Skip to content

Commit

Permalink
feat: Updated to latest bootstrap and other modules
Browse files Browse the repository at this point in the history 
Signed-off-by: Lenny Goodell <[email protected]>
  • Loading branch information
Lenny Goodell committed Dec 20, 2020
1 parent f2776a8 commit 94409b7
Show file tree
Hide file tree
Showing 7 changed files with 42 additions and 43 deletions.
Binary file removed cmd/security-secrets-setup/security-secrets-setup
View file
Binary file not shown.
8 changes: 3 additions & 5 deletions go.mod
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,11 +5,11 @@ require (
github.com/BurntSushi/toml v0.3.1
github.com/OneOfOne/xxhash v1.2.8
github.com/dgrijalva/jwt-go v3.2.0+incompatible
github.com/edgexfoundry/go-mod-bootstrap v0.0.60
github.com/edgexfoundry/go-mod-bootstrap v0.0.64
github.com/edgexfoundry/go-mod-configuration v0.0.8
github.com/edgexfoundry/go-mod-core-contracts v0.1.130
github.com/edgexfoundry/go-mod-core-contracts v0.1.131
github.com/edgexfoundry/go-mod-messaging v0.1.28
github.com/edgexfoundry/go-mod-registry v0.1.26
github.com/edgexfoundry/go-mod-registry v0.1.27
github.com/edgexfoundry/go-mod-secrets v0.0.29
github.com/fxamacker/cbor/v2 v2.2.0
github.com/gomodule/redigo v2.0.0+incompatible
Expand All @@ -24,6 +24,4 @@ require (
gopkg.in/yaml.v2 v2.4.0
)

replace github.com/edgexfoundry/go-mod-bootstrap => ../go-mod-bootstrap

go 1.15
34 changes: 17 additions & 17 deletions internal/security/fileprovider/provider_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -25,15 +25,15 @@ import (
"strings"
"testing"

loaderMock "github.com/edgexfoundry/go-mod-secrets/pkg/token/authtokenloader/mocks"
fileMock "github.com/edgexfoundry/go-mod-secrets/pkg/token/fileioperformer/mocks"

"github.com/edgexfoundry/edgex-go/internal/security/fileprovider/config"
"github.com/edgexfoundry/edgex-go/internal/security/secretstoreclient"
. "github.com/edgexfoundry/edgex-go/internal/security/secretstoreclient/mocks"

"github.com/edgexfoundry/go-mod-core-contracts/clients/logger"

. "github.com/edgexfoundry/go-mod-secrets/pkg/token/authtokenloader/mocks"
. "github.com/edgexfoundry/go-mod-secrets/pkg/token/fileioperformer/mocks"

"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/mock"
"github.com/stretchr/testify/require"
Expand All @@ -60,7 +60,7 @@ func TestMultipleTokensWithNoDefaults(t *testing.T) {
// Arrange
mockLogger := logger.MockLogger{}

mockFileIoPerformer := &MockFileIoPerformer{}
mockFileIoPerformer := &fileMock.FileIoPerformer{}
expectedService1Dir := filepath.Join(outputDir, "service1")
expectedService1File := filepath.Join(expectedService1Dir, outputFilename)
service1Buffer := new(bytes.Buffer)
Expand All @@ -73,7 +73,7 @@ func TestMultipleTokensWithNoDefaults(t *testing.T) {
mockFileIoPerformer.On("MkdirAll", expectedService2Dir, os.FileMode(0700)).Return(nil)
mockFileIoPerformer.On("OpenFileWriter", expectedService2File, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, os.FileMode(0600)).Return(&writeCloserBuffer{service2Buffer}, nil)

mockAuthTokenLoader := &MockAuthTokenLoader{}
mockAuthTokenLoader := &loaderMock.AuthTokenLoader{}
mockAuthTokenLoader.On("Load", privilegedTokenPath).Return("fake-priv-token", nil)

expectedService1Policy := "{}"
Expand Down Expand Up @@ -153,15 +153,15 @@ func TestNoDefaultsCustomPolicy(t *testing.T) {
// Arrange
mockLogger := logger.MockLogger{}

mockFileIoPerformer := &MockFileIoPerformer{}
mockFileIoPerformer := &fileMock.FileIoPerformer{}
expectedService1Dir := filepath.Join(outputDir, "myservice")
expectedService1File := filepath.Join(expectedService1Dir, outputFilename)
service1Buffer := new(bytes.Buffer)
mockFileIoPerformer.On("MkdirAll", expectedService1Dir, os.FileMode(0700)).Return(nil)
mockFileIoPerformer.On("OpenFileReader", configFile, os.O_RDONLY, os.FileMode(0400)).Return(strings.NewReader(`{"myservice":{"custom_policy":{"path":{"secret/non/standard/location/*":{"capabilities":["list","read"]}}}}}`), nil)
mockFileIoPerformer.On("OpenFileWriter", expectedService1File, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, os.FileMode(0600)).Return(&writeCloserBuffer{service1Buffer}, nil)

