github.com/verrazzano/verrazzano@v1.7.0/cluster-operator/controllers/vmc/sync_registration_secret_test.go (about) 1 // Copyright (c) 2021, 2023, Oracle and/or its affiliates. 2 // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. 3 4 package vmc 5 6 import ( 7 "fmt" 8 "github.com/stretchr/testify/assert" 9 "github.com/verrazzano/verrazzano/pkg/constants" 10 "github.com/verrazzano/verrazzano/pkg/log/vzlog" 11 corev1 "k8s.io/api/core/v1" 12 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 13 "k8s.io/apimachinery/pkg/runtime" 14 clientgoscheme "k8s.io/client-go/kubernetes/scheme" 15 "sigs.k8s.io/controller-runtime/pkg/client" 16 "sigs.k8s.io/controller-runtime/pkg/client/fake" 17 "testing" 18 ) 19 20 func TestVerrazzanoManagedClusterReconcilerGetAdminCaBundle(t *testing.T) { 21 testScheme := runtime.NewScheme() 22 _ = clientgoscheme.AddToScheme(testScheme) 23 log := vzlog.DefaultLogger() 24 25 tlsCABundleData := []byte("tls-ca-bundle") 26 vzTLSBundleData := []byte("verrazzano-tls-bundle") 27 28 tests := []struct { 29 name string 30 cli client.Client 31 want []byte 32 wantErr assert.ErrorAssertionFunc 33 }{ 34 { 35 name: "tls-ca-and-verrazzano-tls-different-data", 36 cli: fake.NewClientBuilder().WithScheme(testScheme).WithObjects( 37 &corev1.Secret{ 38 ObjectMeta: metav1.ObjectMeta{ 39 Name: constants.VerrazzanoIngressTLSSecret, 40 Namespace: constants.VerrazzanoSystemNamespace, 41 }, 42 Data: map[string][]byte{ 43 constants.CACertKey: vzTLSBundleData, 44 }, 45 }, 46 &corev1.Secret{ 47 ObjectMeta: metav1.ObjectMeta{ 48 Name: constants.PrivateCABundle, 49 Namespace: constants.VerrazzanoSystemNamespace, 50 }, 51 Data: map[string][]byte{ 52 constants.CABundleKey: tlsCABundleData, 53 }, 54 }, 55 ).Build(), 56 want: append(append([]byte{}, tlsCABundleData...), vzTLSBundleData...), 57 wantErr: assert.NoError, 58 }, 59 { 60 name: "tls-ca-and-verrazzano-tls-same-data", 61 cli: fake.NewClientBuilder().WithScheme(testScheme).WithObjects( 62 &corev1.Secret{ 63 ObjectMeta: metav1.ObjectMeta{ 64 Name: constants.VerrazzanoIngressTLSSecret, 65 Namespace: constants.VerrazzanoSystemNamespace, 66 }, 67 Data: map[string][]byte{ 68 constants.CACertKey: vzTLSBundleData, 69 }, 70 }, 71 &corev1.Secret{ 72 ObjectMeta: metav1.ObjectMeta{ 73 Name: constants.PrivateCABundle, 74 Namespace: constants.VerrazzanoSystemNamespace, 75 }, 76 Data: map[string][]byte{ 77 constants.CABundleKey: vzTLSBundleData, 78 }, 79 }, 80 ).Build(), 81 want: vzTLSBundleData, 82 wantErr: assert.NoError, 83 }, 84 { 85 name: "tls-ca-only", 86 cli: fake.NewClientBuilder().WithScheme(testScheme).WithObjects( 87 &corev1.Secret{ 88 ObjectMeta: metav1.ObjectMeta{ 89 Name: constants.RancherTLSCA, 90 Namespace: constants.RancherSystemNamespace, 91 }, 92 Data: map[string][]byte{ 93 constants.CABundleKey: tlsCABundleData, 94 }, 95 }, 96 ).Build(), 97 want: nil, 98 wantErr: assert.Error, 99 }, 100 { 101 name: "verrazzano-tls-only", 102 cli: fake.NewClientBuilder().WithScheme(testScheme).WithObjects( 103 &corev1.Secret{ 104 ObjectMeta: metav1.ObjectMeta{ 105 Name: constants.VerrazzanoIngressTLSSecret, 106 Namespace: constants.VerrazzanoSystemNamespace, 107 }, 108 Data: map[string][]byte{ 109 constants.CACertKey: vzTLSBundleData, 110 }, 111 }, 112 &corev1.Secret{ 113 ObjectMeta: metav1.ObjectMeta{ 114 Name: constants.PrivateCABundle, 115 Namespace: constants.VerrazzanoSystemNamespace, 116 }, 117 Data: map[string][]byte{ 118 constants.CABundleKey: vzTLSBundleData, 119 }, 120 }, 121 ).Build(), 122 want: vzTLSBundleData, 123 wantErr: assert.NoError, 124 }, 125 } 126 for _, tt := range tests { 127 t.Run(tt.name, func(t *testing.T) { 128 r := &VerrazzanoManagedClusterReconciler{ 129 Client: tt.cli, 130 log: log, 131 } 132 got, err := r.getAdminCaBundle() 133 if !tt.wantErr(t, err, fmt.Sprintf("getAdminCaBundle(): %v", err)) { 134 return 135 } 136 assert.Equalf(t, tt.want, got, "getAdminCaBundle()") 137 }) 138 } 139 }