Skip to content

test: assert admin metadata GET decrypts on first request#13645

Open
shreemaan-abhishek wants to merge 1 commit into
apache:masterfrom
shreemaan-abhishek:test/metadata-gde-decrypt-assert
Open

test: assert admin metadata GET decrypts on first request#13645
shreemaan-abhishek wants to merge 1 commit into
apache:masterfrom
shreemaan-abhishek:test/metadata-gde-decrypt-assert

Conversation

@shreemaan-abhishek

Copy link
Copy Markdown
Contributor

Description

Follow-up test coverage for #12624.

The existing t/admin/plugin-metadata3.t covers the plugin.enable_data_encryption nil-init state and the 404-GET crash, but it uses example-plugin, which has no encrypt_fields. So it never asserts the primary behavior the fix restored: that the first successful GET of an encrypted metadata field returns plaintext, not ciphertext.

This PR adds a case using azure-functions.master_apikey (a real encrypt_fields metadata):

  1. PUT the metadata (stored encrypted in etcd).
  2. Assert etcd holds ciphertext.
  3. Reset plugin.enable_data_encryption = nil to simulate a fresh worker where the flag has not been lazily initialized yet.
  4. Assert the GET still returns the decrypted value - i.e. plugin.enable_gde() forces initialization on the GET path.

Without #12624 this case returns ciphertext; with it, plaintext.

Also scopes local_conf/err as locals in TEST 1 (they were previously assigned as globals).

Checklist

  • I have explained the need for this PR and the problem it solves
  • I have explained the changes or the new features added to this PR
  • I have added tests corresponding to this change
  • I have updated the documentation to reflect this change (N/A - test-only)
  • I have verified that this change is backward compatible (test-only, no runtime change)

Follow-up test coverage for apache#12624. The existing plugin-metadata3.t
covered the nil-init state and the 404 crash, but used example-plugin,
which has no encrypt_fields, so it never asserted the primary behavior:
that the first successful GET of an encrypted metadata field returns
plaintext rather than ciphertext.

Add a case using azure-functions.master_apikey (a real encrypt_fields
metadata) that resets plugin.enable_data_encryption to nil to simulate a
fresh worker, then asserts the GET returns the decrypted value while
etcd still holds the ciphertext.

Also scope local_conf/err as locals in TEST 1 to avoid leaking globals.
@dosubot dosubot Bot added the size:M This PR changes 30-99 lines, ignoring generated files. label Jul 2, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

size:M This PR changes 30-99 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant