From a18c9fa85ba1cd8b447bd51da36c51b4a2031313 Mon Sep 17 00:00:00 2001 From: Amol Deodhar Date: Tue, 26 Mar 2024 13:37:55 -0400 Subject: [PATCH] Modify obj tests for encapsulated secrets --- ...nodeobjectstoragebucket_controller_test.go | 43 ++++++++++++++++--- 1 file changed, 37 insertions(+), 6 deletions(-) diff --git a/controller/linodeobjectstoragebucket_controller_test.go b/controller/linodeobjectstoragebucket_controller_test.go index 7159c87d9..9013c739d 100644 --- a/controller/linodeobjectstoragebucket_controller_test.go +++ b/controller/linodeobjectstoragebucket_controller_test.go @@ -24,6 +24,7 @@ import ( "github.com/linode/linodego" "go.uber.org/mock/gomock" + "gopkg.in/yaml.v2" corev1 "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -47,6 +48,22 @@ import ( . "github.com/onsi/gomega" ) +type AccessKeySecret struct { + APIVersion string `yaml:"apiVersion"` + Kind string `yaml:"kind"` + Metadata struct { + Name string `yaml:"name"` + Namespace string `yaml:"namespace"` + } `yaml:"metadata"` + StringData struct { + BucketName string `yaml:"bucket_name"` + AccessKeyRW string `yaml:"access_key_rw"` + SecretKeyRW string `yaml:"secret_key_rw"` + AccessKeyRO string `yaml:"access_key_ro"` + SecretKeyRO string `yaml:"secret_key_ro"` + } `yaml:"stringData"` +} + func mockLinodeClientBuilder(m *mock.MockLinodeObjectStorageClient) scope.LinodeObjectStorageClientBuilder { return func(_ string) (scope.LinodeObjectStorageClient, error) { return m, nil @@ -157,9 +174,17 @@ var _ = Describe("lifecycle", Label("lifecycle"), func() { By("creating a secret with access keys") Expect(k8sClient.Get(ctx, client.ObjectKeyFromObject(&secret), &secret)).To(Succeed()) - Expect(secret.Data).To(HaveLen(5)) - Expect(string(secret.Data["read_write"])).To(Equal(string("key-0"))) - Expect(string(secret.Data["read_only"])).To(Equal(string("key-1"))) + Expect(secret.Data).To(HaveLen(1)) + var key AccessKeySecret + unMarshallingErr := yaml.Unmarshal(secret.Data["access-keys-secret.yaml"], &key) + if unMarshallingErr != nil { + panic(unMarshallingErr) + } + Expect(key.StringData.BucketName).To(Equal("lifecycle")) + Expect(key.StringData.AccessKeyRW).To(Equal("key-0")) + Expect(key.StringData.SecretKeyRW).To(Equal("")) + Expect(key.StringData.AccessKeyRO).To(Equal("key-1")) + Expect(key.StringData.SecretKeyRO).To(Equal("")) By("recording the expected events") Expect(<-recorder.Events).To(ContainSubstring("Object storage keys assigned")) @@ -207,9 +232,15 @@ var _ = Describe("lifecycle", Label("lifecycle"), func() { By("re-creating it when it is deleted") Expect(k8sClient.Get(ctx, client.ObjectKeyFromObject(&secret), &secret)).To(Succeed()) - Expect(secret.Data).To(HaveLen(5)) - Expect(string(secret.Data["read_write"])).To(Equal("key-0")) - Expect(string(secret.Data["read_only"])).To(Equal("key-1")) + Expect(secret.Data).To(HaveLen(1)) + var key AccessKeySecret + unMarshallingErr := yaml.Unmarshal(secret.Data["access-keys-secret.yaml"], &key) + Expect(unMarshallingErr).NotTo(HaveOccurred()) + Expect(key.StringData.BucketName).To(Equal("lifecycle")) + Expect(key.StringData.AccessKeyRW).To(Equal("key-0")) + Expect(key.StringData.SecretKeyRW).To(Equal("")) + Expect(key.StringData.AccessKeyRO).To(Equal("key-1")) + Expect(key.StringData.SecretKeyRO).To(Equal("")) By("recording the expected events") Expect(<-recorder.Events).To(ContainSubstring("Object storage keys retrieved"))