end2end

package
v0.0.8 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Dec 28, 2025 License: Apache-2.0 Imports: 33 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

This section is empty.

Functions

func CleanupOnePasswordItem added in v0.0.2 

func CleanupOnePasswordItem(ctx context.Context, t *testing.T, client *onepassword.Client, vaultID, itemID string)

CleanupOnePasswordItem deletes a test item from 1Password

func DeleteDopplerSecret added in v0.0.3 

func DeleteDopplerSecret(ctx context.Context, t *testing.T, client *DopplerClient, project, config, secretName string)

DeleteDopplerSecret deletes a secret from Doppler using the DELETE endpoint According to Doppler API: https://docs.doppler.com/reference/configs-config-secret-delete

func DeleteDopplerSecretsBatch added in v0.0.3 

func DeleteDopplerSecretsBatch(ctx context.Context, t *testing.T, client *DopplerClient, project, config string, secretNames []string)

DeleteDopplerSecretsBatch deletes multiple secrets from Doppler (if they exist)

func DeleteInfisicalSecret added in v0.0.2 

func DeleteInfisicalSecret(ctx context.Context, t *testing.T, client infisical.InfisicalClientInterface, projectID, environment, secretPath, secretKey string)

DeleteInfisicalSecret deletes a secret from Infisical (if it exists)

func DeleteInfisicalSecretsBatch added in v0.0.2 

func DeleteInfisicalSecretsBatch(ctx context.Context, t *testing.T, client infisical.InfisicalClientInterface, projectID, environment, secretPath string, secretKeys []string)

DeleteInfisicalSecretsBatch deletes multiple secrets from Infisical (if they exist) secretKeys is a slice of secret keys to delete

func EnsureInfisicalPathExists added in v0.0.2 

func EnsureInfisicalPathExists(ctx context.Context, t *testing.T, client infisical.InfisicalClientInterface, projectID, environment, secretPath string)

EnsureInfisicalPathExists ensures that the given path exists in Infisical For root path "/", this is a no-op as it always exists For other paths, Infisical will automatically create the path structure when secrets are created

func GetDopplerTestConfig added in v0.0.3 

func GetDopplerTestConfig(t *testing.T) string

GetDopplerTestConfig returns the test config/environment name from environment variable

func GetDopplerTestProject added in v0.0.3 

func GetDopplerTestProject(t *testing.T) string

GetDopplerTestProject returns the test project name from environment variable

func GetInfisicalTestEnvironment added in v0.0.2 

func GetInfisicalTestEnvironment(t *testing.T) string

GetInfisicalTestEnvironment returns the test environment from environment variable

func GetInfisicalTestProjectID added in v0.0.2 

func GetInfisicalTestProjectID(t *testing.T) string

GetInfisicalTestProjectID returns the test project ID from environment variable

func GetOnePasswordItemByTitle added in v0.0.2 

func GetOnePasswordItemByTitle(ctx context.Context, t *testing.T, client *onepassword.Client, vaultID, itemTitle string) *onepassword.Item

GetOnePasswordItemByTitle finds an item by title in a vault Fetches the item once after finding it by title Assumes the item exists and is accessible

func GetSSOTestConfig added in v0.0.6 

func GetSSOTestConfig(t *testing.T) (issuer, clientID, clientSecret, audience string)

GetSSOTestConfig returns the SSO test configuration from environment variables Required env vars:

  • SSTART_E2E_SSO_ISSUER: OIDC issuer URL
  • SSTART_E2E_SSO_CLIENT_ID: OIDC client ID
  • SSTART_E2E_SSO_CLIENT_SECRET: OIDC client secret (for client credentials flow)

Optional env vars:

  • SSTART_E2E_SSO_AUDIENCE: Expected audience (defaults to client ID)

func SetupAWSSecret 

func SetupAWSSecret(ctx context.Context, t *testing.T, localstack *LocalStackContainer, secretName string, secretData map[string]string)

