In the beginning God created the heavens and the earth.
", - } - json.NewEncoder(w).Encode(resp) - case "empty": - json.NewEncoder(w).Encode(VerseResponse{}) - default: // Any other case will trigger an error, forcing fallback - w.WriteHeader(http.StatusInternalServerError) - } - })) + handler := newMockApiHandler() + ts := httptest.NewServer(handler) defer ts.Close() - defer setEnv("BIBLE_API_URL", ts.URL)() - defer setEnv("BIBLE_API_KEY", "test_key")() - t.Run("Success", func(t *testing.T) { + defer setEnv("BIBLE_API_URL", ts.URL)() + defer setEnv("BIBLE_API_KEY", "test_key")() + ResetAPIConfigCache() + var env def.SessionData env.Msg.Message = "gen 1" var conf utils.UserConfig @@ -94,7 +66,14 @@ func TestGetBiblePassage(t *testing.T) { } }) - t.Run("Fallback on API error", func(t *testing.T) { + t.Run("Error", func(t *testing.T) { + handler.statusCode = http.StatusInternalServerError + defer func() { handler.statusCode = http.StatusOK }() + + defer setEnv("BIBLE_API_URL", ts.URL)() + defer setEnv("BIBLE_API_KEY", "test_key")() + ResetAPIConfigCache() + var env def.SessionData env.Msg.Message = "John 1:1" // Use a valid reference to test the fallback var conf utils.UserConfig @@ -121,6 +100,17 @@ func TestGetBiblePassage(t *testing.T) { }) t.Run("Empty", func(t *testing.T) { + handler.verseResponse = VerseResponse{} + defer func() { + handler.verseResponse = VerseResponse{ + Verse: "In the beginning God created the heavens and the earth.
", + } + }() + + defer setEnv("BIBLE_API_URL", ts.URL)() + defer setEnv("BIBLE_API_KEY", "test_key")() + ResetAPIConfigCache() + var env def.SessionData env.Msg.Message = "empty" env = GetBiblePassage(env) diff --git a/pkg/app/search_test.go b/pkg/app/search_test.go index 99bed93..d8a71e7 100644 --- a/pkg/app/search_test.go +++ b/pkg/app/search_test.go @@ -1,7 +1,6 @@ package app import ( - "encoding/json" "net/http" "net/http/httptest" "strings" @@ -12,33 +11,14 @@ import ( ) func TestGetBibleSearch(t *testing.T) { - // Mock server - ts := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { - var req QueryRequest - json.NewDecoder(r.Body).Decode(&req) - - // Check if words contains "error" - for _, word := range req.Query.Words { - if word == "error" { - http.Error(w, "Error", http.StatusInternalServerError) - return - } - if word == "empty" { - json.NewEncoder(w).Encode(WordSearchResponse{}) - return - } - } - - resp := WordSearchResponse{ - {Verse: "Found 1:1", URL: "http://found1"}, - } - json.NewEncoder(w).Encode(resp) - })) + handler := newMockApiHandler() + ts := httptest.NewServer(handler) defer ts.Close() - defer setEnv("BIBLE_API_URL", ts.URL)() - t.Run("Success", func(t *testing.T) { + defer setEnv("BIBLE_API_URL", ts.URL)() + ResetAPIConfigCache() + var env def.SessionData env.Msg.Message = "Found" conf := utils.UserConfig{Version: "NIV"} @@ -55,6 +35,16 @@ func TestGetBibleSearch(t *testing.T) { }) t.Run("Empty", func(t *testing.T) { + handler.wordSearchResponse = WordSearchResponse{} + defer func() { + handler.wordSearchResponse = WordSearchResponse{ + {Verse: "Found 1:1", URL: "http://found1"}, + } + }() + + defer setEnv("BIBLE_API_URL", ts.URL)() + ResetAPIConfigCache() + var env def.SessionData env.Msg.Message = "empty" @@ -66,6 +56,12 @@ func TestGetBibleSearch(t *testing.T) { }) t.Run("Error", func(t *testing.T) { + handler.statusCode = http.StatusInternalServerError + defer func() { handler.statusCode = http.StatusOK }() + + defer setEnv("BIBLE_API_URL", ts.URL)() + ResetAPIConfigCache() + var env def.SessionData env.Msg.Message = "error" diff --git a/pkg/app/test_utils.go b/pkg/app/test_utils.go new file mode 100644 index 0000000..ae887eb --- /dev/null +++ b/pkg/app/test_utils.go @@ -0,0 +1,76 @@ +package app + +import ( + "encoding/json" + "net/http" + "os" +) + +// setEnv is a helper function to temporarily set an environment variable and return a function to restore it. +func setEnv(key, value string) func() { + originalValue, isSet := os.LookupEnv(key) + os.Setenv(key, value) + return func() { + if isSet { + os.Setenv(key, originalValue) + } else { + os.Unsetenv(key) + } + } +} + +// mockApiHandler is a flexible handler for the mock server. +type mockApiHandler struct { + verseResponse VerseResponse + wordSearchResponse WordSearchResponse + oQueryResponse OQueryResponse + statusCode int + rawResponse string +} + +// newMockApiHandler creates a new mockApiHandler with default success responses. +func newMockApiHandler() *mockApiHandler { + return &mockApiHandler{ + statusCode: http.StatusOK, + verseResponse: VerseResponse{ + Verse: "In the beginning God created the heavens and the earth.