mockAuthTokenLoader := &MockAuthTokenLoader{}
mockAuthTokenLoader := &loaderMock.AuthTokenLoader{}
mockAuthTokenLoader.On("Load", privilegedTokenPath).Return("fake-priv-token", nil)

expectedService1Policy := `{"path":{"secret/non/standard/location/*":{"capabilities":["list","read"]}}}`
Expand Down Expand Up @@ -201,15 +201,15 @@ func TestNoDefaultsCustomTokenParameters(t *testing.T) {
// Arrange
mockLogger := logger.MockLogger{}

mockFileIoPerformer := &MockFileIoPerformer{}
mockFileIoPerformer := &fileMock.FileIoPerformer{}
expectedService1Dir := filepath.Join(outputDir, "myservice")
expectedService1File := filepath.Join(expectedService1Dir, outputFilename)
service1Buffer := new(bytes.Buffer)
mockFileIoPerformer.On("MkdirAll", expectedService1Dir, os.FileMode(0700)).Return(nil)
mockFileIoPerformer.On("OpenFileReader", configFile, os.O_RDONLY, os.FileMode(0400)).Return(strings.NewReader(`{"myservice":{"custom_token_parameters":{"key1":"value1"}}}`), nil)
mockFileIoPerformer.On("OpenFileWriter", expectedService1File, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, os.FileMode(0600)).Return(&writeCloserBuffer{service1Buffer}, nil)

mockAuthTokenLoader := &MockAuthTokenLoader{}
mockAuthTokenLoader := &loaderMock.AuthTokenLoader{}
mockAuthTokenLoader.On("Load", privilegedTokenPath).Return("fake-priv-token", nil)

expectedService1Policy := "{}"
Expand Down Expand Up @@ -285,15 +285,15 @@ func TestTokenFilePermissions(t *testing.T) {
// Arrange
mockLogger := logger.MockLogger{}

mockFileIoPerformer := &MockFileIoPerformer{}
mockFileIoPerformer := &fileMock.FileIoPerformer{}
expectedService1Dir := filepath.Join(outputDir, "myservice")
expectedService1File := filepath.Join(expectedService1Dir, outputFilename)
service1Buffer := new(bytes.Buffer)
mockFileIoPerformer.On("MkdirAll", expectedService1Dir, os.FileMode(0700)).Return(nil)
mockFileIoPerformer.On("OpenFileReader", configFile, os.O_RDONLY, os.FileMode(0400)).Return(strings.NewReader(`{"myservice":{"file_permissions":{"uid":0,"gid":0,"mode_octal":"0664"}}}`), nil)
mockFileIoPerformer.On("OpenFileWriter", expectedService1File, os.O_CREATE|os.O_TRUNC|os.O_WRONLY, os.FileMode(0600)).Return(&writeCloserBuffer{service1Buffer}, nil)

mockAuthTokenLoader := &MockAuthTokenLoader{}
mockAuthTokenLoader := &loaderMock.AuthTokenLoader{}
mockAuthTokenLoader.On("Load", privilegedTokenPath).Return("fake-priv-token", nil)

expectedService1Parameters := makeMetaServiceName("myservice")
Expand Down Expand Up @@ -329,8 +329,8 @@ func TestTokenFilePermissions(t *testing.T) {
func TestErrorLoading1(t *testing.T) {
// Arrange
mockLogger := logger.MockLogger{}
mockFileIoPerformer := &MockFileIoPerformer{}
mockAuthTokenLoader := &MockAuthTokenLoader{}
mockFileIoPerformer := &fileMock.FileIoPerformer{}
mockAuthTokenLoader := &loaderMock.AuthTokenLoader{}
mockAuthTokenLoader.On("Load", "tokenpath").Return("atoken", errors.New("an error"))
mockSecretStoreClient := &MockSecretStoreClient{}

