1
// Copyright 2016 Canonical Ltd.
2
// Licensed under the AGPLv3, see LICENCE file for details.
12
"github.com/juju/testing"
13
jc "github.com/juju/testing/checkers"
14
"github.com/juju/utils"
15
gc "gopkg.in/check.v1"
17
"github.com/juju/juju/cloud"
18
"github.com/juju/juju/environs"
19
envtesting "github.com/juju/juju/environs/testing"
20
"github.com/juju/juju/provider/gce/google"
23
type credentialsSuite struct {
24
testing.IsolationSuite
25
provider environs.EnvironProvider
28
var _ = gc.Suite(&credentialsSuite{})
30
func (s *credentialsSuite) SetUpTest(c *gc.C) {
31
s.IsolationSuite.SetUpTest(c)
34
s.provider, err = environs.Provider("gce")
35
c.Assert(err, jc.ErrorIsNil)
38
func (s *credentialsSuite) TestCredentialSchemas(c *gc.C) {
39
envtesting.AssertProviderAuthTypes(c, s.provider, "oauth2", "jsonfile")
42
var sampleCredentialAttributes = map[string]string{
43
"GCE_CLIENT_ID": "123",
44
"GCE_CLIENT_EMAIL": "test@example.com",
45
"GCE_PROJECT_ID": "fourfivesix",
46
"GCE_PRIVATE_KEY": "sewen",
49
func (s *credentialsSuite) TestOAuth2CredentialsValid(c *gc.C) {
50
envtesting.AssertProviderCredentialsValid(c, s.provider, "oauth2", map[string]string{
52
"client-email": "test@example.com",
53
"project-id": "fourfivesix",
54
"private-key": "sewen",
58
func (s *credentialsSuite) TestOAuth2HiddenAttributes(c *gc.C) {
59
envtesting.AssertProviderCredentialsAttributesHidden(c, s.provider, "oauth2", "private-key")
62
func (s *credentialsSuite) TestJSONFileCredentialsValid(c *gc.C) {
64
filename := filepath.Join(dir, "somefile")
65
err := ioutil.WriteFile(filename, []byte("contents"), 0600)
66
c.Assert(err, jc.ErrorIsNil)
67
envtesting.AssertProviderCredentialsValid(c, s.provider, "jsonfile", map[string]string{
68
// For now at least, the contents of the file are not validated
69
// by the credentials schema. That is left to the provider.
70
// The file does need to be an absolute path though and exist.
75
func createCredsFile(c *gc.C, path string) string {
78
path = filepath.Join(dir, "creds.json")
80
creds, err := google.NewCredentials(sampleCredentialAttributes)
81
c.Assert(err, jc.ErrorIsNil)
82
err = ioutil.WriteFile(path, creds.JSONKey, 0644)
83
c.Assert(err, jc.ErrorIsNil)
87
func (s *credentialsSuite) TestDetectCredentialsFromEnvVar(c *gc.C) {
88
jsonpath := createCredsFile(c, "")
89
s.PatchEnvironment("USER", "fred")
90
s.PatchEnvironment("GOOGLE_APPLICATION_CREDENTIALS", jsonpath)
91
s.PatchEnvironment("CLOUDSDK_COMPUTE_REGION", "region")
92
credentials, err := s.provider.DetectCredentials()
93
c.Assert(err, jc.ErrorIsNil)
94
c.Assert(credentials.DefaultRegion, gc.Equals, "region")
95
expected := cloud.NewCredential(cloud.JSONFileAuthType, map[string]string{"file": jsonpath})
96
expected.Label = `google credential "test@example.com"`
97
c.Assert(credentials.AuthCredentials["fred"], jc.DeepEquals, expected)
100
func (s *credentialsSuite) assertDetectCredentialsKnownLocation(c *gc.C, jsonpath string) {
101
s.PatchEnvironment("USER", "fred")
102
s.PatchEnvironment("CLOUDSDK_COMPUTE_REGION", "region")
103
credentials, err := s.provider.DetectCredentials()
104
c.Assert(err, jc.ErrorIsNil)
105
c.Assert(credentials.DefaultRegion, gc.Equals, "region")
106
expected := cloud.NewCredential(cloud.JSONFileAuthType, map[string]string{"file": jsonpath})
107
expected.Label = `google credential "test@example.com"`
108
c.Assert(credentials.AuthCredentials["fred"], jc.DeepEquals, expected)
111
func (s *credentialsSuite) TestDetectCredentialsKnownLocationUnix(c *gc.C) {
112
if runtime.GOOS == "windows" {
113
c.Skip("skipping on Windows")
117
err := utils.SetHome(dir)
118
c.Assert(err, jc.ErrorIsNil)
119
s.AddCleanup(func(*gc.C) {
120
err := utils.SetHome(home)
121
c.Assert(err, jc.ErrorIsNil)
123
path := filepath.Join(dir, ".config", "gcloud")
124
err = os.MkdirAll(path, 0700)
125
c.Assert(err, jc.ErrorIsNil)
126
jsonpath := createCredsFile(c, filepath.Join(path, "application_default_credentials.json"))
127
s.assertDetectCredentialsKnownLocation(c, jsonpath)
130
func (s *credentialsSuite) TestDetectCredentialsKnownLocationWindows(c *gc.C) {
131
if runtime.GOOS != "windows" {
132
c.Skip("skipping on non-Windows platform")
135
s.PatchEnvironment("APPDATA", dir)
136
path := filepath.Join(dir, "gcloud")
137
err := os.MkdirAll(path, 0700)
138
c.Assert(err, jc.ErrorIsNil)
139
jsonpath := createCredsFile(c, filepath.Join(path, "application_default_credentials.json"))
140
s.assertDetectCredentialsKnownLocation(c, jsonpath)