Home Explore Help
Sign In
logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets
1
0
Fork 0
Files Issues 0 Wiki
Tree: e324c5f9ee
Branches Tags
helm-externa...
/
pkg
/
provider
/
testing
/
fake
/
fake.go

fake.go 6.2 KB
History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203 
  1. /*
    2. 

  2. Licensed under the Apache License, Version 2.0 (the "License");
    3. 

  3. you may not use this file except in compliance with the License.
    4. 

  4. You may obtain a copy of the License at
    5. 

  5. 

  6.     http://www.apache.org/licenses/LICENSE-2.0
    7. 

  7. 

  8. Unless required by applicable law or agreed to in writing, software
    9. 

  9. distributed under the License is distributed on an "AS IS" BASIS,
    10. 

  10. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    11. 

  11. See the License for the specific language governing permissions and
    12. 

  12. limitations under the License.
    13. 

  13. */
    14. 

  14. 

  15. package fake
    16. 

  16. 

  17. import (
    18. 

  18. 	"context"
    19. 

  19. 	"sync"
    20. 

  20. 

  21. 	corev1 "k8s.io/api/core/v1"
    22. 

  22. 	"sigs.k8s.io/controller-runtime/pkg/client"
    23. 

  23. 	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
    24. 

  24. 

  25. 	esv1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1"
    26. 

  26. )
    27. 

  27. 

  28. var _ esv1.Provider = &Client{}
    29. 

  29. 

  30. type SetSecretCallArgs struct {
    31. 

  31. 	Value     []byte
    32. 

  32. 	RemoteRef esv1.PushSecretRemoteRef
    33. 

  33. }
    34. 

  34. 

  35. // Client is a fake client for testing.
    36. 

  36. type Client struct {
    37. 

  37. 	mu              *sync.RWMutex
    38. 

  38. 	pushSecretData  map[string]SetSecretCallArgs
    39. 

  39. 	NewFn           func(context.Context, esv1.GenericStore, client.Client, string) (esv1.SecretsClient, error)
    40. 

  40. 	GetSecretFn     func(context.Context, esv1.ExternalSecretDataRemoteRef) ([]byte, error)
    41. 

  41. 	GetSecretMapFn  func(context.Context, esv1.ExternalSecretDataRemoteRef) (map[string][]byte, error)
    42. 

  42. 	GetAllSecretsFn func(context.Context, esv1.ExternalSecretFind) (map[string][]byte, error)
    43. 

  43. 	SecretExistsFn  func(context.Context, esv1.PushSecretRemoteRef) (bool, error)
    44. 

  44. 	SetSecretFn     func() error
    45. 

  45. 	DeleteSecretFn  func() error
    46. 

  46. }
    47. 

  47. 

  48. // New returns a fake provider/client.
    49. 

  49. func New() *Client {
    50. 

  50. 	v := &Client{
    51. 

  51. 		mu: &sync.RWMutex{},
    52. 

  52. 		GetSecretFn: func(context.Context, esv1.ExternalSecretDataRemoteRef) ([]byte, error) {
    53. 

  53. 			return nil, nil
    54. 

  54. 		},
    55. 

  55. 		GetSecretMapFn: func(context.Context, esv1.ExternalSecretDataRemoteRef) (map[string][]byte, error) {
    56. 

  56. 			return nil, nil
    57. 

  57. 		},
    58. 

  58. 		GetAllSecretsFn: func(context.Context, esv1.ExternalSecretFind) (map[string][]byte, error) {
    59. 

  59. 			return nil, nil
    60. 

  60. 		},
    61. 

  61. 		SecretExistsFn: func(context.Context, esv1.PushSecretRemoteRef) (bool, error) {
    62. 

  62. 			return false, nil
    63. 

  63. 		},
    64. 

  64. 		SetSecretFn: func() error {
    65. 

  65. 			return nil
    66. 

  66. 		},
    67. 

  67. 		DeleteSecretFn: func() error {
    68. 

  68. 			return nil
    69. 

  69. 		},
    70. 

  70. 		pushSecretData: map[string]SetSecretCallArgs{},
    71. 

  71. 	}
    72. 

  72. 

  73. 	v.NewFn = func(context.Context, esv1.GenericStore, client.Client, string) (esv1.SecretsClient, error) {
    74. 

  74. 		return v, nil
    75. 

  75. 	}
    76. 

  76. 

  77. 	return v
    78. 

  78. }
    79. 

  79. 

  80. // RegisterAs registers the fake client in the schema.
    81. 

  81. func (v *Client) RegisterAs(provider *esv1.SecretStoreProvider) {
    82. 

  82. 	esv1.ForceRegister(v, provider, esv1.MaintenanceStatusMaintained)
    83. 

  83. }
    84. 

  84. 

  85. // GetAllSecrets implements the provider.Provider interface.
    86. 

  86. func (v *Client) GetAllSecrets(ctx context.Context, ref esv1.ExternalSecretFind) (map[string][]byte, error) {
    87. 

  87. 	return v.GetAllSecretsFn(ctx, ref)
    88. 

  88. }
    89. 

  89. 

  90. func (v *Client) PushSecret(_ context.Context, secret *corev1.Secret, data esv1.PushSecretData) error {
    91. 

  91. 	v.mu.Lock()
    92. 

  92. 	defer v.mu.Unlock()
    93. 

  93. 	v.pushSecretData[data.GetRemoteKey()] = SetSecretCallArgs{
    94. 

  94. 		Value:     secret.Data[data.GetSecretKey()],
    95. 

  95. 		RemoteRef: data,
    96. 

  96. 	}
    97. 

  97. 	return v.SetSecretFn()
    98. 

  98. }
    99. 

  99. 

  100. // GetPushSecretData safely retrieves the push secret data map for reading.
    101. 

