1d37873cba
Wraps the real/mock azure server for test in a fixture. Note: retains the current test setup which explicitly runs some tests with "real" azure, if avail, and some always mock.
88 lines
2.3 KiB
C++
88 lines
2.3 KiB
C++
|
|
/*
|
|
* Copyright (C) 2025-present ScyllaDB
|
|
*/
|
|
|
|
/*
|
|
* SPDX-License-Identifier: LicenseRef-ScyllaDB-Source-Available-1.0
|
|
*/
|
|
|
|
#pragma once
|
|
|
|
#include <string>
|
|
#include <memory>
|
|
|
|
#include <seastar/core/future.hh>
|
|
|
|
/*
|
|
Simple Azure KMS mock/real provider.
|
|
|
|
User1 is assumed to have permissions to wrap/unwrap using the given key.
|
|
User2 is assumed to _not_ have permissions to wrap/unwrap using the given key.
|
|
|
|
This test is parameterized with env vars:
|
|
|
|
* AZURE_KEY_NAME - set to <vault_name>/<keyname> - if set, assume real Azure env
|
|
* AZURE_TENANT_ID - the tenant where the principals live
|
|
* AZURE_USER_1_CLIENT_ID - the client ID of user1
|
|
* AZURE_USER_1_CLIENT_SECRET - the secret of user1
|
|
* AZURE_USER_1_CLIENT_CERTIFICATE - the PEM-encoded certificate and private key of user1
|
|
* AZURE_USER_2_CLIENT_ID - the client ID of user2
|
|
* AZURE_USER_2_CLIENT_SECRET - the secret of user2
|
|
* AZURE_USER_2_CLIENT_CERTIFICATE - the PEM-encoded certificate and private key of user2
|
|
*/
|
|
|
|
struct azure_test_env {
|
|
std::string key_name;
|
|
std::string tenant_id;
|
|
std::string user_1_client_id;
|
|
std::string user_1_client_secret;
|
|
std::string user_1_client_certificate;
|
|
std::string user_2_client_id;
|
|
std::string user_2_client_secret;
|
|
std::string user_2_client_certificate;
|
|
std::string authority_host;
|
|
std::string imds_endpoint;
|
|
};
|
|
|
|
enum class azure_mode {
|
|
any, local, real
|
|
};
|
|
|
|
class azure_kms_fixture {
|
|
class impl;
|
|
std::unique_ptr<impl> _impl;
|
|
azure_kms_fixture* _prev = nullptr;
|
|
public:
|
|
azure_kms_fixture(azure_mode = azure_mode::any);
|
|
~azure_kms_fixture();
|
|
|
|
const azure_test_env& test_env() const;
|
|
|
|
seastar::future<> setup();
|
|
seastar::future<> teardown();
|
|
|
|
static azure_kms_fixture* active();
|
|
};
|
|
|
|
/**
|
|
* Inheritance-only (intended at least) fixture
|
|
* for getting a suite-shared fixture above and
|
|
* also helping clean up test local objects.
|
|
*
|
|
* If no suite-level azure_kms_fixture is active, it
|
|
* will create one in setup and kill it in teardown
|
|
*/
|
|
class local_azure_kms_wrapper
|
|
: public azure_test_env
|
|
{
|
|
std::unique_ptr<azure_kms_fixture> _local;
|
|
azure_mode _mode;
|
|
public:
|
|
local_azure_kms_wrapper(azure_mode = azure_mode::any);
|
|
~local_azure_kms_wrapper();
|
|
|
|
seastar::future<> setup();
|
|
seastar::future<> teardown();
|
|
};
|