Expand All @@ -352,9 +352,9 @@ func TestErrorLoading1(t *testing.T) {
func TestErrorLoading2(t *testing.T) {
// Arrange
mockLogger := logger.MockLogger{}
mockFileIoPerformer := &MockFileIoPerformer{}
mockFileIoPerformer := &fileMock.FileIoPerformer{}
mockFileIoPerformer.On("OpenFileReader", "", os.O_RDONLY, os.FileMode(0400)).Return(strings.NewReader(""), errors.New("an error"))
mockAuthTokenLoader := &MockAuthTokenLoader{}
mockAuthTokenLoader := &loaderMock.AuthTokenLoader{}
mockAuthTokenLoader.On("Load", "tokenpath").Return("atoken", nil)
mockSecretStoreClient := &MockSecretStoreClient{}

Expand Down Expand Up @@ -403,7 +403,7 @@ func runTokensWithDefault(serviceName string, additionalKeysEnv string, t *testi

_ = os.Setenv(addSecretstoreTokensEnvKey, additionalKeysEnv)

mockFileIoPerformer := &MockFileIoPerformer{}
mockFileIoPerformer := &fileMock.FileIoPerformer{}
expectedService1Dir := filepath.Join(outputDir, serviceName)
expectedService1File := filepath.Join(expectedService1Dir, outputFilename)
service1Buffer := new(bytes.Buffer)
Expand Down Expand Up @@ -439,7 +439,7 @@ func runTokensWithDefault(serviceName string, additionalKeysEnv string, t *testi
os.FileMode(0600)).Return(&writeCloserBuffer{expectedSrvBuf}, nil)
}

mockAuthTokenLoader := &MockAuthTokenLoader{}
mockAuthTokenLoader := &loaderMock.AuthTokenLoader{}
mockAuthTokenLoader.On("Load", privilegedTokenPath).Return("fake-priv-token", nil)

expectedService1Policy := `{"path":{"secret/edgex/` + serviceName + `/*":{"capabilities":["create","update","delete","list","read"]}}}`
Expand Down
8 changes: 4 additions & 4 deletions internal/security/fileprovider/tokenconfig_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ import (
"strings"
"testing"

. "github.com/edgexfoundry/go-mod-secrets/pkg/token/fileioperformer/mocks"
"github.com/edgexfoundry/go-mod-secrets/pkg/token/fileioperformer/mocks"

"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
Expand All @@ -43,7 +43,7 @@ const sampleJSON = `{

func TestLoadTokenConfig(t *testing.T) {
stringReader := strings.NewReader(sampleJSON)
mockFileIoPerformer := &MockFileIoPerformer{}
mockFileIoPerformer := &mocks.FileIoPerformer{}
mockFileIoPerformer.On("OpenFileReader", "dummy-file", os.O_RDONLY, os.FileMode(0400)).Return(stringReader, nil)

var tokenConf TokenConfFile
Expand All @@ -62,7 +62,7 @@ func TestLoadTokenConfig(t *testing.T) {

func TestLoadTokenConfigError1(t *testing.T) {
stringReader := strings.NewReader(sampleJSON)
mockFileIoPerformer := &MockFileIoPerformer{}
mockFileIoPerformer := &mocks.FileIoPerformer{}
mockFileIoPerformer.On("OpenFileReader", "dummy-file", os.O_RDONLY, os.FileMode(0400)).Return(stringReader, errors.New("an error"))

var tokenConf TokenConfFile
Expand All @@ -72,7 +72,7 @@ func TestLoadTokenConfigError1(t *testing.T) {

func TestLoadTokenConfigError2(t *testing.T) {
stringReader := strings.NewReader("in{valid")
mockFileIoPerformer := &MockFileIoPerformer{}
mockFileIoPerformer := &mocks.FileIoPerformer{}
mockFileIoPerformer.On("OpenFileReader", "dummy-file", os.O_RDONLY, os.FileMode(0400)).Return(stringReader, nil)

var tokenConf TokenConfFile
Expand Down
20 changes: 10 additions & 10 deletions internal/security/kdf/methods_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,7 +15,7 @@ import (
"testing"
"time"

. "github.com/edgexfoundry/go-mod-secrets/pkg/token/fileioperformer/mocks"
"github.com/edgexfoundry/go-mod-secrets/pkg/token/fileioperformer/mocks"

"github.com/stretchr/testify/mock"
"github.com/stretchr/testify/require"
Expand All @@ -31,7 +31,7 @@ func TestNoErrorKdfCreateSalt(t *testing.T) {
mockSeedFile := &mockSeedFile{}
mockSeedFile.On("Write", mock.Anything).Return(32, nil)
mockSeedFile.On("Close").Return(nil)
mockFileOpener := &MockFileIoPerformer{}
mockFileOpener := &mocks.FileIoPerformer{}
mockFileOpener.On("OpenFileWriter", "/target/kdf-salt.dat", os.O_RDWR|os.O_CREATE|os.O_TRUNC, os.FileMode(0600)).Return(mockSeedFile, nil)
keyDeriver := NewKdf(mockFileOpener, "/target", sha256.New)

