Pulumi: Remove unwanted chars when extract secret (#3333)

* Remove unwanted chars when extract secret
Add TestGetSecretMap
Fixes #3332

Signed-off-by: alphayax <alphayax@gmail.com>

* TestGetSecretMap: Simplify test inputs

Signed-off-by: alphayax <alphayax@gmail.com>

* TestGetSecretMap: Add more tests

Signed-off-by: alphayax <alphayax@gmail.com>

---------

Signed-off-by: alphayax <alphayax@gmail.com>

pkg/provider/pulumi/pulumi.go

@@ -79,7 +79,7 @@ func (c *client) GetSecretMap(ctx context.Context, ref esv1beta1.ExternalSecretD
 		return nil, fmt.Errorf(errGettingSecrets, ref.Key, err)
 	}
 
-	kv := make(map[string]json.RawMessage)
+	kv := make(map[string]interface{})
 	err = json.Unmarshal(data, &kv)
 	if err != nil {
 		return nil, fmt.Errorf(errUnmarshalSecret, err)

pkg/provider/pulumi/pulumi_test.go

@@ -18,6 +18,7 @@ import (
 	"encoding/json"
 	"net/http"
 	"net/http/httptest"
+	"reflect"
 	"testing"
 
 	esc2 "github.com/pulumi/esc"
@@ -80,3 +81,70 @@ func TestGetSecret(t *testing.T) {
 		})
 	}
 }
+
+func TestGetSecretMap(t *testing.T) {
+	tests := []struct {
+		name  string
+		ref   esv1beta1.ExternalSecretDataRemoteRef
+		input string
+
+		want    map[string][]byte
+		wantErr bool
+	}{
+		{
+			name: "successful case (basic types)",
+			ref: esv1beta1.ExternalSecretDataRemoteRef{
+				Key: "mysec",
+			},
+			input: `{"foo": "bar", "foobar": 42, "bar": true}`,
+			want: map[string][]byte{
+				"foo":    []byte("bar"),
+				"foobar": []byte("42"),
+				"bar":    []byte(`true`),
+			},
+			wantErr: false,
+		},
+		{
+			name: "successful case (nested)",
+			ref: esv1beta1.ExternalSecretDataRemoteRef{
+				Key: "mysec",
+			},
+			input: `{"foo": {"foobar": 42}, "bar": {"foo": "bar"}}`,
+			want: map[string][]byte{
+				"foo": []byte(`{"foobar":42}`),
+				"bar": []byte(`{"foo":"bar"}`),
+			},
+			wantErr: false,
+		},
+		{
+			name: "successful case (basic + nested)",
+			ref: esv1beta1.ExternalSecretDataRemoteRef{
+				Key: "mysec",
+			},
+			input: `{"foo": "bar", "bar": {"foo": {"bar": false}}}`,
+			want: map[string][]byte{
+				"foo": []byte(`bar`),
+				"bar": []byte(`{"foo":{"bar":false}}`),
+			},
+			wantErr: false,
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			p := newTestClient(t, http.MethodGet, "/api/preview/environments/foo/bar/open/session", func(w http.ResponseWriter, r *http.Request) {
+				esc2Input, err1 := esc2.FromJSON(tt.input, false)
+				require.NoError(t, err1)
+				err2 := json.NewEncoder(w).Encode(esc2Input)
+				require.NoError(t, err2)
+			})
+			got, err := p.GetSecretMap(context.Background(), tt.ref)
+			if (err != nil) != tt.wantErr {
+				t.Errorf("ProviderPulumi.GetSecretMap() error = %v, wantErr %v", err, tt.wantErr)
+				return
+			}
+			if !reflect.DeepEqual(got, tt.want) {
+				t.Errorf("ProviderPulumi.GetSecretMap() get = %v, want %v", got, tt.want)
+			}
+		})
+	}
+}