...

Source file src/edge-infra.dev/pkg/edge/controllers/sequel/user_controller_test.go

Documentation: edge-infra.dev/pkg/edge/controllers/sequel

     1  package sequel
     2  
     3  import (
     4  	"fmt"
     5  	"testing"
     6  
     7  	iamAPI "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/clients/generated/apis/iam/v1beta1"
     8  	sqlAPI "github.com/GoogleCloudPlatform/k8s-config-connector/pkg/clients/generated/apis/sql/v1beta1"
     9  	"github.com/davecgh/go-spew/spew"
    10  	testifyAssert "github.com/stretchr/testify/assert"
    11  	"gotest.tools/v3/assert"
    12  	v1 "k8s.io/apimachinery/pkg/apis/meta/v1"
    13  	"k8s.io/apimachinery/pkg/types"
    14  	"sigs.k8s.io/controller-runtime/pkg/controller/controllerutil"
    15  
    16  	backendv1 "edge-infra.dev/pkg/edge/apis/sequel/k8s/v1alpha2"
    17  	"edge-infra.dev/pkg/k8s/testing/kmp"
    18  	"edge-infra.dev/pkg/lib/uuid"
    19  	"edge-infra.dev/test/f2"
    20  	"edge-infra.dev/test/f2/x/ktest"
    21  )
    22  
    23  func TestCreateBuiltInUser(t *testing.T) {
    24  	t.Skip("TODO(pa250194_ncrvoyix): fix errors")
    25  	namespace := uuid.New().UUID
    26  	usr := mockDatabaseUser("sequelbuiltinuser", namespace, backendv1.BuiltInUserType)
    27  
    28  	sequelUser := f2.NewFeature("BuiltIn User").
    29  		Test("BuiltIn User reconciles", func(ctx f2.Context, t *testing.T) f2.Context {
    30  			k := ktest.FromContextT(ctx, t)
    31  			assert.NilError(t, k.Client.Create(ctx, usr))
    32  			k.WaitOn(t, k.Check(usr, kmp.IsReady()))
    33  			return ctx
    34  		}).
    35  		Test("Finalizer is added", func(ctx f2.Context, t *testing.T) f2.Context {
    36  			if controllerutil.ContainsFinalizer(usr, backendv1.SequelFinalizer) {
    37  				t.Error("finalizer not added to database user", spew.Sprintln(usr))
    38  			}
    39  			return ctx
    40  		}).
    41  		Test("CloudSQL User created", func(ctx f2.Context, t *testing.T) f2.Context {
    42  			k := ktest.FromContextT(ctx, t)
    43  			cloudSQLUsr := &sqlAPI.SQLUser{}
    44  			assert.NilError(t, k.Client.Get(ctx, types.NamespacedName{
    45  				Name:      usr.Name,
    46  				Namespace: usr.Namespace,
    47  			}, cloudSQLUsr))
    48  			assert.Equal(t, cloudSQLUsr.Name, usr.Name)
    49  			assert.Equal(t, cloudSQLUsr.Namespace, usr.Namespace)
    50  			assert.Equal(t, cloudSQLUsr.Spec.Type, backendv1.BuiltInUserType)
    51  			testifyAssert.Empty(t, cloudSQLUsr)
    52  			return ctx
    53  		}).Feature()
    54  
    55  	f.Test(t, sequelUser)
    56  }
    57  
    58  func TestCreateIAMServiceAccountUser(t *testing.T) {
    59  	t.Skip("TODO(pa250194_ncrvoyix): fix errors")
    60  	namespace := uuid.New().UUID
    61  	usr := mockDatabaseUser("sequeliamsauser", namespace, backendv1.CloudSAUserType)
    62  
    63  	sequelUser := f2.NewFeature("IAM Service Account User").
    64  		Test("IAM Service Account User reconciles", func(ctx f2.Context, t *testing.T) f2.Context {
    65  			k := ktest.FromContextT(ctx, t)
    66  			assert.NilError(t, k.Client.Create(ctx, usr))
    67  			k.WaitOn(t, k.Check(usr, kmp.IsReady()))
    68  			return ctx
