Set default role, stop mocks conflicting across tests, cache generated test JWT

2025-11-14 18:13:45 +00:00 · 2022-04-07 15:29:19 +01:00 · 2022-04-07 15:29:19 +01:00 · e3eff1b249
commit e3eff1b249
parent 4bd533450e
1 changed files with 17 additions and 9 deletions
--- a/integrationTests/basic/jwt_auth.test.js
+++ b/integrationTests/basic/jwt_auth.test.js
@ -51,6 +51,9 @@ function mockGithubOIDCResponse(aud= "https://github.com/hashicorp/vault-action"
    return rsasign.KJUR.jws.JWS.sign(alg, JSON.stringify(header), JSON.stringify(payload), decryptedKey);
 }

+// The sign call inside this function takes a while to run, so cache the default JWT in a constant.
+const defaultGithubJwt = mockGithubOIDCResponse();
+
 describe('jwt auth', () => {
    beforeAll(async () => {
        // Verify Connection
@ -99,7 +102,8 @@ describe('jwt auth', () => {
                'X-Vault-Token': 'testtoken',
            },
            json: {
-                jwt_validation_pubkeys: publicRsaKey
+                jwt_validation_pubkeys: publicRsaKey,
+                default_role: "default"
            }
        });

@ -198,20 +202,20 @@ describe('jwt auth', () => {
                .calledWith('jwtPrivateKey')
                .mockReturnValueOnce('');

-            when(core.getInput)
-                .calledWith('role')
-                .mockReturnValueOnce('default');
-
            when(core.getInput)
                .calledWith('secrets')
                .mockReturnValueOnce('secret/data/test secret');
-
-            when(core.getIDToken)
-                .calledWith()
-                .mockReturnValueOnce(mockGithubOIDCResponse());
        });

        it('successfully authenticates', async () => {
+            when(core.getInput)
+                .calledWith('role')
+                .mockReturnValueOnce('default');
+
+            when(core.getIDToken)
+                .calledWith()
+                .mockReturnValueOnce(defaultGithubJwt);
+
            await exportSecrets();
            expect(core.exportVariable).toBeCalledWith('SECRET', 'SUPERSECRET');
        });
@ -238,6 +242,10 @@ describe('jwt auth', () => {
                .calledWith('role')
                .mockReturnValueOnce(null);

+            when(core.getIDToken)
+                .calledWith()
+                .mockReturnValueOnce(defaultGithubJwt);
+
            await exportSecrets();
            expect(core.exportVariable).toBeCalledWith('SECRET', 'SUPERSECRET');
        })