Mirrors/ansible-collection-famedly-base
2
0
Fork 0
mirror of https://github.com/famedly/ansible-collection-base synced 2024-11-10 06:24:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

chore(gpg_secretstore): assert existence of user supplied secret

Browse source
This commit is contained in:
Jan Christian Grünhage 2022-09-21 16:42:29 +02:00
parent 1bd01fc376
commit 265036be47
No known key found for this signature in database
GPG key ID: EEC1170CE56FA2ED
2 changed files with 13 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
plugins/modules/gpg_secretstore.py
View file

@ -245,6 +245,10 @@ def check_module_import_errors():
return errors
class UserSuppliedSecretMissingError(Exception):
pass
class SecretGenerator:
ALLOWED_SECRET_TYPES = ["random", "binary", "user_supplied"]
@ -294,6 +298,10 @@ class SecretGenerator:
@staticmethod
def __userSuppliedSecret(user_supplied_secret: str, **kwargs):
if user_supplied_secret is None:
raise UserSuppliedSecretMissingError(
"User supplied secret configured, but it's neither in the store nor supplied"
)
return user_supplied_secret

5
tests/unit/test_gpg_secretstore.py
View file

@ -135,6 +135,11 @@ class TestSecretGenerator:
secret = generator.getSecret()
assert len(secret) == 30
def test_missing_user_supplied_secret(self, monkeypatch):
generator = gpg_secretstore.SecretGenerator(secret_type="user_supplied")
with pytest.raises(Exception):
generator.getSecret()
def test_plain_user_supplied_secret(self, monkeypatch):
generator = gpg_secretstore.SecretGenerator(
secret_type="user_supplied", user_supplied_secret="secretdata"