pushsecret_crd_test.go 6.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192
  1. /*
  2. Copyright © The ESO Authors
  3. Licensed under the Apache License, Version 2.0 (the "License");
  4. you may not use this file except in compliance with the License.
  5. You may obtain a copy of the License at
  6. https://www.apache.org/licenses/LICENSE-2.0
  7. Unless required by applicable law or agreed to in writing, software
  8. distributed under the License is distributed on an "AS IS" BASIS,
  9. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  10. See the License for the specific language governing permissions and
  11. limitations under the License.
  12. */
  13. package v1alpha1
  14. import (
  15. "os"
  16. "path/filepath"
  17. "slices"
  18. "testing"
  19. "sigs.k8s.io/yaml"
  20. )
  21. func TestPushSecretCRDDoesNotDefaultSecretStoreRefKind(t *testing.T) {
  22. crdPath := filepath.Join("..", "..", "..", "config", "crds", "bases", "external-secrets.io_pushsecrets.yaml")
  23. data, err := os.ReadFile(crdPath)
  24. if err != nil {
  25. t.Fatalf("read CRD: %v", err)
  26. }
  27. var crd map[string]any
  28. if err := yaml.Unmarshal(data, &crd); err != nil {
  29. t.Fatalf("unmarshal CRD: %v", err)
  30. }
  31. versions := asSlice(t, asMap(t, crd["spec"], "spec")["versions"], "spec.versions")
  32. var kindSchema map[string]any
  33. for _, version := range versions {
  34. versionMap := asMap(t, version, "spec.versions[]")
  35. if versionMap["name"] != Version {
  36. continue
  37. }
  38. schema := asMap(t, versionMap["schema"], "spec.versions[].schema")
  39. openAPIV3 := asMap(t, schema["openAPIV3Schema"], "spec.versions[].schema.openAPIV3Schema")
  40. properties := asMap(t, openAPIV3["properties"], "spec.versions[].schema.openAPIV3Schema.properties")
  41. specProperties := asMap(t, asMap(t, properties["spec"], "spec property")["properties"], "spec.properties")
  42. secretStoreRefs := asMap(t, specProperties["secretStoreRefs"], "spec.properties.secretStoreRefs")
  43. items := asMap(t, secretStoreRefs["items"], "spec.properties.secretStoreRefs.items")
  44. itemProperties := asMap(t, items["properties"], "spec.properties.secretStoreRefs.items.properties")
  45. kindSchema = asMap(t, itemProperties["kind"], "spec.properties.secretStoreRefs.items.properties.kind")
  46. break
  47. }
  48. if kindSchema == nil {
  49. t.Fatal("did not find v1alpha1 secretStoreRefs.kind schema")
  50. }
  51. if def, ok := kindSchema["default"]; ok {
  52. t.Fatalf("secretStoreRefs.kind must not define a CRD default, got %v", def)
  53. }
  54. }
  55. func TestPushSecretCRDSecretStoreRefKindIncludesProviderStoreKinds(t *testing.T) {
  56. crdPath := filepath.Join("..", "..", "..", "config", "crds", "bases", "external-secrets.io_pushsecrets.yaml")
  57. data, err := os.ReadFile(crdPath)
  58. if err != nil {
  59. t.Fatalf("read CRD: %v", err)
  60. }
  61. var crd map[string]any
  62. if err := yaml.Unmarshal(data, &crd); err != nil {
  63. t.Fatalf("unmarshal CRD: %v", err)
  64. }
  65. versions := asSlice(t, asMap(t, crd["spec"], "spec")["versions"], "spec.versions")
  66. var kindEnum []string
  67. for _, version := range versions {
  68. versionMap := asMap(t, version, "spec.versions[]")
  69. if versionMap["name"] != Version {
  70. continue
  71. }
  72. schema := asMap(t, versionMap["schema"], "spec.versions[].schema")
  73. openAPIV3 := asMap(t, schema["openAPIV3Schema"], "spec.versions[].schema.openAPIV3Schema")
  74. properties := asMap(t, openAPIV3["properties"], "spec.versions[].schema.openAPIV3Schema.properties")
  75. specProperties := asMap(t, asMap(t, properties["spec"], "spec property")["properties"], "spec.properties")
  76. secretStoreRefs := asMap(t, specProperties["secretStoreRefs"], "spec.properties.secretStoreRefs")
