ContainerImage.Pinniped/cmd/placeholder-name/main_test.go

/*
Copyright 2020 VMware, Inc.
SPDX-License-Identifier: Apache-2.0
*/

package main

import (
	"bytes"
	"context"
	"fmt"
	"testing"
	"time"

	"github.com/suzerain-io/placeholder-name/internal/testutil"

	"github.com/sclevine/spec"
	"github.com/sclevine/spec/report"
	"github.com/stretchr/testify/require"

	"github.com/suzerain-io/placeholder-name/pkg/client"
)

func TestRun(t *testing.T) {
	spec.Run(t, "main.run", func(t *testing.T, when spec.G, it spec.S) {
		var r *require.Assertions
		var buffer *bytes.Buffer
		var tokenExchanger tokenExchanger
		var fakeEnv map[string]string

		var envGetter envGetter = func(envVarName string) (string, bool) {
			value, present := fakeEnv[envVarName]
			if !present {
				return "", false
			}
			return value, true
		}

		it.Before(func() {
			r = require.New(t)
			buffer = new(bytes.Buffer)
			fakeEnv = map[string]string{
				"PLACEHOLDER_NAME_TOKEN":            "token from env",
				"PLACEHOLDER_NAME_CA_BUNDLE":        "ca bundle from env",
				"PLACEHOLDER_NAME_K8S_API_ENDPOINT": "k8s api from env",
			}
		})

		when("env vars are missing", func() {
			it("returns an error when PLACEHOLDER_NAME_TOKEN is missing", func() {
				delete(fakeEnv, "PLACEHOLDER_NAME_TOKEN")
				err := run(envGetter, tokenExchanger, buffer, 30*time.Second)
				r.EqualError(err, "failed to login: environment variable not set: PLACEHOLDER_NAME_TOKEN")
			})

			it("returns an error when PLACEHOLDER_NAME_CA_BUNDLE is missing", func() {
				delete(fakeEnv, "PLACEHOLDER_NAME_CA_BUNDLE")
				err := run(envGetter, tokenExchanger, buffer, 30*time.Second)
				r.EqualError(err, "failed to login: environment variable not set: PLACEHOLDER_NAME_CA_BUNDLE")
			})

			it("returns an error when PLACEHOLDER_NAME_K8S_API_ENDPOINT is missing", func() {
				delete(fakeEnv, "PLACEHOLDER_NAME_K8S_API_ENDPOINT")
				err := run(envGetter, tokenExchanger, buffer, 30*time.Second)
				r.EqualError(err, "failed to login: environment variable not set: PLACEHOLDER_NAME_K8S_API_ENDPOINT")
			})
		})

		when("the token exchange fails", func() {
			it.Before(func() {
				tokenExchanger = func(ctx context.Context, token, caBundle, apiEndpoint string) (*client.Credential, error) {
					return nil, fmt.Errorf("some error")
				}
			})

			it("returns an error", func() {
				err := run(envGetter, tokenExchanger, buffer, 30*time.Second)
				r.EqualError(err, "failed to login: some error")
			})
		})

		when("the JSON encoder fails", func() {
			it.Before(func() {
				tokenExchanger = func(ctx context.Context, token, caBundle, apiEndpoint string) (*client.Credential, error) {
					return &client.Credential{Token: "some token"}, nil
				}
			})

			it("returns an error", func() {
				err := run(envGetter, tokenExchanger, &testutil.ErrorWriter{ReturnError: fmt.Errorf("some IO error")}, 30*time.Second)
				r.EqualError(err, "failed to marshal response to stdout: some IO error")
			})
		})

		when("the token exchange times out", func() {
			it.Before(func() {
				tokenExchanger = func(ctx context.Context, token, caBundle, apiEndpoint string) (*client.Credential, error) {
					select {
					case <-time.After(100 * time.Millisecond):
						return &client.Credential{Token: "some token"}, nil
					case <-ctx.Done():
						return nil, ctx.Err()
					}
				}
			})

			it("returns an error", func() {
				err := run(envGetter, tokenExchanger, buffer, 1*time.Millisecond)
				r.EqualError(err, "failed to login: context deadline exceeded")
			})
		})

		when("the token exchange succeeds", func() {
			var actualToken, actualCaBundle, actualAPIEndpoint string

			it.Before(func() {
				tokenExchanger = func(ctx context.Context, token, caBundle, apiEndpoint string) (*client.Credential, error) {
					actualToken, actualCaBundle, actualAPIEndpoint = token, caBundle, apiEndpoint
					now := time.Date(2020, 7, 29, 1, 2, 3, 0, time.UTC)
					return &client.Credential{
						ExpirationTimestamp:   &now,
						ClientCertificateData: "some certificate",
						ClientKeyData:         "some key",
						Token:                 "some token",
					}, nil
				}
			})

			it("writes the execCredential to the given writer", func() {
				err := run(envGetter, tokenExchanger, buffer, 30*time.Second)
				r.NoError(err)
				r.Equal(fakeEnv["PLACEHOLDER_NAME_TOKEN"], actualToken)
				r.Equal(fakeEnv["PLACEHOLDER_NAME_CA_BUNDLE"], actualCaBundle)
				r.Equal(fakeEnv["PLACEHOLDER_NAME_K8S_API_ENDPOINT"], actualAPIEndpoint)
				expected := `{
				  "kind": "ExecCredential",
				  "apiVersion": "client.authentication.k8s.io/v1beta1",
				  "spec": {},
				  "status": {
					"expirationTimestamp":"2020-07-29T01:02:03Z",
					"clientCertificateData": "some certificate",
					"clientKeyData":"some key",
					"token": "some token"
				  }
				}`
				r.JSONEq(expected, buffer.String())
			})
		})
	}, spec.Parallel(), spec.Report(report.Terminal{}))
}
Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00			`/*`
			`Copyright 2020 VMware, Inc.`
			`SPDX-License-Identifier: Apache-2.0`
			`*/`

