...

Source file src/edge-infra.dev/pkg/edge/api/graph/integration/secret_manager_test.go

Documentation: edge-infra.dev/pkg/edge/api/graph/integration

     1  package integration_test
     2  
     3  import (
     4  	"context"
     5  	"fmt"
     6  	"time"
     7  
     8  	"github.com/thoas/go-funk"
     9  	"github.com/udacity/graphb"
    10  
    11  	"edge-infra.dev/pkg/edge/api/bsl/types"
    12  	"edge-infra.dev/pkg/edge/api/graph/model"
    13  	"edge-infra.dev/pkg/edge/api/middleware"
    14  	"edge-infra.dev/test/framework/integration"
    15  )
    16  
    17  func (s *Suite) TestCreateOrUpdateSecretManagerSecret() {
    18  	integration.SkipIf(s.Framework)
    19  	var response struct{ CreateOrUpdateSecretManagerSecret bool }
    20  	name := fmt.Sprintf("test-create-secret-manager-%d", time.Now().UnixNano())
    21  	mutation := createOrUpdateSecretManagerSecretMutation(testOrgBannerEdgeID, name, "edge", "docker-registry", "tenant", []model.KeyValues{
    22  		{Key: "docker-username", Value: "jd250001"},
    23  		{Key: "docker-password", Value: "password1"},
    24  		{Key: "docker-server", Value: "https://example.com"},
    25  	})
    26  	ResolverClient.MustPost(mutation, &response)
    27  	s.NotNil(response.CreateOrUpdateSecretManagerSecret)
    28  	s.Equal(true, response.CreateOrUpdateSecretManagerSecret)
    29  
    30  	var secretManagerQuery struct {
    31  		SecretManagerSecret model.SecretManagerResponse
    32  	}
    33  	getSecretManagerSecrets1 := getSecretManagerSecret(name, testOrgBannerEdgeID, true)
    34  	ResolverClient.MustPost(getSecretManagerSecrets1, &secretManagerQuery)
    35  	s.NotNil(secretManagerQuery.SecretManagerSecret)
    36  	s.Equal(name, secretManagerQuery.SecretManagerSecret.Name)
    37  	s.Equal("tenant", *secretManagerQuery.SecretManagerSecret.Owner)
    38  	s.Equal("test-org", secretManagerQuery.SecretManagerSecret.Project)
    39  	s.NotNil(secretManagerQuery.SecretManagerSecret.Created)
    40  	s.NotNil(secretManagerQuery.SecretManagerSecret.Updated)
    41  	s.Equal(1, len(secretManagerQuery.SecretManagerSecret.Values))
    42  	s.Equal("dockerconfigjson", secretManagerQuery.SecretManagerSecret.Values[0].Key)
    43  	s.NotEmpty(secretManagerQuery.SecretManagerSecret.Values[0].Value)
    44  	s.Equal("docker-registry", *secretManagerQuery.SecretManagerSecret.Type)
    45  	s.Equal("tenant", *secretManagerQuery.SecretManagerSecret.Workload)
    46  
    47  	mutation = createOrUpdateSecretManagerSecretMutation(testOrgBannerEdgeID, name, "", "docker-registry", "tenant", []model.KeyValues{
    48  		{Key: "docker-username", Value: "jd250002"},
    49  		{Key: "docker-password", Value: "password12"},
    50  		{Key: "docker-server", Value: "https://example.com"},
    51  	})
    52  	ResolverClient.MustPost(mutation, &response)
    53  	s.NotNil(response.CreateOrUpdateSecretManagerSecret)
    54  	s.Equal(true, response.CreateOrUpdateSecretManagerSecret)
    55  	var secretManagerQuery2 struct {
    56  		SecretManagerSecret model.SecretManagerResponse
    57  	}
    58  	getSecretManagerSecrets2 := getSecretManagerSecret(name, testOrgBannerEdgeID, true)
    59  	ResolverClient.MustPost(getSecretManagerSecrets2, &secretManagerQuery2)
    60  	s.NotNil(secretManagerQuery2.SecretManagerSecret)
    61  	s.Equal(name, secretManagerQuery2.SecretManagerSecret.Name)
    62  	s.Equal(1, len(secretManagerQuery2.SecretManagerSecret.Values))
    63  	s.Equal("dockerconfigjson", secretManagerQuery2.SecretManagerSecret.Values[0].Key)
    64  	s.NotEmpty(secretManagerQuery2.SecretManagerSecret.Values[0].Value)