", + }, + wordSearchResponse: WordSearchResponse{ + {Verse: "Found 1:1", URL: "http://found1"}, + }, + oQueryResponse: OQueryResponse{ + Text: "Answer text", + References: []SearchResult{ + {Verse: "Ref 1:1", URL: "http://ref1"}, + }, + }, + } +} + +// ServeHTTP handles the incoming requests and sends the configured response. +func (h *mockApiHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { + w.WriteHeader(h.statusCode) + + if h.rawResponse != "" { + w.Write([]byte(h.rawResponse)) + return + } + + var req QueryRequest + if err := json.NewDecoder(r.Body).Decode(&req); err != nil { + http.Error(w, "Bad Request", http.StatusBadRequest) + return + } + + if len(req.Query.Words) > 0 { + json.NewEncoder(w).Encode(h.wordSearchResponse) + return + } + + if req.Query.Prompt != "" { + json.NewEncoder(w).Encode(h.oQueryResponse) + return + } + + json.NewEncoder(w).Encode(h.verseResponse) +} diff --git a/pkg/app/tms_test.go b/pkg/app/tms_test.go index a4044e9..384710f 100644 --- a/pkg/app/tms_test.go +++ b/pkg/app/tms_test.go @@ -1,6 +1,7 @@ package app import ( + "net/http/httptest" "strings" "testing" @@ -155,6 +156,13 @@ func TestIdentifyQuery(t *testing.T) { } func TestGetRandomTMSVerse(t *testing.T) { + handler := newMockApiHandler() + ts := httptest.NewServer(handler) + defer ts.Close() + + defer setEnv("BIBLE_API_URL", ts.URL)() + ResetAPIConfigCache() + var env def.SessionData var conf utils.UserConfig conf.Version = "NIV" @@ -171,6 +179,13 @@ func TestGetRandomTMSVerse(t *testing.T) { } func TestGetTMSVerse(t *testing.T) { + handler := newMockApiHandler() + ts := httptest.NewServer(handler) + defer ts.Close() + + defer setEnv("BIBLE_API_URL", ts.URL)() + ResetAPIConfigCache() + var env def.SessionData var conf utils.UserConfig conf.Version = "NIV" diff --git a/pkg/secrets/secrets.go b/pkg/secrets/secrets.go new file mode 100644 index 0000000..417bd5e --- /dev/null +++ b/pkg/secrets/secrets.go @@ -0,0 +1,83 @@ +package secrets + +import ( + "context" + "fmt" + "log" + "os" + + secretmanager "cloud.google.com/go/secretmanager/apiv1" + "cloud.google.com/go/secretmanager/apiv1/secretmanagerpb" + "github.com/joho/godotenv" +) + +func init() { + LoadAndLog() +} + +// LoadAndLog loads environment variables from a .env file (if present) and logs +// the status of the GCLOUD_PROJECT_ID. This function is called automatically on package initialization. +// It is also exported to allow for re-loading in test environments. +func LoadAndLog() { + // godotenv.Overload will read your .env file and set the environment variables. + // It will OVERWRITE any existing environment variables. + err := godotenv.Overload() + if err != nil { + log.Println("No .env file found, continuing with environment variables") + } + + // Log the status of the GCLOUD_PROJECT_ID for debugging purposes. + if projectID, ok := os.LookupEnv("GCLOUD_PROJECT_ID"); ok { + log.Printf("GCLOUD_PROJECT_ID is set: %s", projectID) + } else { + log.Println("GCLOUD_PROJECT_ID is not set. Google Secret Manager will not be used.") + } +} + +// Get retrieves a secret. It follows a specific order of precedence: +// 1. Google Secret Manager (if GCLOUD_PROJECT_ID is set) +// 2. Environment variables (which includes those loaded from a .env file) +// +// If the secret is not found in any of these locations, it returns an error. +func Get(secretName string) (string, error) { + // Attempt to get the secret from Google Secret Manager first. + projectID, isCloudRun := os.LookupEnv("GCLOUD_PROJECT_ID") + if isCloudRun && projectID != "" { + secretValue, err := getFromSecretManager(projectID, secretName) + if err == nil { + log.Printf("Loaded '%s' from Secret Manager", secretName) + return secretValue, nil + } + log.Printf("Could not fetch '%s' from Secret Manager, falling back to environment variables: %v", secretName, err) + } + + // Fallback to environment