Home Explore Help
Sign In
logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Adding tests for externalSecrets, secretStores and ClusterSecretStores conversion methods

Signed-off-by: Gustavo Carvalho <gustavo.carvalho@container-solutions.com>
Gustavo Carvalho 4 years ago
parent
633c777d7a
commit
cb7f936228
2 changed files with 462 additions and 0 deletions
Split View Show Diff Stats
  1. 217 0
      apis/externalsecrets/v1alpha1/externalsecret_conversion_test.go
  2. 245 0
      apis/externalsecrets/v1alpha1/secretstore_conversion_test.go

+ 217 - 0
apis/externalsecrets/v1alpha1/externalsecret_conversion_test.go
View File 

@@ -0,0 +1,217 @@
 
+/*
 
+Licensed under the Apache License, Version 2.0 (the "License");
 
+you may not use this file except in compliance with the License.
 
+You may obtain a copy of the License at
 
+
 
+    http://www.apache.org/licenses/LICENSE-2.0
 
+
 
+Unless required by applicable law or agreed to in writing, software
 
+distributed under the License is distributed on an "AS IS" BASIS,
 
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 
+See the License for the specific language governing permissions and
 
+limitations under the License.
 
+*/
 
+
 
+package v1alpha1
 
+
 
+import (
 
+	"testing"
 
+
 
+	"github.com/stretchr/testify/assert"
 
+	corev1 "k8s.io/api/core/v1"
 
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
+
 
+	esv1beta1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
 
+)
 
