telegraf/plugins/secretstores/systemd/systemd_test.go

//go:build linux

package systemd

import (
	"testing"

	"github.com/stretchr/testify/require"

	"github.com/influxdata/telegraf/testutil"
)

func getSystemdVersionMin() (int, error) {
	return systemdMinimumVersion, nil
}

func TestSampleConfig(t *testing.T) {
	plugin := &Systemd{}
	require.NotEmpty(t, plugin.SampleConfig())
}

func TestMinimumVersion(t *testing.T) {
	getSystemdVersion = func() (int, error) { return 123, nil }

	plugin := &Systemd{Log: testutil.Logger{}}
	require.ErrorContains(t, plugin.Init(), "below minimum version")
}

func TestEmptyPath(t *testing.T) {
	getSystemdVersion = getSystemdVersionMin

	plugin := &Systemd{Log: testutil.Logger{}}
	require.ErrorContains(t, plugin.Init(), "'path' required without CREDENTIALS_DIRECTORY")
}

func TestEmptyCredentialsDirectoryWarning(t *testing.T) {
	getSystemdVersion = getSystemdVersionMin

	logger := &testutil.CaptureLogger{}
	plugin := &Systemd{
		Path: "testdata",
		Log:  logger}
	require.NoError(t, plugin.Init())

	actual := logger.Warnings()
	require.Len(t, actual, 1)
	require.Contains(t, actual[0], "CREDENTIALS_DIRECTORY environment variable undefined")
}

func TestPathNonExistentExplicit(t *testing.T) {
	getSystemdVersion = getSystemdVersionMin
	t.Setenv("CREDENTIALS_DIRECTORY", "testdata")

	plugin := &Systemd{
		Path: "non/existent/path",
		Log:  testutil.Logger{},
	}
	require.ErrorContains(t, plugin.Init(), "accessing credentials directory")
}

func TestPathNonExistentImplicit(t *testing.T) {
	getSystemdVersion = getSystemdVersionMin
	t.Setenv("CREDENTIALS_DIRECTORY", "non/existent/path")

	plugin := &Systemd{
		Log: testutil.Logger{},
	}
	require.ErrorContains(t, plugin.Init(), "accessing credentials directory")
}

func TestInit(t *testing.T) {
	getSystemdVersion = getSystemdVersionMin
	t.Setenv("CREDENTIALS_DIRECTORY", "testdata")

	plugin := &Systemd{Log: testutil.Logger{}}
	require.NoError(t, plugin.Init())
}

func TestSetNotAvailable(t *testing.T) {
	getSystemdVersion = getSystemdVersionMin
	t.Setenv("CREDENTIALS_DIRECTORY", "testdata")

	plugin := &Systemd{Log: testutil.Logger{}}
	require.NoError(t, plugin.Init())

	// Try to Store the secrets, which this plugin should not let
	require.ErrorContains(t, plugin.Set("foo", "bar"), "secret-store does not support creating secrets")
}

func TestListGet(t *testing.T) {
	getSystemdVersion = getSystemdVersionMin
	t.Setenv("CREDENTIALS_DIRECTORY", "testdata")

	// secret files name and their content to compare under the `testdata` directory
	secrets := map[string]string{
		"secret-file-1": "IWontTell",
		"secret_file_2": "SuperDuperSecret!23",
		"secretFile":    "foobar",
	}

	// Initialize the plugin
	plugin := &Systemd{Log: testutil.Logger{}}
	require.NoError(t, plugin.Init())

	// List the Secrets
	keys, err := plugin.List()
	require.NoError(t, err)
	require.Len(t, keys, len(secrets))
	// check if the returned array from List() is the same
	// as the name of secret files
	for secretFileName := range secrets {
		require.Contains(t, keys, secretFileName)
	}

	// Get the secrets
	for _, k := range keys {
		value, err := plugin.Get(k)
		require.NoError(t, err)
		v, found := secrets[k]
		require.Truef(t, found, "unexpected secret requested that was not found: %q", k)
		require.Equal(t, v, string(value))
	}
}

func TestResolver(t *testing.T) {
	getSystemdVersion = getSystemdVersionMin
	t.Setenv("CREDENTIALS_DIRECTORY", "testdata")

