diff options
Diffstat (limited to 'jdisc-cloud-aws/src/test/java/com/yahoo/jdisc/cloud/aws/VespaAwsCredentialsProviderTest.java')
-rw-r--r-- | jdisc-cloud-aws/src/test/java/com/yahoo/jdisc/cloud/aws/VespaAwsCredentialsProviderTest.java | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/jdisc-cloud-aws/src/test/java/com/yahoo/jdisc/cloud/aws/VespaAwsCredentialsProviderTest.java b/jdisc-cloud-aws/src/test/java/com/yahoo/jdisc/cloud/aws/VespaAwsCredentialsProviderTest.java new file mode 100644 index 00000000000..2725d28651e --- /dev/null +++ b/jdisc-cloud-aws/src/test/java/com/yahoo/jdisc/cloud/aws/VespaAwsCredentialsProviderTest.java @@ -0,0 +1,54 @@ +package com.yahoo.jdisc.cloud.aws; + +import com.amazonaws.auth.AWSCredentials; +import com.yahoo.test.ManualClock; +import com.yahoo.vespa.test.file.TestFileSystem; +import org.junit.jupiter.api.Assertions; +import org.junit.jupiter.api.Test; + +import java.io.IOException; +import java.nio.file.FileSystem; +import java.nio.file.FileSystems; +import java.nio.file.Files; +import java.nio.file.Path; +import java.time.Duration; +import java.time.Instant; + +public class VespaAwsCredentialsProviderTest { + + @Test + void refreshes_credentials() throws IOException { + Path credentialsPath = TestFileSystem.create().getPath("/credentials.json"); + ManualClock clock = new ManualClock(Instant.now()); + + Instant originalExpiry = clock.instant().plus(Duration.ofHours(12)); + writeCredentials(credentialsPath, originalExpiry); + VespaAwsCredentialsProvider credentialsProvider = new VespaAwsCredentialsProvider(credentialsPath, clock); + + AWSCredentials credentials = credentialsProvider.getCredentials(); + Assertions.assertEquals(originalExpiry.toString(), credentials.getAWSAccessKeyId()); + + Instant updatedExpiry = clock.instant().plus(Duration.ofHours(24)); + writeCredentials(credentialsPath, updatedExpiry); + // File updated, but old credentials still valid + credentials = credentialsProvider.getCredentials(); + Assertions.assertEquals(originalExpiry.toString(), credentials.getAWSAccessKeyId()); + + // Credentials refreshes when it is < 30 minutes left until expiry + clock.advance(Duration.ofHours(11).plus(Duration.ofMinutes(31))); + credentials = credentialsProvider.getCredentials(); + Assertions.assertEquals(updatedExpiry.toString(), credentials.getAWSAccessKeyId()); + + } + + private void writeCredentials(Path path, Instant expiry) throws IOException { + String content = """ + { + "awsAccessKey": "%1$s", + "awsSecretKey": "%1$s", + "sessionToken": "%1$s", + "expiry": "%1$s" + }""".formatted(expiry.toString()); + Files.writeString(path, content); + } +} |