SetupAWSSecret creates a secret in AWS Secrets Manager (LocalStack)

func SetupAllContainers 

func SetupAllContainers(ctx context.Context, t *testing.T) (*LocalStackContainer, *VaultContainer, *GCSMContainer)

SetupAllContainers sets up LocalStack, Vault, and GCSM containers

func SetupAzureKeyVaultSecret 

func SetupAzureKeyVaultSecret(ctx context.Context, t *testing.T, akvContainer *AzureKeyVaultContainer, secretName string, secretData map[string]interface{})

SetupAzureKeyVaultSecret creates a secret in Azure Key Vault emulator

func SetupBitwardenCLI added in v0.0.2 

func SetupBitwardenCLI(ctx context.Context, t *testing.T) (string, *bwServeProcess)

SetupBitwardenCLI handles login, unlock, and starts bw serve for Bitwarden CLI tests This function interacts with the real Bitwarden server via bw CLI Required environment variables:

  • BW_CLIENTID and BW_CLIENTSECRET (for API key login)
  • BW_PASSWORD (master password for unlocking vault)
  • BW_SERVER_URL (optional, for self-hosted instances)

Returns the BW_SESSION value and bwServeProcess for making HTTP calls

func SetupBitwardenItem added in v0.0.2 

func SetupBitwardenItem(ctx context.Context, t *testing.T, itemName string, itemType int, noteContent string, fields map[string]string, loginUsername string, loginPassword string) string

SetupBitwardenItem creates a Bitwarden vault item using the REST API via bw serve This creates an item in the personal vault (not Secrets Manager) Always creates a Secure Note (type 2) Returns the item ID Note: itemType, loginUsername, and loginPassword parameters are kept for backward compatibility but ignored

func SetupBitwardenPersonalVaultItem added in v0.0.2 

func SetupBitwardenPersonalVaultItem(ctx context.Context, t *testing.T, itemName string, noteContent string, fields map[string]string) (string, string)

SetupBitwardenPersonalVaultItem creates a test item in Bitwarden personal vault with fields format This is a convenience wrapper around SetupBitwardenItem for personal vault items Always creates a Secure Note (type 2)

func SetupContainers 

func SetupContainers(ctx context.Context, t *testing.T) (*LocalStackContainer, *VaultContainer)

SetupContainers sets up both LocalStack and Vault containers

func SetupDopplerSecretsBatch added in v0.0.3 

func SetupDopplerSecretsBatch(ctx context.Context, t *testing.T, client *DopplerClient, project, config string, secrets map[string]string)

SetupDopplerSecretsBatch creates or updates multiple secrets in Doppler

func SetupInfisicalClient added in v0.0.2 

func SetupInfisicalClient(ctx context.Context, t *testing.T) infisical.InfisicalClientInterface

SetupInfisicalClient creates and authenticates an Infisical client for testing

func SetupInfisicalSecret added in v0.0.2 

func SetupInfisicalSecret(ctx context.Context, t *testing.T, client infisical.InfisicalClientInterface, projectID, environment, secretPath, secretKey, secretValue string)

SetupInfisicalSecret creates or updates a secret in Infisical for testing It ensures the path exists and then creates/updates the secret without listing all secrets first

func SetupInfisicalSecretsBatch added in v0.0.2 

func SetupInfisicalSecretsBatch(ctx context.Context, t *testing.T, client infisical.InfisicalClientInterface, projectID, environment, secretPath string, secrets map[string]string)

SetupInfisicalSecretsBatch creates or updates multiple secrets in Infisical using batch operations secrets is a map of secretKey -> secretValue

func SetupOnePasswordClient added in v0.0.2 

func SetupOnePasswordClient(ctx context.Context, t *testing.T) *onepassword.Client

SetupOnePasswordClient creates and returns a 1Password client for testing Requires OP_SERVICE_ACCOUNT_TOKEN environment variable

func SetupOnePasswordItem added in v0.0.2 

func SetupOnePasswordItem(ctx context.Context, t *testing.T, client *onepassword.Client, vaultID string, itemTitle string, fields map[string]string, sections map[string]map[string]string) string