    65  	//compare values to ensure secret was updated
    66  	s.NotEqual(secretManagerQuery2.SecretManagerSecret.Values[0].Value, secretManagerQuery.SecretManagerSecret.Values[0].Value)
    67  }
    68  
    69  func (s *Suite) TestDeleteSecretManagerSecretDocker() {
    70  	integration.SkipIf(s.Framework)
    71  	var response struct{ CreateOrUpdateSecretManagerSecret bool }
    72  	name := fmt.Sprintf("test-create-secret-manager-%d", time.Now().UnixNano())
    73  	mutation := createOrUpdateSecretManagerSecretMutation(testOrgBannerEdgeID, name, "edge", "docker-registry", "tenant", []model.KeyValues{
    74  		{Key: "docker-username", Value: "jd250001"},
    75  		{Key: "docker-password", Value: "password1"},
    76  		{Key: "docker-server", Value: "https://example.com"},
    77  	})
    78  	ResolverClient.MustPost(mutation, &response)
    79  	s.NotNil(response.CreateOrUpdateSecretManagerSecret)
    80  	s.Equal(true, response.CreateOrUpdateSecretManagerSecret)
    81  
    82  	var deleteResponse struct{ DeleteSecretManagerSecret bool }
    83  	deleteMutation := deleteSecretManagerSecretMutation(testOrgBannerEdgeID, name)
    84  	ResolverClient.MustPost(deleteMutation, &deleteResponse)
    85  	s.NotNil(deleteResponse.DeleteSecretManagerSecret)
    86  	s.Equal(true, deleteResponse.DeleteSecretManagerSecret)
    87  }
    88  
    89  func (s *Suite) TestDeleteSecretManagerSecretHelm() {
    90  	integration.SkipIf(s.Framework)
    91  	var response struct{ CreateOrUpdateSecretManagerSecret bool }
    92  	name := fmt.Sprintf("test-create-secret-manager-%d", time.Now().UnixNano())
    93  	mutation := createOrUpdateSecretManagerSecretMutation(testOrgBannerEdgeID, name, "edge-helm", "helm-repository", "tenant", []model.KeyValues{
    94  		{Key: "helmUrl", Value: "http://ncredge.com"},
    95  		{Key: "username", Value: "test1"},
    96  		{Key: "password", Value: "password1"},
    97  		{Key: "helm_repo_name", Value: "test-helm-repo"},
    98  	})
    99  	ResolverClient.MustPost(mutation, &response)
   100  	s.NotNil(response.CreateOrUpdateSecretManagerSecret)
   101  	s.Equal(true, response.CreateOrUpdateSecretManagerSecret)
   102  
   103  	var deleteResponse struct{ DeleteSecretManagerSecret bool }
   104  	deleteMutation := deleteSecretManagerSecretMutation(testOrgBannerEdgeID, name)
   105  	ResolverClient.MustPost(deleteMutation, &deleteResponse)
   106  	s.NotNil(deleteResponse.DeleteSecretManagerSecret)
   107  	s.Equal(true, deleteResponse.DeleteSecretManagerSecret)
   108  }
   109  
   110  func (s *Suite) TestGetSecretManagerSecret() {
   111  	integration.SkipIf(s.Framework)
   112  	var response struct{ CreateOrUpdateSecretManagerSecret bool }
   113  	name := fmt.Sprintf("test-create-secret-manager-%d", time.Now().UnixNano())
   114  	mutation := createOrUpdateSecretManagerSecretMutation(testOrgBannerEdgeID, name, "edge", "docker-registry", "tenant", []model.KeyValues{
   115  		{Key: "docker-username", Value: "jd250001"},
   116  		{Key: "docker-password", Value: "password1"},
   117  		{Key: "docker-server", Value: "https://example.com"},
   118  	})
   119  	ResolverClient.MustPost(mutation, &response)
   120  	s.NotNil(response.CreateOrUpdateSecretManagerSecret)
   121  	s.Equal(true, response.CreateOrUpdateSecretManagerSecret)
   122  
   123  	var secretManagerQuery struct {
   124  		SecretManagerSecret model.SecretManagerResponse
   125  	}
   126  	// getValues: false
   127  	getSecretManagerSecrets1 := getSecretManagerSecret(name, testOrgBannerEdgeID, false)
   128  	ResolverClient.MustPost(getSecretManagerSecrets1, &secretManagerQuery)
