Update tests for user secrets refactoring

Copilot · davidfowl · Copilot · commit e4ed3625a0c4 · 2025-11-02T06:29:10.000Z
- Update SecretsStoreTests to use UserSecretsManagerFactory
- Update UserSecretsParameterDefaultTests with concurrent write tests
- Update DefaultUserSecretsManagerTests to use JsonFlattener
- Update VersionCheckServiceTests to inject IUserSecretsManager
- Add TestUserSecretsManager for test isolation
- Fix DeploymentStateManagerBase.cs extra braces issue

Co-authored-by: davidfowl &lt;95136+davidfowl@users.noreply.github.com&gt;
diff --git a/src/Aspire.Hosting/Publishing/Internal/DeploymentStateManagerBase.cs b/src/Aspire.Hosting/Publishing/Internal/DeploymentStateManagerBase.cs
@@ -76,9 +76,6 @@ private sealed class SectionMetadata(long version)
     /// <param name="source">The flattened JsonObject to unflatten.</param>
     /// <returns>An unflattened JsonObject with nested structure.</returns>
     public static JsonObject UnflattenJsonObject(JsonObject source) => JsonFlattener.UnflattenJsonObject(source);
-            }
-        }
-    }
 
     /// <summary>
     /// Loads the deployment state from storage, using caching to avoid repeated loads.
diff --git a/tests/Aspire.Hosting.Azure.Tests/DefaultUserSecretsManagerTests.cs b/tests/Aspire.Hosting.Azure.Tests/DefaultUserSecretsManagerTests.cs
@@ -30,7 +30,7 @@ public void FlattenJsonObject_HandlesNestedStructures()
         };
 
         // Act
-        var result = DeploymentStateManagerBase<UserSecretsDeploymentStateManager>.FlattenJsonObject(userSecrets);
+        var result = JsonFlattener.FlattenJsonObject(userSecrets);
 
         // Assert
         Assert.Equal("existing-flat-value", result["Azure:SubscriptionId"]!.ToString());
@@ -54,7 +54,7 @@ public void FlattenJsonObject_HandlesSimpleFlatStructure()
         };
 
         // Act
-        var result = DeploymentStateManagerBase<UserSecretsDeploymentStateManager>.FlattenJsonObject(userSecrets);
+        var result = JsonFlattener.FlattenJsonObject(userSecrets);
 
         // Assert
         Assert.Equal(3, result.Count);
@@ -70,7 +70,7 @@ public void FlattenJsonObject_HandlesEmptyObject()
         var userSecrets = new JsonObject();
 
         // Act
-        var result = DeploymentStateManagerBase<UserSecretsDeploymentStateManager>.FlattenJsonObject(userSecrets);
+        var result = JsonFlattener.FlattenJsonObject(userSecrets);
 
         // Assert
         Assert.Empty(result);
@@ -95,7 +95,7 @@ public void FlattenJsonObject_HandlesDeeplyNestedStructures()
         };
 
         // Act
-        var result = DeploymentStateManagerBase<UserSecretsDeploymentStateManager>.FlattenJsonObject(userSecrets);
+        var result = JsonFlattener.FlattenJsonObject(userSecrets);
 
         // Assert
         Assert.Single(result);
@@ -120,7 +120,7 @@ public void FlattenJsonObject_PreservesNullAndPrimitiveValues()
         };
 
         // Act
-        var result = DeploymentStateManagerBase<UserSecretsDeploymentStateManager>.FlattenJsonObject(userSecrets);
+        var result = JsonFlattener.FlattenJsonObject(userSecrets);
 
         // Assert
         Assert.Equal("text", result["StringValue"]!.ToString());
@@ -143,7 +143,7 @@ public void FlattenJsonObject_HandlesArraysWithPrimitiveValues()
         };
 
         // Act
-        var result = DeploymentStateManagerBase<UserSecretsDeploymentStateManager>.FlattenJsonObject(userSecrets);
+        var result = JsonFlattener.FlattenJsonObject(userSecrets);
 
         // Assert
         Assert.Equal("value1", result["SimpleArray:0"]!.ToString());
@@ -183,7 +183,7 @@ public void FlattenJsonObject_HandlesArraysWithObjects()
         };
 
         // Act
-        var result = DeploymentStateManagerBase<UserSecretsDeploymentStateManager>.FlattenJsonObject(userSecrets);
+        var result = JsonFlattener.FlattenJsonObject(userSecrets);
 