  101. func (v *Client) GetPushSecretData() map[string]SetSecretCallArgs {
    102. 

  102. 	v.mu.RLock()
    103. 

  103. 	defer v.mu.RUnlock()
    104. 

  104. 	// Create a copy to avoid race conditions
    105. 

  105. 	result := make(map[string]SetSecretCallArgs, len(v.pushSecretData))
    106. 

  106. 	for k, v := range v.pushSecretData {
    107. 

  107. 		result[k] = v
    108. 

  108. 	}
    109. 

  109. 	return result
    110. 

  110. }
    111. 

  111. 

  112. func (v *Client) DeleteSecret(_ context.Context, _ esv1.PushSecretRemoteRef) error {
    113. 

  113. 	return v.DeleteSecretFn()
    114. 

  114. }
    115. 

  115. 

  116. func (v *Client) SecretExists(ctx context.Context, ref esv1.PushSecretRemoteRef) (bool, error) {
    117. 

  117. 	return v.SecretExistsFn(ctx, ref)
    118. 

  118. }
    119. 

  119. 

  120. // GetSecret implements the provider.Provider interface.
    121. 

  121. func (v *Client) GetSecret(ctx context.Context, ref esv1.ExternalSecretDataRemoteRef) ([]byte, error) {
    122. 

  122. 	return v.GetSecretFn(ctx, ref)
    123. 

  123. }
    124. 

  124. 

  125. // WithGetSecret wraps secret data returned by this provider.
    126. 

  126. func (v *Client) WithGetSecret(secData []byte, err error) *Client {
    127. 

  127. 	v.GetSecretFn = func(context.Context, esv1.ExternalSecretDataRemoteRef) ([]byte, error) {
    128. 

  128. 		return secData, err
    129. 

  129. 	}
    130. 

  130. 	return v
    131. 

  131. }
    132. 

  132. 

  133. // GetSecretMap implements the provider.Provider interface.
    134. 

  134. func (v *Client) GetSecretMap(ctx context.Context, ref esv1.ExternalSecretDataRemoteRef) (map[string][]byte, error) {
    135. 

  135. 	return v.GetSecretMapFn(ctx, ref)
    136. 

  136. }
    137. 

  137. 

  138. func (v *Client) Close(_ context.Context) error {
    139. 

  139. 	return nil
    140. 

  140. }
    141. 

  141. 

  142. func (v *Client) Validate() (esv1.ValidationResult, error) {
    143. 

  143. 	return esv1.ValidationResultReady, nil
    144. 

  144. }
    145. 

  145. 

  146. func (v *Client) ValidateStore(_ esv1.GenericStore) (admission.Warnings, error) {
    147. 

  147. 	return nil, nil
    148. 

  148. }
    149. 

  149. 

  150. // WithGetSecretMap wraps the secret data map returned by this fake provider.
    151. 

  151. func (v *Client) WithGetSecretMap(secData map[string][]byte, err error) *Client {
    152. 

  152. 	v.GetSecretMapFn = func(context.Context, esv1.ExternalSecretDataRemoteRef) (map[string][]byte, error) {
    153. 

  153. 		return secData, err
    154. 

  154. 	}
    155. 

  155. 	return v
    156. 

  156. }
    157. 

  157. 

  158. // WithGetAllSecrets wraps the secret data map returned by this fake provider.
    159. 

  159. func (v *Client) WithGetAllSecrets(secData map[string][]byte, err error) *Client {
    160. 

  160. 	v.GetAllSecretsFn = func(context.Context, esv1.ExternalSecretFind) (map[string][]byte, error) {
    161. 

  161. 		return secData, err
    162. 

  162. 	}
    163. 

  163. 	return v
    164. 

  164. }
    165. 

  165. 

  166. // WithSetSecret wraps the secret response to the fake provider.
    167. 

  167. func (v *Client) WithSetSecret(err error) *Client {
    168. 

  168. 	v.SetSecretFn = func() error {
    169. 

  169. 		return err
    170. 

  170. 	}
    171. 

  171. 	return v
    172. 

  172. }
    173. 

  173. 

  174. // WithNew wraps the fake provider factory function.
    175. 

  175. func (v *Client) WithNew(f func(context.Context, esv1.GenericStore, client.Client,
    176. 

  176. 	string) (esv1.SecretsClient, error)) *Client {
    177. 

  177. 	v.NewFn = f
    178. 

  178. 	return v
    179. 

  179. }
    180. 

  180. 

  181. // Capabilities return the provider supported capabilities (ReadOnly, WriteOnly, ReadWrite).
    182. 

  182. func (v *Client) Capabilities() esv1.SecretStoreCapabilities {
    183. 

  183. 	return esv1.SecretStoreReadOnly
    184. 

  184. }
    185. 

  185. 

  186. // NewClient returns a new fake provider.
    187. 

  187. func (v *Client) NewClient(ctx context.Context, store esv1.GenericStore, kube client.Client, namespace string) (esv1.SecretsClient, error) {
    188. 

  188. 	c, err := v.NewFn(ctx, store, kube, namespace)
    189. 

  189. 	if err != nil {
    190. 

  190. 		return nil, err
    191. 

  191. 	}
    192. 

  192. 	return c, nil
    193. 

  193. }
    194. 

  194. 

  195. func (v *Client) Reset() {
    196. 

  196. 	v.WithNew(func(context.Context, esv1.GenericStore, client.Client,
    197. 

  197. 		string) (esv1.SecretsClient, error) {
    198. 

  198. 		return v, nil
    199. 

  199. 	})
    200. 

  200. 	v.mu.Lock()
    201. 

  201. 	defer v.mu.Unlock()
    202. 

  202. 	v.pushSecretData = map[string]SetSecretCallArgs{}
    203. 

  203. }
    204.