1Password/onepassword-operator
1
0
Fork 0
mirror of https://github.com/1Password/onepassword-operator.git synced 2025-10-23 16:00:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

cover onepassworditem_controller with tests

Browse Source
This commit is contained in:
volodymyrZotov
2022-09-19 18:49:57 +03:00
parent 108cdac29b
commit 11b1eae4e1
1 changed files with 179 additions and 18 deletions
Download Patch File Download Diff File Expand all files Collapse all files

197
controllers/onepassworditem_controller_test.go
View File

@@ -27,11 +27,12 @@ const (
var _ = Describe("OnePasswordItem controller", func() { var _ = Describe("OnePasswordItem controller", func() {
BeforeEach(func() { BeforeEach(func() {
// failed test runs that don't clean up leave resources behind. // failed test runs that don't clean up leave resources behind.
k8sClient.DeleteAllOf(context.Background(), &onepasswordv1.OnePasswordItem{}, client.InNamespace(namespace)) err := k8sClient.DeleteAllOf(context.Background(), &onepasswordv1.OnePasswordItem{}, client.InNamespace(namespace))
k8sClient.DeleteAllOf(context.Background(), &v1.Secret{}, client.InNamespace(namespace)) Expect(err).ToNot(HaveOccurred())
err2 := k8sClient.DeleteAllOf(context.Background(), &v1.Secret{}, client.InNamespace(namespace))
Expect(err2).ToNot(HaveOccurred())
mocks.DoGetItemFunc = func(uuid string, vaultUUID string) (*onepassword.Item, error) { mocks.DoGetItemFunc = func(uuid string, vaultUUID string) (*onepassword.Item, error) {
item := onepassword.Item{} item := onepassword.Item{}
item.Fields = []*onepassword.ItemField{} item.Fields = []*onepassword.ItemField{}
for k, v := range itemData { for k, v := range itemData {
@@ -44,13 +45,6 @@ var _ = Describe("OnePasswordItem controller", func() {
} }
}) })
// TODO: Implement the following missing tests:
// - K8s secret is not updated if OnePasswordItem Version or VaultPath has not changed
// - Update type of existing K8s Secret using OnePasswordItem
// - Create a custom K8s Secret type using OnePasswordItem (e.g. .dockerconfigjson)
// - Operator should throw an error if secret type is changed
// - Secret from 1Password item with `-`, `_` and `.`
Context("Happy path", func() { Context("Happy path", func() {
It("Should handle 1Password Item and secret correctly", func() { It("Should handle 1Password Item and secret correctly", func() {
ctx := context.Background() ctx := context.Background()
@@ -248,7 +242,7 @@ var _ = Describe("OnePasswordItem controller", func() {
} }
key := types.NamespacedName{ key := types.NamespacedName{
Name: "item321", Name: ItemName,
Namespace: namespace, Namespace: namespace,
} }
@@ -277,21 +271,188 @@ var _ = Describe("OnePasswordItem controller", func() {
}, timeout, interval).Should(BeTrue()) }, timeout, interval).Should(BeTrue())
Expect(createdSecret.Data).Should(Equal(expectedSecretData)) Expect(createdSecret.Data).Should(Equal(expectedSecretData))
By("Updating OnePasswordItem with the same value") By("Updating OnePasswordItem type")
Eventually(func() bool { Eventually(func() bool {
item.Type = "Opaque" err1 := k8sClient.Get(ctx, key, item)
// TODO: test fails cause of this if err1 != nil {
return false
}
item.Type = string(v1.SecretTypeOpaque)
err := k8sClient.Update(ctx, item) err := k8sClient.Update(ctx, item)
return err == nil return err == nil
}, timeout, interval).Should(BeTrue()) }, timeout, interval).Should(BeTrue())
By("Reading the K8s secret secret once again") By("Reading K8s secret")
createdSecret2 := &v1.Secret{} secret := &v1.Secret{}
Eventually(func() bool { Eventually(func() bool {
err := k8sClient.Get(ctx, key, createdSecret2) err := k8sClient.Get(ctx, key, secret)
