Home Explore Help
Sign In
logic855
/
helm-external-secrets
mirror of https://github.com/external-secrets/external-secrets
1
0
Fork 0
Files Issues 0 Wiki
Branch: mj-v2-poc-e2e-framework
Branches Tags
helm-external-s...
/
e2e
/
framework
/
addon
/
eso_v2_mutators_test.go

eso_v2_mutators_test.go 11 KB
Permalink History Raw

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308309310311312313314315316317318319320321322323324325326327328329330331332333334335336337338339340341342343344345346347348349350351352353 
  1. /*
    2. 

  2. Copyright © The ESO Authors
    3. 

  3. 

  4. Licensed under the Apache License, Version 2.0 (the "License");
    5. 

  5. you may not use this file except in compliance with the License.
    6. 

  6. You may obtain a copy of the License at
    7. 

  7. 

  8.     https://www.apache.org/licenses/LICENSE-2.0
    9. 

  9. 

  10. Unless required by applicable law or agreed to in writing, software
    11. 

  11. distributed under the License is distributed on an "AS IS" BASIS,
    12. 

  12. WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13. 

  13. See the License for the specific language governing permissions and
    14. 

  14. limitations under the License.
    15. 

  15. */
    16. 

  16. 

  17. package addon
    18. 

  18. 

  19. import (
    20. 

  20. 	"regexp"
    21. 

  21. 	"strconv"
    22. 

  22. 	"testing"
    23. 

  23. )
    24. 

  24. 

  25. func TestWithV2FakeProvider(t *testing.T) {
    26. 

  26. 	t.Setenv("VERSION", "test-version")
    27. 

  27. 

  28. 	eso := NewESO(WithV2FakeProvider())
    29. 

  29. 

  30. 	assertV2ProviderBaseVars(t, eso.HelmChart)
    31. 

  31. 	assertVarValue(t, eso.HelmChart, "providers.enabled", "true")
    32. 

  32. 	assertProvider(
    33. 

  33. 		t,
    34. 

  34. 		eso.HelmChart,
    35. 

  35. 		"fake",
    36. 

  36. 		"fake",
    37. 

  37. 		"ghcr.io/external-secrets/provider-fake",
    38. 

  38. 		"test-version",
    39. 

  39. 	)
    40. 

  40. 	assertSequentialProviderIndexes(t, eso.HelmChart)
    41. 

  41. 

  42. 	providers := providerEntries(t, eso.HelmChart)
    43. 

  43. 	if len(providers) != 1 {
    44. 

  44. 		t.Fatalf("expected exactly one provider entry, got %d", len(providers))
    45. 

  45. 	}
    46. 

  46. 	if providers[0].Name != "fake" {
    47. 

  47. 		t.Fatalf("expected fake to be at index 0 when standalone, got index 0 name %q", providers[0].Name)
    48. 

  48. 	}
    49. 

  49. }
    50. 

  50. 

  51. func TestWithV2AWSProvider(t *testing.T) {
    52. 

  52. 	t.Setenv("VERSION", "test-version")
    53. 

  53. 

  54. 	eso := NewESO(WithV2AWSProvider())
    55. 

  55. 

  56. 	assertV2ProviderBaseVars(t, eso.HelmChart)
    57. 

  57. 	assertVarValue(t, eso.HelmChart, "providers.enabled", "true")
    58. 

  58. 	assertProvider(
    59. 

  59. 		t,
    60. 

  60. 		eso.HelmChart,
    61. 

  61. 		"aws",
    62. 

  62. 		"aws",
    63. 

  63. 		"ghcr.io/external-secrets/provider-aws",
    64. 

  64. 		"test-version",
    65. 

  65. 	)
    66. 

  66. 	assertSequentialProviderIndexes(t, eso.HelmChart)
    67. 

  67. 

  68. 	providers := providerEntries(t, eso.HelmChart)
    69. 

  69. 	if len(providers) != 1 {
    70. 

  70. 		t.Fatalf("expected exactly one provider entry, got %d", len(providers))
    71. 

  71. 	}
    72. 

  72. 	if providers[0].Name != "aws" {
    73. 

  73. 		t.Fatalf("expected aws to be at index 0 when standalone, got index 0 name %q", providers[0].Name)
    74. 

  74. 	}
    75. 

