test: add TestUserSecrets test

evgeniy-scherbina · evgeniy-scherbina · commit b580b5dd3f18 · 2025-07-15T16:38:26.000Z
diff --git a/coderd/user_secrets.go b/coderd/user_secrets.go
@@ -4,6 +4,7 @@ import (
 	"github.com/coder/coder/v2/coderd/database"
 	"github.com/coder/coder/v2/coderd/database/db2sdk"
 	"github.com/coder/coder/v2/coderd/httpmw"
+	"github.com/google/uuid"
 	"net/http"
 
 	"github.com/coder/coder/v2/coderd/httpapi"
@@ -32,6 +33,7 @@ func (api *API) createUserSecret(rw http.ResponseWriter, r *http.Request) {
 	}
 
 	secret, err := api.Database.InsertUserSecret(ctx, database.InsertUserSecretParams{
+		ID:          uuid.New(),
 		UserID:      apiKey.UserID,
 		Name:        req.Name,
 		Description: req.Description,
diff --git a/coderd/user_secrets_test.go b/coderd/user_secrets_test.go
@@ -0,0 +1,51 @@
+package coderd_test
+
+import (
+	"encoding/json"
+	"fmt"
+	"github.com/coder/coder/v2/codersdk"
+	"github.com/stretchr/testify/require"
+	"testing"
+
+	"github.com/coder/coder/v2/coderd/coderdtest"
+	"github.com/coder/coder/v2/coderd/database/dbtestutil"
+	"github.com/coder/coder/v2/coderd/rbac"
+	"github.com/coder/coder/v2/testutil"
+)
+
+func TestUserSecrets(t *testing.T) {
+	t.Parallel()
+
+	ctx := testutil.Context(t, testutil.WaitShort)
+
+	db, ps := dbtestutil.NewDB(t, dbtestutil.WithDumpOnFailure())
+	client := coderdtest.New(t, &coderdtest.Options{
+		IncludeProvisionerDaemon: true,
+		Database:                 db,
+		Pubsub:                   ps,
+	})
+	owner := coderdtest.CreateFirstUser(t, client)
+	templateAdminClient, templateAdmin := coderdtest.CreateAnotherUser(
+		t, client, owner.OrganizationID, rbac.ScopedRoleOrgTemplateAdmin(owner.OrganizationID),
+	)
+	_, member := coderdtest.CreateAnotherUser(t, client, owner.OrganizationID)
+
+	_, _, _ = ctx, templateAdminClient, member
+
+	userSecretName := "open-ai-api-key"
+	userSecretDescription := "api key for open ai"
+	userSecret, err := templateAdminClient.CreateUserSecret(ctx, codersdk.CreateUserSecretRequest{
+		Name:        userSecretName,
+		Description: userSecretDescription,
+		Value:       "secretkey",
+	})
+	require.NoError(t, err)
+	userSecretInJSON, err := json.Marshal(userSecret)
+	require.NoError(t, err)
+	fmt.Printf("userSecretInJSON: %s\n", userSecretInJSON)
+
+	require.NotNil(t, userSecret.ID)
+	require.Equal(t, userSecret.UserID, templateAdmin.ID)
+	require.Equal(t, userSecret.Name, userSecretName)
+	require.Equal(t, userSecret.Description, userSecretDescription)
+}
diff --git a/codersdk/user_secrets.go b/codersdk/user_secrets.go
@@ -1,8 +1,14 @@
 package codersdk
 
 import (
-	"github.com/google/uuid"
+	"context"
+	"encoding/json"
+	"fmt"
+	"net/http"
 	"time"
+
+	"github.com/google/uuid"
+	"golang.org/x/xerrors"
 )
 
 // TODO: add and register custom validator functions. check codersdk/name.go for examples.
@@ -36,3 +42,21 @@ type UserSecretValue struct {
 type ListUserSecretsResponse struct {
 	Secrets []UserSecret `json:"secrets"`
 }
+
+func (c *Client) CreateUserSecret(ctx context.Context, req CreateUserSecretRequest) (UserSecret, error) {
+	res, err := c.Request(ctx, http.MethodPost,
+		fmt.Sprintf("/api/v2/users/secrets"),
+		req,
+	)
+	if err != nil {
+		return UserSecret{}, xerrors.Errorf("execute request: %w", err)
+	}
+	defer res.Body.Close()
+
+	if res.StatusCode != http.StatusCreated {
+		return UserSecret{}, ReadBodyAsError(res)
+	}
+
+	var userSecret UserSecret
+	return userSecret, json.NewDecoder(res.Body).Decode(&userSecret)
+}
