diff --git a/service/integration/keymanagement_test.go b/service/integration/keymanagement_test.go index 4706392b92..9118935030 100644 --- a/service/integration/keymanagement_test.go +++ b/service/integration/keymanagement_test.go @@ -48,19 +48,15 @@ func (s *KeyManagementSuite) TearDownSuite() { } func (s *KeyManagementSuite) Test_CreateProviderConfig_NoMetada_Succeeds() { - s.createTestProviderConfig() + pcIDs := make([]string, 0) + s.deleteTestProviderConfigs(append(pcIDs, s.createTestProviderConfig(testProvider, validProviderConfig, nil).GetId())) } func (s *KeyManagementSuite) Test_CreateProviderConfig_Metadata_Succeeds() { - pc, err := s.db.PolicyClient.CreateProviderConfig(s.ctx, &keymanagement.CreateProviderConfigRequest{ - Name: testProvider, - ConfigJson: validProviderConfig, - Metadata: &common.MetadataMutable{ - Labels: validLabels, - }, - }) - s.Require().NoError(err) - s.NotNil(pc) + pcIDs := make([]string, 0) + s.deleteTestProviderConfigs(append(pcIDs, s.createTestProviderConfig(testProvider, validProviderConfig, &common.MetadataMutable{ + Labels: validLabels, + }).GetId())) } func (s *KeyManagementSuite) Test_CreateProviderConfig_EmptyConfig_Fails() { @@ -82,15 +78,32 @@ func (s *KeyManagementSuite) Test_CreateProviderConfig_InvalidConfig_Fails() { s.Nil(pc) } -func (s *KeyManagementSuite) Test_GetProviderConfig_WithId_Succeeds() { +func (s *KeyManagementSuite) Test_CreateProviderConfig_DuplicateName_Fails() { + pcIDs := make([]string, 0) + defer func() { + s.deleteTestProviderConfigs(pcIDs) + }() + pc := s.createTestProviderConfig(testProvider, validProviderConfig, nil) + pcIDs = append(pcIDs, pc.GetId()) + pc, err := s.db.PolicyClient.CreateProviderConfig(s.ctx, &keymanagement.CreateProviderConfigRequest{ - Name: testProvider, + Name: pc.GetName(), ConfigJson: validProviderConfig, }) - s.Require().NoError(err) - s.NotNil(pc) + s.Require().Error(err) + s.Require().ErrorContains(err, db.ErrUniqueConstraintViolation.Error()) + s.Nil(pc) +} - pc, err = s.db.PolicyClient.GetProviderConfig(s.ctx, &keymanagement.GetProviderConfigRequest_Id{ +func (s *KeyManagementSuite) Test_GetProviderConfig_WithId_Succeeds() { + pcIDs := make([]string, 0) + defer func() { + s.deleteTestProviderConfigs(pcIDs) + }() + pc := s.createTestProviderConfig(testProvider, validProviderConfig, nil) + pcIDs = append(pcIDs, pc.GetId()) + + pc, err := s.db.PolicyClient.GetProviderConfig(s.ctx, &keymanagement.GetProviderConfigRequest_Id{ Id: pc.GetId(), }) s.Require().NoError(err) @@ -98,15 +111,15 @@ func (s *KeyManagementSuite) Test_GetProviderConfig_WithId_Succeeds() { } func (s *KeyManagementSuite) Test_GetProviderConfig_WithName_Succeeds() { - pc, err := s.db.PolicyClient.CreateProviderConfig(s.ctx, &keymanagement.CreateProviderConfigRequest{ - Name: testProvider2, - ConfigJson: validProviderConfig, - }) - s.Require().NoError(err) - s.NotNil(pc) - - pc, err = s.db.PolicyClient.GetProviderConfig(s.ctx, &keymanagement.GetProviderConfigRequest_Name{ - Name: testProvider2, + pcIDs := make([]string, 0) + defer func() { + s.deleteTestProviderConfigs(pcIDs) + }() + pc := s.createTestProviderConfig(testProvider, validProviderConfig, nil) + pcIDs = append(pcIDs, pc.GetId()) + + pc, err := s.db.PolicyClient.GetProviderConfig(s.ctx, &keymanagement.GetProviderConfigRequest_Name{ + Name: pc.GetName(), }) s.Require().NoError(err) s.NotNil(pc) @@ -120,7 +133,12 @@ func (s *KeyManagementSuite) Test_GetProviderConfig_InvalidIdentifier_Fails() { // Finish List/Update/Delete tests func (s *KeyManagementSuite) Test_ListProviderConfig_No_Pagination_Succeeds() { - s.createTestProviderConfig() + pcIDs := make([]string, 0) + defer func() { + s.deleteTestProviderConfigs(pcIDs) + }() + pc := s.createTestProviderConfig(testProvider, validProviderConfig, nil) + pcIDs = append(pcIDs, pc.GetId()) resp, err := s.db.PolicyClient.ListProviderConfigs(s.ctx, &policy.PageRequest{}) s.Require().NoError(err) @@ -129,22 +147,37 @@ func (s *KeyManagementSuite) Test_ListProviderConfig_No_Pagination_Succeeds() { } func (s *KeyManagementSuite) Test_ListProviderConfig_PaginationLimit_Succeeds() { - s.createTestProviderConfig() - s.createTestProviderConfig() - - resp, err := s.db.PolicyClient.ListProviderConfigs(s.ctx, &policy.PageRequest{ + pcIDs := make([]string, 0) + defer func() { + s.deleteTestProviderConfigs(pcIDs) + }() + pc := s.createTestProviderConfig(testProvider, validProviderConfig, nil) + pcIDs = append(pcIDs, pc.GetId()) + pc2 := s.createTestProviderConfig(testProvider2, validProviderConfig, nil) + pcIDs = append(pcIDs, pc2.GetId()) + + respOne, err := s.db.PolicyClient.ListProviderConfigs(s.ctx, &policy.PageRequest{ Limit: 1, }) s.Require().NoError(err) - s.NotNil(resp) - s.NotEmpty(resp.GetProviderConfigs()) - s.Len(resp.GetProviderConfigs(), 1) - s.GreaterOrEqual(resp.GetPagination().GetTotal(), int32(1)) + s.NotNil(respOne) + s.NotEmpty(respOne.GetProviderConfigs()) + s.Len(respOne.GetProviderConfigs(), 1) + s.GreaterOrEqual(respOne.GetPagination().GetTotal(), int32(1)) + + respTwo, err := s.db.PolicyClient.ListProviderConfigs(s.ctx, &policy.PageRequest{ + Limit: 1, + Offset: 1, + }) + s.Require().NoError(err) + s.NotNil(respTwo) + s.NotEmpty(respTwo.GetProviderConfigs()) + s.Len(respTwo.GetProviderConfigs(), 1) + s.GreaterOrEqual(respTwo.GetPagination().GetTotal(), int32(1)) + s.NotEqual(respOne.GetProviderConfigs()[0].GetId(), respTwo.GetProviderConfigs()[0].GetId()) } func (s *KeyManagementSuite) Test_ListProviderConfig_PaginationLimitExceeded_Fails() { - s.createTestProviderConfig() - resp, err := s.db.PolicyClient.ListProviderConfigs(s.ctx, &policy.PageRequest{ Limit: s.db.LimitMax + 1, }) @@ -153,20 +186,20 @@ func (s *KeyManagementSuite) Test_ListProviderConfig_PaginationLimitExceeded_Fai } func (s *KeyManagementSuite) Test_UpdateProviderConfig_ExtendsMetadata_Succeeds() { - pc, err := s.db.PolicyClient.CreateProviderConfig(s.ctx, &keymanagement.CreateProviderConfigRequest{ - Name: testProvider, - ConfigJson: validProviderConfig, - Metadata: &common.MetadataMutable{ - Labels: validLabels, - }, + pcIDs := make([]string, 0) + defer func() { + s.deleteTestProviderConfigs(pcIDs) + }() + pc := s.createTestProviderConfig(testProvider, validProviderConfig, &common.MetadataMutable{ + Labels: validLabels, }) - s.Require().NoError(err) + pcIDs = append(pcIDs, pc.GetId()) s.NotNil(pc) s.Equal(testProvider, pc.GetName()) s.Equal(validProviderConfig, pc.GetConfigJson()) s.Equal(validLabels, pc.GetMetadata().GetLabels()) - pc, err = s.db.PolicyClient.UpdateProviderConfig(s.ctx, &keymanagement.UpdateProviderConfigRequest{ + pc, err := s.db.PolicyClient.UpdateProviderConfig(s.ctx, &keymanagement.UpdateProviderConfigRequest{ Id: pc.GetId(), Name: testProvider2, ConfigJson: validProviderConfig2, @@ -191,20 +224,20 @@ func (s *KeyManagementSuite) Test_UpdateProviderConfig_ExtendsMetadata_Succeeds( } func (s *KeyManagementSuite) Test_UpdateProviderConfig_ReplaceMetadata_Succeeds() { - pc, err := s.db.PolicyClient.CreateProviderConfig(s.ctx, &keymanagement.CreateProviderConfigRequest{ - Name: testProvider, - ConfigJson: validProviderConfig, - Metadata: &common.MetadataMutable{ - Labels: validLabels, - }, + pcIDs := make([]string, 0) + defer func() { + s.deleteTestProviderConfigs(pcIDs) + }() + pc := s.createTestProviderConfig(testProvider, validProviderConfig, &common.MetadataMutable{ + Labels: validLabels, }) - s.Require().NoError(err) + pcIDs = append(pcIDs, pc.GetId()) s.NotNil(pc) s.Equal(testProvider, pc.GetName()) s.Equal(validProviderConfig, pc.GetConfigJson()) s.Equal(validLabels, pc.GetMetadata().GetLabels()) - pc, err = s.db.PolicyClient.UpdateProviderConfig(s.ctx, &keymanagement.UpdateProviderConfigRequest{ + pc, err := s.db.PolicyClient.UpdateProviderConfig(s.ctx, &keymanagement.UpdateProviderConfigRequest{ Id: pc.GetId(), Name: testProvider2, ConfigJson: validProviderConfig2, @@ -260,7 +293,7 @@ func (s *KeyManagementSuite) Test_UpdateProviderConfig_ConfigNotFound_Fails() { } func (s *KeyManagementSuite) Test_DeleteProviderConfig_Succeeds() { - pc := s.createTestProviderConfig() + pc := s.createTestProviderConfig(testProvider, validProviderConfig, nil) s.NotNil(pc) pc, err := s.db.PolicyClient.DeleteProviderConfig(s.ctx, pc.GetId()) s.Require().NoError(err) @@ -273,16 +306,25 @@ func (s *KeyManagementSuite) Test_DeleteProviderConfig_InvalidUUID_Fails() { s.Nil(pc) } -func (s *KeyManagementSuite) createTestProviderConfig() *policy.KeyProviderConfig { +func (s *KeyManagementSuite) createTestProviderConfig(providerName string, config []byte, metadata *common.MetadataMutable) *policy.KeyProviderConfig { pc, err := s.db.PolicyClient.CreateProviderConfig(s.ctx, &keymanagement.CreateProviderConfigRequest{ - Name: testProvider, - ConfigJson: validProviderConfig, + Name: providerName, + ConfigJson: config, + Metadata: metadata, }) s.Require().NoError(err) s.NotNil(pc) return pc } +func (s *KeyManagementSuite) deleteTestProviderConfigs(ids []string) { + for _, id := range ids { + pc, err := s.db.PolicyClient.DeleteProviderConfig(s.ctx, id) + s.Require().NoError(err) + s.NotNil(pc) + } +} + func TestKeyManagementSuite(t *testing.T) { if testing.Short() { t.Skip("skipping attribute values integration tests") diff --git a/service/policy/db/migrations/20250605000000_unique_provider_name.md b/service/policy/db/migrations/20250605000000_unique_provider_name.md new file mode 100644 index 0000000000..a74dfba436 --- /dev/null +++ b/service/policy/db/migrations/20250605000000_unique_provider_name.md @@ -0,0 +1,12 @@ +```mermaid +erDiagram + provider_config { + jsonb config "Configuration details for the key provider" + timestamp_with_time_zone created_at "Timestamp when the provider configuration was created" + uuid id PK "Unique identifier for the provider configuration" + jsonb metadata "Additional metadata for the provider configuration" + character_varying provider_name UK "Unique name for the key provider." + timestamp_with_time_zone updated_at "Timestamp when the provider configuration was last updated" + } +``` + diff --git a/service/policy/db/migrations/20250605000000_unique_provider_name.sql b/service/policy/db/migrations/20250605000000_unique_provider_name.sql new file mode 100644 index 0000000000..ab6b48817c --- /dev/null +++ b/service/policy/db/migrations/20250605000000_unique_provider_name.sql @@ -0,0 +1,11 @@ +-- +goose Up +-- +goose StatementBegin +ALTER TABLE provider_config ADD CONSTRAINT provider_config_provider_name_key UNIQUE (provider_name); + +COMMENT ON COLUMN provider_config.provider_name IS 'Unique name for the key provider.'; +-- +goose StatementEnd + +-- +goose Down +-- +goose StatementBegin +ALTER TABLE provider_config DROP CONSTRAINT IF EXISTS provider_config_provider_name_key; +-- +goose StatementEnd \ No newline at end of file diff --git a/service/policy/db/schema_erd.md b/service/policy/db/schema_erd.md index 658100f515..16a84a787d 100644 --- a/service/policy/db/schema_erd.md +++ b/service/policy/db/schema_erd.md @@ -137,7 +137,7 @@ erDiagram timestamp_with_time_zone created_at "Timestamp when the provider configuration was created" uuid id PK "Unique identifier for the provider configuration" jsonb metadata "Additional metadata for the provider configuration" - character_varying provider_name "Name of the key provider" + character_varying provider_name UK "Unique name for the key provider." timestamp_with_time_zone updated_at "Timestamp when the provider configuration was last updated" } @@ -191,6 +191,7 @@ erDiagram timestamp_with_time_zone created_at uuid id PK "Primary key for the table" jsonb metadata "Metadata for the condition set (see protos for structure)" + ARRAY selector_values "Array of cached selector values extracted from the condition JSONB and maintained via trigger." timestamp_with_time_zone updated_at }