Is your feature request related to a problem? Please describe.
We currently have a number of service broker test docker-compose services, each with slightly different environment variables. This arrangement is bulky and static, and requires a whole container to be spun up to change (what is in general) the behavior of single endpoint for each instance. Developing against this comes with, what I think is, an unnecessary overheard.
I think a better approach is to use the rspec helpers for rails and to make the requests in-process, using stubs/mocks to modify the environment for each test scenario. It would allow us to achieve the same thing but give us a lot more flexibility.
These services cater to the following cucumber scenarios:
Scenario: Bind resource with incorrect Conjur credentials
Given I use a service broker with a bad Conjur API key
When I make a bind request with body:
"""
{
"service_id": "c024e536-6dc4-45c6-8a53-127e7f8275ab",
"plan_id": "3a116ac2-fc8b-496f-a715-e9a1b205d05c.community",
"bind_resource": {
"app_guid": "bb841d2b-8287-47a9-ac8f-eef4c16106f8"
},
"parameters": {
"parameter1": 1,
"parameter2": "foo"
}
}
"""
Then the HTTP response status code is "403"
And the JSON should be {}
Scenario: Bind resource with Conjur server error
Given I use a service broker with a bad Conjur URL
When I make a bind request with body:
"""
{
"service_id": "c024e536-6dc4-45c6-8a53-127e7f8275ab",
"plan_id": "3a116ac2-fc8b-496f-a715-e9a1b205d05c.community",
"bind_resource": {
"app_guid": "bb841d2b-8287-47a9-ac8f-eef4c16106f8"
},
"parameters": {
"parameter1": 1,
"parameter2": "foo"
}
}
"""
Then the HTTP response status code is "500"
And the JSON should be {}
The suggestion here is to get rid of both the docker-compose services and the associated cucumber tests in favour of the following rspec tests which are equivalent and more lightweight.
require 'spec_helper'
# make_bind_request_with_env makes a valid bind request, and for the duration of its run uses the provided
# hash to replace the environment variables in the context that the endpoint is evaluated.
def make_bind_request_with_env(env = {})
# Setup stubs
allow(ENV).to receive(:[]).and_call_original
env.each do |key, value|
allow(ENV).to receive(:[]).with(key.to_s).and_return(value)
end
service_id = SecureRandom.uuid
binding_id = SecureRandom.uuid
url = "/v2/service_instances/#{service_id}/service_bindings/#{binding_id}"
put(url,
params: {
service_id: "c024e536-6dc4-45c6-8a53-127e7f8275ab",
plan_id: "3a116ac2-fc8b-496f-a715-e9a1b205d05c.community",
bind_resource: {
app_guid: "bb841d2b-8287-47a9-ac8f-eef4c16106f8"
},
parameters: {
parameter1: 1,
parameter2: "foo"
}
},
headers: {
'X-Broker-API-Version' => '2.13',
'HTTP_AUTHORIZATION' => ActionController::HttpAuthentication::Basic.encode_credentials(
ENV['SECURITY_USER_NAME'],
ENV['SECURITY_USER_PASSWORD'],
)
})
# Clear stubs
allow(ENV).to receive(:[]).and_call_original
end
# Here it is assumed that the environment already has the environment variables for the happy path,
# so that a call to make_bind_request_with_env is a deviation from the happy path.
RSpec.describe BindController, type: :request do
it '500 when bind resource with a bad Conjur URL' do
make_bind_request_with_env(
{
CONJUR_APPLIANCE_URL: "http://badurl.invalid"
})
expect(response.content_type).to eq("text/html")
expect(response).to have_http_status(:internal_server_error )
end
it '403 when bind resource with a bad Conjur API key' do
make_bind_request_with_env(
{
CONJUR_AUTHN_API_KEY: "bad-api-key"
})
expect(response.content_type).to eq("application/json")
expect(response).to have_http_status(:forbidden )
end
end
Is your feature request related to a problem? Please describe.
We currently have a number of service broker test docker-compose services, each with slightly different environment variables. This arrangement is bulky and static, and requires a whole container to be spun up to change (what is in general) the behavior of single endpoint for each instance. Developing against this comes with, what I think is, an unnecessary overheard.
I think a better approach is to use the rspec helpers for rails and to make the requests in-process, using stubs/mocks to modify the environment for each test scenario. It would allow us to achieve the same thing but give us a lot more flexibility.
Describe the solution you would like
Right now we have 2 docker-compose services:
These services cater to the following cucumber scenarios:
The suggestion here is to get rid of both the docker-compose services and the associated cucumber tests in favour of the following rspec tests which are equivalent and more lightweight.
Describe alternatives you have considered
N/A
Additional context
N/A