def test_kubernetes_dejson(self, mock_hvac, mock_get_connection): mock_client = mock.MagicMock() mock_hvac.Client.return_value = mock_client mock_connection = self.get_mock_connection() mock_get_connection.return_value = mock_connection connection_dict = {} mock_connection.extra_dejson.get.side_effect = connection_dict.get kwargs = { "kubernetes_role": "kube_role", "kubernetes_jwt_path": "path", "auth_type": "kubernetes", "vault_conn_id": "vault_conn_id", } with patch("builtins.open", mock_open(read_data="data")) as mock_file: test_hook = VaultHook(**kwargs) test_client = test_hook.get_conn() mock_get_connection.assert_called_with("vault_conn_id") mock_file.assert_called_with("path") mock_hvac.Client.assert_called_with(url='http://localhost:8180') test_client.auth_kubernetes.assert_called_with(role="kube_role", jwt="data") test_client.is_authenticated.assert_called_with() self.assertEqual(2, test_hook.vault_client.kv_engine_version)
def test_gcp_dejson(self, mock_hvac, mock_get_connection, mock_get_credentials, mock_get_scopes): mock_client = mock.MagicMock() mock_hvac.Client.return_value = mock_client mock_connection = self.get_mock_connection() mock_get_connection.return_value = mock_connection mock_get_scopes.return_value = ['scope1', 'scope2'] mock_get_credentials.return_value = ("credentials", "project_id") connection_dict = { "auth_type": "gcp", "gcp_key_path": "path.json", "gcp_scopes": "scope1,scope2", } mock_connection.extra_dejson.get.side_effect = connection_dict.get kwargs = { "vault_conn_id": "vault_conn_id", } test_hook = VaultHook(**kwargs) test_client = test_hook.get_conn() mock_get_connection.assert_called_with("vault_conn_id") mock_get_scopes.assert_called_with("scope1,scope2") mock_get_credentials.assert_called_with(key_path="path.json", scopes=['scope1', 'scope2']) mock_hvac.Client.assert_called_with(url='http://localhost:8180') test_client.auth.gcp.configure.assert_called_with( credentials="credentials", ) test_client.is_authenticated.assert_called_with() self.assertEqual(2, test_hook.vault_client.kv_engine_version)
def test_azure_dejson(self, mock_hvac, mock_get_connection): mock_client = mock.MagicMock() mock_hvac.Client.return_value = mock_client mock_connection = self.get_mock_connection() mock_get_connection.return_value = mock_connection connection_dict = { "auth_type": "azure", "azure_tenant_id": "tenant_id", "azure_resource": "resource", } mock_connection.extra_dejson.get.side_effect = connection_dict.get kwargs = { "vault_conn_id": "vault_conn_id", } test_hook = VaultHook(**kwargs) mock_get_connection.assert_called_with("vault_conn_id") test_client = test_hook.get_conn() mock_hvac.Client.assert_called_with(url='http://localhost:8180') test_client.auth.azure.configure.assert_called_with( tenant_id="tenant_id", resource="resource", client_id="user", client_secret="pass", ) test_client.is_authenticated.assert_called_with() assert 2 == test_hook.vault_client.kv_engine_version
def test_token_init_params(self, mock_hvac, mock_get_connection): mock_client = mock.MagicMock() mock_hvac.Client.return_value = mock_client mock_connection = self.get_mock_connection() mock_get_connection.return_value = mock_connection connection_dict = {} mock_connection.extra_dejson.get.side_effect = connection_dict.get kwargs = {"vault_conn_id": "vault_conn_id", "auth_type": "token", "kv_engine_version": 2} test_hook = VaultHook(**kwargs) mock_get_connection.assert_called_with("vault_conn_id") test_client = test_hook.get_conn() mock_hvac.Client.assert_called_with(url='http://localhost:8180') test_client.is_authenticated.assert_called_with() assert "pass" == test_client.token assert 2 == test_hook.vault_client.kv_engine_version assert "secret" == test_hook.vault_client.mount_point
def test_github_init_params(self, mock_hvac, mock_get_connection): mock_client = mock.MagicMock() mock_hvac.Client.return_value = mock_client mock_connection = self.get_mock_connection() mock_get_connection.return_value = mock_connection connection_dict = {} mock_connection.extra_dejson.get.side_effect = connection_dict.get kwargs = { "auth_type": "github", "vault_conn_id": "vault_conn_id", } test_hook = VaultHook(**kwargs) mock_get_connection.assert_called_with("vault_conn_id") test_client = test_hook.get_conn() mock_hvac.Client.assert_called_with(url='http://localhost:8180') test_client.auth.github.login.assert_called_with(token="pass") test_client.is_authenticated.assert_called_with() self.assertEqual(2, test_hook.vault_client.kv_engine_version)
