From 6b1aeff55fbc1586526ec9482ca1dd70c8cb5163 Mon Sep 17 00:00:00 2001
From: Monika Kairaityte <monika@kibit.lt>
Date: Mon, 24 Jun 2024 20:10:32 +0300
Subject: [PATCH] Add unittests for type=env secret

Signed-off-by: Monika Kairaityte <monika@kibit.lt>
---
 pytests/test_container_to_args_secrets.py | 91 +++++++++++++++++++++++
 1 file changed, 91 insertions(+)
 create mode 100644 pytests/test_container_to_args_secrets.py

diff --git a/pytests/test_container_to_args_secrets.py b/pytests/test_container_to_args_secrets.py
new file mode 100644
index 0000000..b82f0a3
--- /dev/null
+++ b/pytests/test_container_to_args_secrets.py
@@ -0,0 +1,91 @@
+# SPDX-License-Identifier: GPL-2.0
+
+import unittest
+
+from podman_compose import container_to_args
+
+from .test_container_to_args import create_compose_mock
+from .test_container_to_args import get_minimal_container
+
+
+class TestContainerToArgsSecrets(unittest.IsolatedAsyncioTestCase):
+    async def test_pass_secret_as_env_variable(self):
+        c = create_compose_mock()
+        c.declared_secrets = {
+            "my_secret": {"external": "true"}  # must have external or name value
+        }
+
+        cnt = get_minimal_container()
+        cnt["secrets"] = [
+            {
+                "source": "my_secret",
+                "target": "ENV_SECRET",
+                "type": "env",
+            },
+        ]
+
+        args = await container_to_args(c, cnt)
+        self.assertEqual(
+            args,
+            [
+                "--name=project_name_service_name1",
+                "-d",
+                "--network=bridge",
+                "--network-alias=service_name",
+                "--secret",
+                "my_secret,type=env,target=ENV_SECRET",
+                "busybox",
+            ],
+        )
+
+    async def test_secret_as_env_external_true_has_no_name(self):
+        c = create_compose_mock()
+        c.declared_secrets = {
+            "my_secret": {
+                "name": "my_secret",  # must have external or name value
+            }
+        }
+
+        cnt = get_minimal_container()
+        cnt["_service"] = "test-service"
+        cnt["secrets"] = [
+            {
+                "source": "my_secret",
+                "target": "ENV_SECRET",
+                "type": "env",
+            }
+        ]
+
+        args = await container_to_args(c, cnt)
+        self.assertEqual(
+            args,
+            [
+                "--name=project_name_service_name1",
+                "-d",
+                "--network=bridge",
+                "--network-alias=service_name",
+                "--secret",
+                "my_secret,type=env,target=ENV_SECRET",
+                "busybox",
+            ],
+        )
+
+    async def test_pass_secret_as_env_variable_no_external(self):
+        c = create_compose_mock()
+        c.declared_secrets = {
+            "my_secret": {}  # must have external or name value
+        }
+
+        cnt = get_minimal_container()
+        cnt["_service"] = "test-service"
+        cnt["secrets"] = [
+            {
+                "source": "my_secret",
+                "target": "ENV_SECRET",
+                "type": "env",
+            }
+        ]
+
+        with self.assertRaises(ValueError) as context:
+            await container_to_args(c, cnt)
+        self.assertIn('ERROR: unparsable secret: ', str(context.exception))