github.com/zppinho/prow@v0.0.0-20240510014325-1738badeb017/cmd/webhook-server/helpers_test.go

github.com/zppinho/prow@v0.0.0-20240510014325-1738badeb017/cmd/webhook-server/helpers_test.go (about)

     1  /*
     2  Copyright 2022 The Kubernetes Authors.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8      http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package main
    18  
    19  import (
    20  	"context"
    21  	"errors"
    22  	"fmt"
    23  	"strconv"
    24  	"testing"
    25  
    26  	"sigs.k8s.io/prow/pkg/flagutil"
    27  )
    28  
    29  func TestCreateSecret(t *testing.T) {
    30  	tests := []struct {
    31  		name     string
    32  		dnsNames []string
    33  		expiry   int
    34  		want     [3]string
    35  		wantErr  bool
    36  	}{
    37  		{
    38  			name:     "base",
    39  			dnsNames: []string{"bar"},
    40  			expiry:   10,
    41  			want:     [3]string{"bar10a", "bar10b", "bar10c"},
    42  		},
    43  		{
    44  			name:     "noDnsNames",
    45  			dnsNames: []string{},
    46  			expiry:   10,
    47  			want:     [3]string{"", "", ""},
    48  			wantErr:  true,
    49  		},
    50  	}
    51  
    52  	oldGenCertFunc := genCertFunc
    53  	genCertFunc = func(expiry int, dnsNames []string) (string, string, string, error) {
    54  		if len(dnsNames) == 0 {
    55  			return "", "", "", errors.New("dnsNames was not configured")
    56  		}
    57  		baseName := dnsNames[0] + strconv.Itoa(expiry)
    58  		return fmt.Sprintf("%s%s", baseName, "a"), fmt.Sprintf("%s%s", baseName, "b"), fmt.Sprintf("%s%s", baseName, "c"), nil
    59  	}
    60  	t.Cleanup(func() {
    61  		genCertFunc = oldGenCertFunc
    62  	})
    63  
    64  	for _, tc := range tests {
    65  		tc := tc
    66  		t.Run(tc.name, func(t *testing.T) {
    67  			// t.Parallel()
    68  			ctx := context.Background()
    69  			clientoptions := clientOptions{
    70  				secretID:      secretID,
    71  				dnsNames:      flagutil.NewStrings(tc.dnsNames...),
    72  				expiryInYears: tc.expiry,
    73  			}
    74  			f := newFakeClient()
    75  
    76  			gotCert, gotPrivKey, gotCaPem, gotErr := createSecret(f, ctx, clientoptions)
    77  			if tc.wantErr {
    78  				if gotErr == nil {
    79  					t.Fatalf("Want error, but got nil")
    80  				}
    81  				// When an error occurred there is no need to check the rest of
    82  				// the test.
    83  				return
    84  			} else if gotErr != nil {
    85  				t.Fatalf("Want no error, got: %v", gotErr)
    86  			}
    87  			if gotCert != tc.want[0] || gotPrivKey != tc.want[1] || gotCaPem != tc.want[2] {
    88  				t.Fatalf("cert values do not match")
    89  			}
    90  		})
    91  	}
    92  
    93  }
    94  
    95  func TestUpdateSecret(t *testing.T) {
    96  	tests := []struct {
    97  		name     string
    98  		dnsNames []string
    99  		expiry   int
   100  		want     [3]string
   101  		wantCert string
   102  		wantErr  bool
   103  	}{
   104  		{
   105  			name:     "base",
   106  			dnsNames: []string{"bar"},
   107  			expiry:   10,
   108  			want:     [3]string{"bar10a", "bar10b", "bar10c"},
   109  			wantCert: "{\"caBundle.pem\":\"bar10c\",\"certFile.pem\":\"bar10a\",\"privKeyFile.pem\":\"bar10b\"}",
   110  		},
   111  		{
   112  			name:     "noDnsNames",
   113  			dnsNames: []string{},
   114  			expiry:   10,
   115  			wantErr:  true,
   116  		},
   117  	}
   118  
   119  	oldGenCertFunc := genCertFunc
   120  	genCertFunc = func(expiry int, dnsNames []string) (string, string, string, error) {
   121  		if len(dnsNames) == 0 {
   122  			return "", "", "", errors.New("dnsNames was not configured")
   123  		}
   124  		baseName := dnsNames[0] + strconv.Itoa(expiry)
   125  		return fmt.Sprintf("%s%s", baseName, "a"), fmt.Sprintf("%s%s", baseName, "b"), fmt.Sprintf("%s%s", baseName, "c"), nil
   126  	}
   127  	t.Cleanup(func() {
   128  		genCertFunc = oldGenCertFunc
   129  	})
   130  
   131  	for _, tc := range tests {
   132  		tc := tc
   133  		t.Run(tc.name, func(t *testing.T) {
   134  			t.Parallel()
   135  
   136  			f := newFakeClient()
   137  			f.project.store = map[string]string{secretID: "hello"}
   138  
   139  			ctx := context.Background()
   140  			clientoptions := clientOptions{
   141  				secretID:      secretID,
   142  				dnsNames:      flagutil.NewStrings(tc.dnsNames...),
   143  				expiryInYears: tc.expiry,
   144  			}
   145  
   146  			gotCert, gotPrivKey, gotCaPem, gotErr := updateSecret(f, ctx, clientoptions)
   147  			if tc.wantErr {
   148  				if gotErr == nil {
   149  					t.Fatalf("Want error, but got nil")
   150  				}
   151  				t.Logf("When an error occurred there is no need to check the rest of the test.")
   152  				return
   153  			} else if gotErr != nil {
   154  				t.Fatalf("Want no error, got: %v", gotErr)
   155  			}
   156  			if gotCert != tc.want[0] || gotPrivKey != tc.want[1] || gotCaPem != tc.want[2] {
   157  				t.Fatalf("cert values do not match")
   158  			}
   159  			if f.project.store[secretID] != tc.wantCert {
   160  				t.Fatalf("secret was not updated")
   161  			}
   162  		})
   163  	}
   164  
   165  }