chore: add test on preprod

Author: ldesauw

.github/workflows/test.yaml

@@ -58,3 +58,57 @@ jobs:
             ./tests/out/coverage.txt
             ./tests/out/coverage.html
           retention-days: 5
+
+  test-preprod:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: ./.github/actions/setup-build-env
+      - name: Build CLI
+        run: go build -cover ./cmd/okms
+      - name: Setup Venom
+        run: |
+          wget https://github.com/ovh/venom/releases/download/v1.2.0/venom.linux-amd64
+          mv venom.linux-amd64 venom
+          chmod +x venom
+      - name: Setup okms config file
+        run: |
+          echo "${{secrets.KMS_PREPROD_CERTIFICATE}}" > tls.crt
+          echo "${{secrets.KMS_PREPROD_PRIVATEKEY}}" > tls.key
+          cat > okms.yaml <<-EOF
+          version: 1
+          profile: default
+          profiles:
+            default: # default profile
+              http:
+                endpoint: ${{secrets.KMS_PREPROD_ENDPOINT}}
+                auth:
+                  type: mtls
+                  cert: $(pwd)/tls.crt
+                  key: $(pwd)/tls.key
+              kmip:
+                endpoint: ${{secrets.KMS_PREPROD_KMIP_ENDPOINT}}
+                auth:
+                  type: mtls
+                  cert: $(pwd)/tls.crt
+                  key: $(pwd)/tls.key
+          EOF
+      - name: Test connectivity to KMS dmain
+        run: ./okms keys ls -d -c okms.yaml
+      - name: Execute tests
+        run: make -C tests
+      - uses: actions/upload-artifact@v4
+        with:
+          name: test_results
+          path: |
+            ./tests/out/test_results.html
+            ./tests/out/venom.log
+          retention-days: 5
+        if: always()
+      - uses: actions/upload-artifact@v4
+        with:
+          name: coverage
+          path: |
+            ./tests/out/coverage.txt
+            ./tests/out/coverage.html
+          retention-days: 5

cmd/okms/secretsV2/config.go

@@ -51,24 +51,24 @@ func secretGetConfigCommand() *cobra.Command {
 
 func secretUpdateConfigCommand() *cobra.Command {
 	var (
-		casRequired        bool
-		maxVersions        uint32
-		deleteVersionAfter string
+		casRequired            bool
+		maxVersions            uint32
+		deactivateVersionAfter string
 	)
 
 	cmd := &cobra.Command{
 		Use:   "update",
 		Short: "Update secrets configuration",
-		Args:  cobra.MinimumNArgs(1),
+		Args:  cobra.MinimumNArgs(0),
 		Run: func(cmd *cobra.Command, args []string) {
 			var c *bool
 			if cmd.Flag("cas-required").Changed {
 				c = &casRequired
 			}
 
 			var d *string
-			if cmd.Flag("delete-after").Changed {
-				d = &deleteVersionAfter
+			if cmd.Flag("deactivate-after").Changed {
+				d = &deactivateVersionAfter
 			}
 
 			var m *uint32
@@ -88,6 +88,6 @@ func secretUpdateConfigCommand() *cobra.Command {
 
 	cmd.Flags().BoolVar(&casRequired, "cas-required", false, "If true all keys will require the cas parameter to be set on all write requests.")
 	cmd.Flags().Uint32Var(&maxVersions, "max-versions", 0, "The number of versions to keep per key. This value applies to all keys, but a key's metadata setting can overwrite this value. Once a key has more than the configured allowed versions, the oldest version will be permanently deleted. ")
-	cmd.Flags().StringVar(&deleteVersionAfter, "delete-after", "0s", "If set, specifies the length of time before a version is deleted.\nDate format, see: https://developer.hashicorp.com/vault/docs/concepts/duration-format")
+	cmd.Flags().StringVar(&deactivateVersionAfter, "deactivate-after", "0s", "If set, specifies the length of time before a version is deleted.\nDate format, see: https://developer.hashicorp.com/vault/docs/concepts/duration-format")
 	return cmd
 }

tests/secrets.yaml

@@ -257,4 +257,18 @@ testcases:
         assertions:
           - result.code ShouldEqual 0
 
-  
+  - name: Secret config 
+    steps: 
+      - name: Update config 
+        type: okms-cmd
+        args: secret config update --deactivate-after="1d" --max-versions=24 
+        assertions:
+          - result.code ShouldEqual 0
+      - name: Read config 
+        type: okms-cmd
+        args: secret config get 
+        assertions:
+          - result.code ShouldEqual 0
+          - result.systemoutjson.deactivate-version-after ShouldEqual "1d"
+          - result.systemoutjson.max-version ShouldEqual "24"
+