common_test.go 4.5 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145
  1. /*
  2. Copyright © The ESO Authors
  3. Licensed under the Apache License, Version 2.0 (the "License");
  4. you may not use this file except in compliance with the License.
  5. You may obtain a copy of the License at
  6. https://www.apache.org/licenses/LICENSE-2.0
  7. Unless required by applicable law or agreed to in writing, software
  8. distributed under the License is distributed on an "AS IS" BASIS,
  9. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  10. See the License for the specific language governing permissions and
  11. limitations under the License.
  12. */
  13. package common
  14. import (
  15. "strings"
  16. "testing"
  17. esv1 "github.com/external-secrets/external-secrets/apis/externalsecrets/v1"
  18. )
  19. func TestCredentialsSecretName(t *testing.T) {
  20. t.Parallel()
  21. if got := CredentialsSecretName("aws-config"); got != "aws-config-credentials" {
  22. t.Fatalf("unexpected credentials secret name: %q", got)
  23. }
  24. }
  25. func TestStaticCredentialsSecretDataPreservesSessionToken(t *testing.T) {
  26. t.Parallel()
  27. got := StaticCredentialsSecretData("kid", "sak", "st")
  28. if got[StaticAccessKeyIDKey] != "kid" {
  29. t.Fatalf("unexpected access key id: %q", got[StaticAccessKeyIDKey])
  30. }
  31. if got[StaticSecretAccessKeyKey] != "sak" {
  32. t.Fatalf("unexpected secret access key: %q", got[StaticSecretAccessKeyKey])
  33. }
  34. if got[StaticSessionTokenKey] != "st" {
  35. t.Fatalf("unexpected session token: %q", got[StaticSessionTokenKey])
  36. }
  37. }
  38. func TestProviderConfigNamespaceForManifestScope(t *testing.T) {
  39. t.Parallel()
  40. if got := ProviderConfigNamespace(esv1.AuthenticationScopeManifestNamespace, "provider-ns", "workload-ns"); got != "workload-ns" {
  41. t.Fatalf("expected workload namespace, got %q", got)
  42. }
  43. }
  44. func TestProviderConfigNamespaceForProviderScope(t *testing.T) {
  45. t.Parallel()
  46. if got := ProviderConfigNamespace(esv1.AuthenticationScopeProviderNamespace, "provider-ns", "workload-ns"); got != "provider-ns" {
  47. t.Fatalf("expected provider namespace, got %q", got)
  48. }
  49. }
  50. func TestProviderReferenceNamespaceForManifestScope(t *testing.T) {
  51. t.Parallel()
  52. if got := ProviderReferenceNamespace(esv1.AuthenticationScopeManifestNamespace, "provider-ns"); got != "" {
  53. t.Fatalf("expected empty provider reference namespace, got %q", got)
  54. }
  55. }
  56. func TestProviderReferenceNamespaceForProviderScope(t *testing.T) {
  57. t.Parallel()
  58. if got := ProviderReferenceNamespace(esv1.AuthenticationScopeProviderNamespace, "provider-ns"); got != "provider-ns" {
  59. t.Fatalf("expected provider namespace, got %q", got)
  60. }
  61. }
  62. func TestNewV2ClusterProviderScenarioManifestScope(t *testing.T) {
  63. t.Parallel()
  64. called := false
  65. got := NewV2ClusterProviderScenario("workload-ns", "case", esv1.AuthenticationScopeManifestNamespace, func(prefix string) string {
  66. called = true
  67. return prefix + "-provider"
  68. })
  69. if called {
  70. t.Fatal("expected provider namespace factory to be unused for manifest scope")
  71. }
  72. if got.ConfigName != "case-config" {
  73. t.Fatalf("unexpected config name: %q", got.ConfigName)
  74. }
  75. if got.ConfigNamespace != "workload-ns" {
  76. t.Fatalf("unexpected config namespace: %q", got.ConfigNamespace)
  77. }
  78. if got.ProviderNamespace != "workload-ns" {
  79. t.Fatalf("unexpected provider namespace: %q", got.ProviderNamespace)
  80. }
  81. if got.ProviderRefNamespace != "" {
  82. t.Fatalf("expected empty provider reference namespace, got %q", got.ProviderRefNamespace)
  83. }
  84. if got.WorkloadNamespace != "workload-ns" {
  85. t.Fatalf("unexpected workload namespace: %q", got.WorkloadNamespace)
  86. }
  87. if got.NamePrefix != "workload-ns-case" {
  88. t.Fatalf("unexpected name prefix: %q", got.NamePrefix)
  89. }
  90. }
  91. func TestNewV2ClusterProviderScenarioProviderScope(t *testing.T) {
  92. t.Parallel()
  93. var gotPrefix string
  94. got := NewV2ClusterProviderScenario("workload-ns", "case", esv1.AuthenticationScopeProviderNamespace, func(prefix string) string {
  95. gotPrefix = prefix
  96. return "provider-ns"
  97. })
  98. if gotPrefix != "case-provider" {
  99. t.Fatalf("unexpected provider namespace prefix: %q", gotPrefix)
  100. }
  101. if got.ConfigNamespace != "provider-ns" {
  102. t.Fatalf("unexpected config namespace: %q", got.ConfigNamespace)
  103. }
  104. if got.ProviderNamespace != "provider-ns" {
  105. t.Fatalf("unexpected provider namespace: %q", got.ProviderNamespace)
  106. }
  107. if got.ProviderRefNamespace != "provider-ns" {
  108. t.Fatalf("unexpected provider reference namespace: %q", got.ProviderRefNamespace)
  109. }
  110. }
  111. func TestPushSecretMetadataWithRemoteNamespace(t *testing.T) {
  112. t.Parallel()
  113. got := PushSecretMetadataWithRemoteNamespace("target-ns")
  114. if got == nil {
  115. t.Fatal("expected metadata payload")
  116. }
  117. raw := string(got.Raw)
  118. if !strings.Contains(raw, `"remoteNamespace":"target-ns"`) {
  119. t.Fatalf("expected remote namespace in metadata, got %q", raw)
  120. }
  121. }