aws: test badIDMS functional path

The existing test only covers the constructor logic. Also test the live code path that is executed when a bad IDMS version is supplied.
4 years ago · dc39eef721
parent 51f16ee2e0
commit dc39eef721
3 changed files with 22 additions and 2 deletions
--- a/authority/provisioner/aws_test.go
+++ b/authority/provisioner/aws_test.go
@ -187,7 +187,7 @@ func TestAWS_GetIdentityToken(t *testing.T) {
 	}
 }

-func TestAWS_GetIdentityTokenV1Only(t *testing.T) {
+func TestAWS_GetIdentityToken_V1Only(t *testing.T) {
 	aws, srv, err := generateAWSWithServerV1Only()
 	assert.FatalError(t, err)
 	defer srv.Close()
@ -212,6 +212,24 @@ func TestAWS_GetIdentityTokenV1Only(t *testing.T) {
 	}
 }

+func TestAWS_GetIdentityToken_BadIDMS(t *testing.T) {
+	aws, srv, err := generateAWSWithServer()
+
+	aws.IMDSVersions = []string{"bad"}
+
+	assert.FatalError(t, err)
+	defer srv.Close()
+
+	subject := "foo.local"
+	caURL := "https://ca.smallstep.com"
+
+	token, err := aws.GetIdentityToken(subject, caURL)
+	assert.Equals(t, token, "")
+
+	badIDMS := errors.New("bad: not a supported AWS Instance Metadata Service version")
+	assert.HasSuffix(t, err.Error(), badIDMS.Error())
+}
+
 func TestAWS_Init(t *testing.T) {
 	config := Config{
 		Claims: globalProvisionerClaims,
--- a/go.mod
+++ b/go.mod
@ -15,7 +15,7 @@ require (
 	github.com/pkg/errors v0.9.1
 	github.com/rs/xid v1.2.1
 	github.com/sirupsen/logrus v1.4.2
-	github.com/smallstep/assert v0.0.0-20200103212524-b99dc1097b15
+	github.com/smallstep/assert v0.0.0-20200723003110-82e2b9b3b262
 	github.com/smallstep/cli v0.14.6
 	github.com/smallstep/nosql v0.3.0
 	github.com/urfave/cli v1.22.2
--- a/go.sum
+++ b/go.sum
@ -468,6 +468,8 @@ github.com/smallstep/assert v0.0.0-20180720014142-de77670473b5 h1:lX6ybsQW9Agn3q
 github.com/smallstep/assert v0.0.0-20180720014142-de77670473b5/go.mod h1:TC9A4+RjIOS+HyTH7wG17/gSqVv95uDw2J64dQZx7RE=
 github.com/smallstep/assert v0.0.0-20200103212524-b99dc1097b15 h1:kSImCuenAkXtCaBeQ1UhmzzJGRhSm8sVH7I3sHE2Qdg=
 github.com/smallstep/assert v0.0.0-20200103212524-b99dc1097b15/go.mod h1:MyOHs9Po2fbM1LHej6sBUT8ozbxmMOFG+E+rx/GSGuc=
+github.com/smallstep/assert v0.0.0-20200723003110-82e2b9b3b262 h1:unQFBIznI+VYD1/1fApl1A+9VcBk+9dcqGfnePY87LY=
+github.com/smallstep/assert v0.0.0-20200723003110-82e2b9b3b262/go.mod h1:MyOHs9Po2fbM1LHej6sBUT8ozbxmMOFG+E+rx/GSGuc=
 github.com/smallstep/certificates v0.14.5/go.mod h1:zzpB8wMz967gL8FmK6zvCNB4pDVwFDKjPg1diTVc1h8=
 github.com/smallstep/certinfo v1.3.0/go.mod h1:1gQJekdPwPvUwFWGTi7bZELmQT09cxC9wJ0VBkBNiwU=
 github.com/smallstep/cli v0.14.5 h1:avA6q9h2aIbAQa/vTFV5psjJ1mg8NQliKC+RsFIC778=