From c4d953da87c39f0e5c235ce0579f04ba576d320b Mon Sep 17 00:00:00 2001
From: "Marc A. Paradise" <marc.paradise@gmail.com>
Date: Fri, 27 Aug 2021 14:45:03 -0400
Subject: Updates based on code review comments

Signed-off-by: Marc A. Paradise <marc.paradise@gmail.com>
---
 spec/unit/secret_fetcher/hashi_vault_spec.rb | 32 ++++++++++------------------
 1 file changed, 11 insertions(+), 21 deletions(-)

diff --git a/spec/unit/secret_fetcher/hashi_vault_spec.rb b/spec/unit/secret_fetcher/hashi_vault_spec.rb
index 02299474cf..db93a051e4 100644
--- a/spec/unit/secret_fetcher/hashi_vault_spec.rb
+++ b/spec/unit/secret_fetcher/hashi_vault_spec.rb
@@ -23,34 +23,24 @@ require "chef/secret_fetcher/hashi_vault"
 describe Chef::SecretFetcher::HashiVault do
   let(:node) { {} }
   let(:run_context) { double("run_context", node: node) }
-  let(:fetcher_config) { {} }
-  let(:fetcher) {
-    Chef::SecretFetcher::HashiVault.new( fetcher_config, run_context )
-  }
 
   context "when validating HashiVault provided configuration" do
-    context "and role_name is not provided" do
-      let(:fetcher_config) { { vault_addr: "vault.example.com" } }
-      it "raises ConfigurationInvalid" do
-        expect { fetcher.validate! }.to raise_error(Chef::Exceptions::Secret::ConfigurationInvalid)
-      end
+    it "raises ConfigurationInvalid when the role_name is not provided" do
+      fetcher = Chef::SecretFetcher::HashiVault.new( { vault_addr: "vault.example.com" }, run_context)
+      expect { fetcher.validate! }.to raise_error(Chef::Exceptions::Secret::ConfigurationInvalid)
     end
-    context "and vault_addr is not provided" do
-      let(:fetcher_config) { { role_name: "example-role" } }
-      it "raises ConfigurationInvalid" do
-        expect { fetcher.validate! }.to raise_error(Chef::Exceptions::Secret::ConfigurationInvalid)
-      end
+
+    it "raises ConfigurationInvalid when the vault_addr is not provided" do
+      fetcher = Chef::SecretFetcher::HashiVault.new( { role_name: "vault.example.com" }, run_context)
+      expect { fetcher.validate! }.to raise_error(Chef::Exceptions::Secret::ConfigurationInvalid)
     end
-  end
 
-  context "when all required config is provided" do
-    let(:fetcher_config) { { vault_addr: "vault.example.com", role_name: "example-role" } }
-    it "obtains a token via AWS IAM auth" do
-      auth_stub = double("vault auth", aws_iam: nil)
+    it "obtains a token via AWS IAM auth to allow the gem to do its own validations when all required config is provided" do
+      fetcher = Chef::SecretFetcher::HashiVault.new( { vault_addr: "vault.example.com", role_name: "example-role" }, run_context)
+      auth_stub =
       allow(Aws::InstanceProfileCredentials).to receive(:new).and_return double("credentials")
-      allow(Vault).to receive(:auth).and_return(auth_stub)
+      allow(Vault).to receive(:auth).and_return(instance_double(Vault::Authenticate, aws_iam: nil))
       fetcher.validate!
-
     end
   end
 end
-- 
cgit v1.2.1