variables. + if value, ok := os.LookupEnv(secretName); ok { + log.Printf("Loaded '%s' from .env file or environment", secretName) + return value, nil + } + + return "", fmt.Errorf("secret '%s' not found in Secret Manager, .env file, or environment variables", secretName) +} + +// getFromSecretManager fetches a secret from Google Secret Manager. +func getFromSecretManager(projectID, secretName string) (string, error) { + ctx := context.Background() + client, err := secretmanager.NewClient(ctx) + if err != nil { + return "", fmt.Errorf("failed to create secret manager client: %v", err) + } + defer client.Close() + + name := fmt.Sprintf("projects/%s/secrets/%s/versions/latest", projectID, secretName) + req := &secretmanagerpb.AccessSecretVersionRequest{ + Name: name, + } + + result, err := client.AccessSecretVersion(ctx, req) + if err != nil { + return "", fmt.Errorf("failed to access secret version: %v", err) + } + + return string(result.Payload.Data), nil +} diff --git a/pkg/secrets/secrets_test.go b/pkg/secrets/secrets_test.go new file mode 100644 index 0000000..bceffb5 --- /dev/null +++ b/pkg/secrets/secrets_test.go @@ -0,0 +1,109 @@ +package secrets + +import ( + "fmt" + "os" + "testing" +) + +// setupTestEnvFile creates a temporary .env file for testing. +func setupTestEnvFile(t *testing.T, content string) func() { + t.Helper() + tmpfile, err := os.Create(".env") + if err != nil { + t.Fatalf("Failed to create temporary .env file: %v", err) + } + if _, err := tmpfile.Write([]byte(content)); err != nil { + t.Fatalf("Failed to write to temporary .env file: %v", err) + } + if err := tmpfile.Close(); err != nil { + t.Fatalf("Failed to close temporary .env file: %v", err) + } + + // The cleanup function to be returned and deferred by the caller. + return func() { + os.Remove(tmpfile.Name()) + // Reset environment variables changed by godotenv.Overload() + os.Unsetenv("FROM_DOTENV") + os.Unsetenv("OVERLOAD_VAR") + } +} + +func TestGetSecret(t *testing.T) { + // Sub-test 1: Test loading from an environment variable. + t.Run("from environment variable", func(t *testing.T) { + const envVarName = "FROM_ENV" + const expectedValue = "env_value" + t.Setenv(envVarName, expectedValue) + + // Re-run the loading logic to pick up the new env var for the test. + LoadAndLog() + + val, err := Get(envVarName) + if err != nil { + t.Errorf("Get() returned an error: %v", err) + } + if val != expectedValue { + t.Errorf("Expected to get '%s', but got '%s'", expectedValue, val) + } + }) + + // Sub-test 2: Test loading from a .env file. + t.Run("from .env file", func(t *testing.T) { + const secretName = "FROM_DOTENV" + const expectedValue = "dotenv_value" + cleanup := setupTestEnvFile(t, fmt.Sprintf("%s=%s", secretName, expectedValue)) + defer cleanup() + + // Re-run the loading logic to load the .env file. + LoadAndLog() + + val, err := Get(secretName) + if err != nil { + t.Errorf("Get() returned an error: %v", err) + } + if val != expectedValue { + t.Errorf("Expected to get '%s' from .env, but got '%s'", expectedValue, val) + } + }) + + // Sub-test 3: Test that .env file takes precedence over environment variables. + t.Run(".env overloads environment variable", func(t *testing.T) { + const varName = "OVERLOAD_VAR" + const envValue = "from_shell" + const dotenvValue = "from_dotenv_file" + + // Set the environment variable first. + t.Setenv(varName, envValue) + + // Create the .env file with the same variable but a different value. + cleanup := setupTestEnvFile(t, fmt.Sprintf("%s=%s", varName, dotenvValue)) + defer cleanup() + + // Re-run the loading logic. godotenv.Overload should prioritize the .env file. + LoadAndLog() + + val, err := Get(varName) + if err != nil { + t.Errorf("Get() returned an error: %v", err) + } + if val != dotenvValue { + t.Errorf("Expected value from .env ('%s'), but got value from shell ('%s')", dotenvValue, val) + } + }) + + // Sub-test 4: Test error when secret is not found. + t.Run("secret not found", func(t *testing.T) { + const nonExistentSecret = "THIS_SECRET_SHOULD_NOT_EXIST" + // Ensure the variable is not set in the environment. + os.Unsetenv(nonExistentSecret) + + // Re-run the loading logic. + LoadAndLog() + + _, err := Get(nonExistentSecret) + if err == nil { + t.Error("Expected an error when getting a non-existent secret, but got nil") + } + }) +} diff --git a/pkg/utils/database.go b/pkg/utils/database.go index 0a78d3b..c5a23e3 100644 --- a/pkg/utils/database.go +++ b/pkg/utils/database.go @@ -7,11 +7,11 @@ import ( "context" "encoding/json" "log" - "os" "sync" "cloud.google.com/go/datastore" "github.com/julwrites/BotPlatform/pkg/def" + "github.com/julwrites/ScriptureBot/pkg/secrets" ) var ( @@ -19,24 +19,15 @@ var ( cachedDatabaseIDOnce sync.Once ) -func GetDatabaseID(project string) string { +func GetDatabaseID() string { cachedDatabaseIDOnce.Do(func() { - // 1. Env Var - if id := os.Getenv("USER_DATABASE_ID"); id != "" { + id, err := secrets.Get("USER_DATABASE_ID") + if err == nil && id != "" { cachedDatabaseID = id return } - // 2. Secret Manager - if id, err := GetSecret(project, "USER_DATABASE_ID"); err == nil && id != "" { - cachedDatabaseID = id - return - } else if err != nil { - log.Printf("Failed to fetch USER_DATABASE_ID from Secret Manager: %v", err) - } - - // 3. Default - log.Println("Warning: USER_DATABASE_ID not found, defaulting to 'scripturebot-users'") + log.Printf("Warning: USER_DATABASE_ID not found, defaulting to 'scripturebot-users'. Error: %v", err) cachedDatabaseID = "scripturebot-users" }) return cachedDatabaseID @@ -49,7 +40,7 @@ type UserConfig struct { } func OpenClient(ctx *context.Context, project string) *datastore.Client { - dbID := GetDatabaseID(project) + dbID := GetDatabaseID() client, err := datastore.NewClientWithDatabase(*ctx, project, dbID) if err != nil { log.Printf("Failed to create Firestore client: %v", err) diff --git a/pkg/utils/secrets.go b/pkg/utils/secrets.go deleted file mode 100644 index 195a3b1..0000000 --- a/pkg/utils/secrets.go +++ /dev/null @@ -1,38 +0,0 @@ -package utils - -import ( - "context" - "fmt" - - secretmanager "cloud.google.com/go/secretmanager/apiv1" - "cloud.google.com/go/secretmanager/apiv1/secretmanagerpb" -) - -// GetSecret fetches a secret payload from Google Secret Manager. -// secretName should be the name of the secret (e.g., "BIBLE_API_KEY"). -// The function constructs the full resource name: projects/{projectID}/secrets/{secretName}/versions/latest -func GetSecret(projectID, secretName string) (string, error) { - ctx := context.Background() - client, err := secretmanager.NewClient(ctx) - if err != nil { - return "", fmt.Errorf("failed to create secret manager client: %v", err) - } - defer client.Close() - - // Build the request. - // We use "latest" to fetch the most recent version of the secret. - name := fmt.Sprintf("projects/%s/secrets/%s/versions/latest", projectID, secretName) - - req := &secretmanagerpb.AccessSecretVersionRequest{ - Name: name, - } - - // Call the API. - result, err := client.AccessSecretVersion(ctx, req) - if err != nil { - return "", fmt.Errorf("failed to access secret version: %v", err) - } - - // Return the secret payload. - return string(result.Payload.Data), nil -} diff --git a/pkg/utils/test_utils.go b/pkg/utils/test_utils.go deleted file mode 100644 index 67abfe2..0000000 --- a/pkg/utils/test_utils.go +++ /dev/null @@ -1,18 +0,0 @@ -package utils - -import ( - "os" -) - -// SetEnv sets an environment variable and returns a function to restore it. -func SetEnv(key, value string) func() { - originalValue, exists := os.LookupEnv(key) - os.Setenv(key, value) - return func() { - if exists { - os.Setenv(key, originalValue) - } else { - os.Unsetenv(key) - } - } -}