| import AjvPkg from "ajv"; |
| import { describe, expect, it } from "vitest"; |
| import { |
| INVALID_EXEC_SECRET_REF_IDS, |
| VALID_EXEC_SECRET_REF_IDS, |
| } from "../../test-utils/secret-ref-test-vectors.js"; |
| import { SecretInputSchema, SecretRefSchema } from "./schema/primitives.js"; |
|
|
| describe("gateway protocol SecretRef schema", () => { |
| const Ajv = AjvPkg as unknown as new (opts?: object) => import("ajv").default; |
| const ajv = new Ajv({ allErrors: true, strict: false }); |
| const validateSecretRef = ajv.compile(SecretRefSchema); |
| const validateSecretInput = ajv.compile(SecretInputSchema); |
|
|
| it("accepts valid source-specific refs", () => { |
| expect(validateSecretRef({ source: "env", provider: "default", id: "OPENAI_API_KEY" })).toBe( |
| true, |
| ); |
| expect( |
| validateSecretRef({ source: "file", provider: "filemain", id: "/providers/openai/apiKey" }), |
| ).toBe(true); |
| for (const id of VALID_EXEC_SECRET_REF_IDS) { |
| expect(validateSecretRef({ source: "exec", provider: "vault", id }), id).toBe(true); |
| expect(validateSecretInput({ source: "exec", provider: "vault", id }), id).toBe(true); |
| } |
| }); |
|
|
| it("rejects invalid exec refs", () => { |
| for (const id of INVALID_EXEC_SECRET_REF_IDS) { |
| expect(validateSecretRef({ source: "exec", provider: "vault", id }), id).toBe(false); |
| expect(validateSecretInput({ source: "exec", provider: "vault", id }), id).toBe(false); |
| } |
| }); |
| }); |
|
|