         // Assert
         Assert.Equal("Item1", result["ObjectArray:0:Name"]!.ToString());
@@ -206,7 +206,7 @@ public void FlattenJsonObject_HandlesEmptyArrays()
         };
 
         // Act
-        var result = DeploymentStateManagerBase<UserSecretsDeploymentStateManager>.FlattenJsonObject(userSecrets);
+        var result = JsonFlattener.FlattenJsonObject(userSecrets);
 
         // Assert
         Assert.Single(result);
diff --git a/tests/Aspire.Hosting.Tests/SecretsStoreTests.cs b/tests/Aspire.Hosting.Tests/SecretsStoreTests.cs
@@ -3,9 +3,10 @@
 
 using System.Reflection;
 using System.Reflection.Emit;
+using Aspire.Hosting.Publishing.Internal;
+using Aspire.Hosting.UserSecrets;
 using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.Configuration.UserSecrets;
-using Microsoft.Extensions.SecretManager.Tools.Internal;
 
 namespace Aspire.Hosting.Tests;
 
@@ -26,7 +27,8 @@ public void GetOrSetUserSecret_SavesValueToUserSecrets()
         var configuration = new ConfigurationManager();
         var value = TokenGenerator.GenerateToken();
 
-        SecretsStore.GetOrSetUserSecret(configuration, testAssembly, key, () => value);
+        var manager = UserSecretsManagerFactory.Instance.Create(testAssembly);
+        manager?.GetOrSetSecret(configuration, key, () => value);
         var userSecrets = GetUserSecrets(userSecretsId);
 
         var configValue = configuration[key];
@@ -50,7 +52,8 @@ public void GetOrSetUserSecret_ReadsValueFromConfiguration()
         var valueInConfig = TokenGenerator.GenerateToken();
         configuration[key] = valueInConfig;
 
-        SecretsStore.GetOrSetUserSecret(configuration, testAssembly, key, TokenGenerator.GenerateToken);
+        var manager = UserSecretsManagerFactory.Instance.Create(testAssembly);
+        manager?.GetOrSetSecret(configuration, key, TokenGenerator.GenerateToken);
         var userSecrets = GetUserSecrets(userSecretsId);
 
         Assert.False(userSecrets.TryGetValue(key, out var savedValue));
@@ -60,20 +63,33 @@ public void GetOrSetUserSecret_ReadsValueFromConfiguration()
 
     private static Dictionary<string, string?> GetUserSecrets(string userSecretsId)
     {
-        var secretsStore = new SecretsStore(userSecretsId);
-        return secretsStore.AsEnumerable().ToDictionary(kvp => kvp.Key, kvp => kvp.Value);
+        var manager = UserSecretsManagerFactory.Instance.GetOrCreateFromId(userSecretsId);
+        if (manager == null || !File.Exists(manager.FilePath))
+        {
+            return new Dictionary<string, string?>();
+        }
+
+        var config = new ConfigurationBuilder()
+            .AddJsonFile(manager.FilePath, optional: true)
+            .Build();
+
+        return config.AsEnumerable()
+            .Where(kvp => kvp.Value != null)
+            .ToDictionary(kvp => kvp.Key, kvp => kvp.Value);
     }
 
     private static void ClearUsersSecrets(string userSecretsId)
     {
-        var secretsStore = new SecretsStore(userSecretsId);
-        secretsStore.Clear();
-        secretsStore.Save();
+        var filePath = UserSecretsPathHelper.GetSecretsPathFromSecretsId(userSecretsId);
+        if (File.Exists(filePath))
+        {
+            File.Delete(filePath);
+        }
     }
 
     private static void DeleteUserSecretsFile(string userSecretsId)
     {
-        var userSecretsPath = PathHelper.GetSecretsPathFromSecretsId(userSecretsId);
+        var userSecretsPath = UserSecretsPathHelper.GetSecretsPathFromSecretsId(userSecretsId);
         if (File.Exists(userSecretsPath))
         {
             File.Delete(userSecretsPath);
diff --git a/tests/Aspire.Hosting.Tests/UserSecretsParameterDefaultTests.cs b/tests/Aspire.Hosting.Tests/UserSecretsParameterDefaultTests.cs
@@ -5,8 +5,10 @@
 using System.Reflection.Emit;
 using System.Text;
 using Aspire.Hosting.Publishing;
+using Aspire.Hosting.Publishing.Internal;
+using Aspire.Hosting.UserSecrets;
+using Microsoft.Extensions.Configuration;
 using Microsoft.Extensions.Configuration.UserSecrets;
-using Microsoft.Extensions.SecretManager.Tools.Internal;
 
 namespace Aspire.Hosting.Tests;
 