+
 
+func newExternalSecretV1Alpha1() *ExternalSecret {
 
+	return &ExternalSecret{
 
+		ObjectMeta: metav1.ObjectMeta{
 
+			Name:      "full-es",
 
+			Namespace: "my-ns",
 
+		},
 
+		Status: ExternalSecretStatus{
 
+			SyncedResourceVersion: "123",
 
+			Conditions: []ExternalSecretStatusCondition{
 
+				{
 
+					Type:    ExternalSecretReady,
 
+					Status:  corev1.ConditionTrue,
 
+					Reason:  "it's a mock, it's always ready",
 
+					Message: "...why wouldn't it be?",
 
+				},
 
+			},
 
+		},
 
+		Spec: ExternalSecretSpec{
 
+			SecretStoreRef: SecretStoreRef{
 
+				Name: "test-secret-store",
 
+				Kind: "ClusterSecretStore",
 
+			},
 
+			Target: ExternalSecretTarget{
 
+				Name:           "test-target",
 
+				CreationPolicy: Owner,
 
+				Immutable:      false,
 
+				Template: &ExternalSecretTemplate{
 
+					Type: corev1.SecretTypeOpaque,
 
+					Metadata: ExternalSecretTemplateMetadata{
 
+						Annotations: map[string]string{
 
+							"foo": "bar",
 
+						},
 
+						Labels: map[string]string{
 
+							"foolbl": "barlbl",
 
+						},
 
+					},
 
+					Data: map[string]string{
 
+						"my-key": "{{.data | toString}}",
 
+					},
 
+					TemplateFrom: []TemplateFrom{
 
+						{
 
+							ConfigMap: &TemplateRef{
 
+								Name: "test-configmap",
 
+								Items: []TemplateRefItem{
 
+									{
 
+										Key: "my-key",
 
+									},
 
+								},
 
+							},
 
+							Secret: &TemplateRef{
 
+								Name: "test-secret",
 
+								Items: []TemplateRefItem{
 
+									{
 
+										Key: "my-key",
 
+									},
 
+								},
 
+							},
 
+						},
 
+					},
 
+				},
 
+			},
 
+			Data: []ExternalSecretData{
 
+				{
 
+					SecretKey: "my-key",
 
+					RemoteRef: ExternalSecretDataRemoteRef{
 
+						Key:      "datakey",
 
+						Property: "dataproperty",
 
+						Version:  "dataversion",
 
+					},
 
+				},
 
+			},
 
+			DataFrom: []ExternalSecretDataRemoteRef{
 
+				{
 
+					Key:      "key",
 
+					Property: "property",
 
+					Version:  "version",
 
+				},
 
+			},
 
+		},
 
+	}
 
+}
 
+
 
+func newExternalSecretV1Beta1() *esv1beta1.ExternalSecret {
 
+	return &esv1beta1.ExternalSecret{
 
+		ObjectMeta: metav1.ObjectMeta{
 
+			Name:      "full-es",
 
+			Namespace: "my-ns",
 
+		},
 
+		Status: esv1beta1.ExternalSecretStatus{
 
+			SyncedResourceVersion: "123",
 
+			Conditions: []esv1beta1.ExternalSecretStatusCondition{
 
+				{
 
+					Type:    esv1beta1.ExternalSecretReady,
 
+					Status:  corev1.ConditionTrue,
 
+					Reason:  "it's a mock, it's always ready",
 
+					Message: "...why wouldn't it be?",
 
+				},
 
+			},
 
+		},
 
+		Spec: esv1beta1.ExternalSecretSpec{
 
+			SecretStoreRef: esv1beta1.SecretStoreRef{
 
+				Name: "test-secret-store",
 
+				Kind: "ClusterSecretStore",
 
+			},
 
+			Target: esv1beta1.ExternalSecretTarget{
 
+				Name:           "test-target",
 
+				CreationPolicy: esv1beta1.Owner,
 
+				Immutable:      false,
 
+				Template: &esv1beta1.ExternalSecretTemplate{
 
+					Type: corev1.SecretTypeOpaque,
 
+					Metadata: esv1beta1.ExternalSecretTemplateMetadata{
 
+						Annotations: map[string]string{
 
+							"foo": "bar",
 
+						},
 
+						Labels: map[string]string{
 
+							"foolbl": "barlbl",
 
+						},
 
+					},
 
+					Data: map[string]string{
 
+						"my-key": "{{.data | toString}}",
 
+					},
 
+					TemplateFrom: []esv1beta1.TemplateFrom{
 
+						{
 
+							ConfigMap: &esv1beta1.TemplateRef{
 
+								Name: "test-configmap",
 
+								Items: []esv1beta1.TemplateRefItem{
 
+									{
 
+										Key: "my-key",
 
+									},
 
+								},
 
+							},
 
+							Secret: &esv1beta1.TemplateRef{
 
+								Name: "test-secret",
 
+								Items: []esv1beta1.TemplateRefItem{
 
+									{
 
+										Key: "my-key",
 
+									},
 
+								},
 
+							},
 
+						},
 
+					},
 
+				},
 
+			},
 
+			Data: []esv1beta1.ExternalSecretData{
 
+				{
 
+					SecretKey: "my-key",
 
+					RemoteRef: esv1beta1.ExternalSecretDataRemoteRef{
 
+						Key:      "datakey",
 
+						Property: "dataproperty",
 
+						Version:  "dataversion",
 
+					},
 
+				},
 
+			},
 
+			DataFrom: []esv1beta1.ExternalSecretDataFromRemoteRef{
 
+				{
 
+					Extract: esv1beta1.ExternalSecretDataRemoteRef{
 
+						Key:      "key",
 
+						Property: "property",
 
+						Version:  "version",
 
+					},
 
+				},
 
+			},
 
+		},
 
+	}
 
+}
 
+
 
+func TestExternalSecretConvertFrom(t *testing.T) {
 
+	given := newExternalSecretV1Beta1()
 
+	want := newExternalSecretV1Alpha1()
 
+	got := &ExternalSecret{}
 
+	err := got.ConvertFrom(given)
 
+	if err != nil {
 
+		t.Errorf("test failed with error: %v", err)
 
+	}
 
+	if !assert.Equal(t, want, got) {
 
+		t.Errorf("test failed, expected: %v, got: %v", want, got)
 
+	}
 
+}
 
+
 
+func TestExternalSecretConvertTo(t *testing.T) {
 
+	want := newExternalSecretV1Beta1()
 
+	given := newExternalSecretV1Alpha1()
 
+	got := &esv1beta1.ExternalSecret{}
 
+	err := given.ConvertTo(got)
 
+	if err != nil {
 
+		t.Errorf("test failed with error: %v", err)
 
+	}
 
+	if !assert.Equal(t, want, got) {
 
+		t.Errorf("test failed, expected: %v, got: %v", want, got)
 
+	}
 
+}

+ 245 - 0
apis/externalsecrets/v1alpha1/secretstore_conversion_test.go
View File 

@@ -0,0 +1,245 @@
 
+/*
 
+Licensed under the Apache License, Version 2.0 (the "License");
 
+you may not use this file except in compliance with the License.
 
+You may obtain a copy of the License at
 
+
 
+    http://www.apache.org/licenses/LICENSE-2.0
 
+
 
+Unless required by applicable law or agreed to in writing, software
 
+distributed under the License is distributed on an "AS IS" BASIS,
 
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 
+See the License for the specific language governing permissions and
 
+limitations under the License.
 