   129  	s.NotNil(secretManagerQuery.SecretManagerSecret)
   130  	s.Equal(name, secretManagerQuery.SecretManagerSecret.Name)
   131  	s.Equal("tenant", *secretManagerQuery.SecretManagerSecret.Owner)
   132  	s.Equal("test-org", secretManagerQuery.SecretManagerSecret.Project)
   133  	s.NotNil(secretManagerQuery.SecretManagerSecret.Created)
   134  	s.Nil(secretManagerQuery.SecretManagerSecret.Updated)
   135  	s.Equal(0, len(secretManagerQuery.SecretManagerSecret.Values))
   136  	s.Equal("docker-registry", *secretManagerQuery.SecretManagerSecret.Type)
   137  	s.Equal("tenant", *secretManagerQuery.SecretManagerSecret.Workload)
   138  
   139  	// getValues: true
   140  	getSecretManagerSecrets2 := getSecretManagerSecret(name, testOrgBannerEdgeID, true)
   141  	ResolverClient.MustPost(getSecretManagerSecrets2, &secretManagerQuery)
   142  	s.NotNil(secretManagerQuery.SecretManagerSecret)
   143  	s.Equal(name, secretManagerQuery.SecretManagerSecret.Name)
   144  	s.Equal("tenant", *secretManagerQuery.SecretManagerSecret.Owner)
   145  	s.Equal("test-org", secretManagerQuery.SecretManagerSecret.Project)
   146  	s.NotNil(secretManagerQuery.SecretManagerSecret.Created)
   147  	s.NotNil(secretManagerQuery.SecretManagerSecret.Updated)
   148  	s.Equal(1, len(secretManagerQuery.SecretManagerSecret.Values))
   149  	s.Equal("dockerconfigjson", secretManagerQuery.SecretManagerSecret.Values[0].Key)
   150  	s.NotEmpty(secretManagerQuery.SecretManagerSecret.Values[0].Value)
   151  	s.Equal("docker-registry", *secretManagerQuery.SecretManagerSecret.Type)
   152  	s.Equal("tenant", *secretManagerQuery.SecretManagerSecret.Workload)
   153  }
   154  
   155  func (s *Suite) TestSecretManagerSecrets() {
   156  	integration.SkipIf(s.Framework)
   157  
   158  	var response struct{ CreateOrUpdateSecretManagerSecret bool }
   159  	name := fmt.Sprintf("test-create-secret-manager-%d", time.Now().UnixNano())
   160  	mutation := createOrUpdateSecretManagerSecretMutation(testOrgBannerEdgeID, name, "edge", "docker-registry", "tenant", []model.KeyValues{
   161  		{Key: "docker-username", Value: "jd250001"},
   162  		{Key: "docker-password", Value: "password1"},
   163  		{Key: "docker-server", Value: "https://example.com"},
   164  	})
   165  	ResolverClient.MustPost(mutation, &response)
   166  	s.NotNil(response.CreateOrUpdateSecretManagerSecret)
   167  	s.Equal(true, response.CreateOrUpdateSecretManagerSecret)
   168  
   169  	name2 := fmt.Sprintf("test-get-secret-manager-true-list2-%d", time.Now().UnixNano())
   170  	mutation = createOrUpdateSecretManagerSecretMutation(testOrgBannerEdgeID, name2, "edge", "docker-registry", "tenant", []model.KeyValues{
   171  		{Key: "docker-username", Value: "jd250001"},
   172  		{Key: "docker-password", Value: "password1"},
   173  		{Key: "docker-server", Value: "https://example.com"},
   174  	})
   175  	ResolverClient.MustPost(mutation, &response)
   176  	s.NotNil(response.CreateOrUpdateSecretManagerSecret)
   177  	s.Equal(true, response.CreateOrUpdateSecretManagerSecret)
   178  
   179  	name3 := fmt.Sprintf("test-get-secret-manager-no-owner-%d", time.Now().UnixNano())
   180  	mutation = createOrUpdateSecretManagerSecretMutation(testOrgBannerEdgeID, name3, "edge", "docker-registry", "edge", []model.KeyValues{
   181  		{Key: "docker-username", Value: "jd250001"},
   182  		{Key: "docker-password", Value: "password1"},
   183  		{Key: "docker-server", Value: "https://example.com"},
   184  	})
   185  	ResolverClient.MustPost(mutation, &response)
   186  	s.NotNil(response.CreateOrUpdateSecretManagerSecret)
   187  	s.Equal(true, response.CreateOrUpdateSecretManagerSecret)
