firefox-devtools · julienw · May 14, 2020 · May 13, 2020 · May 14, 2020 · julienw
diff --git a/src/config.js b/src/config.js
@@ -3,11 +3,16 @@
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 // @flow
 
+import fs from 'fs';
 import convict from 'convict';
 import { getLogger } from './log';
 
 const log = getLogger('config');
 
+class ConfigurationError extends Error {
+  name = 'ConfigurationError';
+}
+
 function loadConfig() {
   const conf = convict({
     env: {
@@ -54,7 +59,37 @@ function loadConfig() {
 
   conf.validate();
 
-  return conf.getProperties();
+  const resolvedConfig = conf.getProperties();
+
+  validateConfigValues(resolvedConfig);
+
+  return resolvedConfig;
+}
+
+// This checks if the configured values are valid, and throws otherwise.
+function validateConfigValues(config: Config) {
+  const { googleAuthenticationFilePath } = config;
+
+  if (
+    googleAuthenticationFilePath &&
+    googleAuthenticationFilePath !== 'MOCKED'
+  ) {
+    // If some other value is set, we check it ahead of time so that the lib
+    // doesn't output an error later.
+    // Note that an empty string is a valid value: in that case the lib will try
+    // to find the authentication information from other means.
+    try {
+      fs.accessSync(googleAuthenticationFilePath, fs.constants.R_OK);
+    } catch (e) {
+      log.critical(
+        'gcs_configuration_error',
+        `The authentication file '${googleAuthenticationFilePath}' is missing or not readable.`
+      );
+      throw new ConfigurationError(
+        `The authentication file is missing or not readable.`
+      );
+    }
+  }
 }
 
 type Config = {|

diff --git a/test/unit/config.test.js b/test/unit/config.test.js
@@ -2,6 +2,8 @@
  * License, v. 2.0. If a copy of the MPL was not distributed with this
  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
 // @flow
+
+import fs from 'fs';
 import { config, loadConfigForTestsOnly as loadConfig } from '../../src/config';
 
 describe('config.js', () => {
@@ -35,4 +37,34 @@ describe('config.js', () => {
     expect(() => loadConfig()).toThrow();
     process.env.NODE_ENV = 'test';
   });
+
+  it('accepts mocked google authentication paths', () => {
+    process.env.GCS_AUTHENTICATION_PATH = 'MOCKED';
+    expect(loadConfig().googleAuthenticationFilePath).toEqual('MOCKED');
+    delete process.env.GCS_AUTHENTICATION_PATH;
+  });
+
+  it('accepts valid google authentication paths', () => {
+    const filePath = '/path/to/file';
+    jest.spyOn(fs, 'accessSync').mockReturnValue();
+    process.env.GCS_AUTHENTICATION_PATH = filePath;
+    expect(loadConfig().googleAuthenticationFilePath).toEqual(filePath);
+    delete process.env.GCS_AUTHENTICATION_PATH;
+  });
+
+  it('rejects google authentication paths that are not readable', () => {
+    const filePath = '/path/to/file';
+    jest.spyOn(process.stdout, 'write').mockImplementation(() => {});
+    jest.spyOn(fs, 'accessSync').mockImplementation(() => {
+      throw new Error();
+    });
+    process.env.GCS_AUTHENTICATION_PATH = filePath;
+    expect(() => loadConfig()).toThrow(
+      'The authentication file is missing or not readable.'
+    );
+    expect(process.stdout.write).toHaveBeenCalledWith(
+      expect.stringContaining('CRITICAL')
+    );
+    delete process.env.GCS_AUTHENTICATION_PATH;
+  });
 });