raise an error if the createStorage function doesn't exist or fails

transparency-dev · Aug 8, 2024 · d16d59a · d16d59a
1 parent ffa91df
commit d16d59a
Show file tree

Hide file tree

Showing 2 changed files with 46 additions and 10 deletions.
diff --git a/personalities/sctfe/instance.go b/personalities/sctfe/instance.go
@@ -154,9 +154,12 @@ func setUpLogInfo(ctx context.Context, opts InstanceOptions) (*logInfo, error) {
 	timeSource := new(SystemTimeSource)
 	ctSigner := NewCTSigner(signer, vCfg.Config.Origin, logID, timeSource)
 
+	if opts.CreateStorage == nil {
+		return nil, fmt.Errorf("failed to initiate storage backend: nil createStorage")
+	}
 	storage, err := opts.CreateStorage(ctx, opts.Validated, ctSigner)
 	if err != nil {
-		return nil, fmt.Errorf("failed to create storage backend: %v", err)
+		return nil, fmt.Errorf("failed to initiate storage backend: %v", err)
 	}
 
 	logInfo := newLogInfo(opts, validationOpts, signer, timeSource, storage)

diff --git a/personalities/sctfe/instance_test.go b/personalities/sctfe/instance_test.go
@@ -51,9 +51,10 @@ func TestSetUpInstance(t *testing.T) {
 	wrongPassPrivKey := mustMarshalAny(&keyspb.PEMKeyFile{Path: "./testdata/ct-http-server.privkey.pem", Password: "dirkly"})
 