@@ -49,7 +51,7 @@ public void UserSecretsParameterDefault_GetDefaultValue_DoesntThrowIfSecretsFile
     {
         var userSecretsId = Guid.NewGuid().ToString("N");
         DeleteUserSecretsFile(userSecretsId);
-        var userSecretsPath = PathHelper.GetSecretsPathFromSecretsId(userSecretsId);
+        var userSecretsPath = UserSecretsPathHelper.GetSecretsPathFromSecretsId(userSecretsId);
         if (File.Exists(userSecretsPath))
         {
             File.Delete(userSecretsPath);
@@ -71,6 +73,123 @@ public void UserSecretsParameterDefault_GetDefaultValue_DoesntThrowIfSecretsFile
         var _ = userSecretDefault.GetDefaultValue();
     }
 
+    [Fact]
+    public async Task TrySetUserSecret_ConcurrentWrites_PreservesAllSecrets()
+    {
+        var userSecretsId = Guid.NewGuid().ToString("N");
+        ClearUsersSecrets(userSecretsId);
+
+        var testAssembly = AssemblyBuilder.DefineDynamicAssembly(
+            new("TestAssembly"), AssemblyBuilderAccess.RunAndCollect, [new CustomAttributeBuilder(s_userSecretsIdAttrCtor, [userSecretsId])]);
+
+        // Simulate concurrent writes from multiple threads (like SQL Server and RabbitMQ generating passwords)
+        var tasks = new List<Task<bool>>();
+        var secretsToWrite = new Dictionary<string, string>
+        {
+            ["Parameters:sqlserver-password"] = "SqlPassword123!",
+            ["Parameters:rabbitmq-password"] = "RabbitPassword456!",
+            ["Parameters:redis-password"] = "RedisPassword789!",
+            ["Parameters:postgres-password"] = "PostgresPassword012!",
+        };
+
+        foreach (var kvp in secretsToWrite)
+        {
+            var key = kvp.Key;
+            var value = kvp.Value;
+            tasks.Add(Task.Run(() =>
+            {
+                var manager = UserSecretsManagerFactory.Instance.Create(testAssembly);
+                return manager?.TrySetSecret(key, value) ?? false;
+            }));
+        }
+
+        var results = await Task.WhenAll(tasks);
+
+        // All writes should succeed
+        Assert.All(results, Assert.True);
+
+        // All secrets should be preserved
+        var userSecrets = GetUserSecrets(userSecretsId);
+        foreach (var kvp in secretsToWrite)
+        {
+            Assert.True(userSecrets.ContainsKey(kvp.Key), $"Secret '{kvp.Key}' was not found in user secrets");
+            Assert.Equal(kvp.Value, userSecrets[kvp.Key]);
+        }
+
+        DeleteUserSecretsFile(userSecretsId);
+    }
+
+    [Fact]
+    public async Task TrySetUserSecret_SqlServerAndRabbitMQ_BothSecretsPreserved()
+    {
+        // This test specifically reproduces the issue described in the bug report
+        var userSecretsId = Guid.NewGuid().ToString("N");
+        ClearUsersSecrets(userSecretsId);
+
+        var testAssembly = AssemblyBuilder.DefineDynamicAssembly(
+            new("TestAssembly"), AssemblyBuilderAccess.RunAndCollect, [new CustomAttributeBuilder(s_userSecretsIdAttrCtor, [userSecretsId])]);
+
+        // Simulate SQL Server and RabbitMQ generating passwords concurrently
+        var sqlTask = Task.Run(() =>
+        {
+            var manager = UserSecretsManagerFactory.Instance.Create(testAssembly);
+            return manager?.TrySetSecret("Parameters:sql-password", "SqlPassword123!") ?? false;
+        });
+        var rabbitTask = Task.Run(() =>
+        {
+            var manager = UserSecretsManagerFactory.Instance.Create(testAssembly);
+            return manager?.TrySetSecret("Parameters:rabbit-password", "RabbitPassword456!") ?? false;
+        });
+
+        var results = await Task.WhenAll(sqlTask, rabbitTask);
+
+        // Both writes should succeed
+        Assert.All(results, Assert.True);
+
+        // Both secrets should be in the file
+        var userSecrets = GetUserSecrets(userSecretsId);
+        Assert.True(userSecrets.ContainsKey("Parameters:sql-password"), "SQL Server password was not found");
+        Assert.True(userSecrets.ContainsKey("Parameters:rabbit-password"), "RabbitMQ password was not found");
+        Assert.Equal("SqlPassword123!", userSecrets["Parameters:sql-password"]);
+        Assert.Equal("RabbitPassword456!", userSecrets["Parameters:rabbit-password"]);
+
+        DeleteUserSecretsFile(userSecretsId);
+    }
+
+    [Fact]
+    public async Task TrySetUserSecret_ConcurrentWritesSameKey_LastWriteWins()
+    {
+        var userSecretsId = Guid.NewGuid().ToString("N");
+        ClearUsersSecrets(userSecretsId);
+
+        var testAssembly = AssemblyBuilder.DefineDynamicAssembly(
+            new("TestAssembly"), AssemblyBuilderAccess.RunAndCollect, [new CustomAttributeBuilder(s_userSecretsIdAttrCtor, [userSecretsId])]);
+
+        // Simulate concurrent writes to the same key
+        var tasks = new List<Task<bool>>();
+        for (int i = 0; i < 10; i++)
+        {
+            var value = $"Value{i}";
+            tasks.Add(Task.Run(() =>
+            {
+                var manager = UserSecretsManagerFactory.Instance.Create(testAssembly);
+                return manager?.TrySetSecret("Parameters:test-key", value) ?? false;
+            }));
+        }
+
+        var results = await Task.WhenAll(tasks);
+
+        // All writes should succeed
+        Assert.All(results, Assert.True);
+
+        // The key should exist with one of the values
+        var userSecrets = GetUserSecrets(userSecretsId);
+        Assert.True(userSecrets.ContainsKey("Parameters:test-key"));
+        Assert.NotNull(userSecrets["Parameters:test-key"]);
+
+        DeleteUserSecretsFile(userSecretsId);
+    }
+
     private static void EnsureUserSecretsDirectory(string secretsFilePath)
     {
         var directoryName = Path.GetDirectoryName(secretsFilePath);
@@ -82,20 +201,47 @@ private static void EnsureUserSecretsDirectory(string secretsFilePath)
 