   188  
   189  	var secretManagerQuery struct {
   190  		SecretManagerSecrets []*model.SecretManagerResponse
   191  	}
   192  	// getValues: false
   193  	getSecretManagerSecrets1 := getSecretManagerSecrets(testOrgBannerEdgeID, false)
   194  	ResolverClient.MustPost(getSecretManagerSecrets1, &secretManagerQuery)
   195  	s.NotNil(secretManagerQuery.SecretManagerSecrets)
   196  	s.True(len(secretManagerQuery.SecretManagerSecrets) >= 2)
   197  
   198  	secret1 := funk.Find(secretManagerQuery.SecretManagerSecrets, func(sm *model.SecretManagerResponse) bool { return sm.Name == name })
   199  	secret2 := funk.Find(secretManagerQuery.SecretManagerSecrets, func(sm *model.SecretManagerResponse) bool { return sm.Name == name2 })
   200  	secretManagerQuery.SecretManagerSecrets = []*model.SecretManagerResponse{secret1.(*model.SecretManagerResponse), secret2.(*model.SecretManagerResponse)}
   201  
   202  	s.Equal(name, secretManagerQuery.SecretManagerSecrets[0].Name)
   203  	s.Equal(name2, secretManagerQuery.SecretManagerSecrets[1].Name)
   204  	for _, secret := range secretManagerQuery.SecretManagerSecrets {
   205  		s.Equal("tenant", *secret.Owner)
   206  		s.Equal("test-org", secret.Project)
   207  		s.NotNil(secret.Created)
   208  		s.Nil(secret.Updated)
   209  		s.Equal(0, len(secret.Values))
   210  		s.Equal("docker-registry", *secret.Type)
   211  		s.Equal("tenant", *secret.Workload)
   212  	}
   213  	// getValues: true
   214  	getSecretManagerSecrets2 := getSecretManagerSecrets(testOrgBannerEdgeID, true)
   215  	ResolverClient.MustPost(getSecretManagerSecrets2, &secretManagerQuery)
   216  	s.NotNil(secretManagerQuery.SecretManagerSecrets)
   217  	s.True(len(secretManagerQuery.SecretManagerSecrets) >= 2)
   218  	secret1 = funk.Find(secretManagerQuery.SecretManagerSecrets, func(sm *model.SecretManagerResponse) bool { return sm.Name == name })
   219  	secret2 = funk.Find(secretManagerQuery.SecretManagerSecrets, func(sm *model.SecretManagerResponse) bool { return sm.Name == name2 })
   220  	secretManagerQuery.SecretManagerSecrets = []*model.SecretManagerResponse{secret1.(*model.SecretManagerResponse), secret2.(*model.SecretManagerResponse)}
   221  
   222  	s.Equal(secretManagerQuery.SecretManagerSecrets[0].Name, name)
   223  	s.Equal(secretManagerQuery.SecretManagerSecrets[1].Name, name2)
   224  	for _, secret := range secretManagerQuery.SecretManagerSecrets {
   225  		s.Equal("tenant", *secret.Owner)
   226  		s.Equal("test-org", secret.Project)
   227  		s.NotNil(secret.Created)
   228  		s.NotNil(secret.Updated)
   229  		s.Equal(1, len(secret.Values))
   230  		s.Equal("docker-registry", *secret.Type)
   231  		s.Equal("tenant", *secret.Workload)
   232  	}
   233  	// no owner filter passed in
   234  	c := middleware.NewContext(context.Background(), &types.AuthUser{
   235  		Organization: "test-org",
   236  	})
   237  	typeArg := "docker-registry"
   238  	secretManagerQuery.SecretManagerSecrets, err = s.Resolver.Query().SecretManagerSecrets(c, testOrgBannerEdgeID, nil, &typeArg, false)
   239  	s.NotNil(secretManagerQuery.SecretManagerSecrets)
   240  	s.Nil(err)
   241  	s.True(len(secretManagerQuery.SecretManagerSecrets) >= 2)
   242  	secret1 = funk.Find(secretManagerQuery.SecretManagerSecrets, func(sm *model.SecretManagerResponse) bool { return sm.Name == name })
   243  	secret2 = funk.Find(secretManagerQuery.SecretManagerSecrets, func(sm *model.SecretManagerResponse) bool { return sm.Name == name2 })
   244  	secretManagerQuery.SecretManagerSecrets = []*model.SecretManagerResponse{secret1.(*model.SecretManagerResponse), secret2.(*model.SecretManagerResponse)}
