github.com/kubernetes-sigs/azuredisk-csi-driver@v0.7.0/test/utils/credentials/credentials_test.go (about)

     1  /*
     2  Copyright 2020 The Kubernetes Authors.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8      http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package credentials
    18  
    19  import (
    20  	"bytes"
    21  	"io/ioutil"
    22  	"os"
    23  	"testing"
    24  	"text/template"
    25  
    26  	"github.com/stretchr/testify/assert"
    27  )
    28  
    29  const (
    30  	fakeAzureCredentials = `
    31  	[Creds]
    32  	ClientID = "df7269f2-xxxx-xxxx-xxxx-0f12a7d97404"
    33  	ClientSecret = "8c416dc5-xxxx-xxxx-xxxx-d77069e2a255"
    34  	TenantID = "72f988bf-xxxx-xxxx-xxxx-2d7cd011db47"
    35  	SubscriptionID = "b9d2281e-xxxx-xxxx-xxxx-0d50377cdf76"
    36  	StorageAccountName = "TestStorageAccountName"
    37  	StorageAccountKey = "TestStorageAccountKey"
    38  	`
    39  )
    40  
    41  func TestCreateAzureCredentialFileOnAzureChinaCloud(t *testing.T) {
    42  	t.Run("WithAzureCredentials", func(t *testing.T) {
    43  		os.Setenv(tenantIDChinaEnvVar, "")
    44  		os.Setenv(subscriptionIDChinaEnvVar, "")
    45  		os.Setenv(aadClientIDChinaEnvVar, "")
    46  		os.Setenv(aadClientSecretChinaEnvVar, "")
    47  		os.Setenv(resourceGroupChinaEnvVar, "test-resource-group")
    48  		os.Setenv(locationChinaEnvVar, "test-location")
    49  		withAzureCredentials(t, true)
    50  	})
    51  
    52  	t.Run("WithEnvironmentVariables", func(t *testing.T) {
    53  		os.Setenv(tenantIDChinaEnvVar, "test-tenant-id")
    54  		os.Setenv(subscriptionIDChinaEnvVar, "test-subscription-id")
    55  		os.Setenv(aadClientIDChinaEnvVar, "test-aad-client-id")
    56  		os.Setenv(aadClientSecretChinaEnvVar, "test-aad-client-secret")
    57  		os.Setenv(resourceGroupChinaEnvVar, "test-resource-group")
    58  		os.Setenv(locationChinaEnvVar, "test-location")
    59  		withEnvironmentVariables(t, true)
    60  	})
    61  }
    62  
    63  func TestCreateAzureCredentialFileOnAzurePublicCloud(t *testing.T) {
    64  	t.Run("WithAzureCredentials", func(t *testing.T) {
    65  		os.Setenv(tenantIDEnvVar, "")
    66  		os.Setenv(subscriptionIDEnvVar, "")
    67  		os.Setenv(aadClientIDEnvVar, "")
    68  		os.Setenv(aadClientSecretEnvVar, "")
    69  		os.Setenv(resourceGroupEnvVar, "test-resource-group")
    70  		os.Setenv(locationEnvVar, "test-location")
    71  		withAzureCredentials(t, false)
    72  	})
    73  
    74  	t.Run("WithEnvironmentVariables", func(t *testing.T) {
    75  		os.Setenv(tenantIDEnvVar, "test-tenant-id")
    76  		os.Setenv(subscriptionIDEnvVar, "test-subscription-id")
    77  		os.Setenv(aadClientIDEnvVar, "test-aad-client-id")
    78  		os.Setenv(aadClientSecretEnvVar, "test-aad-client-secret")
    79  		os.Setenv(resourceGroupEnvVar, "test-resource-group")
    80  		os.Setenv(locationEnvVar, "test-location")
    81  		withEnvironmentVariables(t, false)
    82  	})
    83  }
    84  
    85  func withAzureCredentials(t *testing.T, isAzureChinaCloud bool) {
    86  	tempFile, err := ioutil.TempFile("", "azure.toml")
    87  	assert.NoError(t, err)
    88  	defer func() {
    89  		err := os.Remove(tempFile.Name())
    90  		assert.NoError(t, err)
    91  	}()
    92  
    93  	os.Setenv("AZURE_CREDENTIALS", tempFile.Name())
    94  
    95  	_, err = tempFile.Write([]byte(fakeAzureCredentials))
    96  	assert.NoError(t, err)
    97  
    98  	creds, err := CreateAzureCredentialFile(isAzureChinaCloud)
    99  	assert.NoError(t, err)
   100  	defer func() {
   101  		err := DeleteAzureCredentialFile()
   102  		assert.NoError(t, err)
