Siningkeys: Fix test setup (#76333)

* Don't use integration tests for service and init store only once for integration tests * Set one key as expired in test
2 years ago · 3fc925364f
parent 6968f4d6ff
commit 3fc925364f
2 changed files with 15 additions and 38 deletions
--- a/pkg/services/signingkeys/signingkeysimpl/service_test.go
+++ b/pkg/services/signingkeys/signingkeysimpl/service_test.go
@ -18,7 +18,6 @@ import (
 	"github.com/stretchr/testify/require"

 	"github.com/grafana/grafana/pkg/api/routing"
-	"github.com/grafana/grafana/pkg/infra/db"
 	"github.com/grafana/grafana/pkg/infra/localcache"
 	"github.com/grafana/grafana/pkg/infra/log"
 	"github.com/grafana/grafana/pkg/infra/remotecache"
@ -45,14 +44,10 @@ func getPrivateKey(t *testing.T, svc *Service) []byte {
 	return bytes
 }

-func TestIntegrationEmbeddedKeyService_GetJWKS_OnlyPublicKeyShared(t *testing.T) {
-	if testing.Short() {
-		t.Skip("skipping integration test")
-	}
-
+func TestEmbeddedKeyService_GetJWKS_OnlyPublicKeyShared(t *testing.T) {
 	svc := &Service{
 		log:            log.NewNopLogger(),
-		store:          signingkeystore.NewSigningKeyStore(db.InitTestDB(t)),
+		store:          signingkeystore.NewFakeStore(),
 		secretsService: secretstest.NewFakeSecretsService(),
 		remoteCache:    remotecache.NewFakeCacheStorage(),
 		localCache:     localcache.New(privateKeyTTL, 10*time.Hour),
@ -87,15 +82,11 @@ func TestIntegrationEmbeddedKeyService_GetJWKS_OnlyPublicKeyShared(t *testing.T)
 	}
 }

-func TestIntegrationEmbeddedKeyService_GetOrCreatePrivateKey(t *testing.T) {
-	if testing.Short() {
-		t.Skip("skipping integration test")
-	}
-
+func TestEmbeddedKeyService_GetOrCreatePrivateKey(t *testing.T) {
 	cacheStorage := remotecache.NewFakeCacheStorage()
 	svc := &Service{
 		log:            log.NewNopLogger(),
-		store:          signingkeystore.NewSigningKeyStore(db.InitTestDB(t)),
+		store:          signingkeystore.NewFakeStore(),
 		secretsService: secretstest.NewFakeSecretsService(),
 		remoteCache:    cacheStorage,
 		localCache:     localcache.New(privateKeyTTL, 10*time.Hour),
--- a/pkg/services/signingkeys/signingkeystore/store_test.go
+++ b/pkg/services/signingkeys/signingkeystore/store_test.go
@ -17,23 +17,15 @@ func TestIntegrationSigningKeyStore(t *testing.T) {
 		t.Skip("skipping integration test")
 	}

-	setup := func() (context.Context, *Store) {
-		return context.Background(), NewSigningKeyStore(db.InitTestDB(t))
-	}
+	ctx, store := context.Background(), NewSigningKeyStore(db.InitTestDB(t))

 	t.Run("Should successfully add new singing key", func(_ *testing.T) {
-		ctx, store := setup()
 		key, err := store.Add(ctx, &signingkeys.SigningKey{KeyID: "1", AddedAt: time.Now().UTC(), PrivateKey: []byte{}}, false)
 		require.NoError(t, err)
 		assert.Equal(t, "1", key.KeyID)
 	})

 	t.Run("Should return old key if already exists", func(_ *testing.T) {
-		ctx, store := setup()
-		key, err := store.Add(ctx, &signingkeys.SigningKey{KeyID: "1", PrivateKey: []byte{}, AddedAt: time.Now().UTC()}, false)
-		require.NoError(t, err)
-		assert.Equal(t, "1", key.KeyID)
-
 		// try to add the same key again with a different AddedAt
 		key2, err := store.Add(ctx, &signingkeys.SigningKey{KeyID: "1", PrivateKey: []byte{}, AddedAt: time.Now().Add(10 * time.Minute).UTC()}, false)
 		require.ErrorIs(t, err, signingkeys.ErrSigningKeyAlreadyExists)
@ -41,38 +33,32 @@ func TestIntegrationSigningKeyStore(t *testing.T) {
 	})

