MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Prevent accidental credential misuse during tests.

This commit is contained in:
Sam Rose 2025-03-03 18:02:30 +00:00
parent fc4f4e695a
commit 39a7234d2e
No known key found for this signature in database
4 changed files with 34 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
packages/server/src/integrations/dynamodb.ts
View File

@ -14,7 +14,7 @@ import {
UpdateCommandInput,
DeleteCommandInput,
} from "@aws-sdk/lib-dynamodb"
import { DynamoDB } from "@aws-sdk/client-dynamodb"
import { DynamoDB, DynamoDBClientConfig } from "@aws-sdk/client-dynamodb"
import { AWS_REGION } from "../constants"
export interface DynamoDBConfig {
@ -22,7 +22,6 @@ export interface DynamoDBConfig {
accessKeyId: string
secretAccessKey: string
endpoint?: string
currentClockSkew?: boolean
}
const SCHEMA: Integration = {
@ -139,21 +138,15 @@ const SCHEMA: Integration = {
}
export class DynamoDBIntegration implements IntegrationBase {
private config: DynamoDBConfig
private config: DynamoDBClientConfig
private client: DynamoDBDocument
constructor(config: DynamoDBConfig) {
this.config = config
// User is using a local dynamoDB endpoint, don't auth with remote
if (this.config?.endpoint?.includes("localhost")) {
// @ts-ignore
this.config = {}
}
this.config = {
...this.config,
currentClockSkew: true,
credentials: {
accessKeyId: config.accessKeyId,
secretAccessKey: config.secretAccessKey,
},
region: config.region || AWS_REGION,
endpoint: config.endpoint || undefined,
}

17
packages/server/src/integrations/tests/dynamodb.spec.ts
View File

@ -1,7 +1,11 @@
import { Datasource } from "@budibase/types"
import { DynamoDBConfig, DynamoDBIntegration } from "../dynamodb"
import { DatabaseName, datasourceDescribe } from "./utils"
import { CreateTableCommandInput, DynamoDB } from "@aws-sdk/client-dynamodb"
import {
CreateTableCommandInput,
DynamoDB,
DynamoDBClientConfig,
} from "@aws-sdk/client-dynamodb"
const describes = datasourceDescribe({ only: [DatabaseName.DYNAMODB] })
@ -38,7 +42,16 @@ if (describes.length > 0) {
rawDatasource.config! as DynamoDBConfig
)
const client = new DynamoDB(rawDatasource.config as DynamoDBConfig)
const config: DynamoDBClientConfig = {
credentials: {
accessKeyId: "test",
secretAccessKey: "test",
},
region: "us-east-1",
endpoint: rawDatasource.config!.endpoint,
}
const client = new DynamoDB(config)
await createTable(client, {
TableName: table,
KeySchema: [{ AttributeName: "Id", KeyType: "HASH" }],

6
packages/server/src/tests/jestSetup.ts
View File

@ -3,6 +3,12 @@ import * as matchers from "jest-extended"
import { env as coreEnv, timers } from "@budibase/backend-core"
import { testContainerUtils } from "@budibase/backend-core/tests"
import nock from "nock"
import AWS from "aws-sdk"
// Prevent accidental use of real AWS credentials
AWS.config.update({
credentialProvider: new AWS.CredentialProviderChain([]),
})
expect.extend(matchers)
if (!process.env.CI) {

9
packages/worker/src/tests/jestSetup.ts
View File

@ -2,18 +2,23 @@ import { mocks, testContainerUtils } from "@budibase/backend-core/tests"
import env from "../environment"
import { env as coreEnv, timers } from "@budibase/backend-core"
import nock from "nock"
import AWS from "aws-sdk"
// mock all dates to 2020-01-01T00:00:00.000Z
// use tk.reset() to use real dates in individual tests
import tk from "timekeeper"
// Prevent accidental use of real AWS credentials
AWS.config.update({
credentialProvider: new AWS.CredentialProviderChain([]),
})
nock.disableNetConnect()
nock.enableNetConnect(host => {
return (
host.includes("localhost") ||
host.includes("127.0.0.1") ||
host.includes("::1") ||
host.includes("ethereal.email") // used in realEmail.spec.ts
host.includes("::1")
)
})