...

Source file src/github.com/datawire/ambassador/v2/cmd/entrypoint/secrets_test.go

Documentation: github.com/datawire/ambassador/v2/cmd/entrypoint 

     1  package entrypoint
     2  
     3  import (
     4  	"testing"
     5  
     6  	"github.com/stretchr/testify/assert"
     7  	"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
     8  
     9  	snapshotTypes "github.com/datawire/ambassador/v2/pkg/snapshot/v1"
    10  )
    11  
    12  // Tests whether providing a Filter with a bogus spec
    13  // This is outside the table since we're providing a bogus spec and not the otherwise expected interface
    14  func TestFindFilterSecretBogus(t *testing.T) {
    15  	refs := map[snapshotTypes.SecretRef]bool{}
    16  	action := func(ref snapshotTypes.SecretRef) {
    17  		refs[ref] = true
    18  	}
    19  
    20  	testFilter := &unstructured.Unstructured{
    21  		Object: map[string]interface{}{
    22  
    23  			"apiVersion": "getambassador.io/v2",
    24  			"kind":       "Filter",
    25  			"metadata": map[string]interface{}{
    26  				"name":      "namespaced-secret-filter",
    27  				"namespace": "foo",
    28  			},
    29  			"spec": "bogus",
    30  		},
    31  	}
    32  	// We shouldnt process any secret refs from this bogus Filter
    33  	assert.NoError(t, findFilterSecret(testFilter, action))
    34  	assert.Equal(t, 0, len(refs))
    35  }
    36  
    37  func TestFindFilterSecrets(t *testing.T) {
    38  	t.Parallel()
    39  
    40  	type subtest struct {
    41  		inputSpec    map[string]interface{}
    42  		expectedRefs []snapshotTypes.SecretRef
    43  	}
    44  	// Iterate each test for all our API Versions
    45  	apiVersions := []string{"getambassador.io/v2", "getambassador.io/v3alpha1"}
    46  	subtests := map[string]subtest{
    47  		"namespaced": {
    48  			inputSpec: map[string]interface{}{
    49  				"OAuth2": map[string]interface{}{
    50  					"authorizationURL": "https://login.example.com/dummy-client/v2",
    51  					"clientID":         "dummy-id",
    52  					"clientURL":        "https://dummy-client-url.com",
    53  					"secretName":       "namespaced-secret",
    54  					"secretNamespace":  "bar",
    55  				},
    56  			},
    57  			expectedRefs: []snapshotTypes.SecretRef{{Namespace: "bar", Name: "namespaced-secret"}},
    58  		},
    59  		"noNamespace": {
    60  			inputSpec: map[string]interface{}{
    61  				"OAuth2": map[string]interface{}{
    62  					"authorizationURL": "https://login.example.com/dummy-client/v2",
    63  					"clientID":         "dummy-id",
    64  					"clientURL":        "https://dummy-client-url.com",
    65  					"secretName":       "namespaced-secret",
    66  				},
    67  			},
    68  			expectedRefs: []snapshotTypes.SecretRef{{Namespace: "foo", Name: "namespaced-secret"}},
    69  		},
    70  		"bogusOAuth": {
    71  			inputSpec: map[string]interface{}{
    72  				"OAuth2": true,
    73  			},
    74  			expectedRefs: []snapshotTypes.SecretRef{},
    75  		},
    76  		"bogusSecretName": {
    77  			inputSpec: map[string]interface{}{
    78  				"OAuth2": map[string]interface{}{
    79  					"authorizationURL": "https://login.example.com/dummy-client/v2",
    80  					"clientID":         "dummy-id",
    81  					"clientURL":        "https://dummy-client-url.com",
    82  					"secretName":       true,
    83  				},
    84  			},
    85  			expectedRefs: []snapshotTypes.SecretRef{},
    86  		},
    87  		"bogusSecretNamespace": {
    88  			inputSpec: map[string]interface{}{
    89  				"OAuth2": map[string]interface{}{
    90  					"authorizationURL": "https://login.example.com/dummy-client/v2",
    91  					"clientID":         "dummy-id",
    92  					"clientURL":        "https://dummy-client-url.com",
    93  					"secretName":       "namespaced-secret",
    94  					"secretNamespace":  true,
    95  				},
    96  			},
    97  			expectedRefs: []snapshotTypes.SecretRef{},
    98  		},
    99  		"noSecret": {
   100  			inputSpec: map[string]interface{}{
   101  				"OAuth2": map[string]interface{}{
   102  					"authorizationURL": "https://login.example.com/dummy-client/v2",
   103  					"clientID":         "dummy-id",
   104  					"clientURL":        "https://dummy-client-url.com",
   105  				},
   106  			},
   107  			expectedRefs: []snapshotTypes.SecretRef{},
   108  		},
   109  	}
   110  
   111  	for _, apiVersion := range apiVersions {
   112  		for name, subtest := range subtests {
   113  			subtest := subtest // capture loop variable
   114  			t.Run(name, func(t *testing.T) {
   115  				t.Parallel()
   116  				testFilter := &unstructured.Unstructured{
   117  					Object: map[string]interface{}{
   118  						"apiVersion": apiVersion,
   119  						"kind":       "Filter",
   120  						"metadata": map[string]interface{}{
   121  							"name":      "namespaced-secret-filter",
   122  							"namespace": "foo",
   123  						},
   124  						"spec": subtest.inputSpec,
   125  					},
   126  				}
   127  				refs := map[snapshotTypes.SecretRef]bool{}
   128  				action := func(ref snapshotTypes.SecretRef) {
   129  					refs[ref] = true
   130  				}
   131  				assert.NoError(t, findFilterSecret(testFilter, action))
   132  				// Check if we got the right number of secret references and that nothing weird happened
   133  				assert.Equal(t, len(subtest.expectedRefs), len(refs))
   134  				// Make sure any expected secret references exist
   135  				for _, ref := range subtest.expectedRefs {
   136  					assert.True(t, refs[ref])
   137  				}
   138  			})
   139  		}
   140  	}
   141  }
   142  

View as plain text