+*/
 
+
 
+package v1alpha1
 
+
 
+import (
 
+	"testing"
 
+
 
+	"github.com/stretchr/testify/assert"
 
+	corev1 "k8s.io/api/core/v1"
 
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 
+
 
+	esv1beta1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1beta1"
 
+	esmeta "github.com/external-secrets/external-secrets/apis/meta/v1"
 
+)
 
+
 
+func newSecretStoreV1Alpha1() *SecretStore {
 
+	return &SecretStore{
 
+		ObjectMeta: metav1.ObjectMeta{
 
+			Name:      "secret-store",
 
+			Namespace: "my-namespace",
 
+		},
 
+		Status: SecretStoreStatus{
 
+			Conditions: []SecretStoreStatusCondition{
 
+				{
 
+					Type:    SecretStoreReady,
 
+					Status:  corev1.ConditionTrue,
 
+					Reason:  "it's a mock, it's always ready",
 
+					Message: "...why wouldn't it be?",
 
+				},
 
+			},
 
+		},
 
+		Spec: SecretStoreSpec{
 
+			Controller: "dev",
 
+			Provider: &SecretStoreProvider{
 
+				AWS: &AWSProvider{
 
+					Service: AWSServiceSecretsManager,
 
+					Region:  "us-east-1",
 
+					Role:    "arn:aws:iam::123456789012:role/my-role",
 
+					Auth: AWSAuth{
 
+						SecretRef: &AWSAuthSecretRef{
 
+							AccessKeyID: esmeta.SecretKeySelector{
 
+								Name: "my-access",
 
+								Key:  "my-key",
 
+							},
 
+							SecretAccessKey: esmeta.SecretKeySelector{
 
+								Name: "my-secret",
 
+								Key:  "my-key",
 
+							},
 
+						},
 
+					},
 
+				},
 
+			},
 
+		},
 
+	}
 
+}
 
+
 
+func newSecretStoreV1Beta1() *esv1beta1.SecretStore {
 
+	return &esv1beta1.SecretStore{
 
+		ObjectMeta: metav1.ObjectMeta{
 
+			Name:      "secret-store",
 
+			Namespace: "my-namespace",
 
+		},
 
+		Status: esv1beta1.SecretStoreStatus{
 
+			Conditions: []esv1beta1.SecretStoreStatusCondition{
 
+				{
 
+					Type:    esv1beta1.SecretStoreReady,
 
+					Status:  corev1.ConditionTrue,
 
+					Reason:  "it's a mock, it's always ready",
 
+					Message: "...why wouldn't it be?",
 
+				},
 
+			},
 
+		},
 
+		Spec: esv1beta1.SecretStoreSpec{
 
+			Controller: "dev",
 
+			Provider: &esv1beta1.SecretStoreProvider{
 
+				AWS: &esv1beta1.AWSProvider{
 
+					Service: esv1beta1.AWSServiceSecretsManager,
 
+					Region:  "us-east-1",
 
+					Role:    "arn:aws:iam::123456789012:role/my-role",
 
+					Auth: esv1beta1.AWSAuth{
 
+						SecretRef: &esv1beta1.AWSAuthSecretRef{
 
+							AccessKeyID: esmeta.SecretKeySelector{
 
+								Name: "my-access",
 
+								Key:  "my-key",
 
+							},
 
+							SecretAccessKey: esmeta.SecretKeySelector{
 
+								Name: "my-secret",
 
+								Key:  "my-key",
 
+							},
 
+						},
 
+					},
 
+				},
 
+			},
 
+		},
 
+	}
 
+}
 
+
 
+func newClusterSecretStoreV1Alpha1() *ClusterSecretStore {
 
+	ns := "my-namespace"
 
