deslicer_cli/ci/
bitbucket.rs

1use super::{OidcError, OidcTokenProvider};
2
3pub struct BitbucketProvider;
4
5#[async_trait::async_trait]
6impl OidcTokenProvider for BitbucketProvider {
7    async fn fetch_token(&self, _audience: &str) -> Result<String, OidcError> {
8        let token = std::env::var("BITBUCKET_STEP_OIDC_TOKEN")
9            .map_err(|_| OidcError::MissingEnv("BITBUCKET_STEP_OIDC_TOKEN".to_string()))?;
10        Ok(token.trim().to_string())
11    }
12}
13
14#[cfg(test)]
15// ENV_LOCK only serializes env access across single-threaded #[tokio::test] cases;
16// holding it across the await is safe (no cross-task contention).
17#[allow(clippy::await_holding_lock)]
18mod tests {
19    use super::*;
20    use std::sync::Mutex;
21
22    static ENV_LOCK: Mutex<()> = Mutex::new(());
23
24    #[tokio::test]
25    async fn fetch_token_returns_trimmed_env_value() {
26        let _guard = ENV_LOCK.lock().unwrap();
27
28        std::env::set_var("BITBUCKET_STEP_OIDC_TOKEN", "  bitbucket-jwt-token  ");
29
30        let token = BitbucketProvider
31            .fetch_token("https://api.deslicer.ai")
32            .await
33            .unwrap();
34
35        assert_eq!(token, "bitbucket-jwt-token");
36
37        std::env::remove_var("BITBUCKET_STEP_OIDC_TOKEN");
38    }
39
40    #[tokio::test]
41    async fn fetch_token_errors_when_env_missing() {
42        let _guard = ENV_LOCK.lock().unwrap();
43
44        std::env::remove_var("BITBUCKET_STEP_OIDC_TOKEN");
45
46        let err = BitbucketProvider
47            .fetch_token("https://api.deslicer.ai")
48            .await
49            .unwrap_err();
50
51        assert!(matches!(err, OidcError::MissingEnv(_)));
52    }
53}
deslicer_cli/ci/bitbucket.rs

deslicer_cli/ci/
bitbucket.rs
