You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@nifi.apache.org by pv...@apache.org on 2022/12/25 16:51:50 UTC

[nifi] branch main updated: NIFI-10971: improved edge case handling while fetching objects using Azure Key Vault Client and added unit tests

This is an automated email from the ASF dual-hosted git repository.

pvillard pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/nifi.git


The following commit(s) were added to refs/heads/main by this push:
     new bf24d575b3 NIFI-10971: improved edge case handling while fetching objects using Azure Key Vault Client and added unit tests
bf24d575b3 is described below

commit bf24d575b34bfd6a8b31bfd6ea3662863b59b492
Author: Emilio Setiadarma <em...@gmail.com>
AuthorDate: Mon Dec 12 19:07:21 2022 -0800

    NIFI-10971: improved edge case handling while fetching objects using Azure Key Vault Client and added unit tests
    
    Signed-off-by: Pierre Villard <pi...@gmail.com>
    
    This closes #6780.
---
 .../AzureKeyVaultSecretsParameterProvider.java     | 13 ++++--
 .../TestAzureKeyVaultSecretsParameterProvider.java | 54 ++++++++++++++++++++++
 2 files changed, 64 insertions(+), 3 deletions(-)

diff --git a/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-parameter-providers/src/main/java/org/apache/nifi/parameter/azure/AzureKeyVaultSecretsParameterProvider.java b/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-parameter-providers/src/main/java/org/apache/nifi/parameter/azure/AzureKeyVaultSecretsParameterProvider.java
index 82f202533c..568dc49384 100644
--- a/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-parameter-providers/src/main/java/org/apache/nifi/parameter/azure/AzureKeyVaultSecretsParameterProvider.java
+++ b/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-parameter-providers/src/main/java/org/apache/nifi/parameter/azure/AzureKeyVaultSecretsParameterProvider.java
@@ -132,8 +132,10 @@ public class AzureKeyVaultSecretsParameterProvider extends AbstractParameterProv
         final List<KeyVaultSecret> secrets = new ArrayList<>();
 
         for (final SecretProperties secretProperties : secretClient.listPropertiesOfSecrets()) {
-            KeyVaultSecret secretWithValue = secretClient.getSecret(secretProperties.getName(), secretProperties.getVersion());
-            secrets.add(secretWithValue);
+            if (secretProperties.isEnabled()) {
+                KeyVaultSecret secretWithValue = secretClient.getSecret(secretProperties.getName(), secretProperties.getVersion());
+                secrets.add(secretWithValue);
+            }
         }
 
         return secrets;
@@ -145,7 +147,12 @@ public class AzureKeyVaultSecretsParameterProvider extends AbstractParameterProv
             final String parameterName = secret.getName();
             final String parameterValue = secret.getValue();
 
-            final String parameterGroupName = secret.getProperties().getTags().get(GROUP_NAME_TAG);
+            final Map<String, String> tags = secret.getProperties().getTags();
+            if (tags == null) {
+                getLogger().debug("Secret with parameter name [{}] not recognized as a valid parameter since it does not have tags");
+                continue;
+            }
+            final String parameterGroupName = tags.get(GROUP_NAME_TAG);
             if (parameterGroupName == null) {
                 getLogger().debug("Secret with parameter name [{}] not recognized as a valid parameter since it " +
                                 "does not have the [{}] tag", parameterName, GROUP_NAME_TAG);
diff --git a/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-parameter-providers/src/test/java/org/apache/nifi/parameter/azure/TestAzureKeyVaultSecretsParameterProvider.java b/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-parameter-providers/src/test/java/org/apache/nifi/parameter/azure/TestAzureKeyVaultSecretsParameterProvider.java
index 92c3f2eaae..95e52e85dc 100644
--- a/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-parameter-providers/src/test/java/org/apache/nifi/parameter/azure/TestAzureKeyVaultSecretsParameterProvider.java
+++ b/nifi-nar-bundles/nifi-azure-bundle/nifi-azure-parameter-providers/src/test/java/org/apache/nifi/parameter/azure/TestAzureKeyVaultSecretsParameterProvider.java
@@ -96,6 +96,59 @@ public class TestAzureKeyVaultSecretsParameterProvider {
         runProviderTest( 8, ConfigVerificationResult.Outcome.SUCCESSFUL);
     }
 
+    @Test
+    public void testFetchDisabledParameters() throws IOException, InitializationException {
+        final List<SecretProperties> secretPropertiesList = new ArrayList<>();
+        for (final ParameterGroup group : mockParameterGroups) {
+            for (final Parameter parameter : group.getParameters()) {
+                final SecretProperties secretProperties = mock(SecretProperties.class);
+
+                when(secretProperties.isEnabled()).thenReturn(false);
+
+                secretPropertiesList.add(secretProperties);
+            }
+
+        }
+
+        final PagedIterable<SecretProperties> mockIterable = mock(PagedIterable.class);
+        when(secretClient.listPropertiesOfSecrets()).thenReturn(mockIterable);
+        when(mockIterable.iterator()).thenReturn(secretPropertiesList.iterator());
+        runProviderTest( 0, ConfigVerificationResult.Outcome.SUCCESSFUL);
+    }
+
+    @Test
+    public void testFetchParametersWithNullTagsShouldNotThrowError() throws IOException, InitializationException {
+        final List<SecretProperties> secretPropertiesList = new ArrayList<>();
+        for (final ParameterGroup group : mockParameterGroups) {
+            for (final Parameter parameter : group.getParameters()) {
+                final String parameterName = parameter.getDescriptor().getName();
+                final String parameterValue = parameter.getValue();
+                final KeyVaultSecret secret = mock(KeyVaultSecret.class);
+                when(secret.getName()).thenReturn(parameterName);
+                when(secret.getValue()).thenReturn(parameterValue);
+
+                final SecretProperties secretProperties = mock(SecretProperties.class);
+                when(secret.getProperties()).thenReturn(secretProperties);
+
+                final Map<String, String> tags = null;
+                when(secretProperties.getTags()).thenReturn(tags);
+
+                when(secretProperties.getName()).thenReturn(parameterName);
+                when(secretProperties.getVersion()).thenReturn(null);
+                when(secretProperties.isEnabled()).thenReturn(true);
+                when(secretClient.getSecret(eq(parameterName), any())).thenReturn(secret);
+
+                secretPropertiesList.add(secretProperties);
+            }
+
+        }
+
+        final PagedIterable<SecretProperties> mockIterable = mock(PagedIterable.class);
+        when(secretClient.listPropertiesOfSecrets()).thenReturn(mockIterable);
+        when(mockIterable.iterator()).thenReturn(secretPropertiesList.iterator());
+        runProviderTest( 0, ConfigVerificationResult.Outcome.SUCCESSFUL);
+    }
+
     @Test
     public void testFetchParametersListFailure() throws IOException, InitializationException {
         when(secretClient.listPropertiesOfSecrets()).thenThrow(new RuntimeException("Fake RuntimeException"));
@@ -129,6 +182,7 @@ public class TestAzureKeyVaultSecretsParameterProvider {
 
                 when(secretProperties.getName()).thenReturn(parameterName);
                 when(secretProperties.getVersion()).thenReturn(null);
+                when(secretProperties.isEnabled()).thenReturn(true);
                 when(secretClient.getSecret(eq(parameterName), any())).thenReturn(secret);
 
                 secretPropertiesList.add(secretProperties);