def test_userpass_dejson(self, mock_hvac, mock_get_connection): mock_client = mock.MagicMock() mock_hvac.Client.return_value = mock_client mock_connection = self.get_mock_connection() mock_get_connection.return_value = mock_connection connection_dict = { "auth_type": "userpass", } mock_connection.extra_dejson.get.side_effect = connection_dict.get kwargs = { "vault_conn_id": "vault_conn_id", } test_hook = VaultHook(**kwargs) mock_get_connection.assert_called_with("vault_conn_id") test_client = test_hook.get_conn() mock_hvac.Client.assert_called_with(url='http://localhost:8180') test_client.auth_userpass.assert_called_with(username="******", password="******") test_client.is_authenticated.assert_called_with() assert 2 == test_hook.vault_client.kv_engine_version
def test_radius_init_params(self, mock_hvac, mock_get_connection): mock_client = mock.MagicMock() mock_hvac.Client.return_value = mock_client mock_connection = self.get_mock_connection() mock_get_connection.return_value = mock_connection connection_dict = {} mock_connection.extra_dejson.get.side_effect = connection_dict.get kwargs = { "auth_type": "radius", "radius_host": "radhost", "vault_conn_id": "vault_conn_id", } test_hook = VaultHook(**kwargs) mock_get_connection.assert_called_with("vault_conn_id") test_client = test_hook.get_conn() mock_hvac.Client.assert_called_with(url='http://localhost:8180') test_client.auth.radius.configure.assert_called_with(host="radhost", secret="pass", port=None) test_client.is_authenticated.assert_called_with() assert 2 == test_hook.vault_client.kv_engine_version
def test_aws_iam_dejson(self, mock_hvac, mock_get_connection): mock_client = mock.MagicMock() mock_hvac.Client.return_value = mock_client mock_connection = self.get_mock_connection() mock_get_connection.return_value = mock_connection connection_dict = {"auth_type": "aws_iam", "role_id": "role"} mock_connection.extra_dejson.get.side_effect = connection_dict.get kwargs = { "vault_conn_id": "vault_conn_id", } test_hook = VaultHook(**kwargs) mock_get_connection.assert_called_with("vault_conn_id") test_client = test_hook.get_conn() mock_hvac.Client.assert_called_with(url='http://localhost:8180') test_client.auth_aws_iam.assert_called_with( access_key='user', secret_key='pass', role="role", )
def test_protocol(self, protocol, expected_url, mock_hvac, mock_get_connection): mock_client = mock.MagicMock() mock_hvac.Client.return_value = mock_client mock_connection = self.get_mock_connection(conn_type=protocol) mock_get_connection.return_value = mock_connection connection_dict = {} mock_connection.extra_dejson.get.side_effect = connection_dict.get kwargs = { "vault_conn_id": "vault_conn_id", "auth_type": "approle", "role_id": "role", "kv_engine_version": 2, } test_hook = VaultHook(**kwargs) mock_get_connection.assert_called_with("vault_conn_id") test_client = test_hook.get_conn() mock_hvac.Client.assert_called_with(url=expected_url) test_client.auth.approle.login.assert_called_with(role_id="role", secret_id="pass") test_client.is_authenticated.assert_called_with() assert 2 == test_hook.vault_client.kv_engine_version
def test_approle_dejson(self, mock_hvac, mock_get_connection): mock_client = mock.MagicMock() mock_hvac.Client.return_value = mock_client mock_connection = self.get_mock_connection() mock_get_connection.return_value = mock_connection connection_dict = { "auth_type": "approle", 'role_id': "role", } mock_connection.extra_dejson.get.side_effect = connection_dict.get kwargs = { "vault_conn_id": "vault_conn_id", } test_hook = VaultHook(**kwargs) mock_get_connection.assert_called_with("vault_conn_id") test_client = test_hook.get_conn() mock_hvac.Client.assert_called_with(url='http://localhost:8180') test_client.auth_approle.assert_called_with(role_id="role", secret_id="pass") test_client.is_authenticated.assert_called_with() self.assertEqual(2, test_hook.vault_client.kv_engine_version)