From dc39eef7212ecf19f0a2c5dfd6df1f8b4443fba5 Mon Sep 17 00:00:00 2001 From: David Cowden Date: Wed, 22 Jul 2020 17:40:26 -0700 Subject: [PATCH] aws: test badIDMS functional path The existing test only covers the constructor logic. Also test the live code path that is executed when a bad IDMS version is supplied. --- authority/provisioner/aws_test.go | 20 +++++++++++++++++++- go.mod | 2 +- go.sum | 2 ++ 3 files changed, 22 insertions(+), 2 deletions(-) diff --git a/authority/provisioner/aws_test.go b/authority/provisioner/aws_test.go index b5728de4..8aa01be0 100644 --- a/authority/provisioner/aws_test.go +++ b/authority/provisioner/aws_test.go @@ -187,7 +187,7 @@ func TestAWS_GetIdentityToken(t *testing.T) { } } -func TestAWS_GetIdentityTokenV1Only(t *testing.T) { +func TestAWS_GetIdentityToken_V1Only(t *testing.T) { aws, srv, err := generateAWSWithServerV1Only() assert.FatalError(t, err) defer srv.Close() @@ -212,6 +212,24 @@ func TestAWS_GetIdentityTokenV1Only(t *testing.T) { } } +func TestAWS_GetIdentityToken_BadIDMS(t *testing.T) { + aws, srv, err := generateAWSWithServer() + + aws.IMDSVersions = []string{"bad"} + + assert.FatalError(t, err) + defer srv.Close() + + subject := "foo.local" + caURL := "https://ca.smallstep.com" + + token, err := aws.GetIdentityToken(subject, caURL) + assert.Equals(t, token, "") + + badIDMS := errors.New("bad: not a supported AWS Instance Metadata Service version") + assert.HasSuffix(t, err.Error(), badIDMS.Error()) +} + func TestAWS_Init(t *testing.T) { config := Config{ Claims: globalProvisionerClaims, diff --git a/go.mod b/go.mod index a1b6625a..9df83f5d 100644 --- a/go.mod +++ b/go.mod @@ -15,7 +15,7 @@ require ( github.com/pkg/errors v0.9.1 github.com/rs/xid v1.2.1 github.com/sirupsen/logrus v1.4.2 - github.com/smallstep/assert v0.0.0-20200103212524-b99dc1097b15 + github.com/smallstep/assert v0.0.0-20200723003110-82e2b9b3b262 github.com/smallstep/cli v0.14.6 github.com/smallstep/nosql v0.3.0 github.com/urfave/cli v1.22.2 diff --git a/go.sum b/go.sum index 430a7451..92918917 100644 --- a/go.sum +++ b/go.sum @@ -468,6 +468,8 @@ github.com/smallstep/assert v0.0.0-20180720014142-de77670473b5 h1:lX6ybsQW9Agn3q github.com/smallstep/assert v0.0.0-20180720014142-de77670473b5/go.mod h1:TC9A4+RjIOS+HyTH7wG17/gSqVv95uDw2J64dQZx7RE= github.com/smallstep/assert v0.0.0-20200103212524-b99dc1097b15 h1:kSImCuenAkXtCaBeQ1UhmzzJGRhSm8sVH7I3sHE2Qdg= github.com/smallstep/assert v0.0.0-20200103212524-b99dc1097b15/go.mod h1:MyOHs9Po2fbM1LHej6sBUT8ozbxmMOFG+E+rx/GSGuc= +github.com/smallstep/assert v0.0.0-20200723003110-82e2b9b3b262 h1:unQFBIznI+VYD1/1fApl1A+9VcBk+9dcqGfnePY87LY= +github.com/smallstep/assert v0.0.0-20200723003110-82e2b9b3b262/go.mod h1:MyOHs9Po2fbM1LHej6sBUT8ozbxmMOFG+E+rx/GSGuc= github.com/smallstep/certificates v0.14.5/go.mod h1:zzpB8wMz967gL8FmK6zvCNB4pDVwFDKjPg1diTVc1h8= github.com/smallstep/certinfo v1.3.0/go.mod h1:1gQJekdPwPvUwFWGTi7bZELmQT09cxC9wJ0VBkBNiwU= github.com/smallstep/cli v0.14.5 h1:avA6q9h2aIbAQa/vTFV5psjJ1mg8NQliKC+RsFIC778=