Turns out most of these tests were broken.
`NewCloudSecretsManager` regenerates the secret key from scratch if
either `EncryptedKey` is empty _OR_ if `SecretsProvider` does not match
the url passed in to `NewCloudSecretsManager`.
Because none of these tests set `SecretsProvider` they were all just
regenerating their keys rather than checking the given keys actually
worked.
Luckily it seems that everything does actually still happen to work
correctly, except "TestAzureKeyEditProjectStack" had a corrupt key
(truncated I expect) which wasn't valid base64. I've replaced it with a
newly generated key, which is fine for this test.
When attempting another gocloud.dev upgrade, some users ran into a
regression related to the format change of encrypted keys between
gocloud versions, which part of the system was not accounting for. This
PR addresses the issue and includes a fix that automatically fixes
forward state that has an encrypted key in the wrong format, and
includes a regression test and test for the auto-fix behavior.
Fixes#15329
Co-authored-by: Thomas Gummerer <t.gummerer@gmail.com>
Add a regression test making sure
https://github.com/pulumi/pulumi/issues/15127 will not happen again.
The problem is very similar to the other test, but it's a different
codepath that we missed.
I added a commit upgrading to gocloud.dev 0.28.0 showing the test fails
there and it succeeds with the current version.
/xref https://github.com/pulumi/pulumi/issues/15138
## Checklist
- [x] I have run `make tidy` to update any new dependencies
- [x] I have run `make lint` to verify my code passes the lint check
- [x] I have formatted my code using `gofumpt`
Add a test showing the problems we ran into when upgrading from
gocloud.dev 0.27.0 to 0.28.0 and 0.29.0. It's a little bit awkward,
since the issue only happens when upgrading form an encrypted key
generated with the old version of gocloud.dev to a newer version of
gocloud.dev.
Fixes https://github.com/pulumi/pulumi/issues/11986
---------
Co-authored-by: Thomas Gummerer <t.gummerer@gmail.com>