cleanup copied tests from courier

ncode · Sep 23, 2024 · c92b324 · c92b324
1 parent 265f410
commit c92b324
Show file tree

Hide file tree

Showing 2 changed files with 0 additions and 137 deletions.
diff --git a/pkg/vault/vault.go b/pkg/vault/vault.go
@@ -42,11 +42,6 @@ type JWTAuth struct {
 	JWT  string
 }
 
-type K8sAuth struct {
-	Role string
-	JWT  string
-}
-
 func (t TokenAuth) Authenticate(client *vault.Client) error {
 	client.SetToken(t.Token)
 	return nil
@@ -110,19 +105,6 @@ func (j JWTAuth) ConfigureTLS(*vault.Config) error {
 	return nil
 }
 
-func (k K8sAuth) Authenticate(client *vault.Client) error {
-	data := map[string]interface{}{
-		"role": k.Role,
-		"jwt":  k.JWT,
-	}
-	secret, err := client.Logical().Write("auth/kubernetes/login", data)
-	if err != nil {
-		return fmt.Errorf("failed to authenticate with Kubernetes: %w", err)
-	}
-	client.SetToken(secret.Auth.ClientToken)
-	return nil
-}
-
 func NewVaultClient(address string, authMethod AuthMethod) (*VaultClient, error) {
 	config := vault.DefaultConfig()
 	config.Address = address

diff --git a/pkg/vault/vault_test.go b/pkg/vault/vault_test.go
@@ -99,26 +99,6 @@ func TestNewVaultClient(t *testing.T) {
 			},
 			wantErr: false,
 		},
-		{
-			name: "K8sAuth_Success",
-			authMethod: K8sAuth{
-				Role: "test-role",
-				JWT:  "test-jwt",
-			},
-			setupMock: func(s *httptest.Server) {
-				s.Config.Handler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-					assert.Equal(t, "/v1/auth/kubernetes/login", r.URL.Path)
-					assert.Equal(t, http.MethodPut, r.Method)
-					var payload map[string]interface{}
-					json.NewDecoder(r.Body).Decode(&payload)
-					assert.Equal(t, "test-role", payload["role"])
-					assert.Equal(t, "test-jwt", payload["jwt"])
-					w.WriteHeader(http.StatusOK)
-					w.Write([]byte(`{"auth": {"client_token": "test-client-token"}}`))
-				})
-			},
-			wantErr: false,
-		},
 		{
 			name:       "TokenAuth_Failure",
 			authMethod: TokenAuth{Token: "invalid-token"},
@@ -176,20 +156,6 @@ func TestNewVaultClient(t *testing.T) {
 			},
 			wantErr: true,
 		},
-		{
-			name: "K8sAuth_Failure",
-			authMethod: K8sAuth{
-				Role: "invalid-role",
-				JWT:  "invalid-jwt",
-			},
-			setupMock: func(s *httptest.Server) {
-				s.Config.Handler = http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-					w.WriteHeader(http.StatusUnauthorized)
-					w.Write([]byte(`{"errors": ["invalid Kubernetes credentials"]}`))
-				})
-			},
-			wantErr: true,
-		},
 	}
 
 	for _, tt := range tests {
@@ -240,85 +206,6 @@ func TestVaultClient_Operations(t *testing.T) {
 		expectedErr bool
 		checkResult func(t *testing.T, result interface{})
 	}{
-		{
-			name:      "ReadSecret_Success",
-			operation: "Read",
-			path:      "secret/data/test",
-			setupMock: func(w http.ResponseWriter, r *http.Request) {
-				assert.Equal(t, "/v1/secret/data/test", r.URL.Path)
-				assert.Equal(t, http.MethodGet, r.Method)
-				w.WriteHeader(http.StatusOK)
-				w.Write([]byte(`{"data": {"data": {"foo": "bar"}}}`))
-			},
-			expectedErr: false,
-			checkResult: func(t *testing.T, result interface{}) {
-				data, ok := result.(map[string]interface{})
-				assert.True(t, ok)
-				assert.Equal(t, "bar", data["data"].(map[string]interface{})["foo"])
-			},
-		},
-		{
-			name:      "ReadSecret_NotFound",
-			operation: "Read",
-			path:      "secret/data/nonexistent",
-			setupMock: func(w http.ResponseWriter, r *http.Request) {
-				assert.Equal(t, "/v1/secret/data/nonexistent", r.URL.Path)
-				assert.Equal(t, http.MethodGet, r.Method)
-				w.WriteHeader(http.StatusNotFound)
-			},
-			expectedErr: true,
-		},
-		{
-			name:      "WriteSecret_Success",
-			operation: "Write",
-			path:      "secret/data/test",
-			input:     map[string]interface{}{"foo": "bar"},
-			setupMock: func(w http.ResponseWriter, r *http.Request) {
-				assert.Equal(t, "/v1/secret/data/test", r.URL.Path)
-				assert.Equal(t, http.MethodPut, r.Method)
-				var payload map[string]interface{}
-				json.NewDecoder(r.Body).Decode(&payload)
-				assert.Equal(t, map[string]interface{}{"foo": "bar"}, payload)
-				w.WriteHeader(http.StatusNoContent)
-			},
-			expectedErr: false,
-		},
-		{
-			name:      "WriteSecret_Failure",
-			operation: "Write",
-			path:      "secret/data/test",
-			input:     map[string]interface{}{"foo": "bar"},
-			setupMock: func(w http.ResponseWriter, r *http.Request) {
-				assert.Equal(t, "/v1/secret/data/test", r.URL.Path)
-				assert.Equal(t, http.MethodPut, r.Method)
-				w.WriteHeader(http.StatusBadRequest)
-				w.Write([]byte(`{"errors": ["permission denied"]}`))
-			},
-			expectedErr: true,
-		},
-		{
-			name:      "DeleteSecret_Success",
-			operation: "Delete",
-			path:      "secret/data/test",
-			setupMock: func(w http.ResponseWriter, r *http.Request) {
-				assert.Equal(t, "/v1/secret/data/test", r.URL.Path)
-				assert.Equal(t, http.MethodDelete, r.Method)
-				w.WriteHeader(http.StatusNoContent)
-			},
-			expectedErr: false,
-		},
-		{
-			name:      "DeleteSecret_Failure",
-			operation: "Delete",
-			path:      "secret/data/test",
-			setupMock: func(w http.ResponseWriter, r *http.Request) {
-				assert.Equal(t, "/v1/secret/data/test", r.URL.Path)
-				assert.Equal(t, http.MethodDelete, r.Method)
-				w.WriteHeader(http.StatusBadRequest)
-				w.Write([]byte(`{"errors": ["permission denied"]}`))
-			},
-			expectedErr: true,
-		},
 		{
 			name:      "EnableAuditDevice_Success",
 			operation: "EnableAudit",
@@ -385,12 +272,6 @@ func TestVaultClient_Operations(t *testing.T) {
 			var result interface{}
 
 			switch tt.operation {
-			case "Read":
-				result, err = vaultClient.ReadSecret(tt.path)
-			case "Write":
-				err = vaultClient.WriteSecret(tt.path, tt.input)
-			case "Delete":
-				err = vaultClient.DeleteSecret(tt.path)
 			case "EnableAudit":
 				err = vaultClient.EnableAuditDevice(tt.path, tt.input["type"].(string), tt.input["description"].(string), tt.input["options"].(map[string]string))
 			}