sigs.k8s.io/cluster-api-provider-azure@v1.14.3/api/v1beta1/azureclusteridentity_webhook_test.go

sigs.k8s.io/cluster-api-provider-azure@v1.14.3/api/v1beta1/azureclusteridentity_webhook_test.go (about)

     1  /*
     2  Copyright 2022 The Kubernetes Authors.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8      http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package v1beta1
    18  
    19  import (
    20  	"testing"
    21  
    22  	. "github.com/onsi/gomega"
    23  )
    24  
    25  const fakeClientID = "fake-client-id"
    26  const fakeTenantID = "fake-tenant-id"
    27  const fakeResourceID = "fake-resource-id"
    28  
    29  func TestAzureClusterIdentity_ValidateCreate(t *testing.T) {
    30  	tests := []struct {
    31  		name            string
    32  		clusterIdentity *AzureClusterIdentity
    33  		wantErr         bool
    34  	}{
    35  		{
    36  			name: "azureclusteridentity with service principal",
    37  			clusterIdentity: &AzureClusterIdentity{
    38  				Spec: AzureClusterIdentitySpec{
    39  					Type:     ServicePrincipal,
    40  					ClientID: fakeClientID,
    41  					TenantID: fakeTenantID,
    42  				},
    43  			},
    44  			wantErr: false,
    45  		},
    46  		{
    47  			name: "azureclusteridentity with service principal and resource id",
    48  			clusterIdentity: &AzureClusterIdentity{
    49  				Spec: AzureClusterIdentitySpec{
    50  					Type:       ServicePrincipal,
    51  					ClientID:   fakeClientID,
    52  					TenantID:   fakeTenantID,
    53  					ResourceID: fakeResourceID,
    54  				},
    55  			},
    56  			wantErr: true,
    57  		},
    58  		{
    59  			name: "azureclusteridentity with user assigned msi and resource id",
    60  			clusterIdentity: &AzureClusterIdentity{
    61  				Spec: AzureClusterIdentitySpec{
    62  					Type:       UserAssignedMSI,
    63  					ClientID:   fakeClientID,
    64  					TenantID:   fakeTenantID,
    65  					ResourceID: fakeResourceID,
    66  				},
    67  			},
    68  			wantErr: false,
    69  		},
    70  		{
    71  			name: "azureclusteridentity with user assigned msi and no resource id",
    72  			clusterIdentity: &AzureClusterIdentity{
    73  				Spec: AzureClusterIdentitySpec{
    74  					Type:     UserAssignedMSI,
    75  					ClientID: fakeClientID,
    76  					TenantID: fakeTenantID,
    77  				},
    78  			},
    79  			wantErr: true,
    80  		},
    81  	}
    82  
    83  	for _, tc := range tests {
    84  		t.Run(tc.name, func(t *testing.T) {
    85  			g := NewWithT(t)
    86  			_, err := tc.clusterIdentity.ValidateCreate()
    87  			if tc.wantErr {
    88  				g.Expect(err).To(HaveOccurred())
    89  			} else {
    90  				g.Expect(err).NotTo(HaveOccurred())
    91  			}
    92  		})
    93  	}
    94  }
    95  
    96  func TestAzureClusterIdentity_ValidateUpdate(t *testing.T) {
    97  	tests := []struct {
    98  		name               string
    99  		oldClusterIdentity *AzureClusterIdentity
   100  		clusterIdentity    *AzureClusterIdentity
   101  		wantErr            bool
   102  	}{
   103  		{
   104  			name: "azureclusteridentity with no change",
   105  			clusterIdentity: &AzureClusterIdentity{
   106  				Spec: AzureClusterIdentitySpec{
   107  					Type:     ServicePrincipal,
   108  					ClientID: fakeClientID,
   109  					TenantID: fakeTenantID,
   110  				},
   111  			},
   112  			oldClusterIdentity: &AzureClusterIdentity{
   113  				Spec: AzureClusterIdentitySpec{
   114  					Type:     ServicePrincipal,
   115  					ClientID: fakeClientID,
   116  					TenantID: fakeTenantID,
   117  				},
   118  			},
   119  			wantErr: false,
   120  		},
   121  		{
   122  			name: "azureclusteridentity with a change in type",
   123  			clusterIdentity: &AzureClusterIdentity{
   124  				Spec: AzureClusterIdentitySpec{
   125  					Type:       ServicePrincipal,
   126  					ClientID:   fakeClientID,
   127  					TenantID:   fakeTenantID,
   128  					ResourceID: fakeResourceID,
   129  				},
   130  			},
   131  			oldClusterIdentity: &AzureClusterIdentity{
   132  				Spec: AzureClusterIdentitySpec{
   133  					Type:       WorkloadIdentity,
   134  					ClientID:   fakeClientID,
   135  					TenantID:   fakeTenantID,
   136  					ResourceID: fakeResourceID,
   137  				},
   138  			},
   139  			wantErr: true,
   140  		},
   141  		{
   142  			name: "azureclusteridentity with a change in client ID",
   143  			clusterIdentity: &AzureClusterIdentity{
   144  				Spec: AzureClusterIdentitySpec{
   145  					Type:       ServicePrincipal,
   146  					ClientID:   fakeClientID,
   147  					TenantID:   fakeTenantID,
   148  					ResourceID: fakeResourceID,
   149  				},
   150  			},
   151  			oldClusterIdentity: &AzureClusterIdentity{
   152  				Spec: AzureClusterIdentitySpec{
   153  					Type:       WorkloadIdentity,
   154  					ClientID:   "diff-fake-Client-ID",
   155  					TenantID:   fakeTenantID,
   156  					ResourceID: fakeResourceID,
   157  				},
   158  			},
   159  			wantErr: true,
   160  		},
   161  	}
   162  
   163  	for _, tc := range tests {
   164  		t.Run(tc.name, func(t *testing.T) {
   165  			g := NewWithT(t)
   166  			_, err := tc.clusterIdentity.ValidateUpdate(tc.oldClusterIdentity)
   167  			if tc.wantErr {
   168  				g.Expect(err).To(HaveOccurred())
   169  			} else {
   170  				g.Expect(err).NotTo(HaveOccurred())
   171  			}
   172  		})
   173  	}
   174  }