Skip to content

Commit

Permalink
(chocolatey#3565) Add Pester tests for Credential Provider
Browse files Browse the repository at this point in the history
Add Pester tests to ensure we don't inadvertently bleed configured
credentials into scenarios where they should not be used.
  • Loading branch information
corbob committed Nov 21, 2024
1 parent d2ac771 commit 090ed11
Show file tree
Hide file tree
Showing 4 changed files with 84 additions and 7 deletions.
6 changes: 2 additions & 4 deletions tests/helpers/common/Chocolatey/Disable-ChocolateySource.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -8,10 +8,8 @@ function Disable-ChocolateySource {
[Parameter()]
[switch]$All
)
# Significantly weird behaviour with piping this source list by property name.
$CurrentSources = (Invoke-Choco source list -r).Lines | ConvertFrom-ChocolateyOutput -Command SourceList | Where-Object {
$_.Name -like $Name
}

$CurrentSources = Get-ChocolateySource -Name $Name
foreach ($Source in $CurrentSources) {
$null = Invoke-Choco source disable --name $Source.Name
}
Expand Down
4 changes: 1 addition & 3 deletions tests/helpers/common/Chocolatey/Enable-ChocolateySource.ps1
Original file line number Diff line number Diff line change
Expand Up @@ -9,9 +9,7 @@ function Enable-ChocolateySource {
[switch]$All
)
# Significantly weird behaviour with piping this source list by property name.
$CurrentSources = (Invoke-Choco source list -r).Lines | ConvertFrom-ChocolateyOutput -Command SourceList | Where-Object {
$_.Name -like $Name
}
$CurrentSources = Get-ChocolateySource -Name $Name
foreach ($Source in $CurrentSources) {
$null = Invoke-Choco source enable --name $Source.Name
}
Expand Down
14 changes: 14 additions & 0 deletions tests/helpers/common/Chocolatey/Get-ChocolateySource.ps1
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
function Get-ChocolateySource {
[CmdletBinding()]
param(
[Parameter()]
[string]$Name = "*",

[Parameter()]
[switch]$All
)
# Significantly weird behaviour with piping this source list by property name.
(Invoke-Choco source list -r).Lines | ConvertFrom-ChocolateyOutput -Command SourceList | Where-Object {
$_.Name -like $Name
}
}
67 changes: 67 additions & 0 deletions tests/pester-tests/features/CredentialProvider.Tests.ps1
Original file line number Diff line number Diff line change
@@ -0,0 +1,67 @@
Describe 'Ensuring credentials do not bleed from configured sources' -Tag CredentialProvider -ForEach @(
@{
Command = 'info'
QueryString = "`$filter=(tolower(Id)%20eq%20'chocolatey-compatibility.extension')%20and%20IsLatestVersion&semVerLevel=2.0.0"
ExitCode = 0
}
@{
Command = 'install'
QueryString = "`$filter=(tolower(Id)%20eq%20'chocolatey-compatibility.extension')%20and%20IsLatestVersion&semVerLevel=2.0.0"
ExitCode = 1
}
@{
Command = 'outdated'
QueryString = "`$filter=(tolower(Id)%20eq%20'chocolatey-license-business')%20and%20IsLatestVersion&semVerLevel=2.0.0"
ExitCode = 0
}
@{
Command = 'search'
QueryString = "`$filter=((((Id%20ne%20null)%20and%20substringof('chocolatey-compatibility.extension',tolower(Id)))%20or%20((Description%20ne%20null)%20and%20substringof('chocolatey-compatibility.extension',tolower(Description))))%20or%20((Tags%20ne%20null)%20and%20substringof('%20chocolatey-compatibility.extension%20',tolower(Tags))))%20and%20IsLatestVersion&`$orderby=Id&`$skip=0&`$top=30&semVerLevel=2.0.0"
ExitCode = 1
}
@{
Command = 'upgrade'
QueryString = "`$filter=(tolower(Id)%20eq%20'chocolatey-compatibility.extension')%20and%20IsLatestVersion&semVerLevel=2.0.0"
ExitCode = 1
}
@{
Command = 'download'
QueryString = "`$filter=(tolower(Id)%20eq%20'chocolatey-compatibility.extension')%20and%20IsLatestVersion&semVerLevel=2.0.0"
ExitCode = 1
}
) {
BeforeDiscovery {
$HasLicensedExtension = Test-PackageIsEqualOrHigher -PackageName 'chocolatey.extension' -Version '6.0.0'
}

BeforeAll {
Initialize-ChocolateyTestInstall
Disable-ChocolateySource -All
Enable-ChocolateySource -Name 'hermes'
$SetupSource = Get-ChocolateySource -Name 'hermes-setup'
Remove-Item download -force -recurse
}

# Skip the download command if chocolatey.extension is not installed.
Context 'Command (<Command>)' -Skip:($Command -eq 'download' -and -not $HasLicensedExtension) {
BeforeAll {
# Picked a package that is on `hermes-setup` but not on `hermes`.
$PackageUnderTest = 'chocolatey-compatibility.extension'
Restore-ChocolateyInstallSnapshot
# Chocolatey will prompt for credentials, we need to force something in there, and this will do that.
$Output = 'n' | Invoke-Choco $Command $PackageUnderTest --confirm --source="'$($SetupSource.Url)'"
}

AfterAll {
Remove-ChocolateyInstallSnapshot
}

It 'Exits Correctly (<ExitCode>)' {
$Output.ExitCode | Should -Be $ExitCode -Because $Output.String
}

It 'Outputs error message' {
$Output.Lines | Should -Contain "Failed to fetch results from V2 feed at '$($SetupSource.Url.Trim('/'))/Packages()?$QueryString' with following message : Response status code does not indicate success: 401 (Unauthorized)." -Because $Output.String
}
}
}

0 comments on commit 090ed11

Please # to comment.