credentials/aliyuncli: improve parse credentials from output

AliyunContainerService · Feb 23, 2024 · 4b652e4 · 4b652e4
1 parent 4396cda
commit 4b652e4
Show file tree

Hide file tree

Showing 2 changed files with 123 additions and 2 deletions.
diff --git a/pkg/credentials/aliyuncli/aliyuncli.go b/pkg/credentials/aliyuncli/aliyuncli.go
@@ -233,7 +233,7 @@ func (p *ProfileWrapper) GetCredentialsByExternal() (provider.CredentialsProvide
 	return newP.GetProvider()
 }
 
-var regexpCredJSON = regexp.MustCompile(`{\s*"mode": [^}]+}`)
+var regexpCredJSON = regexp.MustCompile(`{[^}]+"mode":[^}]+}`)
 
 func tryToParseProfileFromOutput(output string) *Profile {
 	ret := regexpCredJSON.FindAllString(output, 1)
@@ -242,7 +242,7 @@ func tryToParseProfileFromOutput(output string) *Profile {
 	}
 	credJSON := ret[0]
 	var p Profile
-	if err := json.Unmarshal([]byte(credJSON), &p); err == nil {
+	if err := json.Unmarshal([]byte(credJSON), &p); err == nil && p.Mode != "" {
 		return &p
 	}
 	return nil

diff --git a/pkg/credentials/aliyuncli/aliyuncli_test.go b/pkg/credentials/aliyuncli/aliyuncli_test.go
@@ -0,0 +1,121 @@
+package aliyuncli
+
+import (
+	"github.com/stretchr/testify/assert"
+	"testing"
+)
+
+func Test_tryToParseProfileFromOutput(t *testing.T) {
+	type args struct {
+		output string
+	}
+	tests := []struct {
+		name string
+		args args
+		want *Profile
+	}{
+		{
+			name: "include profile 1",
+			args: args{
+				output: `
+
+{
+  "access_key_id": "accessKeyId",
+  "mode": "AK",
+  "access_key_secret": "accessKeySecret"
+}
+
+`,
+			},
+			want: &Profile{
+				Mode:            "AK",
+				AccessKeyId:     "accessKeyId",
+				AccessKeySecret: "accessKeySecret",
+			},
+		},
+		{
+			name: "include profile 2",
+			args: args{
+				output: `afbb
+
+{
+  "mode": "StsToken",
+  "access_key_id": "accessKeyId",
+  "access_key_secret": "accessKeySecret",
+  "sts_token": "stsToken"
+}
+xxxx
+`,
+			},
+			want: &Profile{
+				Mode:            "StsToken",
+				AccessKeyId:     "accessKeyId",
+				AccessKeySecret: "accessKeySecret",
+				StsToken:        "stsToken",
+			},
+		},
+		{
+			name: "include profile 3",
+			args: args{
+				output: `
+XXX
+{
+  "mode": "RamRoleArn",
+  "access_key_id": "accessKeyId",
+  "access_key_secret": "accessKeySecret",
+  "ram_role_arn": "ramRoleArn",
+  "ram_session_name": "ramSessionName"
+}XXX
+xxxx
+`,
+			},
+			want: &Profile{
+				Mode:            "RamRoleArn",
+				AccessKeyId:     "accessKeyId",
+				AccessKeySecret: "accessKeySecret",
+				RamRoleArn:      "ramRoleArn",
+				RoleSessionName: "ramSessionName",
+			},
+		},
+		{
+			name: "not include profile 1",
+			args: args{
+				output: "",
+			},
+			want: nil,
+		},
+		{
+			name: "not include profile 2",
+			args: args{
+				output: "foo {}",
+			},
+			want: nil,
+		},
+		{
+			name: "not include profile 3",
+			args: args{
+				output: `foo { "mode": XXXX }`,
+			},
+			want: nil,
+		},
+		{
+			name: "not include profile 4",
+			args: args{
+				output: `
+{
+  "mode": "",
+  "access_key_id": "accessKeyId",
+  "access_key_secret": "accessKeySecret"
+}
+`,
+			},
+			want: nil,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			got := tryToParseProfileFromOutput(tt.args.output)
+			assert.Equal(t, got, tt.want)
+		})
+	}
+}