github.com/IBM-Blockchain/fabric-operator@v1.0.4/pkg/offering/base/ca/initialize_test.go (about) 1 /* 2 * Copyright contributors to the Hyperledger Fabric Operator project 3 * 4 * SPDX-License-Identifier: Apache-2.0 5 * 6 * Licensed under the Apache License, Version 2.0 (the "License"); 7 * you may not use this file except in compliance with the License. 8 * You may obtain a copy of the License at: 9 * 10 * http://www.apache.org/licenses/LICENSE-2.0 11 * 12 * Unless required by applicable law or agreed to in writing, software 13 * distributed under the License is distributed on an "AS IS" BASIS, 14 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 15 * See the License for the specific language governing permissions and 16 * limitations under the License. 17 */ 18 19 package baseca_test 20 21 import ( 22 . "github.com/onsi/ginkgo/v2" 23 . "github.com/onsi/gomega" 24 "github.com/pkg/errors" 25 26 current "github.com/IBM-Blockchain/fabric-operator/api/v1beta1" 27 clientmocks "github.com/IBM-Blockchain/fabric-operator/controllers/mocks" 28 cav1 "github.com/IBM-Blockchain/fabric-operator/pkg/apis/ca/v1" 29 initializer "github.com/IBM-Blockchain/fabric-operator/pkg/initializer/ca" 30 baseca "github.com/IBM-Blockchain/fabric-operator/pkg/offering/base/ca" 31 basecamocks "github.com/IBM-Blockchain/fabric-operator/pkg/offering/base/ca/mocks" 32 "github.com/IBM-Blockchain/fabric-operator/pkg/util" 33 34 v1 "k8s.io/apimachinery/pkg/apis/meta/v1" 35 "k8s.io/apimachinery/pkg/runtime" 36 ) 37 38 var _ = Describe("Initialize CA", func() { 39 var ( 40 instance *current.IBPCA 41 cainit *baseca.Initialize 42 mockinitializer *basecamocks.Initializer 43 mockClient *clientmocks.Client 44 update *basecamocks.Update 45 ) 46 47 BeforeEach(func() { 48 jm, err := util.ConvertToJsonMessage(&cav1.ServerConfig{}) 49 Expect(err).NotTo(HaveOccurred()) 50 51 instance = ¤t.IBPCA{ 52 Spec: current.IBPCASpec{ 53 ConfigOverride: ¤t.ConfigOverride{ 54 CA: &runtime.RawExtension{Raw: *jm}, 55 TLSCA: &runtime.RawExtension{Raw: *jm}, 56 }, 57 }, 58 } 59 60 config := &initializer.Config{ 61 CADefaultConfigPath: "../../../../defaultconfig/ca/ca.yaml", 62 TLSCADefaultConfigPath: "../../../../defaultconfig/ca/tlsca.yaml", 63 } 64 65 update = &basecamocks.Update{} 66 mockClient = &clientmocks.Client{} 67 scheme := &runtime.Scheme{} 68 labels := func(v1.Object) map[string]string { 69 return nil 70 } 71 72 mockinitializer = &basecamocks.Initializer{} 73 74 cainit = &baseca.Initialize{ 75 Config: config, 76 Scheme: scheme, 77 Labels: labels, 78 Initializer: mockinitializer, 79 Client: mockClient, 80 } 81 }) 82 83 Context("handle enrollment ca's config", func() { 84 Context("enrollment ca", func() { 85 It("calls update enrollment when update detected", func() { 86 update.CAOverridesUpdatedReturns(true) 87 _, err := cainit.HandleEnrollmentCAInit(instance, update) 88 Expect(err).NotTo(HaveOccurred()) 89 Expect(mockinitializer.UpdateCallCount()).To(Equal(1)) 90 }) 91 92 It("calls create enrollment when update detected", func() { 93 mockClient.GetReturns(errors.New("secret not found")) 94 _, err := cainit.HandleEnrollmentCAInit(instance, update) 95 Expect(err).NotTo(HaveOccurred()) 96 Expect(mockinitializer.CreateCallCount()).To(Equal(1)) 97 }) 98 }) 99 100 Context("tls ca", func() { 101 It("calls update enrollment when update