+	return &ClusterSecretStore{
 
+		ObjectMeta: metav1.ObjectMeta{
 
+			Name: "secret-store",
 
+		},
 
+		Status: SecretStoreStatus{
 
+			Conditions: []SecretStoreStatusCondition{
 
+				{
 
+					Type:    SecretStoreReady,
 
+					Status:  corev1.ConditionTrue,
 
+					Reason:  "it's a mock, it's always ready",
 
+					Message: "...why wouldn't it be?",
 
+				},
 
+			},
 
+		},
 
+		Spec: SecretStoreSpec{
 
+			Controller: "dev",
 
+			Provider: &SecretStoreProvider{
 
+				AWS: &AWSProvider{
 
+					Service: AWSServiceSecretsManager,
 
+					Region:  "us-east-1",
 
+					Role:    "arn:aws:iam::123456789012:role/my-role",
 
+					Auth: AWSAuth{
 
+						SecretRef: &AWSAuthSecretRef{
 
+							AccessKeyID: esmeta.SecretKeySelector{
 
+								Name:      "my-access",
 
+								Key:       "my-key",
 
+								Namespace: &ns,
 
+							},
 
+							SecretAccessKey: esmeta.SecretKeySelector{
 
+								Name:      "my-secret",
 
+								Key:       "my-key",
 
+								Namespace: &ns,
 
+							},
 
+						},
 
+					},
 
+				},
 
+			},
 
+		},
 
+	}
 
+}
 
+
 
+func newClusterSecretStoreV1Beta1() *esv1beta1.ClusterSecretStore {
 
+	ns := "my-namespace"
 
+	return &esv1beta1.ClusterSecretStore{
 
+		ObjectMeta: metav1.ObjectMeta{
 
+			Name: "secret-store",
 
+		},
 
+		Status: esv1beta1.SecretStoreStatus{
 
+			Conditions: []esv1beta1.SecretStoreStatusCondition{
 
+				{
 
+					Type:    esv1beta1.SecretStoreReady,
 
+					Status:  corev1.ConditionTrue,
 
+					Reason:  "it's a mock, it's always ready",
 
+					Message: "...why wouldn't it be?",
 
+				},
 
+			},
 
+		},
 
+		Spec: esv1beta1.SecretStoreSpec{
 
+			Controller: "dev",
 
+			Provider: &esv1beta1.SecretStoreProvider{
 
+				AWS: &esv1beta1.AWSProvider{
 
+					Service: esv1beta1.AWSServiceSecretsManager,
 
+					Region:  "us-east-1",
 
+					Role:    "arn:aws:iam::123456789012:role/my-role",
 
+					Auth: esv1beta1.AWSAuth{
 
+						SecretRef: &esv1beta1.AWSAuthSecretRef{
 
+							AccessKeyID: esmeta.SecretKeySelector{
 
+								Name:      "my-access",
 
+								Key:       "my-key",
 
+								Namespace: &ns,
 
+							},
 
+							SecretAccessKey: esmeta.SecretKeySelector{
 
+								Name:      "my-secret",
 
+								Key:       "my-key",
 
+								Namespace: &ns,
 
+							},
 
+						},
 
+					},
 
+				},
 
+			},
 
+		},
 
+	}
 
+}
 
+func TestSecretStoreConvertFrom(t *testing.T) {
 
+	given := newSecretStoreV1Beta1()
 
+	want := newSecretStoreV1Alpha1()
 
+	got := &SecretStore{}
 
+	err := got.ConvertFrom(given)
 
+	if err != nil {
 
+		t.Errorf("test failed with error: %v", err)
 
+	}
 
+	if !assert.Equal(t, want, got) {
 
+		t.Errorf("test failed, expected: %v, got: %v", want, got)
 
+	}
 
+}
 
+
 
+func TestSecretStoreConvertTo(t *testing.T) {
 
+	want := newSecretStoreV1Beta1()
 
+	given := newSecretStoreV1Alpha1()
 
+	got := &esv1beta1.SecretStore{}
 
+	err := given.ConvertTo(got)
 
+	if err != nil {
 
+		t.Errorf("test failed with error: %v", err)
 
+	}
 
+	if !assert.Equal(t, want, got) {
 
+		t.Errorf("test failed, expected: %v, got: %v", want, got)
 
+	}
 
+}
 
+
 
+func TestClusterSecretStoreConvertFrom(t *testing.T) {
 
+	given := newClusterSecretStoreV1Beta1()
 
+	want := newClusterSecretStoreV1Alpha1()
 
+	got := &ClusterSecretStore{}
 
+	err := got.ConvertFrom(given)
 
+	if err != nil {
 
+		t.Errorf("test failed with error: %v", err)
 
+	}
 
+	if !assert.Equal(t, want, got) {
 
+		t.Errorf("test failed, expected: %v, got: %v", want, got)
 
+	}
 
+}
 
+
 
+func TestClusterSecretStoreConvertTo(t *testing.T) {
 
+	want := newClusterSecretStoreV1Beta1()
 
+	given := newClusterSecretStoreV1Alpha1()
 
+	got := &esv1beta1.ClusterSecretStore{}
 
+	err := given.ConvertTo(got)
 
+	if err != nil {
 
+		t.Errorf("test failed with error: %v", err)
 
+	}
 
+	if !assert.Equal(t, want, got) {
 
+		t.Errorf("test failed, expected: %v, got: %v", want, got)
 
+	}
 
+}