spec/storage_spec.rb


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56

require 'spec_helper'

RSpec.describe Trunk::Storage do
  let(:crypto) { Crypto.new(key) }
  let(:serializer) do
    x = Trunk::Serializers::Composite.new
    x.add(Trunk::Serializers::Crypto.new(key))
    x.add(Trunk::Serializers::Base64.new)
    x
  end

  describe "#fetch" do
    subject { described_class.new(encrypted_hash, serializer) }
    let(:key) { OpenSSL::PKey::RSA.new(4096) }
    let(:encrypted_hash) do
      decrypted_hash.keys.inject({}) do |x, y|
        x[y] = Base64.strict_encode64(crypto.encrypt(decrypted_hash[y]))
        x
      end
    end
    let(:decrypted_hash) do
      {
        'development.secret' => SecureRandom.hex(32),
        'test.secret' => SecureRandom.hex(32),
        'production.secret' => SecureRandom.hex(32),
      }
    end

    [
      'development.secret',
      'test.secret',
      'production.secret',
    ].each do |x|
      specify do
        expect(subject.fetch(x)).to eql(decrypted_hash[x])
      end
    end

    specify { expect(subject.fetch('unknown')).to be_nil }
  end

  describe "#store" do
    subject { described_class.new(items, serializer) }
    let(:key) { OpenSSL::PKey::RSA.new(4096) }
    let(:items) { { } }
    let(:secret) { SecureRandom.hex(32) }

    context "when an item is added to store" do
      before { subject.store('staging.secret', secret) }

      specify { expect(items).to have_key('staging.secret') }
      specify { expect(items['staging.secret']).not_to be_nil }
      specify { expect(crypto.decrypt(Base64.decode64(items['staging.secret']))).to eql(secret) }
    end
  end
end