	// Secret Value Name to Resolve
	secretFileName := "secret-file-1"
	// Secret Value to Resolve To
	secretVal := "IWontTell"

	// Initialize the plugin
	plugin := &Systemd{Log: testutil.Logger{}}
	require.NoError(t, plugin.Init())

	// Get the resolver
	resolver, err := plugin.GetResolver(secretFileName)
	require.NoError(t, err)
	require.NotNil(t, resolver)
	s, dynamic, err := resolver()
	require.NoError(t, err)
	require.False(t, dynamic)
	require.Equal(t, secretVal, string(s))
}

func TestResolverInvalid(t *testing.T) {
	getSystemdVersion = getSystemdVersionMin
	t.Setenv("CREDENTIALS_DIRECTORY", "testdata")

	// Initialize the plugin
	plugin := &Systemd{Log: testutil.Logger{}}
	require.NoError(t, plugin.Init())

	// Get the resolver
	resolver, err := plugin.GetResolver("foo")
	require.NoError(t, err)
	require.NotNil(t, resolver)
	_, _, err = resolver()
	require.ErrorContains(t, err, "cannot read the secret's value:")
}

func TestGetNonExistent(t *testing.T) {
	getSystemdVersion = getSystemdVersionMin
	t.Setenv("CREDENTIALS_DIRECTORY", "testdata")

	// Initialize the plugin
	plugin := &Systemd{Log: testutil.Logger{}}
	require.NoError(t, plugin.Init())

	// Get the resolver
	_, err := plugin.Get("foo")
	require.ErrorContains(t, err, "cannot read the secret's value:")
}
Adding upstream version 1.34.4. Signed-off-by: Daniel Baumann <daniel@debian.org> 2025-05-24 07:26:29 +02:00			`//go:build linux`

			`package systemd`

			`import (`
			`"testing"`

			`"github.com/stretchr/testify/require"`

			`"github.com/influxdata/telegraf/testutil"`
			`)`

			`func getSystemdVersionMin() (int, error) {`
			`return systemdMinimumVersion, nil`
			`}`

			`func TestSampleConfig(t *testing.T) {`
			`plugin := &Systemd{}`
			`require.NotEmpty(t, plugin.SampleConfig())`
			`}`

			`func TestMinimumVersion(t *testing.T) {`
			`getSystemdVersion = func() (int, error) { return 123, nil }`

			`plugin := &Systemd{Log: testutil.Logger{}}`
			`require.ErrorContains(t, plugin.Init(), "below minimum version")`
			`}`

			`func TestEmptyPath(t *testing.T) {`
			`getSystemdVersion = getSystemdVersionMin`

			`plugin := &Systemd{Log: testutil.Logger{}}`
			`require.ErrorContains(t, plugin.Init(), "'path' required without CREDENTIALS_DIRECTORY")`
			`}`

			`func TestEmptyCredentialsDirectoryWarning(t *testing.T) {`
			`getSystemdVersion = getSystemdVersionMin`

			`logger := &testutil.CaptureLogger{}`
			`plugin := &Systemd{`
			`Path: "testdata",`
			`Log: logger}`
			`require.NoError(t, plugin.Init())`

			`actual := logger.Warnings()`
			`require.Len(t, actual, 1)`
			`require.Contains(t, actual[0], "CREDENTIALS_DIRECTORY environment variable undefined")`
			`}`

			`func TestPathNonExistentExplicit(t *testing.T) {`
			`getSystemdVersion = getSystemdVersionMin`
			`t.Setenv("CREDENTIALS_DIRECTORY", "testdata")`

			`plugin := &Systemd{`
			`Path: "non/existent/path",`
			`Log: testutil.Logger{},`
			`}`
			`require.ErrorContains(t, plugin.Init(), "accessing credentials directory")`
			`}`

			`func TestPathNonExistentImplicit(t *testing.T) {`
			`getSystemdVersion = getSystemdVersionMin`
			`t.Setenv("CREDENTIALS_DIRECTORY", "non/existent/path")`

