Add tests for cli

Chris Gilmer · Chris Gilmer · commit 08a0f724b765 · 2020-07-10T11:23:43.000-07:00
diff --git a/.gitignore b/.gitignore
@@ -1,2 +1,3 @@
 bin/
 dist/
+coverage.out
diff --git a/Makefile b/Makefile
@@ -19,6 +19,11 @@ bin/setup-new-aws-user: ## Build setup-new-aws-user
 test:
 	go test -v ./cmd/...
 
+.PHONY: test_coverage
+test_coverage:
+	go test -v -coverprofile=coverage.out -covermode=count ./cmd/...
+	go tool cover -html=coverage.out
+
 .PHONY: clean
 clean:
 	rm -f .*.stamp
diff --git a/cmd/add_profile.go b/cmd/add_profile.go
@@ -16,11 +16,11 @@ import (
 	"gopkg.in/ini.v1"
 )
 
-func addProfileInitFlags(flag *pflag.FlagSet) {
+// AddProfileInitFlags sets up the CLI flags for the 'add-profile' subcommand
+func AddProfileInitFlags(flag *pflag.FlagSet) {
 
 	flag.String(VaultAWSKeychainNameFlag, VaultAWSKeychainNameDefault, "The aws-vault keychain name")
-	flag.String(VaultAWSProfileFlag, "", "The aws-vault profile name")
-	flag.String(VaultAWSNewProfileFlag, "", "A comma separated list of new AWS 'PROFILE1:ACCOUNTID1,PROFILE2:ACCOUNTID2,...'")
+	flag.StringSlice(AWSProfileAccountFlag, []string{}, "A comma separated list of AWS profiles and account IDs 'PROFILE1:ACCOUNTID1,PROFILE2:ACCOUNTID2,...'")
 	flag.String(AWSRegionFlag, endpoints.UsWest2RegionID, "The AWS region")
 	flag.String(IAMUserFlag, "", "The IAM user name to setup")
 	flag.String(IAMRoleFlag, "", "The IAM role name assigned to the user being setup")
@@ -32,7 +32,8 @@ func addProfileInitFlags(flag *pflag.FlagSet) {
 	flag.SortFlags = false
 }
 
-func addProfileCheckConfig(v *viper.Viper) error {
+// AddProfileCheckConfig checks the CLI flag configuration for the 'add-profile' subcommand
+func AddProfileCheckConfig(v *viper.Viper) error {
 
 	if err := checkVault(v); err != nil {
 		return fmt.Errorf("aws-vault check failed: %w", err)
@@ -84,7 +85,7 @@ func (sc *SetupConfig) AddProfile() error {
 	}
 	mfaSerial := mfaSerialKey.String()
 
-	for _, element := range *sc.NewProfiles {
+	for _, element := range sc.NewProfiles {
 		profileName := strings.Split(element, ":")[0]
 		awsAccountID := strings.Split(element, ":")[1]
 
@@ -145,16 +146,15 @@ func addProfileFunction(cmd *cobra.Command, args []string) error {
 	}
 
 	// Check the config and exit with usage details if there is a problem
-	checkConfigErr := addProfileCheckConfig(v)
+	checkConfigErr := AddProfileCheckConfig(v)
 	if checkConfigErr != nil {
 		return checkConfigErr
 	}
 
 	// Get command line flag values
 	awsRegion := v.GetString(AWSRegionFlag)
 	awsVaultKeychainName := v.GetString(VaultAWSKeychainNameFlag)
-	awsVaultProfile := v.GetString(VaultAWSProfileFlag)
-	awsVaultNewProfile := v.GetStringSlice(VaultAWSNewProfileFlag)
+	awsVaultProfileAccount := v.GetStringSlice(AWSProfileAccountFlag)
 	iamUser := v.GetString(IAMUserFlag)
 	iamRole := v.GetString(IAMRoleFlag)
 	output := v.GetString(OutputFlag)
@@ -184,8 +184,8 @@ func addProfileFunction(cmd *cobra.Command, args []string) error {
 		Role:            iamRole,
 		Region:          awsRegion,
 		Partition:       partition,
-		RoleProfileName: &awsVaultProfile,
-		NewProfiles:     &awsVaultNewProfile,
+		RoleProfileName: &awsVaultProfileAccount[0],
+		NewProfiles:     awsVaultProfileAccount[1:],
 		Output:          output,
 		Config:          config,
 		Keyring:         keyring,
diff --git a/cmd/cli.go b/cmd/cli.go
@@ -3,6 +3,7 @@ package main
 import (
 	"fmt"
 	"regexp"
+	"strings"
 
