Skip to content

Commit

Permalink
[CAPPL-364] Return an error when secrets are empty (#15635)
Browse files Browse the repository at this point in the history
  • Loading branch information
cedric-cordenier authored Dec 12, 2024
1 parent 9303356 commit 385798d
Show file tree
Hide file tree
Showing 3 changed files with 41 additions and 2 deletions.
5 changes: 3 additions & 2 deletions core/services/workflows/syncer/handler.go
Original file line number Diff line number Diff line change
Expand Up @@ -456,12 +456,13 @@ func (h *eventHandler) workflowRegisteredEvent(
}

wfID := hex.EncodeToString(payload.WorkflowID[:])
owner := hex.EncodeToString(payload.WorkflowOwner)
entry := &job.WorkflowSpec{
Workflow: hex.EncodeToString(decodedBinary),
Config: string(config),
WorkflowID: wfID,
Status: status,
WorkflowOwner: hex.EncodeToString(payload.WorkflowOwner),
WorkflowOwner: owner,
WorkflowName: payload.WorkflowName,
SpecType: job.WASMFile,
BinaryURL: payload.BinaryURL,
Expand All @@ -480,7 +481,7 @@ func (h *eventHandler) workflowRegisteredEvent(
engine, err := h.engineFactory(
ctx,
wfID,
string(payload.WorkflowOwner),
owner,
payload.WorkflowName,
config,
decodedBinary,
Expand Down
4 changes: 4 additions & 0 deletions core/services/workflows/syncer/orm.go
Original file line number Diff line number Diff line change
Expand Up @@ -161,6 +161,10 @@ func (orm *orm) GetContentsByWorkflowID(ctx context.Context, workflowID string)
return "", "", ErrEmptySecrets
}

if jr.Contents.String == "" {
return "", "", ErrEmptySecrets
}

return jr.SecretsURLHash.String, jr.Contents.String, nil
}

Expand Down
34 changes: 34 additions & 0 deletions core/services/workflows/syncer/orm_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -256,3 +256,37 @@ func Test_GetContentsByWorkflowID(t *testing.T) {
assert.Equal(t, giveHash, gotHash)
assert.Equal(t, giveContent, gotContent)
}

func Test_GetContentsByWorkflowID_SecretsProvidedButEmpty(t *testing.T) {
db := pgtest.NewSqlxDB(t)
ctx := testutils.Context(t)
lggr := logger.TestLogger(t)
orm := &orm{ds: db, lggr: lggr}

// workflow_id is missing
_, _, err := orm.GetContentsByWorkflowID(ctx, "doesnt-exist")
require.ErrorContains(t, err, "no rows in result set")

// secrets_id is nil; should return EmptySecrets
workflowID := "aWorkflowID"
giveURL := "https://example.com"
giveBytes, err := crypto.Keccak256([]byte(giveURL))
require.NoError(t, err)
giveHash := hex.EncodeToString(giveBytes)
giveContent := ""
_, err = orm.UpsertWorkflowSpecWithSecrets(ctx, &job.WorkflowSpec{
Workflow: "",
Config: "",
WorkflowID: workflowID,
WorkflowOwner: "aWorkflowOwner",
WorkflowName: "aWorkflowName",
BinaryURL: "",
ConfigURL: "",
CreatedAt: time.Now(),
SpecType: job.DefaultSpecType,
}, giveURL, giveHash, giveContent)
require.NoError(t, err)

_, _, err = orm.GetContentsByWorkflowID(ctx, workflowID)
require.ErrorIs(t, err, ErrEmptySecrets)
}

0 comments on commit 385798d

Please sign in to comment.