SetupOnePasswordItem creates a test item in 1Password with the specified configuration Returns the item ID

func SetupOnePasswordVault added in v0.0.2 

func SetupOnePasswordVault(ctx context.Context, t *testing.T, client *onepassword.Client, vaultName string) string

SetupOnePasswordVault resolves vault name to vault ID Assumes the vault exists and is accessible

func SetupOpenBaoJWTAuthWithOIDCDiscovery added in v0.0.6 

func SetupOpenBaoJWTAuthWithOIDCDiscovery(ctx context.Context, t *testing.T, container *OpenBaoContainer, issuer, audience, role string, policies []string)

SetupOpenBaoJWTAuthWithOIDCDiscovery configures JWT auth in OpenBao using OIDC discovery

func SetupOpenBaoPolicy added in v0.0.6 

func SetupOpenBaoPolicy(ctx context.Context, t *testing.T, container *OpenBaoContainer, policyName, policyHCL string)

SetupOpenBaoPolicy creates a policy in OpenBao

func SetupOpenBaoSecret added in v0.0.3 

func SetupOpenBaoSecret(ctx context.Context, t *testing.T, openbaoContainer *OpenBaoContainer, openbaoPath string, secretData map[string]interface{})

SetupOpenBaoSecret enables KV v2 engine (if needed) and writes a secret to OpenBao OpenBao is API-compatible with Vault, so this function is similar to SetupVaultSecret

func SetupVaultJWTAuth added in v0.0.6 

func SetupVaultJWTAuth(ctx context.Context, t *testing.T, vaultContainer *VaultContainer, publicKeyPEM string, role string, policies []string, boundClaims map[string]interface{})

SetupVaultJWTAuth enables and configures JWT auth method in Vault publicKeyPEM is the PEM-encoded public key for validating JWTs role is the name of the role to create boundClaims are optional claims that must be present in the JWT

func SetupVaultPolicy added in v0.0.6 

func SetupVaultPolicy(ctx context.Context, t *testing.T, vaultContainer *VaultContainer, policyName string, policyHCL string)

SetupVaultPolicy creates a policy in Vault

func SetupVaultSecret 

func SetupVaultSecret(ctx context.Context, t *testing.T, vaultContainer *VaultContainer, vaultPath string, secretData map[string]interface{})

SetupVaultSecret enables KV v2 engine (if needed) and writes a secret to Vault

func VerifyGCSMSecretExists 

func VerifyGCSMSecretExists(ctx context.Context, t *testing.T, gcsmContainer *GCSMContainer, projectID, secretID string)

VerifyGCSMSecretExists checks if a secret exists in Google Cloud Secret Manager This is used to verify that predefined secrets are available for testing

func VerifyInfisicalSecretExists added in v0.0.2 

func VerifyInfisicalSecretExists(ctx context.Context, t *testing.T, client infisical.InfisicalClientInterface, projectID, environment, secretPath, secretKey string)

VerifyInfisicalSecretExists checks if a secret exists in Infisical

func VerifyOIDCDiscovery added in v0.0.6 

func VerifyOIDCDiscovery(t *testing.T, issuer string) string

VerifyOIDCDiscovery checks if the OIDC discovery endpoint is accessible and returns token endpoint

Types

type AzureKeyVaultContainer 

type AzureKeyVaultContainer struct {
	Container testcontainers.Container
	VaultURL  string
	Client    *azsecrets.Client
	Cleanup   func() error
}

AzureKeyVaultContainer wraps Azure Key Vault emulator container and client

func SetupAzureKeyVault 

func SetupAzureKeyVault(ctx context.Context, t *testing.T) *AzureKeyVaultContainer