 	"github.com/aws/aws-sdk-go/aws/endpoints"
 	"github.com/spf13/viper"
@@ -20,10 +21,11 @@ const (
 	VaultAWSKeychainNameDefault string = "login"
 	// VaultAWSProfileFlag is the aws-vault profile name Flag
 	VaultAWSProfileFlag string = "aws-profile"
-	// VaultAWSBaseProfileFlag is the aws-vault base profile name Flag
-	VaultAWSBaseProfileFlag string = "aws-base-profile"
-	// VaultAWSNewProfileFlag is the aws-vault flag to add new profiles
-	VaultAWSNewProfileFlag string = "aws-new-profile"
+
+	// AWSProfileAccountFlag is the combined AWS profile name and account ID Flag
+	AWSProfileAccountFlag string = "aws-profile-account"
+	//// AWSBaseProfileFlag is the AWS base profile name Flag
+	//AWSBaseProfileFlag string = "aws-base-profile"
 
 	// IAMUserFlag is the IAM User name Flag
 	IAMUserFlag string = "iam-user"
@@ -57,22 +59,13 @@ func (e *errInvalidKeychainName) Error() string {
 	return fmt.Sprintf("invalid keychain name '%s'", e.KeychainName)
 }
 
-type errInvalidAWSProfile struct {
-	Profile string
-}
-
-func (e *errInvalidAWSProfile) Error() string {
-	return fmt.Sprintf("invalid aws profile '%s'", e.Profile)
-}
-
-type errInvalidVault struct {
-	KeychainName string
-	Profile      string
-}
-
-func (e *errInvalidVault) Error() string {
-	return fmt.Sprintf("invalid keychain name %q or profile %q", e.KeychainName, e.Profile)
-}
+// type errInvalidAWSProfile struct {
+// 	Profile string
+// }
+//
+// func (e *errInvalidAWSProfile) Error() string {
+// 	return fmt.Sprintf("invalid aws profile '%s'", e.Profile)
+// }
 
 func checkVault(v *viper.Viper) error {
 	// Both keychain name and profile are required or both must be missing
@@ -84,10 +77,10 @@ func checkVault(v *viper.Viper) error {
 		return fmt.Errorf("%s is invalid, expected %v: %w", VaultAWSKeychainNameFlag, keychainNames, &errInvalidKeychainName{KeychainName: keychainName})
 	}
 
-	awsProfile := v.GetString(VaultAWSProfileFlag)
-	if len(awsProfile) == 0 {
-		return fmt.Errorf("%s must not be empty: %w", VaultAWSProfileFlag, &errInvalidAWSProfile{Profile: awsProfile})
-	}
+	// awsProfile := v.GetString(VaultAWSProfileFlag)
+	// if len(awsProfile) == 0 {
+	// 	return fmt.Errorf("%s must not be empty: %w", VaultAWSProfileFlag, &errInvalidAWSProfile{Profile: awsProfile})
+	// }
 
 	return nil
 }
@@ -100,6 +93,7 @@ func (e *errInvalidRegion) Error() string {
 	return fmt.Sprintf("invalid region %q", e.Region)
 }
 
+// Note: Testing the partition is not really the best check here, but its sufficient
 func checkRegion(v *viper.Viper) error {
 
 	r := v.GetString(AWSRegionFlag)
@@ -118,15 +112,60 @@ func (e *errInvalidAccountID) Error() string {
 	return fmt.Sprintf("invalid Account ID %q", e.AccountID)
 }
 
-func checkAccountID(v *viper.Viper) error {
-	id := v.GetString(AWSAccountIDFlag)
+func checkAccountID(id string) error {
 	if matched, err := regexp.Match(`^\d{12}$`, []byte(id)); !matched || err != nil {
 		return fmt.Errorf("%s must be a 12 digit number: %w", AWSAccountIDFlag, &errInvalidAccountID{AccountID: id})
 	}
 
