@@ -12,96 +12,71 @@ keyExpired.setMonth(keyExpired.getMonth() - 1);
1212
1313const listKeyVaults = [
1414 {
15- id : '/subscriptions/abcdfget-ebf6-437f-a3b0-28fc0d22111e /resourceGroups/akhtar -rg/providers/Microsoft.KeyVault/vaults/nauman- test' ,
16- name : 'nauman- test' ,
15+ id : '/subscriptions/123 /resourceGroups/test -rg/providers/Microsoft.KeyVault/vaults/test-vault ' ,
16+ name : 'test-vault ' ,
1717 type : 'Microsoft.KeyVault/vaults' ,
1818 location : 'eastus' ,
19- tags : { owner : 'kubernetes' } ,
20- sku : { family : 'A' , name : 'Standard' } ,
21- tenantId : '2d4f0836-5935-47f5-954c-14e713119ac2' ,
22- accessPolicies : [
23- {
24- tenantId : '2d4f0836-5935-47f5-954c-14e713119ac2' ,
25- objectId : 'b4062000-c33b-448b-817e-fa0f17bef4b9' ,
26- permissions : {
27- keys : [ 'Get' , 'List' ] ,
28- secrets : [ 'Get' , 'List' ] ,
29- certificates : [ 'Get' , 'List' ]
30- }
31- }
32- ] ,
33- enableSoftDelete : true ,
34- softDeleteRetentionInDays : 7 ,
35- enableRbacAuthorization : false ,
36- vaultUri : 'https://nauman-test.vault.azure.net/' ,
37- provisioningState : 'Succeeded'
38- }
39- ] ;
40-
41- const getKeys = [
19+ properties : {
20+ enableRbacAuthorization : true ,
21+ vaultUri : 'https://test-vault.vault.azure.net/'
22+ }
23+ } ,
24+ {
25+ id : '/subscriptions/123/resourceGroups/test-rg/providers/Microsoft.KeyVault/vaults/test-vault-2' ,
26+ name : 'test-vault-2' ,
27+ type : 'Microsoft.KeyVault/vaults' ,
28+ location : 'eastus' ,
29+ properties : {
30+ enableRbacAuthorization : false ,
31+ vaultUri : 'https://test-vault-2.vault.azure.net/'
32+ }
33+ }
34+ ] ;
35+
36+ const getKeys = [
4237 {
4338 "attributes" : {
4439 "created" : "2022-04-10T17:57:43+00:00" ,
4540 "enabled" : true ,
4641 "expires" : null ,
4742 "notBefore" : null ,
48- "recoveryLevel" : "CustomizedRecoverable+Purgeable" ,
4943 "updated" : "2022-04-10T17:57:43+00:00"
5044 } ,
51- "kid" : "https://nauman-test.vault.azure.net/keys/nauman-test" ,
52- "managed" : null ,
53- "name" : "nauman-test" ,
54- "tags" : {
55- "hello" : "world"
56- }
45+ "kid" : "https://test-vault.vault.azure.net/keys/test-key" ,
46+ "name" : "test-key"
5747 } ,
5848 {
5949 "attributes" : {
6050 "created" : "2022-04-10T17:57:43+00:00" ,
6151 "enabled" : true ,
6252 "expires" : keyExpiryPass ,
6353 "notBefore" : null ,
64- "recoveryLevel" : "CustomizedRecoverable+Purgeable" ,
6554 "updated" : "2022-04-10T17:57:43+00:00"
6655 } ,
67- "kid" : "https://nauman-test.vault.azure.net/keys/nauman-test" ,
68- "managed" : null ,
69- "name" : "nauman-test" ,
70- "tags" : {
71- "hello" : "world"
72- }
56+ "kid" : "https://test-vault.vault.azure.net/keys/test-key-2" ,
57+ "name" : "test-key-2"
7358 } ,
7459 {
7560 "attributes" : {
7661 "created" : "2022-04-10T17:57:43+00:00" ,
7762 "enabled" : true ,
7863 "expires" : keyExpiryFail ,
7964 "notBefore" : null ,
80- "recoveryLevel" : "CustomizedRecoverable+Purgeable" ,
8165 "updated" : "2022-04-10T17:57:43+00:00"
8266 } ,
83- "kid" : "https://nauman-test.vault.azure.net/keys/nauman-test" ,
84- "managed" : null ,
85- "name" : "nauman-test" ,
86- "tags" : {
87- "hello" : "world"
88- }
67+ "kid" : "https://test-vault.vault.azure.net/keys/test-key-3" ,
68+ "name" : "test-key-3"
8969 } ,
9070 {
9171 "attributes" : {
9272 "created" : "2022-04-10T17:57:43+00:00" ,
9373 "enabled" : true ,
9474 "expires" : keyExpired ,
9575 "notBefore" : null ,
96- "recoveryLevel" : "CustomizedRecoverable+Purgeable" ,
9776 "updated" : "2022-04-10T17:57:43+00:00"
9877 } ,
99- "kid" : "https://nauman-test.vault.azure.net/keys/nauman-test" ,
100- "managed" : null ,
101- "name" : "nauman-test" ,
102- "tags" : {
103- "hello" : "world"
104- }
78+ "kid" : "https://test-vault.vault.azure.net/keys/test-key-4" ,
79+ "name" : "test-key-4"
10580 }
10681] ;
10782
@@ -116,7 +91,7 @@ const createCache = (err, list, keys) => {
11691 } ,
11792 getKeys : {
11893 'eastus' : {
119- '/subscriptions/abcdfget-ebf6-437f-a3b0-28fc0d22111e /resourceGroups/akhtar -rg/providers/Microsoft.KeyVault/vaults/nauman- test' : {