   103  	}()
   104  
   105  	var cloud string
   106  	if isAzureChinaCloud {
   107  		cloud = AzureChinaCloud
   108  	} else {
   109  		cloud = AzurePublicCloud
   110  	}
   111  
   112  	assert.Equal(t, cloud, creds.Cloud)
   113  	assert.Equal(t, "72f988bf-xxxx-xxxx-xxxx-2d7cd011db47", creds.TenantID)
   114  	assert.Equal(t, "b9d2281e-xxxx-xxxx-xxxx-0d50377cdf76", creds.SubscriptionID)
   115  	assert.Equal(t, "df7269f2-xxxx-xxxx-xxxx-0f12a7d97404", creds.AADClientID)
   116  	assert.Equal(t, "8c416dc5-xxxx-xxxx-xxxx-d77069e2a255", creds.AADClientSecret)
   117  	assert.Equal(t, "test-resource-group", creds.ResourceGroup)
   118  	assert.Equal(t, "test-location", creds.Location)
   119  
   120  	azureCredentialFileContent, err := ioutil.ReadFile(TempAzureCredentialFilePath)
   121  	assert.NoError(t, err)
   122  
   123  	const expectedAzureCredentialFileContent = `
   124  	{
   125  		"cloud": "{{.Cloud}}",
   126  		"tenantId": "72f988bf-xxxx-xxxx-xxxx-2d7cd011db47",
   127  		"aadClientId": "df7269f2-xxxx-xxxx-xxxx-0f12a7d97404",
   128  		"subscriptionId": "b9d2281e-xxxx-xxxx-xxxx-0d50377cdf76",
   129  		"aadClientSecret": "8c416dc5-xxxx-xxxx-xxxx-d77069e2a255",
   130  		"resourceGroup": "test-resource-group",
   131  		"location": "test-location"
   132  	}
   133  	`
   134  	tmpl := template.New("expectedAzureCredentialFileContent")
   135  	tmpl, err = tmpl.Parse(expectedAzureCredentialFileContent)
   136  	assert.NoError(t, err)
   137  
   138  	var buf bytes.Buffer
   139  	err = tmpl.Execute(&buf, struct {
   140  		Cloud string
   141  	}{
   142  		cloud,
   143  	})
   144  	assert.NoError(t, err)
   145  	assert.JSONEq(t, buf.String(), string(azureCredentialFileContent))
   146  }
   147  
   148  func withEnvironmentVariables(t *testing.T, isAzureChinaCloud bool) {
   149  	creds, err := CreateAzureCredentialFile(isAzureChinaCloud)
   150  	defer func() {
   151  		err := DeleteAzureCredentialFile()
   152  		assert.NoError(t, err)
   153  	}()
   154  	assert.NoError(t, err)
   155  
   156  	var cloud string
   157  	if isAzureChinaCloud {
   158  		cloud = AzureChinaCloud
   159  	} else {
   160  		cloud = AzurePublicCloud
   161  	}
   162  
   163  	assert.Equal(t, cloud, creds.Cloud)
   164  	assert.Equal(t, "test-tenant-id", creds.TenantID)
   165  	assert.Equal(t, "test-subscription-id", creds.SubscriptionID)
   166  	assert.Equal(t, "test-aad-client-id", creds.AADClientID)
   167  	assert.Equal(t, "test-aad-client-secret", creds.AADClientSecret)
   168  	assert.Equal(t, "test-resource-group", creds.ResourceGroup)
   169  	assert.Equal(t, "test-location", creds.Location)
   170  
   171  	azureCredentialFileContent, err := ioutil.ReadFile(TempAzureCredentialFilePath)
   172  	assert.NoError(t, err)
   173  
   174  	const expectedAzureCredentialFileContent = `
   175  	{
   176  		"cloud": "{{.Cloud}}",
   177  		"tenantId": "test-tenant-id",
   178  		"subscriptionId": "test-subscription-id",
   179  		"aadClientId": "test-aad-client-id",
   180  		"aadClientSecret": "test-aad-client-secret",
   181  		"resourceGroup": "test-resource-group",
   182  		"location": "test-location"
   183  	}
   184  	`
   185  	tmpl := template.New("expectedAzureCredentialFileContent")
   186  	tmpl, err = tmpl.Parse(expectedAzureCredentialFileContent)
   187  	assert.NoError(t, err)
   188  
   189  	var buf bytes.Buffer
   190  	err = tmpl.Execute(&buf, struct {
   191  		Cloud string
   192  	}{
   193  		cloud,
   194  	})
   195  	assert.NoError(t, err)
   196  	assert.JSONEq(t, buf.String(), string(azureCredentialFileContent))
   197  }