add tests for further parts of Creating Secret, and also some tidying/consistency

Co-authored-by: Dominic Meddick <dominic.meddick@engineerbetter.com>
Signed-off-by: Amr Fawzy <amr.fawzy@container-solutions.com>

pkg/provider/gcp/secretmanager/fake/fake.go

@@ -73,25 +73,43 @@ func (mc *MockSMClient) CreateSecretGetError() {
 	}
 }
 
-func (mc *MockSMClient) DefaultCreateSecret(wantedKey string) {
+func (mc *MockSMClient) DefaultCreateSecret(wantedSecretId, wantedParent string) {
 	mc.createSecretFn = func(ctx context.Context, req *secretmanagerpb.CreateSecretRequest, opts ...gax.CallOption) (*secretmanagerpb.Secret, error) {
-		if req.SecretId == wantedKey {
-			return &secretmanagerpb.Secret{
-				Name: wantedKey,
-			}, nil
+		if req.SecretId != wantedSecretId {
+			return nil, fmt.Errorf("create secret req wrong key: got %v want %v", req.SecretId, wantedSecretId)
 		}
-		return nil, fmt.Errorf("error creating secret key %v ", req.SecretId)
+		if req.Parent != wantedParent {
+			return nil, fmt.Errorf("create secret req wrong parent: got %v want %v", req.Parent, wantedParent)
+		}
+		return &secretmanagerpb.Secret{
+			Name: fmt.Sprintf("%s/%s", req.Parent, req.SecretId),
+		}, nil
 	}
 }
 
-func (mc *MockSMClient) DefaultAddSecretVersion(wantedValue string) {
+func (mc *MockSMClient) DefaultAddSecretVersion(wantedData, wantedParent, versionName string) {
 	mc.addSecretFn = func(ctx context.Context, req *secretmanagerpb.AddSecretVersionRequest, opts ...gax.CallOption) (*secretmanagerpb.SecretVersion, error) {
-		if string(req.Payload.Data) == wantedValue {
-			return &secretmanagerpb.SecretVersion{
-				Name: "done",
-			}, nil
+		if string(req.Payload.Data) != wantedData {
+			return nil, fmt.Errorf("add version req wrong data got: %v want %v ", req.Payload.Data, wantedData)
+		}
+		if req.Parent != wantedParent {
+			return nil, fmt.Errorf("add version req has wrong parent: got %v want %v", req.Parent, wantedParent)
+		}
+		return &secretmanagerpb.SecretVersion{
+			Name: versionName,
+		}, nil
+	}
+}
+
+func (mc *MockSMClient) DefaultAccessSecretVersion(wantedVersionName string) {
+	mc.accessSecretFn = func(ctx context.Context, req *secretmanagerpb.AccessSecretVersionRequest, opts ...gax.CallOption) (*secretmanagerpb.AccessSecretVersionResponse, error) {
+
+		if req.Name != wantedVersionName {
+			return nil, fmt.Errorf("access req has wrong version name: got %v want %v", req.Name, wantedVersionName)
 		}
-		return nil, fmt.Errorf("secret %s not found", wantedValue)
+		return &secretmanagerpb.AccessSecretVersionResponse{
+			Name: "latest",
+		}, nil
 	}
 }
 

pkg/provider/gcp/secretmanager/secretsmanager.go

@@ -229,17 +229,30 @@ func (sm *ProviderGCP) SetSecret(ctx context.Context, payload []byte, remoteRef
 		SecretId: remoteRef.GetRemoteKey(),
 	}
 
-	if _, err := sm.SecretManagerClient.CreateSecret(ctx, createSecretReq); err != nil {
+	secret, err := sm.SecretManagerClient.CreateSecret(ctx, createSecretReq)
+
+	if err != nil {
 		return err
 	}
 
 	addSecretVersionReq := &secretmanagerpb.AddSecretVersionRequest{
+		Parent: secret.Name,
 		Payload: &secretmanagerpb.SecretPayload{
 			Data: payload,
 		},
 	}
 
-	if _, err := sm.SecretManagerClient.AddSecretVersion(ctx, addSecretVersionReq); err != nil {
+	version, err := sm.SecretManagerClient.AddSecretVersion(ctx, addSecretVersionReq)
+
+	if err != nil {
+		return err
+	}
+
+	accessRequest := secretmanagerpb.AccessSecretVersionRequest{
+		Name: version.Name,
+	}
+
+	if _, err := sm.SecretManagerClient.AccessSecretVersion(ctx, &accessRequest); err != nil {
 		return err
 	}
 

pkg/provider/gcp/secretmanager/secretsmanager_test.go

@@ -190,18 +190,24 @@ func TestSecretManagerSetSecret(t *testing.T) {
 
 	key := "foo"
 	want := []byte("bar")
+	projectID := "default"
+
+	wantedSecretParent := fmt.Sprintf("projects/%s", projectID)
+	wantedVersionParent := fmt.Sprintf("%s/%s", wantedSecretParent, key)
+	wantedVersion := "latest"
 
 	p := ProviderGCP{
 		SecretManagerClient: &secretManagerClient,
-		projectID:           "default",
+		projectID:           projectID,
 	}
 	err := p.SetSecret(context.TODO(), want, esv1alpha1.PushSecretRemoteRefs{RemoteKey: key})
 	if err == nil {
 		t.Errorf("expected err got nil from SetSecret")
 	}
 
-	secretManagerClient.DefaultCreateSecret(key)
-	secretManagerClient.DefaultAddSecretVersion(string(want))
+	secretManagerClient.DefaultCreateSecret(key, wantedSecretParent)
+	secretManagerClient.DefaultAddSecretVersion(string(want), wantedVersionParent, wantedVersion)
+	secretManagerClient.DefaultAccessSecretVersion(wantedVersion)
 
 	err = p.SetSecret(context.TODO(), want, esv1alpha1.PushSecretRemoteRefs{RemoteKey: key})
 	if err != nil {