refactor: anonymize internal references in test fixtures

Author: mdemauroy

config_test.go

@@ -139,12 +139,12 @@ envs:
   dev:
     provider: vault
     mapping:
-      AKAMAI_TOKEN:
-        path: shared/akamai
-        key: AKAMAI_TOKEN
-      OPENAI_APIKEY:
-        path: ccmcms
-        key: OPENAI_API_KEY
+      CDN_TOKEN:
+        path: shared/cdn
+        key: CDN_TOKEN
+      API_KEY:
+        path: myapp
+        key: API_SECRET_KEY
 `
 	if err := os.WriteFile(cfgPath, []byte(content), 0644); err != nil {
 		t.Fatal(err)
@@ -160,20 +160,20 @@ envs:
 		t.Fatalf("len(Mapping) = %d, want 2", len(devCfg.Mapping))
 	}
 
-	akamaiMapping := devCfg.Mapping["AKAMAI_TOKEN"]
-	if akamaiMapping.Path != "shared/akamai" {
-		t.Errorf("AKAMAI_TOKEN.Path = %q, want %q", akamaiMapping.Path, "shared/akamai")
+	cdnMapping := devCfg.Mapping["CDN_TOKEN"]
+	if cdnMapping.Path != "shared/cdn" {
+		t.Errorf("CDN_TOKEN.Path = %q, want %q", cdnMapping.Path, "shared/cdn")
 	}
-	if akamaiMapping.Key != "AKAMAI_TOKEN" {
-		t.Errorf("AKAMAI_TOKEN.Key = %q, want %q", akamaiMapping.Key, "AKAMAI_TOKEN")
+	if cdnMapping.Key != "CDN_TOKEN" {
+		t.Errorf("CDN_TOKEN.Key = %q, want %q", cdnMapping.Key, "CDN_TOKEN")
 	}
 
-	openaiMapping := devCfg.Mapping["OPENAI_APIKEY"]
-	if openaiMapping.Path != "ccmcms" {
-		t.Errorf("OPENAI_APIKEY.Path = %q, want %q", openaiMapping.Path, "ccmcms")
+	apiMapping := devCfg.Mapping["API_KEY"]
+	if apiMapping.Path != "myapp" {
+		t.Errorf("API_KEY.Path = %q, want %q", apiMapping.Path, "myapp")
 	}
-	if openaiMapping.Key != "OPENAI_API_KEY" {
-		t.Errorf("OPENAI_APIKEY.Key = %q, want %q", openaiMapping.Key, "OPENAI_API_KEY")
+	if apiMapping.Key != "API_SECRET_KEY" {
+		t.Errorf("API_KEY.Key = %q, want %q", apiMapping.Key, "API_SECRET_KEY")
 	}
 
 	// Verify it propagates to provider config

provider/mapping_test.go

@@ -22,25 +22,25 @@ func (m *mockMultiKeyProvider) ReadSecret(_ context.Context, path string) (map[s
 func TestCollectMappedSecrets(t *testing.T) {
 	mock := &mockMultiKeyProvider{
 		secrets: map[string]map[string]string{
-			"shared/pgsql": {
-				"PRIMARY_MEDIA_PGSQL_USER":     "dbuser",
-				"PRIMARY_MEDIA_PGSQL_PASSWORD": "dbpass",
+			"shared/database": {
+				"DB_USER":     "dbuser",
+				"DB_PASSWORD": "dbpass",
 			},
-			"shared/akamai": {
-				"AKAMAI_TOKEN":  "tok123",
-				"AKAMAI_HEADER": "hdr456",
+			"shared/cdn": {
+				"CDN_TOKEN":  "tok123",
+				"CDN_HEADER": "hdr456",
 			},
-			"ccmcms": {
-				"OPENAI_API_KEY": "sk-abc",
+			"myapp": {
+				"API_SECRET_KEY": "sk-abc",
 			},
 		},
 	}
 
 	mapping := map[string]SecretMapping{
-		"PRIMARY_MEDIA_PGSQL_USER":     {Path: "shared/pgsql", Key: "PRIMARY_MEDIA_PGSQL_USER"},
-		"PRIMARY_MEDIA_PGSQL_PASSWORD": {Path: "shared/pgsql", Key: "PRIMARY_MEDIA_PGSQL_PASSWORD"},
-		"AKAMAI_TOKEN":                 {Path: "shared/akamai", Key: "AKAMAI_TOKEN"},
-		"OPENAI_APIKEY":                {Path: "ccmcms", Key: "OPENAI_API_KEY"}, // env var differs from vault key
+		"DB_USER":     {Path: "shared/database", Key: "DB_USER"},
+		"DB_PASSWORD": {Path: "shared/database", Key: "DB_PASSWORD"},
+		"CDN_TOKEN":   {Path: "shared/cdn", Key: "CDN_TOKEN"},
+		"API_KEY":     {Path: "myapp", Key: "API_SECRET_KEY"}, // env var differs from vault key
 	}
 
 	records, err := CollectMappedSecrets(context.Background(), mock, mapping)
@@ -49,10 +49,10 @@ func TestCollectMappedSecrets(t *testing.T) {
 	}
 
 	expected := map[string]string{
-		"PRIMARY_MEDIA_PGSQL_USER":     "dbuser",
-		"PRIMARY_MEDIA_PGSQL_PASSWORD": "dbpass",
-		"AKAMAI_TOKEN":                 "tok123",
-		"OPENAI_APIKEY":                "sk-abc",
+		"DB_USER":     "dbuser",
+		"DB_PASSWORD": "dbpass",
+		"CDN_TOKEN":   "tok123",
+		"API_KEY":     "sk-abc",
 	}
 
 	if len(records) != len(expected) {
@@ -74,14 +74,14 @@ func TestCollectMappedSecrets(t *testing.T) {
 func TestCollectMappedSecrets_MissingKey(t *testing.T) {
 	mock := &mockMultiKeyProvider{
 		secrets: map[string]map[string]string{
-			"shared/akamai": {
-				"AKAMAI_TOKEN": "tok123",
+			"shared/cdn": {
+				"CDN_TOKEN": "tok123",
 			},
 		},
 	}
 
 	mapping := map[string]SecretMapping{
-		"MISSING_VAR": {Path: "shared/akamai", Key: "NONEXISTENT_KEY"},
+		"MISSING_VAR": {Path: "shared/cdn", Key: "NONEXISTENT_KEY"},
 	}
 
 	_, err := CollectMappedSecrets(context.Background(), mock, mapping)
@@ -123,7 +123,7 @@ func TestCollectMappedSecrets_DeduplicatesPaths(t *testing.T) {
 	callCount := 0
 	mock := &countingMultiKeyProvider{
 		secrets: map[string]map[string]string{
-			"shared/pgsql": {
+			"shared/database": {
 				"USER": "u",
 				"PASS": "p",
 			},
@@ -132,8 +132,8 @@ func TestCollectMappedSecrets_DeduplicatesPaths(t *testing.T) {
 	}
 
 	mapping := map[string]SecretMapping{
-		"DB_USER": {Path: "shared/pgsql", Key: "USER"},
-		"DB_PASS": {Path: "shared/pgsql", Key: "PASS"},
+		"DB_USER": {Path: "shared/database", Key: "USER"},
+		"DB_PASS": {Path: "shared/database", Key: "PASS"},
 	}
 
 	_, err := CollectMappedSecrets(context.Background(), mock, mapping)