Skip to content

migration_summary.md

Latest commit

 

History

History
163 lines (117 loc) · 5.55 KB

migration_summary.md

File metadata and controls

163 lines (117 loc) · 5.55 KB

Testing Migration Summary

This document summarizes the testing migration performed in the Merka Vault project.

Migration Overview

We have successfully migrated the tests from the tests/integration.rs file to their appropriate module-specific locations. This migration follows best practices for Rust testing by placing tests close to the code they are testing.

Completed Migration Tasks

  1. Test Utilities

    • Enhanced src/vault/test_utils.rs to support container-based testing
    • Made it available to all module tests via #[cfg(test)] pub mod test_utils; in mod.rs
    • Simplified container setup and improved error handling

  2. Module-Specific Tests

    • Migrated PKI tests to src/vault/pki.rs
    • Migrated transit tests to src/vault/transit.rs
    • Migrated auth tests to src/vault/auth.rs
    • Migrated init tests to src/vault/init.rs
    • Migrated autounseal tests to src/vault/autounseal.rs
    • Migrated seal tests to src/vault/seal.rs
    • Migrated status tests to src/vault/status.rs

  3. Documentation Updates

    • Updated docs/testing.md to reflect the new testing approach
    • Updated tests/README.md with information about module-specific testing
    • Updated main README.md with new test commands and recent changes
    • Created this summary document for future reference

  4. Cleanup

    • Removed tests/integration.rs as all tests have been migrated
    • Removed the need for the "testing" feature flag
    • Updated all documentation references to integration.rs

Benefits of the New Approach

  1. Improved Organization

    • Tests are now located alongside the code they test
    • Each module is responsible for its own test cases
    • Tests are more focused and easier to maintain

  2. Simpler Test Setup

    • Tests can run without Docker for basic functionality
    • Container-based tests are more reliable and focused
    • Removed dependencies on external setup scripts

  3. Better Error Handling

    • Tests properly handle network errors when Vault isn't running
    • Clear distinction between expected and unexpected errors
    • Improved test reliability in various environments

  4. Maintainability

    • Tests will evolve alongside the code they test
    • Easier to add new tests when adding new functionality
    • Clearer ownership of test cases

  5. Simplified CI/CD

    • No need for special feature flags or test runners
    • Standard cargo test commands can run all tests
    • Better test isolation for parallelization

Best Practices Implemented

  1. Unit Testing

    • Each module has its own unit tests in a #[cfg(test)] mod tests block
    • Tests focus on specific functionality within the module
    • Error handling is tested thoroughly

  2. Test Utilities

    • Shared test utilities are available to all modules
    • Support for different Vault modes (Dev, Regular, AutoUnseal)
    • Helper functions for common test operations

  3. Architectural Boundaries

    • Tests respect the module boundaries of the codebase
    • Public API is tested through integration tests
    • Internal implementation details are tested through unit tests

Example of Migrated Test

Before (in integration.rs):

#[tokio::test]
async fn test_setup_pki() -> Result<(), Box<dyn std::error::Error>> {
    init_logging();
    let vault_container = setup_vault_container(common::VaultMode::Dev).await;
    let host = vault_container.get_host().await.unwrap();
    let host_port = vault_container.get_host_port_ipv4(8200).await.unwrap();
    let vault_url = format!("http://{}:{}", host, host_port);

    common::wait_for_vault_ready(&vault_url, 10, 1000).await?;

    let domain = "example.com";
    let ttl = "8760h";
    let (cert, role_name) =
        merka_vault::vault::pki::setup_pki(&vault_url, "root", domain, ttl, false, None, None)
            .await?;

    info!("CA Certificate:\n{}", cert);
    info!("PKI role name: {}", role_name);

    assert!(cert.contains("BEGIN CERTIFICATE"));
    assert_eq!(role_name, domain.replace('.', "-"));

    Ok(())
}

After (in pki.rs):

#[cfg(test)]
mod tests {
    use super::*;
    use crate::init_logging;
    use crate::vault::test_utils::{setup_vault_container, wait_for_vault_ready, VaultMode};
    use tracing::info;

    #[tokio::test]
    async fn test_setup_pki() -> Result<(), Box<dyn std::error::Error>> {
        init_logging();
        let vault_container = setup_vault_container(VaultMode::Dev).await;
        let host = vault_container.get_host().await.unwrap();
        let host_port = vault_container.get_host_port_ipv4(8200).await.unwrap();
        let vault_url = format!("http://{}:{}", host, host_port);

        wait_for_vault_ready(&vault_url, 10, 1000)
            .await
            .map_err(|e| e.to_string())?;

        let domain = "example.com";
        let ttl = "8760h";
        let (cert, role_name) =
            setup_pki(&vault_url, "root", domain, ttl, false, None, None).await?;

        info!("CA Certificate:\n{}", cert);
        info!("PKI role name: {}", role_name);

        assert!(cert.contains("BEGIN CERTIFICATE"));
        assert_eq!(role_name, domain.replace('.', "-"));

        Ok(())
    }
    // Other tests...
}

Conclusion

The migration to module-specific tests has been successful, resulting in a more maintainable and organized codebase. The new testing approach follows Rust best practices and provides better isolation, improved error handling, and clearer ownership of test cases.

Going forward, all new tests should follow this module-specific approach, with integration tests using the actor-based API for cross-module functionality.