 	return nil
 }
 
+type errInvalidProfileName struct {
+	ProfileName string
+}
+
+func (e *errInvalidProfileName) Error() string {
+	return fmt.Sprintf("invalid Account ID %q", e.ProfileName)
+}
+
+func checkProfileName(profileName string) error {
+	if matched, err := regexp.Match(`[A-Za-z0-9\-\_]+`, []byte(profileName)); !matched || err != nil {
+		return fmt.Errorf("AWS Profile Name must be can only contain letters, numbers, hyphens, and underscores: %w", &errInvalidProfileName{ProfileName: profileName})
+	}
+
+	return nil
+}
+
+type errInvalidProfileAccount struct {
+	ProfileAccount string
+}
+
+func (e *errInvalidProfileAccount) Error() string {
+	return fmt.Sprintf("invalid Profile Name and Account ID %q", e.ProfileAccount)
+}
+
+func checkProfileAccount(v *viper.Viper) error {
+	profileAccounts := v.GetStringSlice(AWSProfileAccountFlag)
+	for _, profileAccount := range profileAccounts {
+		// Validate the profile name and account are separated by a colon
+		if !strings.Contains(profileAccount, ":") {
+			return fmt.Errorf("Each Profile Name and Account ID must be separated by a colon ':': %w", &errInvalidProfileAccount{ProfileAccount: profileAccount})
+		}
+		// Split out the profile name and account ID
+		profileAccountParts := strings.Split(profileAccount, ":")
+		profileName := profileAccountParts[0]
+		accountID := profileAccountParts[1]
+
+		if err := checkProfileName(profileName); err != nil {
+			return err
+		}
+		if err := checkAccountID(accountID); err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
 type errInvalidIAMUser struct {
 	IAMUser string
 }
diff --git a/cmd/cli_test.go b/cmd/cli_test.go
@@ -8,6 +8,7 @@ import (
 
 	"github.com/aws/aws-sdk-go/aws/endpoints"
 	"github.com/spf13/viper"
+	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/suite"
 )
 
@@ -95,24 +96,64 @@ func (suite *cliTestSuite) TestCheckRegion() {
 	}
 }
 
+func TestCheckProfileName(t *testing.T) {
+	testValues := []string{
+		"test-id",
+		"test-id1",
+		"test-id_1",
+	}
+	for _, testValue := range testValues {
+		assert.NoError(t, checkProfileName(testValue))
+	}
+	testValuesWithErrors := []string{
+		"",
+	}
+	for _, testValue := range testValuesWithErrors {
+		assert.Error(t, checkProfileName(testValue))
+	}
+}
+
 func (suite *cliTestSuite) TestCheckAccountID() {
 	suite.Setup()
 	testValues := []string{
 		"012345678901",
 		"123456789012",
 	}
 	for _, testValue := range testValues {
-		suite.viper.Set(AWSAccountIDFlag, testValue)
-		suite.NoError(checkAccountID(suite.viper))
+		suite.NoError(checkAccountID(testValue))
 	}
 	testValuesWithErrors := []string{
 		"",
 		"12345678901",
 		"1234567890123",
 	}
 	for _, testValue := range testValuesWithErrors {
-		suite.viper.Set(AWSAccountIDFlag, testValue)
-		suite.Error(checkAccountID(suite.viper))
+		suite.Error(checkAccountID(testValue))
+	}
+}
+
+func TestCheckProfileAccount(t *testing.T) {
+	v := viper.New()
+
+	testValues := [][]string{
+		{"test-id:012345678901"},
+		{"test-id1:012345678901", "test-id2:012345678901", "test-id3:012345678901"},
+	}
+	for _, testValue := range testValues {
+		v.Set(AWSProfileAccountFlag, testValue)
+		err := checkProfileAccount(v)
+		assert.NoError(t, err)
+	}
+	testValuesWithErrors := [][]string{
+		{"test-id:0123456789011"},
+		{":012345678901"},
+		{"test-id:"},
+		{"test-id012345678901"},
+	}
+	for _, testValue := range testValuesWithErrors {
+		v.Set(AWSProfileAccountFlag, testValue)
+		err := checkProfileAccount(v)
+		assert.Error(t, err)
 	}
 }
 
diff --git a/cmd/main.go b/cmd/main.go
@@ -30,7 +30,7 @@ func main() {
 		Long:                  "Setup new AWS user with aws-vault",
 		RunE:                  setupUserFunction,
 	}
-	setupUserInitFlags(setupUserCommand.Flags())
+	SetupUserInitFlags(setupUserCommand.Flags())
 	root.AddCommand(setupUserCommand)
 
 	addProfileCommand := &cobra.Command{
@@ -40,7 +40,7 @@ func main() {
 		Long:                  "Add new AWS config profile",
 		RunE:                  addProfileFunction,
 	}
-	addProfileInitFlags(addProfileCommand.Flags())
+	AddProfileInitFlags(addProfileCommand.Flags())
 	root.AddCommand(addProfileCommand)
 
 	versionCommand := &cobra.Command{
diff --git a/cmd/main_test.go b/cmd/main_test.go
diff --git a/cmd/setup.go b/cmd/setup.go
diff --git a/cmd/setup_test.go b/cmd/setup_test.go

Original file line number	Diff line number	Diff line change
`@@ -1,2 +1,3 @@`
`1`	`1`	`bin/`
`2`	`2`	`dist/`
	`3`	`+coverage.out`