Skip to content

Commit 355b2c1

Browse files
johnstcnjohnstcn
committed
add some more logging to test
1 parent 65db7a7 commit 355b2c1

File tree

1 file changed

+51
-8
lines changed

1 file changed

+51
-8
lines changed

enterprise/cli/server_dbcrypt_test.go

Lines changed: 51 additions & 8 deletions
Original file line numberDiff line numberDiff line change
@@ -4,6 +4,7 @@ import (
44
"context"
55
"database/sql"
66
"encoding/base64"
7+
"strings"
78
"testing"
89

910
"github.com/google/uuid"
@@ -43,12 +44,26 @@ func TestServerDBCrypt(t *testing.T) {
4344

4445
// Populate the database with some unencrypted data.
4546
users := genData(t, db, 10)
47+
dumpUsers(t, sqlDB, "NOT ENCRYPTED")
4648

47-
// Setup an initial cipher
49+
// Setup an initial cipher A
4850
keyA := mustString(t, 32)
4951
cipherA, err := dbcrypt.NewCiphers([]byte(keyA))
5052
require.NoError(t, err)
5153

54+
// Create an encrypted database
55+
cryptdb, err := dbcrypt.New(ctx, db, cipherA...)
56+
require.NoError(t, err)
57+
58+
// Populate the database with some encrypted data using cipher A.
59+
users = append(users, genData(t, cryptdb, 10)...)
60+
dumpUsers(t, sqlDB, "PARTIALLY ENCRYPTED A")
61+
62+
// Validate that newly created users were encrypted with cipher A
63+
for _, usr := range users[10:] {
64+
requireEncryptedWithCipher(ctx, t, db, cipherA[0], usr.ID)
65+
}
66+
5267
// Encrypt all the data with the initial cipher.
5368
inv, _ := newCLI(t, "server", "dbcrypt", "rotate",
5469
"--postgres-url", connectionURL,
@@ -60,18 +75,12 @@ func TestServerDBCrypt(t *testing.T) {
6075
err = inv.Run()
6176
require.NoError(t, err)
6277

78+
dumpUsers(t, sqlDB, "ENCRYPTED A")
6379
// Validate that all existing data has been encrypted with cipher A.
6480
for _, usr := range users {
6581
requireEncryptedWithCipher(ctx, t, db, cipherA[0], usr.ID)
6682
}
6783

68-
// Create an encrypted database
69-
cryptdb, err := dbcrypt.New(ctx, db, cipherA...)
70-
require.NoError(t, err)
71-
72-
// Populate the database with some encrypted data using cipher A.
73-
users = append(users, genData(t, cryptdb, 10)...)
74-
7584
// Re-encrypt all existing data with a new cipher.
7685
keyB := mustString(t, 32)
7786
cipherBA, err := dbcrypt.NewCiphers([]byte(keyB), []byte(keyA))
@@ -89,6 +98,7 @@ func TestServerDBCrypt(t *testing.T) {
8998
require.NoError(t, err)
9099

91100
// Validate that all data has been re-encrypted with cipher B.
101+
dumpUsers(t, sqlDB, "ENCRYPTED B")
92102
for _, usr := range users {
93103
requireEncryptedWithCipher(ctx, t, db, cipherBA[0], usr.ID)
94104
}
@@ -135,6 +145,7 @@ func TestServerDBCrypt(t *testing.T) {
135145
}
136146

137147
// Validate that all data has been decrypted.
148+
dumpUsers(t, sqlDB, "DECRYPTED")
138149
for _, usr := range users {
139150
requireEncryptedWithCipher(ctx, t, db, &nullCipher{}, usr.ID)
140151
}
@@ -156,6 +167,7 @@ func TestServerDBCrypt(t *testing.T) {
156167
require.NoError(t, err)
157168

158169
// Validate that all data has been re-encrypted with cipher C.
170+
dumpUsers(t, sqlDB, "ENCRYPTED C")
159171
for _, usr := range users {
160172
requireEncryptedWithCipher(ctx, t, db, cipherC[0], usr.ID)
161173
}
@@ -172,6 +184,7 @@ func TestServerDBCrypt(t *testing.T) {
172184
require.NoError(t, err)
173185

174186
// Assert that no user links remain.
187+
dumpUsers(t, sqlDB, "DELETED")
175188
for _, usr := range users {
176189
userLinks, err := db.GetUserLinksByUserID(ctx, usr.ID)
177190
require.NoError(t, err, "failed to get user links for user %s", usr.ID)
@@ -215,6 +228,36 @@ func genData(t *testing.T, db database.Store, n int) []database.User {
215228
return users
216229
}
217230

231+
func dumpUsers(t *testing.T, db *sql.DB, header string) {
232+
t.Logf("%s %s %s", strings.Repeat("=", 20), header, strings.Repeat("=", 20))
233+
rows, err := db.QueryContext(context.Background(), `select u.id, u.status, u.deleted, ul.oauth_access_token_key_id as uloatkid, ul.oauth_refresh_token_key_id as ulortkid, gal.oauth_access_token_key_id as galoatkid, gal.oauth_refresh_token_key_id as galortkid from users u left outer join user_links ul on u.id = ul.user_id left outer join git_auth_links gal on u.id = gal.user_id;`)
234+
require.NoError(t, err)
235+
defer rows.Close()
236+
for rows.Next() {
237+
var (
238+
id string
239+
status string
240+
deleted bool
241+
UlOatKid sql.NullString
242+
UlOrtKid sql.NullString
243+
GalOatKid sql.NullString
244+
GalOrtKid sql.NullString
245+
)
246+
require.NoError(t, rows.Scan(
247+
&id,
248+
&status,
249+
&deleted,
250+
&UlOatKid,
251+
&UlOrtKid,
252+
&GalOatKid,
253+
&GalOrtKid,
254+
))
255+
t.Logf("user: id:%s status:%-9s deleted:%-5t ul_kids{at:%-7s rt:%-7s} gal_kids{at:%-7s rt:%-7s}",
256+
id, status, deleted, UlOatKid.String, UlOrtKid.String, GalOatKid.String, GalOrtKid.String,
257+
)
258+
}
259+
}
260+
218261
func mustString(t *testing.T, n int) string {
219262
t.Helper()
220263
s, err := cryptorand.String(n)

0 commit comments

Comments
 (0)