public_git
/
postgres-operator
mirror of https://github.com/zalando/postgres-operator.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add more tests for secrets verity/apply logic

This commit is contained in:
erthalion 2018-10-09 14:02:41 +02:00
parent 31725a6f4d
commit a31c69e5dc
2 changed files with 120 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
pkg/cluster/actions.go
View File

@ -98,7 +98,8 @@ func (action UpdateSecret) Apply() error {
if updateSecret { if updateSecret {
msg := "Updating the secret %q from the infrastructure roles" msg := "Updating the secret %q from the infrastructure roles"
cluster.logger.Debugf(msg, action.secret.Name) name := util.NameFromMeta(action.secret.ObjectMeta)
cluster.logger.Debugf(msg, name)
_, err := cluster.KubeClient. _, err := cluster.KubeClient.
Secrets(action.secret.Namespace). Secrets(action.secret.Namespace).

118
pkg/cluster/actions_test.go Normal file
View File

@ -0,0 +1,118 @@
package cluster
import (
"testing"
"k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
v1core "k8s.io/client-go/kubernetes/typed/core/v1"
"github.com/zalando-incubator/postgres-operator/pkg/spec"
"github.com/zalando-incubator/postgres-operator/pkg/util/k8sutil"
)
var updateCalled = 0
type mockSecretGetter struct{}
type testSecret struct {
v1core.SecretInterface
}
func (c *testSecret) Update(secret *v1.Secret) (*v1.Secret, error) {
updateCalled += 1
return secret, nil
}
func (c *mockSecretGetter) Secrets(namespace string) v1core.SecretInterface {
return &testSecret{}
}
func getMockK8sClient() k8sutil.KubernetesClient {
return k8sutil.KubernetesClient{
SecretsGetter: &mockSecretGetter{},
}
}
func generateMockCluster(origin spec.RoleOrigin) *Cluster {
cluster := Cluster{
KubeClient: getMockK8sClient(),
pgUsers: map[string]spec.PgUser{
"testuser": {
Password: "123456",
Origin: origin,
},
},
}
cluster.logger = logger.
WithField("pkg", "cluster").
WithField("cluster-name", cluster.clusterName())
return &cluster
}
func TestSecretValidation(t *testing.T) {
secret := v1.Secret{Data: make(map[string][]byte)}
tests := []struct {
name string
action Action
checkErr func(error) bool
errMsg string
}{
{
"Username for secret to update cannot be empty",
NewUpdateSecret("", &secret, nil),
func(err error) bool { return err == nil },
"Empty username did not cause an error, expected %v, given %v",
},
}
for _, tt := range tests {
result := tt.action.Validate()
if tt.checkErr(result) {
t.Errorf("%s: %v", tt.name, tt.errMsg)
}
}
}
func TestSecretApply(t *testing.T) {
tests := []struct {
name string
action Action
checkErr func(error) bool
errMsg string
}{
{
"Secret has been replaced with UpdateSecret for infrastructure role",
NewUpdateSecret("testuser", &v1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: "testsecret",
},
Data: make(map[string][]byte),
}, generateMockCluster(spec.RoleOriginInfrastructure)),
func(err error) bool { return err != nil || updateCalled != 1 },
"Update K8S client method was never called",
},
{
"Secret has been synced with UpdateSecret for non infrastructure role",
NewUpdateSecret("testuser", &v1.Secret{
ObjectMeta: metav1.ObjectMeta{
Name: "testsecret",
},
Data: make(map[string][]byte),
}, generateMockCluster(spec.RoleOriginSystem)),
func(err error) bool { return err != nil || updateCalled != 0 },
"Update K8S client method was called, but should not be",
},
}
for _, tt := range tests {
result := tt.action.Apply()
if tt.checkErr(result) {
t.Errorf("%s: %v", tt.name, tt.errMsg)
}
// reset counters
updateCalled = 0
}
}