  75. }
    76. 

  76. 

  77. func TestWithV2ProvidersComposeIncludesAWS(t *testing.T) {
    78. 

  78. 	t.Setenv("VERSION", "test-version")
    79. 

  79. 

  80. 	eso := NewESO(
    81. 

  81. 		WithV2Namespace(),
    82. 

  82. 		WithV2KubernetesProvider(),
    83. 

  83. 		WithV2FakeProvider(),
    84. 

  84. 		WithV2AWSProvider(),
    85. 

  85. 	)
    86. 

  86. 

  87. 	if eso.HelmChart.Namespace != v2HelmNamespace {
    88. 

  88. 		t.Fatalf("expected namespace %q, got %q", v2HelmNamespace, eso.HelmChart.Namespace)
    89. 

  89. 	}
    90. 

  90. 	if eso.HelmChart.ReleaseName != v2HelmReleaseName {
    91. 

  91. 		t.Fatalf("expected release name %q, got %q", v2HelmReleaseName, eso.HelmChart.ReleaseName)
    92. 

  92. 	}
    93. 

  93. 	if !containsArg(eso.HelmChart.Args, "--create-namespace") {
    94. 

  94. 		t.Fatalf("expected --create-namespace arg, got %v", eso.HelmChart.Args)
    95. 

  95. 	}
    96. 

  96. 

  97. 	assertV2ProviderBaseVars(t, eso.HelmChart)
    98. 

  98. 	assertVarValue(t, eso.HelmChart, "providers.enabled", "true")
    99. 

  99. 	assertProvider(
    100. 

  100. 		t,
    101. 

  101. 		eso.HelmChart,
    102. 

  102. 		"kubernetes",
    103. 

  103. 		"kubernetes",
    104. 

  104. 		"ghcr.io/external-secrets/provider-kubernetes",
    105. 

  105. 		"test-version",
    106. 

  106. 	)
    107. 

  107. 	assertProvider(
    108. 

  108. 		t,
    109. 

  109. 		eso.HelmChart,
    110. 

  110. 		"fake",
    111. 

  111. 		"fake",
    112. 

  112. 		"ghcr.io/external-secrets/provider-fake",
    113. 

  113. 		"test-version",
    114. 

  114. 	)
    115. 

  115. 	assertProvider(
    116. 

  116. 		t,
    117. 

  117. 		eso.HelmChart,
    118. 

  118. 		"aws",
    119. 

  119. 		"aws",
    120. 

  120. 		"ghcr.io/external-secrets/provider-aws",
    121. 

  121. 		"test-version",
    122. 

  122. 	)
    123. 

  123. 	assertSequentialProviderIndexes(t, eso.HelmChart)
    124. 

  124. 

  125. 	providers := providerEntries(t, eso.HelmChart)
    126. 

  126. 	if providers[0].Name != "kubernetes" {
    127. 

  127. 		t.Fatalf("expected kubernetes to remain first provider entry, got %q at index 0", providers[0].Name)
    128. 

  128. 	}
    129. 

  129. 	if providers[1].Name != "fake" {
    130. 

  130. 		t.Fatalf("expected fake to be second provider entry, got %q at index 1", providers[1].Name)
    131. 

  131. 	}
    132. 

  132. 	if providers[2].Name != "aws" {
    133. 

  133. 		t.Fatalf("expected aws to be third provider entry, got %q at index 2", providers[2].Name)
    134. 

  134. 	}
    135. 

  135. }
    136. 

  136. 

  137. func TestWithV2FakeProviderDoesNotDuplicateOnRepeat(t *testing.T) {
    138. 

  138. 	t.Setenv("VERSION", "test-version")
    139. 

  139. 

  140. 	eso := NewESO(WithV2FakeProvider(), WithV2FakeProvider())
    141. 

  141. 

  142. 	providers := providerEntries(t, eso.HelmChart)
    143. 

  143. 	if len(providers) != 1 {
    144. 

  144. 		t.Fatalf("expected one provider entry after applying fake mutator twice, got %d", len(providers))
    145. 

  145. 	}
    146. 

  146. 	if providers[0].Name != "fake" {
    147. 

  147. 		t.Fatalf("expected fake provider at index 0 after repeat application, got %q", providers[0].Name)
    148. 

  148. 	}
    149. 

