public/grafana
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
f2f1663dba8a5f6884df19bebd2dbe61c831d8d5
grafana/pkg/registry/apis/secret/encryption/cipher/service/service_test.go
T
Michael Mandrus ab51794bdb SecretsManager: Unify KMS across OSS and Enterprise (#108085) 
* everything is compiling

* tests passing

* remove used object

* write a test for secret key upgrades

* misc cleanup

* clean up some wording

* lint issues

* fix a typo

* import hashicorp dependency explicitly

* simplify oss kmsprovider package structure

* consolidate current provider and available providers

* add a new manager configuration test

* fix hashivault import

* fix import issue

* fix unit tests

* Update go.mod

Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com>

---------

Co-authored-by: Matheus Macabu <macabu@users.noreply.github.com>
2025-07-15 14:39:20 -04:00

50 lines
1.3 KiB
Go
Raw Blame History

package service
import (
"testing"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
"go.opentelemetry.io/otel/trace/noop"
"github.com/grafana/grafana/pkg/infra/usagestats"
"github.com/grafana/grafana/pkg/registry/apis/secret/encryption/cipher"
)
func newGcmService(t *testing.T) cipher.Cipher {
t.Helper()
usageStats := &usagestats.UsageStatsMock{}
svc, err := ProvideAESGCMCipherService(noop.NewTracerProvider().Tracer("test"), usageStats)
require.NoError(t, err, "failed to set up encryption service")
return svc
}
func TestService(t *testing.T) {
t.Parallel()
t.Run("decrypt empty payload should return error", func(t *testing.T) {
t.Parallel()
svc := newGcmService(t)
_, err := svc.Decrypt(t.Context(), []byte(""), "1234")
require.Error(t, err)
assert.Equal(t, "unable to derive encryption algorithm", err.Error())
})
t.Run("encrypt and decrypt with GCM should work", func(t *testing.T) {
t.Parallel()
svc := newGcmService(t)
encrypted, err := svc.Encrypt(t.Context(), []byte("grafana"), "1234")
require.NoError(t, err)
decrypted, err := svc.Decrypt(t.Context(), encrypted, "1234")
require.NoError(t, err)
assert.Equal(t, []byte("grafana"), decrypted)
// We'll let the provider deal with testing details.
})
}
Reference in New Issue View Git Blame Copy Permalink