"testing"
"github.com/go-logr/logr"
+ certmanager "github.com/jetstack/cert-manager/pkg/apis/certmanager/v1"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/mock"
+ apiv1 "k8s.io/api/core/v1"
+ "k8s.io/apimachinery/pkg/runtime"
+ "k8s.io/apimachinery/pkg/types"
+ clientgoscheme "k8s.io/client-go/kubernetes/scheme"
+ "k8s.io/client-go/tools/record"
+ "k8s.io/utils/clock"
+ ctrl "sigs.k8s.io/controller-runtime"
+ "sigs.k8s.io/controller-runtime/pkg/client"
+ "sigs.k8s.io/controller-runtime/pkg/client/fake"
+ "sigs.k8s.io/controller-runtime/pkg/reconcile"
"onap.org/oom-certservice/k8s-external-provider/src/cmpv2api"
+ certserviceapi "onap.org/oom-certservice/k8s-external-provider/src/cmpv2api"
+ provisioners "onap.org/oom-certservice/k8s-external-provider/src/cmpv2provisioner"
+ "onap.org/oom-certservice/k8s-external-provider/src/testdata"
)
+func Test_shouldPrepareAndVerifyCMPv2Issuer_whenRequestReceived(t *testing.T) {
+ scheme := initScheme()
+ issuer, secret := testdata.GetValidIssuerWithSecret()
+ fakeClient := getFakeClient(scheme, issuer, secret)
+ fakeRequest := getFakeRequest()
+ fakeRecorder := record.NewFakeRecorder(3)
+ controller := getController(fakeRecorder, fakeClient)
+
+ res, err := controller.Reconcile(fakeRequest)
+
+ expectedProvisioner, _ := controller.ProvisionerFactory.CreateProvisioner(&issuer, secret)
+ actualProvisioner, _ := provisioners.Load(types.NamespacedName{Name: testdata.IssuerObjectName, Namespace: testdata.Namespace})
+ assert.Nil(t, err)
+ assert.NotNil(t, res)
+ assert.Equal(t, <-fakeRecorder.Events, "Normal Verified CMPv2Issuer verified and ready to sign certificates")
+ assert.NotNil(t, actualProvisioner)
+ assert.ObjectsAreEqual(expectedProvisioner, actualProvisioner)
+}
+
func Test_shouldBeValidCMPv2IssuerSpec_whenAllFieldsAreSet(t *testing.T) {
- spec := getValidCMPv2IssuerSpec()
+ spec := testdata.GetValidCMPv2IssuerSpec()
err := validateCMPv2IssuerSpec(spec, &MockLogger{})
assert.Nil(t, err)
}
func test_shouldBeInvalidCMPv2IssuerSpec_whenFunctionApplied(t *testing.T, transformSpec func(spec *cmpv2api.CMPv2IssuerSpec)) {
- spec := getValidCMPv2IssuerSpec()
+ spec := testdata.GetValidCMPv2IssuerSpec()
transformSpec(&spec)
err := validateCMPv2IssuerSpec(spec, nil)
assert.NotNil(t, err)
}
-func getValidCMPv2IssuerSpec() cmpv2api.CMPv2IssuerSpec {
- issuerSpec := cmpv2api.CMPv2IssuerSpec{
- URL: "https://oom-cert-service:8443/v1/certificate/",
- CaName: "RA",
- CertSecretRef: cmpv2api.SecretKeySelector{
- Name: "issuer-cert-secret",
- KeyRef: "cmpv2Issuer-key.pem",
- CertRef: "cmpv2Issuer-cert.pem",
- CacertRef: "cacert.pem",
+func getController(fakeRecorder *record.FakeRecorder, mockClient client.Client) CMPv2IssuerController {
+ controller := CMPv2IssuerController{
+ Log: ctrl.Log.WithName("controllers").WithName("CertificateRequest"),
+ Clock: clock.RealClock{},
+ Recorder: fakeRecorder,
+ Client: mockClient,
+ ProvisionerFactory: &provisioners.ProvisionerFactoryMock{},
+ }
+ return controller
+}
+
+func getFakeRequest() reconcile.Request {
+ fakeRequest := reconcile.Request{
+ NamespacedName: types.NamespacedName{
+ Namespace: testdata.Namespace,
+ Name: testdata.IssuerObjectName,
},
}
- return issuerSpec
+ return fakeRequest
+}
+
+func getFakeClient(scheme *runtime.Scheme, issuer cmpv2api.CMPv2Issuer, secret apiv1.Secret) client.Client {
+ fakeClient := func() client.Client {
+ return fake.NewFakeClientWithScheme(scheme, &issuer, &secret)
+ }()
+ return fakeClient
+}
+
+func initScheme() *runtime.Scheme {
+ scheme := runtime.NewScheme()
+ _ = clientgoscheme.AddToScheme(scheme)
+ _ = certmanager.AddToScheme(scheme)
+ _ = certserviceapi.AddToScheme(scheme)
+ return scheme
}
type MockLogger struct {
Code Review / oom / platform / cert-service.git / blobdiff