Commit Graph

4 Commits

Author SHA1 Message Date
Fraser Waters ec4963b443
Fix azure secret manager tests ()
Turns out most of these tests were broken.

`NewCloudSecretsManager` regenerates the secret key from scratch if
either `EncryptedKey` is empty _OR_ if `SecretsProvider` does not match
the url passed in to `NewCloudSecretsManager`.

Because none of these tests set `SecretsProvider` they were all just
regenerating their keys rather than checking the given keys actually
worked.

Luckily it seems that everything does actually still happen to work
correctly, except "TestAzureKeyEditProjectStack" had a corrupt key
(truncated I expect) which wasn't valid base64. I've replaced it with a
newly generated key, which is fine for this test.
2024-02-14 08:14:58 +00:00
Fraser Waters 7bb2a3c2ac
Auto-fix encrypted keys in the wrong format due to gocloud.dev upgrade regression ()
When attempting another gocloud.dev upgrade, some users ran into a
regression related to the format change of encrypted keys between
gocloud versions, which part of the system was not accounting for. This
PR addresses the issue and includes a fix that automatically fixes
forward state that has an encrypted key in the wrong format, and
includes a regression test and test for the auto-fix behavior.

Fixes 

Co-authored-by: Thomas Gummerer <t.gummerer@gmail.com>
2024-02-01 09:39:41 +00:00
Thomas Gummerer 8bcef51fb8
add test showing encryptedkey in state will keep working ()
Add a regression test making sure
https://github.com/pulumi/pulumi/issues/15127 will not happen again.

The problem is very similar to the other test, but it's a different
codepath that we missed.

I added a commit upgrading to gocloud.dev 0.28.0 showing the test fails
there and it succeeds with the current version.

/xref https://github.com/pulumi/pulumi/issues/15138

## Checklist

- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
  - [x] I have formatted my code using `gofumpt`
2024-01-19 16:32:21 +00:00
Fraser Waters 40b45ecc85
Add test for azure secrets ()
Add a test showing the problems we ran into when upgrading from
gocloud.dev 0.27.0 to 0.28.0 and 0.29.0. It's a little bit awkward,
since the issue only happens when upgrading form an encrypted key
generated with the old version of gocloud.dev to a newer version of
gocloud.dev.

Fixes https://github.com/pulumi/pulumi/issues/11986

---------

Co-authored-by: Thomas Gummerer <t.gummerer@gmail.com>
2024-01-03 14:47:09 +00:00