exp/services/recoverysigner: add tests for the KMS client #2750
Comments
7 tasks
|
Here's an idea for what we could do using the local-kms tool: recoverysigner-unique-signing-keys...recoverysigner-unique-signing-keys-kms-tests |
leighmcculloch
changed the title
7 tasks
|
Closing all recoverysigner issues |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We use these mocks to test to mock out the call to the kms client. However, we don't currently have a way to test the kms client in cmd/keyset.go. It's fairly important to test the tool as it's critical to make sure we can use the kms client without any problem when
encryption-kms-key-uriis provided. Without the took working properly, we cannot start the recovery signer in a secure way.Similarly, we don't have a way to exercise the code path when a valid kms key uri is provided here.
The text was updated successfully, but these errors were encountered: