saltstack/salt
1
0
Fork 0
mirror of https://github.com/saltstack/salt.git synced 2025-04-17 10:10:20 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 4

update vault client tests to ensure unwrap is respecting verify

Browse source
This commit is contained in:
Hristo Voyvodov 2024-03-13 10:13:41 +02:00 committed by Daniel Wozniak
parent 7c9305418c
commit d7b4d10f2a
1 changed files with 18 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
tests/pytests/unit/utils/vault/test_client.py
View file

@ -280,6 +280,24 @@ def test_vault_client_unwrap_should_default_to_token_header_before_payload(
assert headers.get("X-Vault-Token") == token
@pytest.mark.usefixtures("server_config")
@pytest.mark.parametrize(
"server_config",
({"verify": "/usr/local/share/ca-certificates/my-ca.crt"},),
indirect=True,
)
def test_vault_client_unwrap_respects_verify_option(role_id_response, client, req):
"""
As unwrap is special call which can be done both authenticated and unauthenticated
we need to ensure that in both cases it respects verify option.
"""
token = "test-wrapping-token"
req.return_value = _mock_json_response(role_id_response)
client.unwrap(token)
verify = req.call_args.kwargs.get("verify", None)
assert verify == client.get_config()["verify"]
@pytest.mark.parametrize("func", ["unwrap", "token_lookup"])
@pytest.mark.parametrize(
"req_failed,expected",