94+ '/subscriptions/123 /resourceGroups/test -rg/providers/Microsoft.KeyVault/vaults/test-vault ' : {
12095 err : err ,
12196 data : keys
12297 }
@@ -126,9 +101,9 @@ const createCache = (err, list, keys) => {
126101 }
127102} ;
128103
129- describe ( 'keyVaultKeyExpiry ' , function ( ) {
104+ describe ( 'keyVaultKeyExpiryRbac ' , function ( ) {
130105 describe ( 'run' , function ( ) {
131- it ( 'should give passing result if no keys found' , function ( done ) {
106+ it ( 'should give passing result if no key vaults found' , function ( done ) {
132107 const callback = ( err , results ) => {
133108 expect ( results . length ) . to . equal ( 1 ) ;
134109 expect ( results [ 0 ] . status ) . to . equal ( 0 ) ;
@@ -144,7 +119,7 @@ describe('keyVaultKeyExpiry', function() {
144119 const callback = ( err , results ) => {
145120 expect ( results . length ) . to . equal ( 1 ) ;
146121 expect ( results [ 0 ] . status ) . to . equal ( 0 ) ;
147- expect ( results [ 0 ] . message ) . to . include ( 'Key expiration is not enabled' ) ;
122+ expect ( results [ 0 ] . message ) . to . include ( 'Key expiration is not enabled in RBAC vault ' ) ;
148123 expect ( results [ 0 ] . region ) . to . equal ( 'eastus' ) ;
149124 done ( )
150125 } ;
@@ -156,36 +131,36 @@ describe('keyVaultKeyExpiry', function() {
156131 const callback = ( err , results ) => {
157132 expect ( results . length ) . to . equal ( 1 ) ;
158133 expect ( results [ 0 ] . status ) . to . equal ( 0 ) ;
159- expect ( results [ 0 ] . message ) . to . include ( 'Key expires in' ) ;
134+ expect ( results [ 0 ] . message ) . to . include ( 'Key in RBAC vault expires in' ) ;
160135 expect ( results [ 0 ] . region ) . to . equal ( 'eastus' ) ;
161136 done ( )
162137 } ;
163138
164- auth . run ( createCache ( null , listKeyVaults , [ getKeys [ 1 ] ] ) , { key_vault_key_expiry_fail : '30' } , callback ) ;
139+ auth . run ( createCache ( null , [ listKeyVaults [ 0 ] ] , [ getKeys [ 1 ] ] ) , { key_vault_key_expiry_fail : '30' } , callback ) ;
165140 } ) ;
166141
167- it ( 'should give failing results if the key has reached ' , function ( done ) {
142+ it ( 'should give failing results if the key has expired ' , function ( done ) {
168143 const callback = ( err , results ) => {
169144 expect ( results . length ) . to . equal ( 1 ) ;
170145 expect ( results [ 0 ] . status ) . to . equal ( 2 ) ;
171- expect ( results [ 0 ] . message ) . to . include ( 'Key expired' ) ;
146+ expect ( results [ 0 ] . message ) . to . include ( 'Key in RBAC vault expired' ) ;
172147 expect ( results [ 0 ] . region ) . to . equal ( 'eastus' ) ;
173148 done ( )
174149 } ;
175150
176- auth . run ( createCache ( null , listKeyVaults , [ getKeys [ 3 ] ] ) , { key_vault_key_expiry_fail : '40' } , callback ) ;
151+ auth . run ( createCache ( null , [ listKeyVaults [ 0 ] ] , [ getKeys [ 3 ] ] ) , { key_vault_key_expiry_fail : '40' } , callback ) ;
177152 } ) ;
178153
179- it ( 'should give failing results if the key expired within failure expiry date' , function ( done ) {
154+ it ( 'should give failing result if the key expires within failure expiry date' , function ( done ) {
180155 const callback = ( err , results ) => {
181156 expect ( results . length ) . to . equal ( 1 ) ;
182157 expect ( results [ 0 ] . status ) . to . equal ( 2 ) ;
183- expect ( results [ 0 ] . message ) . to . include ( 'Key expires' ) ;
158+ expect ( results [ 0 ] . message ) . to . include ( 'Key in RBAC vault expires' ) ;
184159 expect ( results [ 0 ] . region ) . to . equal ( 'eastus' ) ;
185160 done ( )
186161 } ;
187162
188- auth . run ( createCache ( null , listKeyVaults , [ getKeys [ 2 ] ] ) , { key_vault_key_expiry_fail : '40' } , callback ) ;
163+ auth . run ( createCache ( null , [ listKeyVaults [ 0 ] ] , [ getKeys [ 2 ] ] ) , { key_vault_key_expiry_fail : '40' } , callback ) ;
189164 } ) ;
190165 } ) ;
191- } ) ;
166+ } ) ;
0 commit comments