  77. items := asMap(t, secretStoreRefs["items"], "spec.properties.secretStoreRefs.items")
  78. itemProperties := asMap(t, items["properties"], "spec.properties.secretStoreRefs.items.properties")
  79. kindSchema := asMap(t, itemProperties["kind"], "spec.properties.secretStoreRefs.items.properties.kind")
  80. kindEnum = asStringSlice(t, kindSchema["enum"], "spec.properties.secretStoreRefs.items.properties.kind.enum")
  81. break
  82. }
  83. if kindEnum == nil {
  84. t.Fatal("did not find v1alpha1 secretStoreRefs.kind enum")
  85. }
  86. assertContains := func(value string) {
  87. t.Helper()
  88. if slices.Contains(kindEnum, value) {
  89. return
  90. }
  91. t.Fatalf("kind enum does not contain %q: %v", value, kindEnum)
  92. }
  93. assertContains("ProviderStore")
  94. assertContains("ClusterProviderStore")
  95. assertNotContains := func(value string) {
  96. t.Helper()
  97. if slices.Contains(kindEnum, value) {
  98. t.Fatalf("kind enum unexpectedly contains %q: %v", value, kindEnum)
  99. }
  100. }
  101. assertNotContains("Provider")
  102. assertNotContains("ClusterProvider")
  103. }
  104. func TestPushSecretCRDDoesNotDefaultSecretStoreRefAPIVersion(t *testing.T) {
  105. crdPath := filepath.Join("..", "..", "..", "config", "crds", "bases", "external-secrets.io_pushsecrets.yaml")
  106. data, err := os.ReadFile(crdPath)
  107. if err != nil {
  108. t.Fatalf("read CRD: %v", err)
  109. }
  110. var crd map[string]any
  111. if err := yaml.Unmarshal(data, &crd); err != nil {
  112. t.Fatalf("unmarshal CRD: %v", err)
  113. }
  114. versions := asSlice(t, asMap(t, crd["spec"], "spec")["versions"], "spec.versions")
  115. var apiVersionSchema map[string]any
  116. for _, version := range versions {
  117. versionMap := asMap(t, version, "spec.versions[]")
  118. if versionMap["name"] != Version {
  119. continue
  120. }
  121. schema := asMap(t, versionMap["schema"], "spec.versions[].schema")
  122. openAPIV3 := asMap(t, schema["openAPIV3Schema"], "spec.versions[].schema.openAPIV3Schema")
  123. properties := asMap(t, openAPIV3["properties"], "spec.versions[].schema.openAPIV3Schema.properties")
  124. specProperties := asMap(t, asMap(t, properties["spec"], "spec property")["properties"], "spec.properties")
  125. secretStoreRefs := asMap(t, specProperties["secretStoreRefs"], "spec.properties.secretStoreRefs")
  126. items := asMap(t, secretStoreRefs["items"], "spec.properties.secretStoreRefs.items")
  127. itemProperties := asMap(t, items["properties"], "spec.properties.secretStoreRefs.items.properties")
  128. apiVersionSchema = asMap(t, itemProperties["apiVersion"], "spec.properties.secretStoreRefs.items.properties.apiVersion")
  129. break
  130. }
  131. if apiVersionSchema == nil {
  132. t.Fatal("did not find v1alpha1 secretStoreRefs.apiVersion schema")
  133. }
  134. if def, ok := apiVersionSchema["default"]; ok {
  135. t.Fatalf("secretStoreRefs.apiVersion must not define a CRD default, got %v", def)
  136. }
  137. }
  138. func asMap(t *testing.T, v any, path string) map[string]any {
  139. t.Helper()
  140. m, ok := v.(map[string]any)
  141. if !ok {
  142. t.Fatalf("%s is %T, want map[string]any", path, v)
  143. }
  144. return m
  145. }
  146. func asSlice(t *testing.T, v any, path string) []any {
  147. t.Helper()
  148. s, ok := v.([]any)
  149. if !ok {
  150. t.Fatalf("%s is %T, want []any", path, v)
  151. }
  152. return s
  153. }
  154. func asStringSlice(t *testing.T, v any, path string) []string {
  155. t.Helper()
  156. s := asSlice(t, v, path)
  157. out := make([]string, 0, len(s))
  158. for i, entry := range s {
  159. str, ok := entry.(string)
  160. if !ok {
  161. t.Fatalf("%s[%d] is %T, want string", path, i, entry)
  162. }
  163. out = append(out, str)
  164. }
  165. return out
  166. }