaultName $testKvName -Location UKSouth -InRemovedState -Force | Out-Null } Context "Key Vault SecretUri Handler" { Mock _EnsureAzureConnection {} $mockConfig = @{ username = "someuser" password = "@Microsoft.KeyVault(SecretUri=$($kvSecret.Id))" } $res = _ResolveDeploymentConfigValues $mockConfig It "should resolve the correct value from Key Vault" { (ConvertFrom-SecureString -AsplainText $mockConfig.password) | should -be (ConvertFrom-SecureString -AsplainText $testSecretValue) } } } |