diff --git a/test/e2e/e2e_test.go b/test/e2e/e2e_test.go index 11b54b9..fc4685a 100644 --- a/test/e2e/e2e_test.go +++ b/test/e2e/e2e_test.go @@ -8,6 +8,7 @@ import ( "github.com/1Password/onepassword-operator/pkg/testhelper/kind" "github.com/1Password/onepassword-operator/pkg/testhelper/kube" + "github.com/1Password/onepassword-operator/pkg/testhelper/op" "github.com/1Password/onepassword-operator/pkg/testhelper/operator" "github.com/1Password/onepassword-operator/pkg/testhelper/system" ) @@ -56,7 +57,7 @@ var _ = Describe("Onepassword Operator e2e", Ordered, func() { // runCommonTestCases contains test cases that are common to both Connect and Service Account authentication methods. func runCommonTestCases() { It("Should create secret from manifest file", func() { - By("Creating secret") + By("Creating secret `login` from 1Password item") root, err := system.GetProjectRoot() Expect(err).NotTo(HaveOccurred()) @@ -64,4 +65,27 @@ func runCommonTestCases() { kube.Apply(yamlPath) kube.CheckSecretExists("login") }) + + It("Secret is updated after POOLING_INTERVAL", func() { + itemName := "secret-for-update" + secretName := itemName + + By("Creating secret `" + secretName + "` from 1Password item") + root, err := system.GetProjectRoot() + Expect(err).NotTo(HaveOccurred()) + + yamlPath := filepath.Join(root, "test", "e2e", "manifests", secretName+".yaml") + kube.Apply(yamlPath) + kube.CheckSecretExists(secretName) + + By("Reading old password") + oldPassword, err := kube.ReadingSecretData(secretName, "password") + Expect(err).NotTo(HaveOccurred()) + + By("Updating `" + secretName + "` 1Password item") + err = op.UpdateItemPassword(itemName) + Expect(err).NotTo(HaveOccurred()) + + kube.CheckSecretPasswordWasUpdated(secretName, oldPassword) + }) } diff --git a/test/e2e/manifests/secret-for-update.yaml b/test/e2e/manifests/secret-for-update.yaml new file mode 100644 index 0000000..75f66d3 --- /dev/null +++ b/test/e2e/manifests/secret-for-update.yaml @@ -0,0 +1,6 @@ +apiVersion: onepassword.com/v1 +kind: OnePasswordItem +metadata: + name: secret-for-update +spec: + itemPath: "vaults/operator-acceptance-tests/items/secret-for-update"