  149. 	assertProvider(t, eso.HelmChart, "fake", "fake", "ghcr.io/external-secrets/provider-fake", "test-version")
    150. 

  150. }
    151. 

  151. 

  152. func TestWithV2FakeProviderUpdatesExistingEntryInPlace(t *testing.T) {
    153. 

  153. 	t.Setenv("VERSION", "test-version")
    154. 

  154. 

  155. 	eso := NewESO()
    156. 

  156. 	setOrAppendVar(eso.HelmChart, StringTuple{Key: "providers.list[3].name", Value: "fake"})
    157. 

  157. 	setOrAppendVar(eso.HelmChart, StringTuple{Key: "providers.list[3].type", Value: "fake"})
    158. 

  158. 	setOrAppendVar(eso.HelmChart, StringTuple{Key: "providers.list[3].enabled", Value: "false"})
    159. 

  159. 	setOrAppendVar(eso.HelmChart, StringTuple{Key: "providers.list[3].replicaCount", Value: "9"})
    160. 

  160. 	setOrAppendVar(eso.HelmChart, StringTuple{Key: "providers.list[3].image.repository", Value: "example.invalid/old-fake"})
    161. 

  161. 	setOrAppendVar(eso.HelmChart, StringTuple{Key: "providers.list[3].image.tag", Value: "old-tag"})
    162. 

  162. 	setOrAppendVar(eso.HelmChart, StringTuple{Key: "providers.list[3].image.pullPolicy", Value: "Always"})
    163. 

  163. 

  164. 	WithV2FakeProvider()(eso)
    165. 

  165. 

  166. 	providers := providerEntries(t, eso.HelmChart)
    167. 

  167. 	if len(providers) != 1 {
    168. 

  168. 		t.Fatalf("expected one fake provider entry after in-place update, got %d", len(providers))
    169. 

  169. 	}
    170. 

  170. 	if providers[3].Name != "fake" {
    171. 

  171. 		t.Fatalf("expected fake provider to stay at index 3, got %q", providers[3].Name)
    172. 

  172. 	}
    173. 

  173. 	assertProvider(t, eso.HelmChart, "fake", "fake", "ghcr.io/external-secrets/provider-fake", "test-version")
    174. 

  174. }
    175. 

  175. 

  176. func TestWithV2FakeProviderEnforcesRequiredFlags(t *testing.T) {
    177. 

  177. 	t.Setenv("VERSION", "test-version")
    178. 

  178. 

  179. 	eso := NewESO()
    180. 

  180. 	setOrAppendVar(eso.HelmChart, StringTuple{Key: "replicaCount", Value: "7"})
    181. 

  181. 	setOrAppendVar(eso.HelmChart, StringTuple{Key: "v2.enabled", Value: "false"})
    182. 

  182. 	setOrAppendVar(eso.HelmChart, StringTuple{Key: "crds.createClusterProviderClass", Value: "false"})
    183. 

  183. 	setOrAppendVar(eso.HelmChart, StringTuple{Key: "crds.createProviderStore", Value: "false"})
    184. 

  184. 	setOrAppendVar(eso.HelmChart, StringTuple{Key: "crds.createClusterProviderStore", Value: "false"})
    185. 

  185. 	setOrAppendVar(eso.HelmChart, StringTuple{Key: "providers.enabled", Value: "false"})
    186. 

  186. 	setOrAppendVar(eso.HelmChart, StringTuple{Key: "providerDefaults.replicaCount", Value: "8"})
    187. 

  187. 

  188. 	WithV2FakeProvider()(eso)
    189. 

  189. 

  190. 	assertVarValue(t, eso.HelmChart, "replicaCount", "7")
    191. 

  191. 	assertVarValue(t, eso.HelmChart, "v2.enabled", "true")
    192. 

  192. 	assertVarValue(t, eso.HelmChart, "crds.createClusterProviderClass", "true")
    193. 

  193. 	assertVarValue(t, eso.HelmChart, "crds.createProviderStore", "true")
    194. 

  194. 	assertVarValue(t, eso.HelmChart, "crds.createClusterProviderStore", "true")
    195. 

  195. 	assertVarValue(t, eso.HelmChart, "providers.enabled", "true")
    196. 

  196. 	assertVarValue(t, eso.HelmChart, "providerDefaults.replicaCount", "8")
    197. 

