github.com/argoproj-labs/argocd-operator@v0.10.0/tests/ocp/1-004_validate_dex_clientsecret/02-verify-clientsecret.yaml

github.com/argoproj-labs/argocd-operator@v0.10.0/tests/ocp/1-004_validate_dex_clientsecret/02-verify-clientsecret.yaml (about)

     1  apiVersion: kuttl.dev/v1beta1
     2  kind: TestStep
     3  commands:
     4  - script: |
     5      # This test validates the Dex Client Secret copied by the operator from dex serviceaccount token secret in to argocd-secret.
     6      # To verify the behavior we should first get the token secret name of the dex service account.
     7      secret=$(oc get -n $NAMESPACE sa example-argocd-argocd-dex-server -o json | jq -r '.secrets' | grep token | sed 's/    "name": "//g' | sed 's/"//g')
     8      
     9      # Extract the clientSecret 
    10      expectedClientSecret=$(oc get secret $secret -n $NAMESPACE -o json | jq -r '.data.token')
    11      
    12      # actualClientSecret is the value of the secret in argocd-secret where argocd-operator should copy the secret from
    13      actualClientSecret=$(oc get secret argocd-secret -o json -n $NAMESPACE | jq -r '.data."oidc.dex.clientSecret"')
    14      
    15      # Verify
    16      if $expectedClientSecret != $actualClientSecret; then
    17        echo "Error: Dex Client Secret for OIDC is not valid"
    18        exit 1
    19      fi