Skip to content

Commit

Permalink
chore: add tests
Browse files Browse the repository at this point in the history
  • Loading branch information
devthejo committed Jul 10, 2023
1 parent cf5a848 commit 29fb29b
Show file tree
Hide file tree
Showing 2 changed files with 166 additions and 10 deletions.
4 changes: 2 additions & 2 deletions pkg/sharing/secret_exports.go
Original file line number Diff line number Diff line change
Expand Up @@ -155,11 +155,11 @@ func (nm NamespacesMatcher) MatchNamespace(matcher SecretMatcher, log logr.Logge
}
}
case sg2v1alpha1.SelectorOperatorExists:
if value != "" {
if value == "" {
return false
}
case sg2v1alpha1.SelectorOperatorDoesNotExist:
if value == "" {
if value != "" {
return false
}
}
Expand Down
172 changes: 164 additions & 8 deletions test/e2e/secret_exports_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -44,6 +44,25 @@ metadata:
field.cattle.io/projectId: "cluster1:project1"
---
apiVersion: v1
kind: Namespace
metadata:
name: sg-test5
annotations:
field.cattle.io/projectId: "cluster2:project3"
---
apiVersion: v1
kind: Namespace
metadata:
name: sg-test6
annotations:
field.cattle.io/projectId: "whatever:whatever"
---
apiVersion: v1
kind: Namespace
metadata:
name: sg-test7
---
apiVersion: v1
kind: Secret
metadata:
name: secret
Expand All @@ -54,6 +73,39 @@ stringData:
key2: val2
key3: val3
---
apiVersion: v1
kind: Secret
metadata:
name: secret-test5
namespace: sg-test1
type: Opaque
stringData:
key1: val1
key2: val2
key3: val3
---
apiVersion: v1
kind: Secret
metadata:
name: secret-test6
namespace: sg-test1
type: Opaque
stringData:
key1: val1
key2: val2
key3: val3
---
apiVersion: v1
kind: Secret
metadata:
name: secret-test7
namespace: sg-test1
type: Opaque
stringData:
key1: val1
key2: val2
key3: val3
---
apiVersion: secretgen.carvel.dev/v1alpha1
kind: SecretExport
metadata:
Expand All @@ -70,6 +122,38 @@ spec:
- "cluster1:project1"
---
apiVersion: secretgen.carvel.dev/v1alpha1
kind: SecretExport
metadata:
name: secret-test5
namespace: sg-test1
spec:
dangerousToNamespacesSelector:
- key: "metadata.annotations['field\\.cattle\\.io/projectId']"
operator: NotIn
values:
- "cluster1:project1"
---
apiVersion: secretgen.carvel.dev/v1alpha1
kind: SecretExport
metadata:
name: secret-test6
namespace: sg-test1
spec:
dangerousToNamespacesSelector:
- key: "metadata.annotations['field\\.cattle\\.io/projectId']"
operator: Exists
---
apiVersion: secretgen.carvel.dev/v1alpha1
kind: SecretExport
metadata:
name: secret-test7
namespace: sg-test1
spec:
dangerousToNamespacesSelector:
- key: "metadata.annotations['field\\.cattle\\.io/projectId']"
operator: DoesNotExist
---
apiVersion: secretgen.carvel.dev/v1alpha1
kind: SecretImport
metadata:
name: secret
Expand All @@ -92,6 +176,30 @@ metadata:
namespace: sg-test4
spec:
fromNamespace: sg-test1
---
apiVersion: secretgen.carvel.dev/v1alpha1
kind: SecretImport
metadata:
name: secret-test5
namespace: sg-test5
spec:
fromNamespace: sg-test1
---
apiVersion: secretgen.carvel.dev/v1alpha1
kind: SecretImport
metadata:
name: secret-test6
namespace: sg-test6
spec:
fromNamespace: sg-test1
---
apiVersion: secretgen.carvel.dev/v1alpha1
kind: SecretImport
metadata:
name: secret-test7
namespace: sg-test7
spec:
fromNamespace: sg-test1
`

yaml2 := `
Expand All @@ -107,6 +215,39 @@ stringData:
# key2 deleted
key3: val3 # keep
key4: val4 # new
---
apiVersion: v1
kind: Secret
metadata:
name: secret-test5
namespace: sg-test1
type: Opaque
stringData:
key1: val1.1
key3: val3
key4: val4
---
apiVersion: v1
kind: Secret
metadata:
name: secret-test6
namespace: sg-test1
type: Opaque
stringData:
key1: val1.1
key3: val3
key4: val4
---
apiVersion: v1
kind: Secret
metadata:
name: secret-test7
namespace: sg-test1
type: Opaque
stringData:
key1: val1.1
key3: val3
key4: val4
`

name := "test-export-successful"
Expand All @@ -117,14 +258,27 @@ stringData:
cleanUp()
defer cleanUp()

getSecretName := func(ns string) string {
switch ns {
case "sg-test5":
return "secret-test5"
case "sg-test6":
return "secret-test6"
case "sg-test7":
return "secret-test7"
default:
return "secret"
}
}

logger.Section("Deploy", func() {
kapp.RunWithOpts([]string{"deploy", "-f", "-", "-a", name},
RunOpts{StdinReader: strings.NewReader(yaml1)})
})

logger.Section("Check imported secrets were created", func() {
for _, ns := range []string{"sg-test2", "sg-test3", "sg-test4"} {
out := waitForSecretInNs(t, kubectl, ns, "secret")
for _, ns := range []string{"sg-test2", "sg-test3", "sg-test4", "sg-test5", "sg-test6", "sg-test7"} {
out := waitForSecretInNs(t, kubectl, ns, getSecretName(ns))

var secret corev1.Secret

Expand Down Expand Up @@ -156,8 +310,8 @@ stringData:
// TODO proper waiting
time.Sleep(5 * time.Second)

for _, ns := range []string{"sg-test2", "sg-test3", "sg-test4"} {
out := waitForSecretInNs(t, kubectl, ns, "secret")
for _, ns := range []string{"sg-test2", "sg-test3", "sg-test4", "sg-test5", "sg-test6", "sg-test7"} {
out := waitForSecretInNs(t, kubectl, ns, getSecretName(ns))

var secret corev1.Secret

Expand All @@ -181,14 +335,16 @@ stringData:
})

logger.Section("Delete export to see exported secrets deleted", func() {
kubectl.RunWithOpts([]string{"delete", "secretexport.secretgen.carvel.dev", "secret", "-n", "sg-test1"},
RunOpts{NoNamespace: true})
for _, secretName := range []string{"secret", "secret-test5", "secret-test6", "secret-test7"} {
kubectl.RunWithOpts([]string{"delete", "secretexport.secretgen.carvel.dev", secretName, "-n", "sg-test1"},
RunOpts{NoNamespace: true})
}

// TODO proper waiting
time.Sleep(5 * time.Second)

for _, ns := range []string{"sg-test2", "sg-test3", "sg-test4"} {
_, err := kubectl.RunWithOpts([]string{"get", "secret", "secret", "-n", ns},
for _, ns := range []string{"sg-test2", "sg-test3", "sg-test4", "sg-test5", "sg-test6", "sg-test7"} {
_, err := kubectl.RunWithOpts([]string{"get", "secret", getSecretName(ns), "-n", ns},
RunOpts{AllowError: true, NoNamespace: true})
require.Error(t, err)

Expand Down

0 comments on commit 29fb29b

Please sign in to comment.