   245  
   246  	s.Equal(name, secretManagerQuery.SecretManagerSecrets[0].Name)
   247  	s.Equal(name2, secretManagerQuery.SecretManagerSecrets[1].Name)
   248  	for _, secret := range secretManagerQuery.SecretManagerSecrets {
   249  		s.Equal("tenant", *secret.Owner)
   250  		s.Equal("test-org", secret.Project)
   251  		s.Equal("docker-registry", *secret.Type)
   252  		s.Equal("tenant", *secret.Workload)
   253  	}
   254  }
   255  
   256  func createOrUpdateSecretManagerSecretMutation(bannerEdgeID, name, workload, _type, owner string, keyValues []model.KeyValues) string { //nolint: unparam
   257  	args := []graphb.Argument{
   258  		graphb.ArgumentString("bannerEdgeId", bannerEdgeID),
   259  		graphb.ArgumentString("name", name),
   260  		graphb.ArgumentString("type", _type),
   261  		graphb.ArgumentString("owner", owner),
   262  	}
   263  	var valuesArgs [][]graphb.Argument
   264  	for _, kv := range keyValues {
   265  		elem := graphb.ArgumentCustomTypeSliceElem(graphb.ArgumentString("key", kv.Key), graphb.ArgumentString("value", kv.Value))
   266  		valuesArgs = append(valuesArgs, elem)
   267  	}
   268  	args = append(args, graphb.ArgumentCustomTypeSlice("values", valuesArgs...))
   269  	if workload != "" {
   270  		args = append(args, graphb.ArgumentString("workload", workload))
   271  	}
   272  	return MustParse(graphb.Query{
   273  		Type: graphb.TypeMutation,
   274  		Fields: []*graphb.Field{
   275  			{
   276  				Name:      "createOrUpdateSecretManagerSecret",
   277  				Arguments: args,
   278  			},
   279  		},
   280  	})
   281  }
   282  
   283  func getSecretManagerSecret(name, bannerEdgeID string, getValues bool) string { //nolint: unparam
   284  	args := []graphb.Argument{
   285  		graphb.ArgumentString("name", name),
   286  		graphb.ArgumentString("bannerEdgeId", bannerEdgeID),
   287  		graphb.ArgumentBool("getValues", getValues),
   288  	}
   289  	fields := []*graphb.Field{graphb.NewField("values", graphb.OfFields("key", "value"))}
   290  	return MustParse(graphb.Query{
   291  		Type: graphb.TypeQuery,
   292  		Fields: []*graphb.Field{
   293  			{
   294  				Name:      "secretManagerSecret",
   295  				Arguments: args,
   296  				Fields:    append(fields, graphb.Fields("name", "project", "created", "updated", "type", "workload", "owner")...),
   297  			},
   298  		},
   299  	})
   300  }
   301  
   302  func getSecretManagerSecrets(banner string, getValues bool) string {
   303  	args := []graphb.Argument{
   304  		graphb.ArgumentString("bannerEdgeId", banner),
   305  		graphb.ArgumentBool("getValues", getValues),
   306  	}
   307  	fields := []*graphb.Field{graphb.NewField("values", graphb.OfFields("key", "value"))}
   308  	return MustParse(graphb.Query{
   309  		Type: graphb.TypeQuery,
   310  		Fields: []*graphb.Field{
   311  			{
   312  				Name:      "secretManagerSecrets",
   313  				Arguments: args,
   314  				Fields:    append(fields, graphb.Fields("name", "project", "created", "updated", "type", "workload", "owner")...),
   315  			},
   316  		},
   317  	})
   318  }
   319  
   320  func deleteSecretManagerSecretMutation(banner, name string) string {
   321  	return MustParse(graphb.Query{
   322  		Type: graphb.TypeMutation,
   323  		Fields: []*graphb.Field{
   324  			{
   325  				Name: "deleteSecretManagerSecret",
   326  				Arguments: []graphb.Argument{
   327  					graphb.ArgumentString("bannerEdgeId", banner),
   328  					graphb.ArgumentString("name", name),
   329  				},
   330  			},
   331  		},
   332  	})
   333  }
   334  

View as plain text