github.com/juju/juju@v0.0.0-20240430160146-1752b71fcf00/caas/kubernetes/provider/secrets_test.go (about) 1 // Copyright 2019 Canonical Ltd. 2 // Licensed under the AGPLv3, see LICENCE file for details. 3 4 package provider_test 5 6 import ( 7 "context" 8 9 "github.com/juju/errors" 10 jc "github.com/juju/testing/checkers" 11 gc "gopkg.in/check.v1" 12 core "k8s.io/api/core/v1" 13 v1 "k8s.io/apimachinery/pkg/apis/meta/v1" 14 15 "github.com/juju/juju/caas/kubernetes/provider" 16 "github.com/juju/juju/core/secrets" 17 ) 18 19 var _ = gc.Suite(&secretsSuite{}) 20 21 type secretsSuite struct { 22 fakeClientSuite 23 } 24 25 func (s *secretsSuite) TestProcessSecretData(c *gc.C) { 26 o, err := provider.ProcessSecretData( 27 map[string]string{ 28 "username": "YWRtaW4=", 29 "password": "MWYyZDFlMmU2N2Rm", 30 }, 31 ) 32 c.Assert(err, jc.ErrorIsNil) 33 c.Assert(o, gc.DeepEquals, map[string][]byte{ 34 "username": []byte("admin"), 35 "password": []byte("1f2d1e2e67df"), 36 }) 37 } 38 39 func (s *secretsSuite) TestGetSecretToken(c *gc.C) { 40 secret := &core.Secret{ 41 ObjectMeta: v1.ObjectMeta{ 42 Name: "secret-1", 43 Annotations: map[string]string{ 44 core.ServiceAccountNameKey: "secret-1", 45 }, 46 }, 47 Type: core.SecretTypeServiceAccountToken, 48 Data: map[string][]byte{ 49 core.ServiceAccountTokenKey: []byte("token"), 50 }, 51 } 52 _, err := s.mockSecrets.Create(context.Background(), secret, v1.CreateOptions{}) 53 c.Assert(err, jc.ErrorIsNil) 54 55 out, err := s.broker.GetSecretToken("secret-1") 56 c.Assert(err, jc.ErrorIsNil) 57 c.Assert(out, gc.Equals, "token") 58 59 result, err := s.mockSecrets.List(context.Background(), v1.ListOptions{}) 60 c.Assert(err, jc.ErrorIsNil) 61 c.Assert(result.Items, gc.HasLen, 1) 62 c.Assert(result.Items[0].Name, gc.Equals, "secret-1") 63 } 64 65 func (s *secretsSuite) TestGetJujuSecret(c *gc.C) { 66 secret := &core.Secret{ 67 ObjectMeta: v1.ObjectMeta{ 68 Name: "provider-id", 69 Namespace: "test", 70 }, 71 Type: core.SecretTypeOpaque, 72 Data: map[string][]byte{ 73 "foo": []byte("bar"), 74 }, 75 } 76 _, err := s.mockSecrets.Create(context.Background(), secret, v1.CreateOptions{}) 77 c.Assert(err, jc.ErrorIsNil) 78 79 value, err := s.broker.GetJujuSecret(context.Background(), "provider-id") 80 c.Assert(err, jc.ErrorIsNil) 81 data, err := value.Values() 82 c.Assert(err, jc.ErrorIsNil) 83 c.Assert(data, jc.DeepEquals, map[string]string{ 84 "foo": "bar", 85 }) 86 } 87 88 func (s *secretsSuite) TestDeleteJujuSecret(c *gc.C) { 89 secret := &core.Secret{ 90 ObjectMeta: v1.ObjectMeta{ 91 Name: "provider-id", 92 Namespace: "test", 93 }, 94 Type: core.SecretTypeOpaque, 95 Data: map[string][]byte{ 96 "foo": []byte("bar"), 97 }, 98 } 99 _, err := s.mockSecrets.Create(context.Background(), secret, v1.CreateOptions{}) 100 c.Assert(err, jc.ErrorIsNil) 101 another := &core.Secret{ 102 ObjectMeta: v1.ObjectMeta{ 103 Name: "another", 104 Namespace: "test", 105 }, 106 Type: core.SecretTypeOpaque, 107 Data: map[string][]byte{ 108 "foo": []byte("bar2"), 109 }, 110 } 111 _, err = s.mockSecrets.Create(context.Background(), another, v1.CreateOptions{}) 112 c.Assert(err, jc.ErrorIsNil) 113 114 err = s.broker.DeleteJujuSecret(context.Background(), "provider-id") 115 c.Assert(err, jc.ErrorIsNil) 116 err = s.broker.DeleteJujuSecret(context.Background(), "provider-id") 117 c.Assert(err, jc.Satisfies, errors.IsNotFound) 118 result, err := s.mockSecrets.List(context.Background(), v1.ListOptions{}) 119 c.Assert(err, jc.ErrorIsNil) 120 c.Assert(result.Items, gc.HasLen, 1) 121 c.Assert(result.Items[0].Name, gc.Equals, "another") 122 } 123 124 func (s *secretsSuite) TestSaveJujuSecret(c *gc.C) { 125 uri := secrets.NewURI() 126 providerId, err := s.broker.SaveJujuSecret(context.Background(), uri.ID+"-666", 127 secrets.NewSecretValue(map[string]string{ 128 "foo": "YmFy", 129 }), 130 ) 131 c.Assert(err, jc.ErrorIsNil) 132 c.Assert(providerId, gc.Equals, uri.ID+"-666") 133 secret, err := s.mockSecrets.Get(context.Background(), providerId, v1.GetOptions{}) 134 c.Assert(err, jc.ErrorIsNil) 135 c.Assert(secret.Type, gc.Equals, core.SecretTypeOpaque) 136 c.Assert(secret.StringData, jc.DeepEquals, map[string]string{ 137 "foo": "bar", 138 }) 139 }