Enhance sm_utils with extensive testing

SAP · Jan 10, 2024 · cddc2c6 · cddc2c6
1 parent 4232e82
commit cddc2c6
Show file tree

Hide file tree

Showing 2 changed files with 142 additions and 3 deletions.
diff --git a/internal/utils/sm_utils.go b/internal/utils/sm_utils.go
@@ -67,8 +67,8 @@ func getBTPAccessClient(ctx context.Context, secretResolver *SecretResolver, sec
 		URL:            string(secret.Data["sm_url"]),
 		TokenURL:       string(secret.Data["tokenurl"]),
 		TokenURLSuffix: string(secret.Data["tokenurlsuffix"]),
-		TLSPrivateKey:  string(secret.Data[v1.TLSCertKey]),
-		TLSCertKey:     string(secret.Data[v1.TLSPrivateKeyKey]),
+		TLSPrivateKey:  string(secret.Data[v1.TLSPrivateKeyKey]),
+		TLSCertKey:     string(secret.Data[v1.TLSCertKey]),
 		SSLDisabled:    false,
 	}
 

diff --git a/internal/utils/sm_utils_test.go b/internal/utils/sm_utils_test.go
@@ -196,7 +196,146 @@ var _ = Describe("SM Utils", func() {
 		})
 
 		Context("btpAccessSecret", func() {
-			//TODO
+			Context("client credentials", func() {
+				When("secret is valid", func() {
+					BeforeEach(func() {
+						secret = &corev1.Secret{
+							ObjectMeta: metav1.ObjectMeta{
+								Name:      "my-btp-access-secret",
+								Namespace: managementNamespace,
+							},
+							Data: map[string][]byte{
+								"clientid":     []byte("12345"),
+								"clientsecret": []byte("client-secret"),
+								"sm_url":       []byte("https://some.url"),
+								"tokenurl":     []byte("https://token.url"),
+							},
+						}
+						Expect(k8sClient.Create(ctx, secret)).To(Succeed())
+					})
+					It("should succeed", func() {
+						client, err := GetSMClient(ctx, resolver, testNamespace, "my-btp-access-secret")
+						Expect(err).ToNot(HaveOccurred())
+						Expect(client).ToNot(BeNil())
+					})
+				})
+
+				When("secret is missing client secret and there is no tls secret", func() {
+					BeforeEach(func() {
+						secret = &corev1.Secret{
+							ObjectMeta: metav1.ObjectMeta{
+								Name:      "my-btp-access-secret",
+								Namespace: managementNamespace,
+							},
+							Data: map[string][]byte{
+								"clientid":     []byte("12345"),
+								"clientsecret": []byte(""),
+								"sm_url":       []byte("https://some.url"),
+								"tokenurl":     []byte("https://token.url"),
+							},
+						}
+						Expect(k8sClient.Create(ctx, secret)).To(Succeed())
+					})
+					It("should return error", func() {
+						client, err := GetSMClient(ctx, resolver, testNamespace, "my-btp-access-secret")
+						Expect(err).To(HaveOccurred())
+						Expect(err.Error()).To(ContainSubstring("invalid Service-Manager credentials, contact your cluster administrator"))
+						Expect(client).To(BeNil())
+					})
+				})
+				When("secret is missing token url", func() {
+					BeforeEach(func() {
+						secret = &corev1.Secret{
+							ObjectMeta: metav1.ObjectMeta{
+								Name:      "my-btp-access-secret",
+								Namespace: managementNamespace,
+							},
+							Data: map[string][]byte{
+								"clientid":     []byte("12345"),
+								"clientsecret": []byte("clientsecret"),
+								"sm_url":       []byte("https://some.url"),
+								"tokenurl":     []byte(""),
+							},
+						}
+						Expect(k8sClient.Create(ctx, secret)).To(Succeed())
+					})
+					It("should return error", func() {
+						client, err := GetSMClient(ctx, resolver, testNamespace, "my-btp-access-secret")
+						Expect(err).To(HaveOccurred())
+						Expect(err.Error()).To(ContainSubstring("invalid Service-Manager credentials, contact your cluster administrator"))
+						Expect(client).To(BeNil())
+					})
+				})
+				When("secret is missing sm url", func() {
+					BeforeEach(func() {
+						secret = &corev1.Secret{
+							ObjectMeta: metav1.ObjectMeta{
+								Name:      "my-btp-access-secret",
+								Namespace: managementNamespace,
+							},
+							Data: map[string][]byte{
+								"clientid":     []byte("12345"),
+								"clientsecret": []byte("clientsecret"),
+								"tokenurl":     []byte("http://tokenurl"),
+							},
+						}
+						Expect(k8sClient.Create(ctx, secret)).To(Succeed())
+					})
+					It("should return error", func() {
+						client, err := GetSMClient(ctx, resolver, testNamespace, "my-btp-access-secret")
+						Expect(err).To(HaveOccurred())
+						Expect(err.Error()).To(ContainSubstring("invalid Service-Manager credentials, contact your cluster administrator"))
+						Expect(client).To(BeNil())
+					})
+				})
+			})
+
+			Context("tls credentials", func() {
+				When("secret is valid", func() {
+					BeforeEach(func() {
+						secret = &corev1.Secret{
+							ObjectMeta: metav1.ObjectMeta{
+								Name:      "my-btp-access-secret",
+								Namespace: managementNamespace,
+							},
+							Data: map[string][]byte{
+								"clientid": []byte("12345"),
+								"sm_url":   []byte("https://some.url"),
+								"tokenurl": []byte("https://token.url"),
+								"tls.key":  []byte(tlskey),
+								"tls.crt":  []byte(tlscrt),
+							},
+						}
+						Expect(k8sClient.Create(ctx, secret)).To(Succeed())
+					})
+					It("should succeed", func() {
+						client, err := GetSMClient(ctx, resolver, testNamespace, "my-btp-access-secret")
+						Expect(err).ToNot(HaveOccurred())
+						Expect(client).ToNot(BeNil())
+					})
+				})
+
+				When("tls secret is missing required values", func() {
+					BeforeEach(func() {
+						tlsSecret = &corev1.Secret{
+							ObjectMeta: metav1.ObjectMeta{
+								Name:      "my-btp-access-secret",
+								Namespace: managementNamespace,
+							},
+							Data: map[string][]byte{
+								"tls.key": []byte("12345key"),
+							},
+						}
+						Expect(k8sClient.Create(ctx, tlsSecret)).To(Succeed())
+					})
+					It("should return error", func() {
+						client, err := GetSMClient(ctx, resolver, testNamespace, "my-btp-access-secret")
+						Expect(err).To(HaveOccurred())
+						Expect(err.Error()).To(ContainSubstring("invalid Service-Manager credentials, contact your cluster administrator"))
+						Expect(client).To(BeNil())
+					})
+				})
+			})
 		})
 	})
 })