1 package snapshot_test
2
3 import (
4 "encoding/json"
5 "testing"
6
7 "github.com/stretchr/testify/assert"
8 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
9
10 "github.com/datawire/ambassador/v2/pkg/kates"
11 snapshotTypes "github.com/datawire/ambassador/v2/pkg/snapshot/v1"
12 )
13
14 func getUnstructured(objStr string) *kates.Unstructured {
15 var obj map[string]interface{}
16 _ = json.Unmarshal([]byte(objStr), &obj)
17 unstructured := &kates.Unstructured{}
18 unstructured.SetUnstructuredContent(obj)
19 return unstructured
20 }
21
22 var sanitizeTests = []struct {
23 testName string
24 unsanitized *snapshotTypes.Snapshot
25 expectedSanitized *snapshotTypes.Snapshot
26 }{
27 {
28 testName: "secrets",
29 unsanitized: &snapshotTypes.Snapshot{
30 Kubernetes: &snapshotTypes.KubernetesSnapshot{
31 Secrets: []*kates.Secret{
32 {},
33 {
34 TypeMeta: metav1.TypeMeta{
35 Kind: "Secret",
36 APIVersion: "v1",
37 },
38 ObjectMeta: metav1.ObjectMeta{
39 Name: "secret-1",
40 Namespace: "ns",
41 ResourceVersion: "resourceversion",
42 Labels: map[string]string{"label": "unset"},
43 Annotations: map[string]string{"also": "unset"},
44 },
45 Type: "Opaque",
46 Data: map[string][]byte{
47 "data1": []byte("blahblahblah"),
48 "data2": []byte("otherblahblahblah"),
49 },
50 },
51 {
52 TypeMeta: metav1.TypeMeta{
53 Kind: "Secret",
54 APIVersion: "v1",
55 },
56 ObjectMeta: metav1.ObjectMeta{
57 Name: "other-secret",
58 Namespace: "other-ns",
59 ResourceVersion: "resourceversion",
60 Labels: map[string]string{"label": "unset"},
61 Annotations: map[string]string{"also": "unset"},
62 },
63 Type: "kubernetes.io/tls",
64 Data: map[string][]byte{
65 "data3": []byte("bleepblorp"),
66 "data4": []byte("realsecret"),
67 },
68 },
69 },
70 },
71 },
72 expectedSanitized: &snapshotTypes.Snapshot{
73 Kubernetes: &snapshotTypes.KubernetesSnapshot{
74 Secrets: []*kates.Secret{
75 {
76 Data: map[string][]byte{},
77 },
78 {
79 TypeMeta: metav1.TypeMeta{
80 Kind: "Secret",
81 APIVersion: "v1",
82 },
83 ObjectMeta: metav1.ObjectMeta{
84 Name: "secret-1",
85 Namespace: "ns",
86 },
87 Type: "Opaque",
88 Data: map[string][]byte{
89 "data1": []byte("<REDACTED>"),
90 "data2": []byte("<REDACTED>"),
91 },
92 },
93 {
94 TypeMeta: metav1.TypeMeta{
95 Kind: "Secret",
96 APIVersion: "v1",
97 },
98 ObjectMeta: metav1.ObjectMeta{
99 Name: "other-secret",
100 Namespace: "other-ns",
101 },
102 Type: "kubernetes.io/tls",
103 Data: map[string][]byte{
104 "data3": []byte("<REDACTED>"),
105 "data4": []byte("<REDACTED>"),
106 },
107 },
108 },
109 },
110 },
111 },
112 {
113 testName: "invalid",
114 unsanitized: &snapshotTypes.Snapshot{
115 Invalid: []*kates.Unstructured{
116 getUnstructured(`
117 {
118 "kind":"WeirdKind",
119 "apiVersion":"v1",
120 "metadata": {
121 "name":"hi",
122 "namespace":"default"
123 },
124 "errors": "someerrors",
125 "wat":"dontshowthis"
126 }`),
127 getUnstructured(`{}`),
128 },
129 },
130 expectedSanitized: &snapshotTypes.Snapshot{
131 Invalid: []*kates.Unstructured{
132 getUnstructured(`
133 {
134 "kind":"WeirdKind",
135 "apiVersion":"v1",
136 "metadata": {
137 "name":"hi",
138 "namespace":"default"
139 },
140 "errors":"someerrors"
141 }`),
142 getUnstructured(`{"apiVersion":"","kind":""}`),
143 },
144 },
145 },
146 {
147 testName: "empty",
148 unsanitized: &snapshotTypes.Snapshot{},
149 expectedSanitized: &snapshotTypes.Snapshot{},
150 },
151 }
152
153 func TestSanitize(t *testing.T) {
154 for _, sanitizeTest := range sanitizeTests {
155 t.Run(sanitizeTest.testName, func(innerT *testing.T) {
156 snapshot := *sanitizeTest.unsanitized
157 expected := *sanitizeTest.expectedSanitized
158
159 err := snapshot.Sanitize()
160
161 assert.Nil(innerT, err)
162 assert.Equal(innerT, expected, snapshot)
163 })
164 }
165 }
166
View as plain text