return err == nil return err == nil
}, timeout, interval).Should(BeTrue()) }, timeout, interval).Should(BeTrue())
Expect(createdSecret2.Data).Should(Equal(expectedSecretData)) Expect(secret.Data).Should(Equal(expectedSecretData))
})
It("Should update type of existing K8s Secret using OnePasswordItem", func() {
ctx := context.Background()
spec := onepasswordv1.OnePasswordItemSpec{
ItemPath: itemPath,
}
key := types.NamespacedName{
Name: "test5",
Namespace: namespace,
}
toCreate := &onepasswordv1.OnePasswordItem{
ObjectMeta: metav1.ObjectMeta{
Name: key.Name,
Namespace: key.Namespace,
},
Spec: spec,
Type: string(v1.SecretTypeBasicAuth),
}
By("Creating a new OnePasswordItem successfully")
Expect(k8sClient.Create(ctx, toCreate)).Should(Succeed())
By("Reading K8s secret")
secret := &v1.Secret{}
Eventually(func() bool {
err := k8sClient.Get(ctx, key, secret)
return err == nil
}, timeout, interval).Should(BeTrue())
Expect(secret.Type).Should(Equal(v1.SecretTypeBasicAuth))
})
It("Should create custom K8s Secret type using OnePasswordItem", func() {
const customType = "CustomType"
ctx := context.Background()
spec := onepasswordv1.OnePasswordItemSpec{
ItemPath: itemPath,
}
key := types.NamespacedName{
Name: "test6",
Namespace: namespace,
}
toCreate := &onepasswordv1.OnePasswordItem{
ObjectMeta: metav1.ObjectMeta{
Name: key.Name,
Namespace: key.Namespace,
},
Spec: spec,
Type: customType,
}
By("Creating a new OnePasswordItem successfully")
Expect(k8sClient.Create(ctx, toCreate)).Should(Succeed())
By("Reading K8s secret")
secret := &v1.Secret{}
Eventually(func() bool {
err := k8sClient.Get(ctx, key, secret)
if err != nil {
return false
}
return true
}, timeout, interval).Should(BeTrue())
Expect(secret.Type).Should(Equal(v1.SecretType(customType)))
})
It("Should throw an error if K8s Secret type is changed", func() {
ctx := context.Background()
spec := onepasswordv1.OnePasswordItemSpec{
ItemPath: itemPath,
}
key := types.NamespacedName{
Name: "test7",
Namespace: namespace,
}
toCreate := &onepasswordv1.OnePasswordItem{
ObjectMeta: metav1.ObjectMeta{
Name: key.Name,
Namespace: key.Namespace,
},
Spec: spec,
}
By("Creating a new OnePasswordItem successfully")
Expect(k8sClient.Create(ctx, toCreate)).Should(Succeed())
By("Reading K8s secret")
secret := &v1.Secret{}
Eventually(func() bool {
err := k8sClient.Get(ctx, key, secret)
if err != nil {
return false
}
return true
}, timeout, interval).Should(BeTrue())
By("Updating K8s secret type throw an error")
Eventually(func() bool {
secret.Type = v1.SecretTypeBasicAuth
err := k8sClient.Update(ctx, secret)
if err != nil {
return false
}
return true
}, timeout, interval).Should(BeFalse())
})
})
Context("Failing part", func() {
When("OnePasswordItem name contains `_`", func() {
It("An error occurred", func() {
ctx := context.Background()
spec := onepasswordv1.OnePasswordItemSpec{
ItemPath: itemPath,
}
key := types.NamespacedName{
Name: "invalid_name",
Namespace: namespace,
}
toCreate := &onepasswordv1.OnePasswordItem{
ObjectMeta: metav1.ObjectMeta{
Name: key.Name,
Namespace: key.Namespace,
},
Spec: spec,
}
By("Creating a new OnePasswordItem")
Expect(k8sClient.Create(ctx, toCreate)).To(HaveOccurred())
})
})
When("OnePasswordItem name contains capital letters", func() {
It("An error occurred", func() {
ctx := context.Background()
spec := onepasswordv1.OnePasswordItemSpec{
ItemPath: itemPath,
}
key := types.NamespacedName{
Name: "invalidName",
Namespace: namespace,
}
toCreate := &onepasswordv1.OnePasswordItem{
ObjectMeta: metav1.ObjectMeta{
Name: key.Name,
Namespace: key.Namespace,
},
Spec: spec,
}
By("Creating a new OnePasswordItem")
Expect(k8sClient.Create(ctx, toCreate)).To(HaveOccurred())
})
}) })
}) })
}) })