github.com/juju/juju@v0.0.0-20240430160146-1752b71fcf00/caas/kubernetes/provider/credentials_test.go (about) 1 // Copyright 2018 Canonical Ltd. 2 // Licensed under the AGPLv3, see LICENCE file for details. 3 4 package provider_test 5 6 import ( 7 "path/filepath" 8 9 "github.com/juju/testing" 10 jc "github.com/juju/testing/checkers" 11 "github.com/juju/utils/v3" 12 gc "gopkg.in/check.v1" 13 14 k8s "github.com/juju/juju/caas/kubernetes" 15 "github.com/juju/juju/caas/kubernetes/provider" 16 "github.com/juju/juju/cloud" 17 "github.com/juju/juju/environs" 18 envtesting "github.com/juju/juju/environs/testing" 19 ) 20 21 type credentialsSuite struct { 22 testing.FakeHomeSuite 23 provider environs.EnvironProvider 24 } 25 26 var _ = gc.Suite(&credentialsSuite{}) 27 28 func (s *credentialsSuite) SetUpTest(c *gc.C) { 29 s.FakeHomeSuite.SetUpTest(c) 30 31 var err error 32 s.provider, err = environs.Provider("kubernetes") 33 c.Assert(err, jc.ErrorIsNil) 34 } 35 36 func (s *credentialsSuite) TestCredentialSchemas(c *gc.C) { 37 envtesting.AssertProviderAuthTypes(c, s.provider, "userpass", "oauth2", "clientcertificate", "oauth2withcert", "certificate") 38 } 39 40 func (s *credentialsSuite) TestCredentialsValid(c *gc.C) { 41 envtesting.AssertProviderCredentialsValid(c, s.provider, "userpass", map[string]string{ 42 "username": "fred", 43 "password": "secret", 44 }) 45 } 46 47 func (s *credentialsSuite) TestHiddenAttributes(c *gc.C) { 48 envtesting.AssertProviderCredentialsAttributesHidden(c, s.provider, "userpass", "password") 49 envtesting.AssertProviderCredentialsAttributesHidden(c, s.provider, "oauth2", "Token") 50 envtesting.AssertProviderCredentialsAttributesHidden(c, s.provider, "clientcertificate", "ClientKeyData") 51 envtesting.AssertProviderCredentialsAttributesHidden(c, s.provider, "oauth2withcert", "ClientKeyData", "Token") 52 envtesting.AssertProviderCredentialsAttributesHidden(c, s.provider, "certificate", "Token") 53 } 54 55 var singleConfigYAML = ` 56 apiVersion: v1 57 kind: Config 58 clusters: 59 - cluster: 60 server: https://1.1.1.1:8888 61 certificate-authority-data: QQ== 62 name: the-cluster 63 contexts: 64 - context: 65 cluster: the-cluster 66 user: the-user 67 name: the-context 68 current-context: the-context 69 preferences: {} 70 users: 71 - name: the-user 72 user: 73 password: thepassword 74 username: theuser 75 ` 76 77 func (s *credentialsSuite) TestDetectCredentials(c *gc.C) { 78 kubeConfig := filepath.Join(utils.Home(), "config") 79 s.PatchEnvironment("KUBECONFIG", kubeConfig) 80 s.Home.AddFiles(c, testing.TestFile{ 81 Name: "config", 82 Data: singleConfigYAML, 83 }) 84 creds, err := s.provider.DetectCredentials("") 85 c.Assert(err, jc.ErrorIsNil) 86 c.Assert(creds.DefaultRegion, gc.Equals, "") 87 expected := cloud.NewNamedCredential( 88 "the-user", cloud.UserPassAuthType, map[string]string{ 89 "username": "theuser", 90 "password": "thepassword", 91 }, false, 92 ) 93 c.Assert(creds.AuthCredentials["the-user"], jc.DeepEquals, expected) 94 } 95 96 func (s *credentialsSuite) TestRegisterCredentialsNotMicrok8s(c *gc.C) { 97 p := provider.NewProviderCredentials(credentialGetterFunc(builtinCloudRet{})) 98 credentials, err := p.RegisterCredentials(cloud.Cloud{}) 99 c.Assert(err, jc.ErrorIsNil) 100 c.Assert(credentials, gc.HasLen, 0) 101 } 102 103 func (s *credentialsSuite) TestRegisterCredentialsMicrok8s(c *gc.C) { 104 p := provider.NewProviderCredentials( 105 credentialGetterFunc( 106 builtinCloudRet{ 107 cloud: defaultK8sCloud, 108 credential: getDefaultCredential(), 109 err: nil, 110 }, 111 ), 112 ) 113 credentials, err := p.RegisterCredentials(defaultK8sCloud) 114 c.Assert(err, jc.ErrorIsNil) 115 c.Assert(credentials, gc.HasLen, 1) 116 c.Assert(credentials[k8s.K8sCloudMicrok8s], gc.DeepEquals, &cloud.CloudCredential{ 117 DefaultCredential: k8s.K8sCloudMicrok8s, 118 AuthCredentials: map[string]cloud.Credential{ 119 k8s.K8sCloudMicrok8s: getDefaultCredential(), 120 }, 121 }) 122 }