github.com/kubernetes-sigs/azuredisk-csi-driver@v0.7.0/test/utils/credentials/credentials_test.go (about) 1 /* 2 Copyright 2020 The Kubernetes Authors. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package credentials 18 19 import ( 20 "bytes" 21 "io/ioutil" 22 "os" 23 "testing" 24 "text/template" 25 26 "github.com/stretchr/testify/assert" 27 ) 28 29 const ( 30 fakeAzureCredentials = ` 31 [Creds] 32 ClientID = "df7269f2-xxxx-xxxx-xxxx-0f12a7d97404" 33 ClientSecret = "8c416dc5-xxxx-xxxx-xxxx-d77069e2a255" 34 TenantID = "72f988bf-xxxx-xxxx-xxxx-2d7cd011db47" 35 SubscriptionID = "b9d2281e-xxxx-xxxx-xxxx-0d50377cdf76" 36 StorageAccountName = "TestStorageAccountName" 37 StorageAccountKey = "TestStorageAccountKey" 38 ` 39 ) 40 41 func TestCreateAzureCredentialFileOnAzureChinaCloud(t *testing.T) { 42 t.Run("WithAzureCredentials", func(t *testing.T) { 43 os.Setenv(tenantIDChinaEnvVar, "") 44 os.Setenv(subscriptionIDChinaEnvVar, "") 45 os.Setenv(aadClientIDChinaEnvVar, "") 46 os.Setenv(aadClientSecretChinaEnvVar, "") 47 os.Setenv(resourceGroupChinaEnvVar, "test-resource-group") 48 os.Setenv(locationChinaEnvVar, "test-location") 49 withAzureCredentials(t, true) 50 }) 51 52 t.Run("WithEnvironmentVariables", func(t *testing.T) { 53 os.Setenv(tenantIDChinaEnvVar, "test-tenant-id") 54 os.Setenv(subscriptionIDChinaEnvVar, "test-subscription-id") 55 os.Setenv(aadClientIDChinaEnvVar, "test-aad-client-id") 56 os.Setenv(aadClientSecretChinaEnvVar, "test-aad-client-secret") 57 os.Setenv(resourceGroupChinaEnvVar, "test-resource-group") 58 os.Setenv(locationChinaEnvVar, "test-location") 59 withEnvironmentVariables(t, true) 60 }) 61 } 62 63 func TestCreateAzureCredentialFileOnAzurePublicCloud(t *testing.T) { 64 t.Run("WithAzureCredentials", func(t *testing.T) { 65 os.Setenv(tenantIDEnvVar, "") 66 os.Setenv(subscriptionIDEnvVar, "") 67 os.Setenv(aadClientIDEnvVar, "") 68 os.Setenv(aadClientSecretEnvVar, "") 69 os.Setenv(resourceGroupEnvVar, "test-resource-group") 70 os.Setenv(locationEnvVar, "test-location") 71 withAzureCredentials(t, false) 72 }) 73 74 t.Run("WithEnvironmentVariables", func(t *testing.T) { 75 os.Setenv(tenantIDEnvVar, "test-tenant-id") 76 os.Setenv(subscriptionIDEnvVar, "test-subscription-id") 77 os.Setenv(aadClientIDEnvVar, "test-aad-client-id") 78 os.Setenv(aadClientSecretEnvVar, "test-aad-client-secret") 79 os.Setenv(resourceGroupEnvVar, "test-resource-group") 80 os.Setenv(locationEnvVar, "test-location") 81 withEnvironmentVariables(t, false) 82 }) 83 } 84 85 func withAzureCredentials(t *testing.T, isAzureChinaCloud bool) { 86 tempFile, err := ioutil.TempFile("", "azure.toml") 87 assert.NoError(t, err) 88 defer func() { 89 err := os.Remove(tempFile.Name()) 90 assert.NoError(t, err) 91 }() 92 93 os.Setenv("AZURE_CREDENTIALS", tempFile.Name()) 94 95 _, err = tempFile.Write([]byte(fakeAzureCredentials)) 96 assert.NoError(t, err) 97 98 creds, err := CreateAzureCredentialFile(isAzureChinaCloud) 99 assert.NoError(t, err) 100 defer func() { 101 err := DeleteAzureCredentialFile() 102 assert.NoError(t, err) 103 }() 104 105 var cloud string 106 if