SetupAzureKeyVault starts a Lowkey Vault container Lowkey Vault is a test double for Azure Key Vault that's compatible with Azure Key Vault REST APIs Lowkey Vault is chosen over james-gould emulator because it doesn't require pre-generated SSL certificates, making it much simpler to use in automated test environments

type BitwardenSMTestSetup added in v0.0.2 

type BitwardenSMTestSetup struct {
	OrganizationID string
	ProjectID      string
	Client         sdk.BitwardenClientInterface
	Cleanup        func() error
}

BitwardenSMTestSetup contains the test setup for Bitwarden Secret Manager

func SetupBitwardenSMProject added in v0.0.2 

func SetupBitwardenSMProject(ctx context.Context, t *testing.T, projectName string, secretKey string, secretValue string) *BitwardenSMTestSetup

SetupBitwardenSMProject creates a new Bitwarden Secret Manager project and a test secret Required environment variables:

  • BITWARDEN_SM_ACCESS_TOKEN: Access token for authentication
  • SSTART_E2E_BITWARDEN_ORGANIZATION_ID: Organization ID in Bitwarden
  • BITWARDEN_SERVER_URL: (optional) Bitwarden server URL, defaults to https://vault.bitwarden.com

Returns a BitwardenSMTestSetup with the project ID and a cleanup function

type DopplerClient added in v0.0.3 

type DopplerClient struct {
	// contains filtered or unexported fields
}

DopplerClient wraps HTTP client and API configuration for Doppler

func SetupDopplerClient added in v0.0.3 

func SetupDopplerClient(ctx context.Context, t *testing.T) *DopplerClient

SetupDopplerClient creates and authenticates a Doppler client for testing

type DopplerSecretsUpdateRequest added in v0.0.3 

type DopplerSecretsUpdateRequest struct {
	Project string            `json:"project"`
	Config  string            `json:"config"`
	Secrets map[string]string `json:"secrets"`
}

DopplerSecretsUpdateRequest represents the request body for updating secrets According to Doppler API: https://docs.doppler.com/reference/secrets-update The body format is: 

{
  "project": "PROJECT_NAME",
  "config": "CONFIG_NAME",
  "secrets": {
    "SECRET_NAME": "secret_value"
  }
}

type GCSMContainer 

type GCSMContainer struct {
	Container testcontainers.Container // nil for real API
	Endpoint  string                   // empty for real API
	Client    *secretmanager.Client
	ProjectID string // GCP project ID for real API
	Cleanup   func() error
}

GCSMContainer wraps GCSM client for real API testing

func SetupGCSM 

func SetupGCSM(ctx context.Context, t *testing.T) *GCSMContainer

SetupGCSM creates a client for real Google Cloud Secret Manager API Requires GOOGLE_APPLICATION_CREDENTIALS or gcloud auth to be configured

type LocalStackContainer 

type LocalStackContainer struct {
	Container *localstack.LocalStackContainer
	Endpoint  string
	Cleanup   func() error
}

LocalStackContainer wraps LocalStack container and its endpoint

func SetupLocalStack 

func SetupLocalStack(ctx context.Context, t *testing.T) *LocalStackContainer

SetupLocalStack starts a LocalStack container and returns the container info

type OpenBaoContainer added in v0.0.3 

type OpenBaoContainer struct {
	Container testcontainers.Container
	Address   string
	Client    *api.Client
	Cleanup   func() error
}

OpenBaoContainer wraps OpenBao container, address, and client

func SetupOpenBao added in v0.0.3 

func SetupOpenBao(ctx context.Context, t *testing.T) *OpenBaoContainer

SetupOpenBao starts an OpenBao container and returns the container info OpenBao is API-compatible with HashiCorp Vault, so we use the same Vault API client

type VaultContainer 

type VaultContainer struct {
	Container *vault.VaultContainer
	Address   string
	Client    *api.Client
	Cleanup   func() error
}

VaultContainer wraps Vault container, address, and client

func SetupVault 

func SetupVault(ctx context.Context, t *testing.T) *VaultContainer

SetupVault starts a Vault container and returns the container info

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.