			`plugin := &Systemd{`
			`Log: testutil.Logger{},`
			`}`
			`require.ErrorContains(t, plugin.Init(), "accessing credentials directory")`
			`}`

			`func TestInit(t *testing.T) {`
			`getSystemdVersion = getSystemdVersionMin`
			`t.Setenv("CREDENTIALS_DIRECTORY", "testdata")`

			`plugin := &Systemd{Log: testutil.Logger{}}`
			`require.NoError(t, plugin.Init())`
			`}`

			`func TestSetNotAvailable(t *testing.T) {`
			`getSystemdVersion = getSystemdVersionMin`
			`t.Setenv("CREDENTIALS_DIRECTORY", "testdata")`

			`plugin := &Systemd{Log: testutil.Logger{}}`
			`require.NoError(t, plugin.Init())`

			`// Try to Store the secrets, which this plugin should not let`
			`require.ErrorContains(t, plugin.Set("foo", "bar"), "secret-store does not support creating secrets")`
			`}`

			`func TestListGet(t *testing.T) {`
			`getSystemdVersion = getSystemdVersionMin`
			`t.Setenv("CREDENTIALS_DIRECTORY", "testdata")`

			// secret files name and their content to compare under the `testdata` directory
			`secrets := map[string]string{`
			`"secret-file-1": "IWontTell",`
			`"secret_file_2": "SuperDuperSecret!23",`
			`"secretFile": "foobar",`
			`}`

			`// Initialize the plugin`
			`plugin := &Systemd{Log: testutil.Logger{}}`
			`require.NoError(t, plugin.Init())`

			`// List the Secrets`
			`keys, err := plugin.List()`
			`require.NoError(t, err)`
			`require.Len(t, keys, len(secrets))`
			`// check if the returned array from List() is the same`
			`// as the name of secret files`
			`for secretFileName := range secrets {`
			`require.Contains(t, keys, secretFileName)`
			`}`

			`// Get the secrets`
			`for _, k := range keys {`
			`value, err := plugin.Get(k)`
			`require.NoError(t, err)`
			`v, found := secrets[k]`
			`require.Truef(t, found, "unexpected secret requested that was not found: %q", k)`
			`require.Equal(t, v, string(value))`
			`}`
			`}`

			`func TestResolver(t *testing.T) {`
			`getSystemdVersion = getSystemdVersionMin`
			`t.Setenv("CREDENTIALS_DIRECTORY", "testdata")`

			`// Secret Value Name to Resolve`
			`secretFileName := "secret-file-1"`
			`// Secret Value to Resolve To`
			`secretVal := "IWontTell"`

			`// Initialize the plugin`
			`plugin := &Systemd{Log: testutil.Logger{}}`
			`require.NoError(t, plugin.Init())`

			`// Get the resolver`
			`resolver, err := plugin.GetResolver(secretFileName)`
			`require.NoError(t, err)`
			`require.NotNil(t, resolver)`
			`s, dynamic, err := resolver()`
			`require.NoError(t, err)`
			`require.False(t, dynamic)`
			`require.Equal(t, secretVal, string(s))`
			`}`

			`func TestResolverInvalid(t *testing.T) {`
			`getSystemdVersion = getSystemdVersionMin`
			`t.Setenv("CREDENTIALS_DIRECTORY", "testdata")`

			`// Initialize the plugin`
			`plugin := &Systemd{Log: testutil.Logger{}}`
			`require.NoError(t, plugin.Init())`

			`// Get the resolver`
			`resolver, err := plugin.GetResolver("foo")`
			`require.NoError(t, err)`
			`require.NotNil(t, resolver)`
			`_, _, err = resolver()`
			`require.ErrorContains(t, err, "cannot read the secret's value:")`
			`}`

			`func TestGetNonExistent(t *testing.T) {`
			`getSystemdVersion = getSystemdVersionMin`
			`t.Setenv("CREDENTIALS_DIRECTORY", "testdata")`

			`// Initialize the plugin`
			`plugin := &Systemd{Log: testutil.Logger{}}`
			`require.NoError(t, plugin.Init())`

			`// Get the resolver`
			`_, err := plugin.Get("foo")`
			`require.ErrorContains(t, err, "cannot read the secret's value:")`
			`}`