Expand All @@ -58,7 +58,7 @@ func TestNoErrorKdfReadSalt(t *testing.T) {
}
}).Return(32, nil)
mockSeedFile.On("Close").Return(nil)
mockFileOpener := &MockFileIoPerformer{}
mockFileOpener := &mocks.FileIoPerformer{}
mockFileOpener.On("OpenFileReader", "/target/kdf-salt.dat", os.O_RDONLY, os.FileMode(0400)).Return(mockSeedFile, nil)
keyDeriver := NewKdf(mockFileOpener, "/target", sha256.New)
expected, _ := hex.DecodeString(expectedKey)
Expand All @@ -79,7 +79,7 @@ func TestFailedStat(t *testing.T) {
mockFileInfo := &mockFileInfo{}
defer mockOsStat(func(string) (os.FileInfo, error) { return mockFileInfo, os.ErrPermission })()
mockSeedFile := &mockSeedFile{}
mockFileOpener := &MockFileIoPerformer{}
mockFileOpener := &mocks.FileIoPerformer{}
keyDeriver := NewKdf(mockFileOpener, "/target", sha256.New)

// Act
Expand All @@ -97,7 +97,7 @@ func TestFailedFileOpenForReading(t *testing.T) {
mockFileInfo := &mockFileInfo{}
defer mockOsStat(func(string) (os.FileInfo, error) { return mockFileInfo, nil })()
mockSeedFile := &mockSeedFile{}
mockFileOpener := &MockFileIoPerformer{}
mockFileOpener := &mocks.FileIoPerformer{}
mockFileOpener.On("OpenFileReader", "/target/kdf-salt.dat", os.O_RDONLY, os.FileMode(0400)).Return(mockSeedFile, errors.New("error"))
keyDeriver := NewKdf(mockFileOpener, "/target", sha256.New)

Expand All @@ -117,7 +117,7 @@ func TestFailedRead(t *testing.T) {
mockSeedFile := &mockSeedFile{}
mockSeedFile.On("Read", mock.Anything).Return(0, errors.New("error"))
mockSeedFile.On("Close").Return(nil)
mockFileOpener := &MockFileIoPerformer{}
mockFileOpener := &mocks.FileIoPerformer{}
mockFileOpener.On("OpenFileReader", "/target/kdf-salt.dat", os.O_RDONLY, os.FileMode(0400)).Return(mockSeedFile, nil)
keyDeriver := NewKdf(mockFileOpener, "/target", sha256.New)

Expand All @@ -138,7 +138,7 @@ func TestShortRead(t *testing.T) {
mockSeedFile := &mockSeedFile{}
mockSeedFile.On("Read", mock.Anything).Return(1, nil)
mockSeedFile.On("Close").Return(nil)
mockFileOpener := &MockFileIoPerformer{}
mockFileOpener := &mocks.FileIoPerformer{}
mockFileOpener.On("OpenFileReader", "/target/kdf-salt.dat", os.O_RDONLY, os.FileMode(0400)).Return(mockSeedFile, nil)
keyDeriver := NewKdf(mockFileOpener, "/target", sha256.New)

Expand All @@ -158,7 +158,7 @@ func TestFailedFileOpenForWriting(t *testing.T) {
mockFileInfo := &mockFileInfo{}
defer mockOsStat(func(string) (os.FileInfo, error) { return mockFileInfo, os.ErrNotExist })()
mockSeedFile := &mockSeedFile{}
mockFileOpener := &MockFileIoPerformer{}
mockFileOpener := &mocks.FileIoPerformer{}
mockFileOpener.On("OpenFileWriter", "/target/kdf-salt.dat", os.O_RDWR|os.O_CREATE|os.O_TRUNC, os.FileMode(0600)).Return(mockSeedFile, errors.New("error"))
keyDeriver := NewKdf(mockFileOpener, "/target", sha256.New)

Expand All @@ -178,7 +178,7 @@ func TestFailedWrite(t *testing.T) {
mockSeedFile := &mockSeedFile{}
mockSeedFile.On("Write", mock.Anything).Return(32, errors.New("error"))
mockSeedFile.On("Close").Return(nil)
mockFileOpener := &MockFileIoPerformer{}
mockFileOpener := &mocks.FileIoPerformer{}
mockFileOpener.On("OpenFileWriter", "/target/kdf-salt.dat", os.O_RDWR|os.O_CREATE|os.O_TRUNC, os.FileMode(0600)).Return(mockSeedFile, nil)
keyDeriver := NewKdf(mockFileOpener, "/target", sha256.New)

