add tests and update digests.txt

tkhq · Apr 29, 2024 · 2d5f686 · 2d5f686
1 parent 16392d3
commit 2d5f686
Show file tree

Hide file tree

Showing 3 changed files with 67 additions and 7 deletions.
diff --git a/digests.txt b/digests.txt
@@ -1,4 +1,4 @@
-18e304d889046b605899a49675dfac60706b0cf7431ef221abd125e75ba932d2  turnkey.darwin-aarch64
-b14ee79bef05348c6dc48e8007c5b61650b08d3815c875d0af8d275b9a5d6246  turnkey.darwin-x86_64
-c8709cfbe46d8f07e7e1469f80c11c64853fe4e94e3462079a18ee2e4675ef73  turnkey.linux-aarch64
-f507170cd2772a5f57f97c65c132e2a123cd72a140f3b299ae730dcebdb9350c  turnkey.linux-x86_64
+59e258836b3ac1d15efb49c2ff9637bcf8d72aa6a74165999525b0520af3c16c  turnkey.darwin-aarch64
+da1534435bf06f6c988ec01c48c3a0645984327a349e26156c1d142df3d27ef4  turnkey.darwin-x86_64
+ea239121f7c7816532f9bc36563439b86f53da6b8d2ce7b7342a2eda29dbfd07  turnkey.linux-aarch64
+10e01fce0e0287bead3a3a600d43eb64510a68937d7c9345d9484bb1e3853e38  turnkey.linux-x86_64
diff --git a/src/cmd/turnkey/main_test.go b/src/cmd/turnkey/main_test.go
@@ -57,7 +57,7 @@ func TestHelpText(t *testing.T) {
 	assert.Contains(t, out, "Available Commands:")
 }
 
-func TestKeygenInTmpFolder(t *testing.T) {
+func TestAPIKeygenInTmpFolder(t *testing.T) {
 	orgID := uuid.New()
 
 	tmpDir, err := os.MkdirTemp(TempDir, "keys")
@@ -83,7 +83,34 @@ func TestKeygenInTmpFolder(t *testing.T) {
 	assert.Equal(t, parsedOut["privateKeyFile"], tmpDir+"/mykey.private")
 }
 
-func TestKeygenDetectExistingKey(t *testing.T) {
+func TestEncryptionKeygenInTmpFolder(t *testing.T) {
+	orgID := uuid.New()
+	userID := uuid.New()
+
+	tmpDir, err := os.MkdirTemp(TempDir, "encryption-keys")
+	assert.Nil(t, err)
+
+	defer func() { assert.Nil(t, os.RemoveAll(tmpDir)) }()
+
+	out, err := RunCliWithArgs(t, []string{"generate", "encryption-key", "--encryption-keys-folder", tmpDir, "--encryption-key-name", "mykey", "--organization", orgID.String(), "--user", userID.String()})
+	assert.Nil(t, err)
+
+	assert.FileExists(t, tmpDir+"/mykey.public")
+	assert.FileExists(t, tmpDir+"/mykey.private")
+
+	publicKeyData, err := os.ReadFile(tmpDir + "/mykey.public")
+	assert.Nil(t, err)
+
+	var parsedOut map[string]string
+
+	assert.Nil(t, json.Unmarshal([]byte(out), &parsedOut))
+
+	assert.Equal(t, parsedOut["publicKey"], string(publicKeyData))
+	assert.Equal(t, parsedOut["publicKeyFile"], tmpDir+"/mykey.public")
+	assert.Equal(t, parsedOut["privateKeyFile"], tmpDir+"/mykey.private")
+}
+
+func TestAPIKeygenDetectExistingKey(t *testing.T) {
 	orgID := uuid.New()
 
 	tmpDir, err := os.MkdirTemp(TempDir, "keys")
@@ -105,6 +132,29 @@ func TestKeygenDetectExistingKey(t *testing.T) {
 	assert.Equal(t, err.Error(), "exit status 1")
 }
 
+func TestEncryptionKeygenDetectExistingKey(t *testing.T) {
+	orgID := uuid.New()
+	userID := uuid.New()
+
+	tmpDir, err := os.MkdirTemp(TempDir, "encryption-keys")
+	defer func() { assert.Nil(t, os.RemoveAll(tmpDir)) }()
+
+	assert.Nil(t, err)
+
+	err = os.WriteFile(tmpDir+"/myexistingkey.public", []byte("mykey.public"), 0o755)
+	assert.Nil(t, err)
+
+	err = os.WriteFile(tmpDir+"/myexistingkey.private", []byte("mykey.private"), 0o755)
+	assert.Nil(t, err)
+
+	assert.FileExists(t, tmpDir+"/myexistingkey.public")
+	assert.FileExists(t, tmpDir+"/myexistingkey.private")
+
+	_, err = RunCliWithArgs(t, []string{"generate", "encryption-key", "--organization", orgID.String(), "--user", userID.String(), "--encryption-keys-folder", tmpDir, "--encryption-key-name", "myexistingkey"})
+	assert.NotNil(t, err)
+	assert.Equal(t, err.Error(), "exit status 1")
+}
+
 func TestStamp(t *testing.T) {
 	orgID := uuid.New()
 

diff --git a/src/cmd/turnkey/pkg/decrypt.go b/src/cmd/turnkey/pkg/decrypt.go
@@ -107,8 +107,18 @@ func LoadEncryptionKeypair(name string) {
 		Organization = encryptionKey.Organization
 	}
 
-	// If org is _still_ empty, the API key is not usable.
+	// If org is _still_ empty, the encryption key is not usable.
 	if Organization == "" {
 		OutputError(eris.New("failed to associate the encryption key with an organization; please manually specify the organization ID"))
 	}
+
+	// If we haven't had the user explicitly set try to load it from key metadata.
+	if User == "" {
+		User = encryptionKey.User
+	}
+
+	// If user is _still_ empty, the encryption key is not usable.
+	if User == "" {
+		OutputError(eris.New("failed to associate the encryption key with a user; please manually specify the user ID"))
+	}
 }