 	var tests = []struct {
-		desc    string
-		cfg     *configpb.LogConfig
-		wantErr string
+		desc      string
+		cfg       *configpb.LogConfig
+		ctStorage func(context.Context, *ValidatedLogConfig, note.Signer) (*CTStorage, error)
+		wantErr   string
 	}{
 		{
 			desc: "valid",
@@ -63,6 +64,7 @@ func TestSetUpInstance(t *testing.T) {
 				PrivateKey:    privKey,
 				StorageConfig: &configpb.LogConfig_Gcp{Gcp: &configpb.GCPConfig{Bucket: "bucket", SpannerDbPath: "spanner"}},
 			},
+			ctStorage: fakeCTStorage,
 		},
 		{
 			desc: "no-roots",
@@ -71,7 +73,8 @@ func TestSetUpInstance(t *testing.T) {
 				PrivateKey:    privKey,
 				StorageConfig: &configpb.LogConfig_Gcp{Gcp: &configpb.GCPConfig{Bucket: "bucket", SpannerDbPath: "spanner"}},
 			},
-			wantErr: "specify RootsPemFile",
+			ctStorage: fakeCTStorage,
+			wantErr:   "specify RootsPemFile",
 		},
 		{
 			desc: "missing-root-cert",
@@ -81,7 +84,8 @@ func TestSetUpInstance(t *testing.T) {
 				PrivateKey:    privKey,
 				StorageConfig: &configpb.LogConfig_Gcp{Gcp: &configpb.GCPConfig{Bucket: "bucket", SpannerDbPath: "spanner"}},
 			},
-			wantErr: "failed to read trusted roots",
+			ctStorage: fakeCTStorage,
+			wantErr:   "failed to read trusted roots",
 		},
 		{
 			desc: "missing-privkey",
@@ -91,7 +95,8 @@ func TestSetUpInstance(t *testing.T) {
 				PrivateKey:    missingPrivKey,
 				StorageConfig: &configpb.LogConfig_Gcp{Gcp: &configpb.GCPConfig{Bucket: "bucket", SpannerDbPath: "spanner"}},
 			},
-			wantErr: "failed to load private key",
+			ctStorage: fakeCTStorage,
+			wantErr:   "failed to load private key",
 		},
 		{
 			desc: "privkey-wrong-password",
@@ -101,7 +106,8 @@ func TestSetUpInstance(t *testing.T) {
 				PrivateKey:    wrongPassPrivKey,
 				StorageConfig: &configpb.LogConfig_Gcp{Gcp: &configpb.GCPConfig{Bucket: "bucket", SpannerDbPath: "spanner"}},
 			},
-			wantErr: "failed to load private key",
+			ctStorage: fakeCTStorage,
+			wantErr:   "failed to load private key",
 		},
 		{
 			desc: "valid-ekus-1",
@@ -112,6 +118,7 @@ func TestSetUpInstance(t *testing.T) {
 				ExtKeyUsages:  []string{"Any"},
 				StorageConfig: &configpb.LogConfig_Gcp{Gcp: &configpb.GCPConfig{Bucket: "bucket", SpannerDbPath: "spanner"}},
 			},
+			ctStorage: fakeCTStorage,
 		},
 		{
 			desc: "valid-ekus-2",
@@ -122,6 +129,7 @@ func TestSetUpInstance(t *testing.T) {
 				ExtKeyUsages:  []string{"Any", "ServerAuth", "TimeStamping"},
 				StorageConfig: &configpb.LogConfig_Gcp{Gcp: &configpb.GCPConfig{Bucket: "bucket", SpannerDbPath: "spanner"}},
 			},
+			ctStorage: fakeCTStorage,
 		},
 		{
 			desc: "valid-reject-ext",
@@ -132,6 +140,7 @@ func TestSetUpInstance(t *testing.T) {
 				RejectExtensions: []string{"1.2.3.4", "5.6.7.8"},
 				StorageConfig:    &configpb.LogConfig_Gcp{Gcp: &configpb.GCPConfig{Bucket: "bucket", SpannerDbPath: "spanner"}},
 			},
+			ctStorage: fakeCTStorage,
 		},
 		{
 			desc: "invalid-reject-ext",
@@ -142,7 +151,31 @@ func TestSetUpInstance(t *testing.T) {
 				RejectExtensions: []string{"1.2.3.4", "one.banana.two.bananas"},
 				StorageConfig:    &configpb.LogConfig_Gcp{Gcp: &configpb.GCPConfig{Bucket: "bucket", SpannerDbPath: "spanner"}},
 			},
-			wantErr: "one",
+			ctStorage: fakeCTStorage,
+			wantErr:   "one",
+		},
+		{
+			desc: "missing-create-storage",
+			cfg: &configpb.LogConfig{
+				Origin:        "log",
+				RootsPemFile:  []string{"./testdata/fake-ca.cert"},
+				PrivateKey:    privKey,
+				StorageConfig: &configpb.LogConfig_Gcp{Gcp: &configpb.GCPConfig{Bucket: "bucket", SpannerDbPath: "spanner"}},
+			},
+			wantErr: "failed to initiate storage backend",
+		},
+		{
+			desc: "failing-create-storage",
+			cfg: &configpb.LogConfig{
+				Origin:        "log",
+				RootsPemFile:  []string{"./testdata/fake-ca.cert"},
+				PrivateKey:    privKey,
+				StorageConfig: &configpb.LogConfig_Gcp{Gcp: &configpb.GCPConfig{Bucket: "bucket", SpannerDbPath: "spanner"}},
+			},
+			ctStorage: func(_ context.Context, _ *ValidatedLogConfig, _ note.Signer) (*CTStorage, error) {
+				return nil, fmt.Errorf("I failed")
+			},
+			wantErr: "failed to initiate storage backend",
 		},
 	}
 
@@ -152,7 +185,7 @@ func TestSetUpInstance(t *testing.T) {
 			if err != nil {
 				t.Fatalf("ValidateLogConfig(): %v", err)
 			}
-			opts := InstanceOptions{Validated: vCfg, Deadline: time.Second, MetricFactory: monitoring.InertMetricFactory{}, CreateStorage: fakeCTStorage}
+			opts := InstanceOptions{Validated: vCfg, Deadline: time.Second, MetricFactory: monitoring.InertMetricFactory{}, CreateStorage: test.ctStorage}
 
 			if _, err := SetUpInstance(ctx, opts); err != nil {
 				if test.wantErr == "" {