Expand All @@ -199,7 +199,7 @@ func TestShortWrite(t *testing.T) {
mockSeedFile := &mockSeedFile{}
mockSeedFile.On("Write", mock.Anything).Return(15, nil)
mockSeedFile.On("Close").Return(nil)
mockFileOpener := &MockFileIoPerformer{}
mockFileOpener := &mocks.FileIoPerformer{}
mockFileOpener.On("OpenFileWriter", "/target/kdf-salt.dat", os.O_RDWR|os.O_CREATE|os.O_TRUNC, os.FileMode(0600)).Return(mockSeedFile, nil)
keyDeriver := NewKdf(mockFileOpener, "/target", sha256.New)

Expand Down
7 changes: 4 additions & 3 deletions internal/security/secretstore/init_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,10 +11,11 @@ import (
"strings"
"testing"

"github.com/edgexfoundry/go-mod-secrets/pkg/token/fileioperformer/mocks"

"github.com/edgexfoundry/edgex-go/internal/security/secretstoreclient"

"github.com/edgexfoundry/go-mod-core-contracts/clients/logger"
. "github.com/edgexfoundry/go-mod-secrets/pkg/token/fileioperformer/mocks"

"github.com/stretchr/testify/assert"
)
Expand All @@ -34,7 +35,7 @@ func TestLoadInitResponse(t *testing.T) {
// Arrange
assert := assert.New(t)
mockLogger := logger.MockLogger{}
fileOpener := &MockFileIoPerformer{}
fileOpener := &mocks.FileIoPerformer{}
stringReader := strings.NewReader(sampleJSON)
fileOpener.On("OpenFileReader", "/foo/bar.baz", os.O_RDONLY, os.FileMode(0400)).Return(stringReader, nil)
secretConfig := secretstoreclient.SecretServiceInfo{
Expand All @@ -55,7 +56,7 @@ func TestSaveInitResponse(t *testing.T) {
// Arrange
assert := assert.New(t)
mockLogger := logger.MockLogger{}
fileOpener := &MockFileIoPerformer{}
fileOpener := &mocks.FileIoPerformer{}
fileOpener.On("OpenFileWriter", "/foo/bar.baz", os.O_CREATE|os.O_TRUNC|os.O_WRONLY, os.FileMode(0600)).Return(&discardWriterCloser{}, nil)
secretConfig := secretstoreclient.SecretServiceInfo{
TokenFolderPath: "/foo",
Expand Down
8 changes: 4 additions & 4 deletions internal/security/secretstore/vmkencryption_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -14,15 +14,15 @@ import (
. "github.com/edgexfoundry/edgex-go/internal/security/pipedhexreader/mocks"
"github.com/edgexfoundry/edgex-go/internal/security/secretstoreclient"

. "github.com/edgexfoundry/go-mod-secrets/pkg/token/fileioperformer/mocks"
"github.com/edgexfoundry/go-mod-secrets/pkg/token/fileioperformer/mocks"

"github.com/stretchr/testify/require"
)

// TestVMKEncryptionNoIkm tests the no-op path
func TestVMKEncryptionNoIkm(t *testing.T) {
// Arrange
fileOpener := &MockFileIoPerformer{}
fileOpener := &mocks.FileIoPerformer{}
pipedHexReader := &MockPipedHexReader{}
kdf := &MockKeyDeriver{}

Expand All @@ -42,7 +42,7 @@ func TestVMKEncryptionNoIkm(t *testing.T) {
func TestVMKEncryption(t *testing.T) {
// Arrange
fakeIkm := make([]byte, 512)
fileOpener := &MockFileIoPerformer{}
fileOpener := &mocks.FileIoPerformer{}
pipedHexReader := &MockPipedHexReader{}
pipedHexReader.On("ReadHexBytesFromExe", "/bin/myikm").Return(fakeIkm, nil)
kdf := &MockKeyDeriver{}
Expand Down Expand Up @@ -77,7 +77,7 @@ func TestVMKEncryption(t *testing.T) {
func TestVMKEncryptionFailPath(t *testing.T) {
// Arrange
fakeIkm := make([]byte, 512)
fileOpener := &MockFileIoPerformer{}
fileOpener := &mocks.FileIoPerformer{}
pipedHexReader := &MockPipedHexReader{}
pipedHexReader.On("ReadHexBytesFromExe", "/bin/myikm").Return(fakeIkm, errors.New("error"))
kdf := &MockKeyDeriver{}
Expand Down

0 comments on commit 94409b7

Please sign in to comment.