detected", func() { 102 update.TLSCAOverridesUpdatedReturns(true) 103 _, err := cainit.HandleTLSCAInit(instance, update) 104 Expect(err).NotTo(HaveOccurred()) 105 Expect(mockinitializer.UpdateCallCount()).To(Equal(1)) 106 }) 107 108 It("calls create enrollment when update detected", func() { 109 mockClient.GetReturns(errors.New("secret not found")) 110 _, err := cainit.HandleTLSCAInit(instance, update) 111 Expect(err).NotTo(HaveOccurred()) 112 Expect(mockinitializer.CreateCallCount()).To(Equal(1)) 113 }) 114 }) 115 }) 116 117 Context("create enrollment ca's config", func() { 118 It("returns an error if create fails", func() { 119 msg := "failed to create" 120 mockinitializer.CreateReturns(nil, errors.New(msg)) 121 _, err := cainit.CreateEnrollmentCAConfig(instance) 122 Expect(err).To(HaveOccurred()) 123 Expect(err.Error()).To(Equal(msg)) 124 }) 125 126 It("creates config", func() { 127 _, err := cainit.CreateEnrollmentCAConfig(instance) 128 Expect(err).NotTo(HaveOccurred()) 129 }) 130 }) 131 132 Context("update enrollment ca's config", func() { 133 It("returns an error if update fails", func() { 134 msg := "failed to update" 135 mockinitializer.UpdateReturns(nil, errors.New(msg)) 136 _, err := cainit.UpdateEnrollmentCAConfig(instance) 137 Expect(err).To(HaveOccurred()) 138 Expect(err.Error()).To(Equal(msg)) 139 }) 140 141 It("update config", func() { 142 _, err := cainit.UpdateEnrollmentCAConfig(instance) 143 Expect(err).NotTo(HaveOccurred()) 144 }) 145 }) 146 147 Context("create config resouces", func() { 148 var resp *initializer.Response 149 150 BeforeEach(func() { 151 resp = &initializer.Response{ 152 CryptoMap: map[string][]byte{"cert.pem": []byte("cert.pem")}, 153 Config: &cav1.ServerConfig{}, 154 } 155 }) 156 157 It("returns an error if secret creation fails", func() { 158 msg := "failed to create secret" 159 mockClient.CreateOrUpdateReturns(errors.New(msg)) 160 err := cainit.CreateConfigResources("ibpca1", instance, resp) 161 Expect(err).To(HaveOccurred()) 162 Expect(err.Error()).To(Equal("failed to create/update secret: " + msg)) 163 }) 164 165 It("returns an error if config map creation fails", func() { 166 msg := "failed to create cm" 167 mockClient.CreateOrUpdateReturnsOnCall(1, errors.New(msg)) 168 err := cainit.CreateConfigResources("ibpca1", instance, resp) 169 Expect(err).To(HaveOccurred()) 170 Expect(err.Error()).To(Equal("failed to create/update config map: " + msg)) 171 }) 172 173 It("create secret and configmap", func() { 174 err := cainit.CreateConfigResources("ibpca1", instance, resp) 175 Expect(err).NotTo(HaveOccurred()) 176 }) 177 }) 178 179 Context("merge crypto", func() { 180 var ( 181 oldCrypto = map[string][]byte{} 182 newCrypto = map[string][]byte{} 183 ) 184 185 BeforeEach(func() { 186 oldCrypto = map[string][]byte{ 187 "key1.pem": []byte("key1"), 188 "key2.pem": []byte("key2"), 189 "cert.pem": []byte("cert"), 190 } 191 192 newCrypto = map[string][]byte{ 193 "key1.pem": []byte("newkey1"), 194 "cert.pem": []byte("newcert"), 195 } 196 }) 197 198 It("only updates keys that have new values", func() { 199 merged := cainit.MergeCryptoMaterial(oldCrypto, newCrypto) 200 Expect(merged["key1.pem"]).To(Equal([]byte("newkey1"))) 201 Expect(merged["key2.pem"]).To(Equal([]byte("key2"))) 202 Expect(merged["cert.pem"]).To(Equal([]byte("newcert"))) 203 }) 204 }) 205 })