 	t.Run("Should update old key when force is true", func(t *testing.T) {
-		ctx, store := setup()
-		key, err := store.Add(ctx, &signingkeys.SigningKey{KeyID: "1", PrivateKey: []byte{}, AddedAt: time.Now().UTC()}, false)
+		key, err := store.Add(ctx, &signingkeys.SigningKey{KeyID: "2", PrivateKey: []byte{}, AddedAt: time.Now().UTC()}, false)
 		require.NoError(t, err)
-		assert.Equal(t, "1", key.KeyID)
+		assert.Equal(t, "2", key.KeyID)

 		// try to add the same key again with a different AddedAt and force is true
-		key2, err := store.Add(ctx, &signingkeys.SigningKey{KeyID: "1", PrivateKey: []byte{}, AddedAt: time.Now().Add(10 * time.Minute).UTC()}, true)
+		key2, err := store.Add(ctx, &signingkeys.SigningKey{KeyID: "2", PrivateKey: []byte{}, AddedAt: time.Now().Add(10 * time.Minute).UTC()}, true)
 		require.NoError(t, err)
-		assert.Equal(t, "1", key2.KeyID)
+		assert.Equal(t, "2", key2.KeyID)
 		assert.NotEqual(t, key.AddedAt, key2.AddedAt)
 	})

 	t.Run("Should update old key when expired", func(t *testing.T) {
-		ctx, store := setup()
-		key, err := store.Add(ctx, &signingkeys.SigningKey{KeyID: "1", PrivateKey: []byte{}, AddedAt: time.Now().UTC(), ExpiresAt: &time.Time{}}, false)
+		key, err := store.Add(ctx, &signingkeys.SigningKey{KeyID: "3", PrivateKey: []byte{}, AddedAt: time.Now().UTC(), ExpiresAt: &time.Time{}}, false)
 		require.NoError(t, err)
-		assert.Equal(t, "1", key.KeyID)
+		assert.Equal(t, "3", key.KeyID)

 		// try to add the same key again with a different AddedAt and force is false
-		key2, err := store.Add(ctx, &signingkeys.SigningKey{KeyID: "1", PrivateKey: []byte{}, AddedAt: time.Now().Add(10 * time.Minute).UTC()}, false)
+		key2, err := store.Add(ctx, &signingkeys.SigningKey{KeyID: "3", PrivateKey: []byte{}, AddedAt: time.Now().Add(10 * time.Minute).UTC()}, false)
 		require.NoError(t, err)
-		assert.Equal(t, "1", key2.KeyID)
+		assert.Equal(t, "3", key2.KeyID)
 		assert.NotEqual(t, key.AddedAt, key2.AddedAt)
 	})

 	t.Run("List should return all keys that are not expired", func(t *testing.T) {
-		ctx, store := setup()
-		_, err := store.Add(ctx, &signingkeys.SigningKey{KeyID: "1", PrivateKey: []byte{}, AddedAt: time.Now().UTC()}, false)
-		require.NoError(t, err)
-		_, err = store.Add(ctx, &signingkeys.SigningKey{KeyID: "2", PrivateKey: []byte{}, AddedAt: time.Now().UTC(), ExpiresAt: &time.Time{}}, false)
-		require.NoError(t, err)
-		_, err = store.Add(ctx, &signingkeys.SigningKey{KeyID: "3", PrivateKey: []byte{}, AddedAt: time.Now().UTC()}, false)
+		// expire key 3
+		_, err := store.Add(ctx, &signingkeys.SigningKey{KeyID: "3", PrivateKey: []byte{}, AddedAt: time.Now().UTC(), ExpiresAt: &time.Time{}}, true)
 		require.NoError(t, err)

 		keys, err := store.List(ctx)