    69  		}).Test("Finalizer is added", func(ctx f2.Context, t *testing.T) f2.Context {
    70  		if !controllerutil.ContainsFinalizer(usr, backendv1.SequelFinalizer) {
    71  			t.Error("finalizer not added to database user", spew.Sprintln(usr))
    72  		}
    73  
    74  		return ctx
    75  	}).
    76  		Test("CloudSQL User created", func(ctx f2.Context, t *testing.T) f2.Context {
    77  			k := ktest.FromContextT(ctx, t)
    78  			cloudSQLUsr := &sqlAPI.SQLUser{}
    79  			assert.NilError(t, k.Client.Get(ctx, types.NamespacedName{
    80  				Name:      usr.Name,
    81  				Namespace: usr.Namespace,
    82  			}, cloudSQLUsr))
    83  			assert.Equal(t, cloudSQLUsr.Name, usr.Name)
    84  			assert.Equal(t, cloudSQLUsr.Namespace, usr.Namespace)
    85  			assert.Equal(t, cloudSQLUsr.Spec.Type, backendv1.CloudSAUserType)
    86  			assert.Assert(t, cloudSQLUsr != nil)
    87  			return ctx
    88  		}).
    89  		Test("SQL Client IAM Policy Member created", func(ctx f2.Context, t *testing.T) f2.Context {
    90  			k := ktest.FromContextT(ctx, t)
    91  			iamSQLClientPerms := &iamAPI.IAMPolicyMember{}
    92  			assert.NilError(t, k.Client.Get(ctx, types.NamespacedName{
    93  				Name:      fmt.Sprintf("%s-%s", usr.Name, sqlClientPrefix),
    94  				Namespace: usr.Namespace,
    95  			}, iamSQLClientPerms))
    96  			assert.Equal(t, iamSQLClientPerms.Spec.Role, sqlClientPerms)
    97  			assert.Equal(t, iamSQLClientPerms.Namespace, usr.Namespace)
    98  			return ctx
    99  		}).
   100  		Test("SQL Instance User IAM Policy Member created", func(ctx f2.Context, t *testing.T) f2.Context {
   101  			k := ktest.FromContextT(ctx, t)
   102  			iamSQLUserPerms := &iamAPI.IAMPolicyMember{}
   103  			assert.NilError(t, k.Client.Get(ctx, types.NamespacedName{
   104  				Name:      fmt.Sprintf("%s-%s", usr.Name, sqlUserPrefix),
   105  				Namespace: usr.Namespace,
   106  			}, iamSQLUserPerms))
   107  			assert.Equal(t, iamSQLUserPerms.Spec.Role, instanceUserPerms)
   108  			assert.Equal(t, iamSQLUserPerms.Namespace, usr.Namespace)
   109  			return ctx
   110  		}).Feature()
   111  
   112  	f.Test(t, sequelUser)
   113  }
   114  
   115  func mockDatabaseUser(name, namespace, _type string) *backendv1.DatabaseUser {
   116  	return &backendv1.DatabaseUser{
   117  		TypeMeta: v1.TypeMeta{
   118  			APIVersion: backendv1.UserGVK.GroupVersion().String(),
   119  			Kind:       backendv1.UserGVK.Kind,
   120  		},
   121  		ObjectMeta: v1.ObjectMeta{
   122  			Name:      name,
   123  			Namespace: namespace,
   124  		},
   125  		Spec: backendv1.UserSpec{
   126  			Type: _type,
   127  			InstanceRef: backendv1.InstanceReference{
   128  				Name:      "sequel",
   129  				ProjectID: "ret-dev-sequel",
   130  			},
   131  			Grants: []backendv1.Grant{
   132  				{
   133  					Schema: "public",
   134  					TableGrant: []backendv1.TableGrant{
   135  						{
   136  							Table: "clusters",
   137  							Permissions: []backendv1.Permissions{
   138  								{
   139  									Permission: "INSERT",
   140  								},
   141  							},
   142  						},
   143  					},
   144  				},
   145  			},
   146  		},
   147  	}
   148  }
   149  

View as plain text