isAzureChinaCloud { 107 cloud = AzureChinaCloud 108 } else { 109 cloud = AzurePublicCloud 110 } 111 112 assert.Equal(t, cloud, creds.Cloud) 113 assert.Equal(t, "72f988bf-xxxx-xxxx-xxxx-2d7cd011db47", creds.TenantID) 114 assert.Equal(t, "b9d2281e-xxxx-xxxx-xxxx-0d50377cdf76", creds.SubscriptionID) 115 assert.Equal(t, "df7269f2-xxxx-xxxx-xxxx-0f12a7d97404", creds.AADClientID) 116 assert.Equal(t, "8c416dc5-xxxx-xxxx-xxxx-d77069e2a255", creds.AADClientSecret) 117 assert.Equal(t, "test-resource-group", creds.ResourceGroup) 118 assert.Equal(t, "test-location", creds.Location) 119 120 azureCredentialFileContent, err := ioutil.ReadFile(TempAzureCredentialFilePath) 121 assert.NoError(t, err) 122 123 const expectedAzureCredentialFileContent = ` 124 { 125 "cloud": "{{.Cloud}}", 126 "tenantId": "72f988bf-xxxx-xxxx-xxxx-2d7cd011db47", 127 "aadClientId": "df7269f2-xxxx-xxxx-xxxx-0f12a7d97404", 128 "subscriptionId": "b9d2281e-xxxx-xxxx-xxxx-0d50377cdf76", 129 "aadClientSecret": "8c416dc5-xxxx-xxxx-xxxx-d77069e2a255", 130 "resourceGroup": "test-resource-group", 131 "location": "test-location" 132 } 133 ` 134 tmpl := template.New("expectedAzureCredentialFileContent") 135 tmpl, err = tmpl.Parse(expectedAzureCredentialFileContent) 136 assert.NoError(t, err) 137 138 var buf bytes.Buffer 139 err = tmpl.Execute(&buf, struct { 140 Cloud string 141 }{ 142 cloud, 143 }) 144 assert.NoError(t, err) 145 assert.JSONEq(t, buf.String(), string(azureCredentialFileContent)) 146 } 147 148 func withEnvironmentVariables(t *testing.T, isAzureChinaCloud bool) { 149 creds, err := CreateAzureCredentialFile(isAzureChinaCloud) 150 defer func() { 151 err := DeleteAzureCredentialFile() 152 assert.NoError(t, err) 153 }() 154 assert.NoError(t, err) 155 156 var cloud string 157 if isAzureChinaCloud { 158 cloud = AzureChinaCloud 159 } else { 160 cloud = AzurePublicCloud 161 } 162 163 assert.Equal(t, cloud, creds.Cloud) 164 assert.Equal(t, "test-tenant-id", creds.TenantID) 165 assert.Equal(t, "test-subscription-id", creds.SubscriptionID) 166 assert.Equal(t, "test-aad-client-id", creds.AADClientID) 167 assert.Equal(t, "test-aad-client-secret", creds.AADClientSecret) 168 assert.Equal(t, "test-resource-group", creds.ResourceGroup) 169 assert.Equal(t, "test-location", creds.Location) 170 171 azureCredentialFileContent, err := ioutil.ReadFile(TempAzureCredentialFilePath) 172 assert.NoError(t, err) 173 174 const expectedAzureCredentialFileContent = ` 175 { 176 "cloud": "{{.Cloud}}", 177 "tenantId": "test-tenant-id", 178 "subscriptionId": "test-subscription-id", 179 "aadClientId": "test-aad-client-id", 180 "aadClientSecret": "test-aad-client-secret", 181 "resourceGroup": "test-resource-group", 182 "location": "test-location" 183 } 184 ` 185 tmpl := template.New("expectedAzureCredentialFileContent") 186 tmpl, err = tmpl.Parse(expectedAzureCredentialFileContent) 187 assert.NoError(t, err) 188 189 var buf bytes.Buffer 190 err = tmpl.Execute(&buf, struct { 191 Cloud string 192 }{ 193 cloud, 194 }) 195 assert.NoError(t, err) 196 assert.JSONEq(t, buf.String(), string(azureCredentialFileContent)) 197 }