  197. }
    198. 

  198. 

  199. func TestWithV2ProviderServiceAccountOverridesAWSInPlace(t *testing.T) {
    200. 

  200. 	t.Setenv("VERSION", "test-version")
    201. 

  201. 

  202. 	eso := NewESO(WithV2AWSProvider())
    203. 

  203. 	WithV2ProviderServiceAccount("aws", "irsa-sa")(eso)
    204. 

  204. 

  205. 	assertVarValue(t, eso.HelmChart, "providers.list[0].serviceAccount.create", "false")
    206. 

  206. 	assertVarValue(t, eso.HelmChart, "providers.list[0].serviceAccount.name", "irsa-sa")
    207. 

  207. }
    208. 

  208. 

  209. func assertVarValue(t *testing.T, chart *HelmChart, key, wantValue string) {
    210. 

  210. 	t.Helper()
    211. 

  211. 

  212. 	for _, variable := range chart.Vars {
    213. 

  213. 		if variable.Key == key {
    214. 

  214. 			if variable.Value != wantValue {
    215. 

  215. 				t.Fatalf("expected %s=%s, got %s", key, wantValue, variable.Value)
    216. 

  216. 			}
    217. 

  217. 			return
    218. 

  218. 		}
    219. 

  219. 	}
    220. 

  220. 

  221. 	t.Fatalf("expected %s=%s to be set", key, wantValue)
    222. 

  222. }
    223. 

  223. 

  224. func assertV2ProviderBaseVars(t *testing.T, chart *HelmChart) {
    225. 

  225. 	t.Helper()
    226. 

  226. 

  227. 	assertVarValue(t, chart, "replicaCount", "1")
    228. 

  228. 	assertVarValue(t, chart, "v2.enabled", "true")
    229. 

  229. 	assertVarValue(t, chart, "crds.createClusterProviderClass", "true")
    230. 

  230. 	assertVarValue(t, chart, "crds.createProviderStore", "true")
    231. 

  231. 	assertVarValue(t, chart, "crds.createClusterProviderStore", "true")
    232. 

  232. 	assertVarValue(t, chart, "providerDefaults.replicaCount", "1")
    233. 

  233. }
    234. 

  234. 

  235. func assertProvider(t *testing.T, chart *HelmChart, name, providerType, imageRepository, imageTag string) {
    236. 

  236. 	t.Helper()
    237. 

  237. 

  238. 	for _, provider := range providerEntries(t, chart) {
    239. 

  239. 		if provider.Name != name {
    240. 

  240. 			continue
    241. 

  241. 		}
    242. 

  242. 		if provider.Type != providerType {
    243. 

  243. 			t.Fatalf("expected provider %q to have type %q, got %q", name, providerType, provider.Type)
    244. 

  244. 		}
    245. 

  245. 		if provider.Enabled != "true" {
    246. 

  246. 			t.Fatalf("expected provider %q to be enabled, got %q", name, provider.Enabled)
    247. 

  247. 		}
    248. 

  248. 		if provider.ReplicaCount != "1" {
    249. 

  249. 			t.Fatalf("expected provider %q replicaCount 1, got %q", name, provider.ReplicaCount)
    250. 

  250. 		}
    251. 

  251. 		if provider.ImageRepository != imageRepository {
    252. 

  252. 			t.Fatalf("expected provider %q image repository %q, got %q", name, imageRepository, provider.ImageRepository)
    253. 

  253. 		}
    254. 

  254. 		if provider.ImageTag != imageTag {
    255. 

  255. 			t.Fatalf("expected provider %q image tag %q, got %q", name, imageTag, provider.ImageTag)
    256. 

  256. 		}
    257. 

  257. 		if provider.ImagePullPolicy != "IfNotPresent" {
    258. 

  258. 			t.Fatalf("expected provider %q image pull policy IfNotPresent, got %q", name, provider.ImagePullPolicy)
    259. 

  259. 		}
    260. 

  260. 		return
    261. 

  261. 	}
    262. 

  262. 

  263. 	t.Fatalf("expected provider %q to exist", name)
    264. 

  264. }
    265. 

  265. 

  266. func assertSequentialProviderIndexes(t *testing.T, chart *HelmChart) {
    267. 

