config: additional tests for secret sourcing

This commit is contained in:
Alex Auvolat 2024-01-15 17:30:30 +01:00
parent 7228695ee2
commit 97bae7213a
No known key found for this signature in database
GPG key ID: 0E496D15096376BE

View file

@ -200,10 +200,9 @@ mod tests {
let config = fill_secrets(config, Secrets::default())?; let config = fill_secrets(config, Secrets::default())?;
assert_eq!("foo", config.rpc_secret.unwrap()); assert_eq!("foo", config.rpc_secret.unwrap());
// ---- Check non world-readable secrets config ----
#[cfg(unix)] #[cfg(unix)]
{ {
// Check non world-readable secrets config
let secrets_allow_world_readable = Secrets { let secrets_allow_world_readable = Secrets {
allow_world_readable_secrets: Some(true), allow_world_readable_secrets: Some(true),
..Default::default() ..Default::default()
@ -240,7 +239,46 @@ mod tests {
assert!(fill_secrets(config, secrets_no_allow_world_readable).is_err()); assert!(fill_secrets(config, secrets_no_allow_world_readable).is_err());
} }
// ---- Check alternative secrets specified on CLI ----
let path_secret2 = mktemp::Temp::new_file()?;
let mut file_secret2 = File::create(path_secret2.as_path())?;
writeln!(file_secret2, "bar")?;
drop(file_secret2);
let config = read_config(path_config.to_path_buf())?;
let config = fill_secrets(
config,
Secrets {
rpc_secret: Some("baz".into()),
..Default::default()
},
)?;
assert_eq!(config.rpc_secret.as_deref(), Some("baz"));
let config = read_config(path_config.to_path_buf())?;
let config = fill_secrets(
config,
Secrets {
rpc_secret_file: Some(path_secret2.display().to_string()),
..Default::default()
},
)?;
assert_eq!(config.rpc_secret.as_deref(), Some("bar"));
let config = read_config(path_config.to_path_buf())?;
assert!(fill_secrets(
config,
Secrets {
rpc_secret: Some("baz".into()),
rpc_secret_file: Some(path_secret2.display().to_string()),
..Default::default()
}
)
.is_err());
drop(path_secret); drop(path_secret);
drop(path_secret2);
drop(path_config); drop(path_config);
drop(path_config_allow_world_readable); drop(path_config_allow_world_readable);