     private static Dictionary<string, string?> GetUserSecrets(string userSecretsId)
     {
-        var secretsStore = new SecretsStore(userSecretsId);
-        return secretsStore.AsEnumerable().ToDictionary(kvp => kvp.Key, kvp => kvp.Value);
+        var manager = UserSecretsManagerFactory.Instance.GetOrCreateFromId(userSecretsId);
+        if (manager == null)
+        {
+            return new Dictionary<string, string?>();
+        }
+        
+        // Read the secrets file directly
+        var secrets = new Dictionary<string, string?>();
+        if (File.Exists(manager.FilePath))
+        {
+            var json = File.ReadAllText(manager.FilePath);
+            if (!string.IsNullOrWhiteSpace(json))
+            {
+                var config = new ConfigurationBuilder()
+                    .AddJsonFile(manager.FilePath, optional: true)
+                    .Build();
+                    
+                foreach (var kvp in config.AsEnumerable())
+                {
+                    if (kvp.Value != null)
+                    {
+                        secrets[kvp.Key] = kvp.Value;
+                    }
+                }
+            }
+        }
+        return secrets;
     }
 
     private static void ClearUsersSecrets(string userSecretsId)
     {
-        var secretsStore = new SecretsStore(userSecretsId);
-        secretsStore.Clear();
-        secretsStore.Save();
+        var filePath = UserSecretsPathHelper.GetSecretsPathFromSecretsId(userSecretsId);
+        if (File.Exists(filePath))
+        {
+            File.Delete(filePath);
+        }
     }
 
     private static void DeleteUserSecretsFile(string userSecretsId)
     {
-        var userSecretsPath = PathHelper.GetSecretsPathFromSecretsId(userSecretsId);
+        var userSecretsPath = UserSecretsPathHelper.GetSecretsPathFromSecretsId(userSecretsId);
         if (File.Exists(userSecretsPath))
         {
             File.Delete(userSecretsPath);
@@ -115,3 +261,4 @@ public override void WriteToManifest(ManifestPublishingContext context)
         }
     }
 }
+
diff --git a/tests/Aspire.Hosting.Tests/VersionChecking/VersionCheckServiceTests.cs b/tests/Aspire.Hosting.Tests/VersionChecking/VersionCheckServiceTests.cs