  267. 	t.Helper()
    268. 

  268. 

  269. 	providers := providerEntries(t, chart)
    270. 

  270. 	for i := 0; i < len(providers); i++ {
    271. 

  271. 		if _, ok := providers[i]; !ok {
    272. 

  272. 			t.Fatalf("expected provider index %d to exist, got indexes %v", i, sortedProviderIndexes(providers))
    273. 

  273. 		}
    274. 

  274. 	}
    275. 

  275. }
    276. 

  276. 

  277. type providerEntry struct {
    278. 

  278. 	Name            string
    279. 

  279. 	Type            string
    280. 

  280. 	Enabled         string
    281. 

  281. 	ReplicaCount    string
    282. 

  282. 	ImageRepository string
    283. 

  283. 	ImageTag        string
    284. 

  284. 	ImagePullPolicy string
    285. 

  285. }
    286. 

  286. 

  287. var providerVarPattern = regexp.MustCompile(`^providers\.list\[(\d+)\]\.(.+)$`)
    288. 

  288. var allowedProviderFields = map[string]struct{}{
    289. 

  289. 	"name":             {},
    290. 

  290. 	"type":             {},
    291. 

  291. 	"enabled":          {},
    292. 

  292. 	"replicaCount":     {},
    293. 

  293. 	"image.repository": {},
    294. 

  294. 	"image.tag":        {},
    295. 

  295. 	"image.pullPolicy": {},
    296. 

  296. }
    297. 

  297. 

  298. func providerEntries(t *testing.T, chart *HelmChart) map[int]providerEntry {
    299. 

  299. 	t.Helper()
    300. 

  300. 

  301. 	providers := make(map[int]providerEntry)
    302. 

  302. 	for _, variable := range chart.Vars {
    303. 

  303. 		matches := providerVarPattern.FindStringSubmatch(variable.Key)
    304. 

  304. 		if matches == nil {
    305. 

  305. 			continue
    306. 

  306. 		}
    307. 

  307. 		index, err := strconv.Atoi(matches[1])
    308. 

  308. 		if err != nil {
    309. 

  309. 			t.Fatalf("unable to parse provider index from key %q: %v", variable.Key, err)
    310. 

  310. 		}
    311. 

  311. 		field := matches[2]
    312. 

  312. 		if _, ok := allowedProviderFields[field]; !ok {
    313. 

  313. 			t.Fatalf("unexpected provider field %q in key %q", field, variable.Key)
    314. 

  314. 		}
    315. 

  315. 

  316. 		entry := providers[index]
    317. 

  317. 		switch field {
    318. 

  318. 		case "name":
    319. 

  319. 			entry.Name = variable.Value
    320. 

  320. 		case "type":
    321. 

  321. 			entry.Type = variable.Value
    322. 

  322. 		case "enabled":
    323. 

  323. 			entry.Enabled = variable.Value
    324. 

  324. 		case "replicaCount":
    325. 

  325. 			entry.ReplicaCount = variable.Value
    326. 

  326. 		case "image.repository":
    327. 

  327. 			entry.ImageRepository = variable.Value
    328. 

  328. 		case "image.tag":
    329. 

  329. 			entry.ImageTag = variable.Value
    330. 

  330. 		case "image.pullPolicy":
    331. 

  331. 			entry.ImagePullPolicy = variable.Value
    332. 

  332. 		}
    333. 

  333. 		providers[index] = entry
    334. 

  334. 	}
    335. 

  335. 	return providers
    336. 

  336. }
    337. 

  337. 

  338. func sortedProviderIndexes(providers map[int]providerEntry) []int {
    339. 

  339. 	indexes := make([]int, 0, len(providers))
    340. 

  340. 	for index := range providers {
    341. 

  341. 		indexes = append(indexes, index)
    342. 

  342. 	}
    343. 

  343. 

  344. 	for i := 0; i < len(indexes); i++ {
    345. 

  345. 		for j := i + 1; j < len(indexes); j++ {
    346. 

  346. 			if indexes[j] < indexes[i] {
    347. 

  347. 				indexes[i], indexes[j] = indexes[j], indexes[i]
    348. 

  348. 			}
    349. 

  349. 		}
    350. 

  350. 	}
    351. 

  351. 

  352. 	return indexes
    353. 

  353. }
    354.