def test_get_non_existing_key_v2(self, mock_hvac):
mock_client = mock.MagicMock()
mock_hvac.Client.return_value = mock_client
# Response does not contain the requested key
mock_client.secrets.kv.v2.read_secret_version.side_effect = InvalidPath(
)
vault_client = _VaultClient(auth_type="token",
token="s.7AU0I51yv1Q1lxOIg1F3ZRAS",
url="http://localhost:8180")
secret = vault_client.get_secret(secret_path="missing")
self.assertIsNone(secret)
mock_client.secrets.kv.v2.read_secret_version.assert_called_once_with(
mount_point='secret', path='missing', version=None)
def test_get_non_existing_key_v1(self, mock_hvac):
mock_client = mock.MagicMock()
mock_hvac.Client.return_value = mock_client
# Response does not contain the requested key
mock_client.secrets.kv.v1.read_secret.side_effect = InvalidPath()
vault_client = _VaultClient(auth_type="approle",
role_id="role",
url="http://localhost:8180",
secret_id="pass",
kv_engine_version=1)
secret = vault_client.get_secret(secret_path="missing")
self.assertIsNone(secret)
mock_client.secrets.kv.v1.read_secret.assert_called_once_with(
mount_point='secret', path='missing')
def test_get_non_existing_key_v2_different_auth(self, mock_hvac):
mock_client = mock.MagicMock()
mock_hvac.Client.return_value = mock_client
# Response does not contain the requested key
mock_client.secrets.kv.v2.read_secret_version.side_effect = InvalidPath(
)
vault_client = _VaultClient(
auth_type="radius",
radius_host="radhost",
radius_port=8110,
radius_secret="pass",
url="http://localhost:8180",
)
secret = vault_client.get_secret(secret_path="missing")
self.assertIsNone(secret)
self.assertEqual("secret", vault_client.mount_point)
mock_client.secrets.kv.v2.read_secret_version.assert_called_once_with(
mount_point='secret', path='missing', version=None)
def test_get_conn_uri_non_existent_key(self, mock_hvac):
"""
Test that if the key with connection ID is not present in Vault, VaultClient.get_connections
should return None
"""
mock_client = mock.MagicMock()
mock_hvac.Client.return_value = mock_client
# Response does not contain the requested key
mock_client.secrets.kv.v2.read_secret_version.side_effect = InvalidPath()
kwargs = {
"connections_path": "connections",
"mount_point": "airflow",
"auth_type": "token",
"url": "http://127.0.0.1:8200",
"token": "s.7AU0I51yv1Q1lxOIg1F3ZRAS"
}
test_client = VaultBackend(**kwargs)
self.assertIsNone(test_client.get_conn_uri(conn_id="test_mysql"))
mock_client.secrets.kv.v2.read_secret_version.assert_called_once_with(
mount_point='airflow', path='connections/test_mysql')
self.assertEqual([], test_client.get_connections(conn_id="test_mysql"))
def test_get_variable_value_non_existent_key(self, mock_hvac):
"""
Test that if the key with connection ID is not present in Vault, _VaultClient.get_connections
should return None
"""
mock_client = mock.MagicMock()
mock_hvac.Client.return_value = mock_client
# Response does not contain the requested key
mock_client.secrets.kv.v2.read_secret_version.side_effect = InvalidPath(
)
kwargs = {
"variables_path": "variables",
"mount_point": "airflow",
"auth_type": "token",
"url": "http://127.0.0.1:8200",
"token": "s.7AU0I51yv1Q1lxOIg1F3ZRAS",
}
test_client = VaultBackend(**kwargs)
assert test_client.get_variable("hello") is None
mock_client.secrets.kv.v2.read_secret_version.assert_called_once_with(
mount_point='airflow', path='variables/hello', version=None)
assert test_client.get_variable("hello") is None