			`package main`

			`import (`
			`"bytes"`
Add a context parameter so we can enforce a timeout for the token exchange. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 14:10:40 +00:00			`"context"`
Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00			`"fmt"`
			`"testing"`
Add a context parameter so we can enforce a timeout for the token exchange. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 14:10:40 +00:00			`"time"`
Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00
Now that we have a testutil package, put ioutil.go into it Signed-off-by: Ryan Richard <richardry@vmware.com> 2020-08-06 22:19:09 +00:00			`"github.com/suzerain-io/placeholder-name/internal/testutil"`

Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00			`"github.com/sclevine/spec"`
			`"github.com/sclevine/spec/report"`
Add a test for "failed to marshal response to stdout" error case. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 13:42:25 +00:00			`"github.com/stretchr/testify/require"`

Convert pkg/client to depend only on stdlib. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-29 21:24:16 +00:00			`"github.com/suzerain-io/placeholder-name/pkg/client"`
Extract a test library helper for ErrorWriter{}. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 15:44:43 +00:00			`)`
Add a test for "failed to marshal response to stdout" error case. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 13:42:25 +00:00
Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00			`func TestRun(t *testing.T) {`
Minor test cleanup - `Before` gives a nice place to call `require.New(t)` to make the assertion lines more terse - Just delete the keys for testing when env vars are missing 2020-07-29 00:22:17 +00:00			`spec.Run(t, "main.run", func(t *testing.T, when spec.G, it spec.S) {`
			`var r *require.Assertions`
Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00			`var buffer *bytes.Buffer`
			`var tokenExchanger tokenExchanger`
			`var fakeEnv map[string]string`

			`var envGetter envGetter = func(envVarName string) (string, bool) {`
			`value, present := fakeEnv[envVarName]`
			`if !present {`
			`return "", false`
			`}`
			`return value, true`
			`}`

			`it.Before(func() {`
Minor test cleanup - `Before` gives a nice place to call `require.New(t)` to make the assertion lines more terse - Just delete the keys for testing when env vars are missing 2020-07-29 00:22:17 +00:00			`r = require.New(t)`
Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00			`buffer = new(bytes.Buffer)`
			`fakeEnv = map[string]string{`
			`"PLACEHOLDER_NAME_TOKEN": "token from env",`
			`"PLACEHOLDER_NAME_CA_BUNDLE": "ca bundle from env",`
			`"PLACEHOLDER_NAME_K8S_API_ENDPOINT": "k8s api from env",`
			`}`
			`})`

			`when("env vars are missing", func() {`
			`it("returns an error when PLACEHOLDER_NAME_TOKEN is missing", func() {`
Minor test cleanup - `Before` gives a nice place to call `require.New(t)` to make the assertion lines more terse - Just delete the keys for testing when env vars are missing 2020-07-29 00:22:17 +00:00			`delete(fakeEnv, "PLACEHOLDER_NAME_TOKEN")`
Add a context parameter so we can enforce a timeout for the token exchange. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 14:10:40 +00:00			`err := run(envGetter, tokenExchanger, buffer, 30*time.Second)`
Minor test cleanup - `Before` gives a nice place to call `require.New(t)` to make the assertion lines more terse - Just delete the keys for testing when env vars are missing 2020-07-29 00:22:17 +00:00			`r.EqualError(err, "failed to login: environment variable not set: PLACEHOLDER_NAME_TOKEN")`
Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00			`})`

			`it("returns an error when PLACEHOLDER_NAME_CA_BUNDLE is missing", func() {`
Minor test cleanup - `Before` gives a nice place to call `require.New(t)` to make the assertion lines more terse - Just delete the keys for testing when env vars are missing 2020-07-29 00:22:17 +00:00			`delete(fakeEnv, "PLACEHOLDER_NAME_CA_BUNDLE")`
Add a context parameter so we can enforce a timeout for the token exchange. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 14:10:40 +00:00			`err := run(envGetter, tokenExchanger, buffer, 30*time.Second)`
Minor test cleanup - `Before` gives a nice place to call `require.New(t)` to make the assertion lines more terse - Just delete the keys for testing when env vars are missing 2020-07-29 00:22:17 +00:00			`r.EqualError(err, "failed to login: environment variable not set: PLACEHOLDER_NAME_CA_BUNDLE")`
Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00			`})`

			`it("returns an error when PLACEHOLDER_NAME_K8S_API_ENDPOINT is missing", func() {`
Minor test cleanup - `Before` gives a nice place to call `require.New(t)` to make the assertion lines more terse - Just delete the keys for testing when env vars are missing 2020-07-29 00:22:17 +00:00			`delete(fakeEnv, "PLACEHOLDER_NAME_K8S_API_ENDPOINT")`
Add a context parameter so we can enforce a timeout for the token exchange. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 14:10:40 +00:00			`err := run(envGetter, tokenExchanger, buffer, 30*time.Second)`
Minor test cleanup - `Before` gives a nice place to call `require.New(t)` to make the assertion lines more terse - Just delete the keys for testing when env vars are missing 2020-07-29 00:22:17 +00:00			`r.EqualError(err, "failed to login: environment variable not set: PLACEHOLDER_NAME_K8S_API_ENDPOINT")`
Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00			`})`
More tests for the PublisherController - Also, don't repeat `spec.Parallel()` because, according to the docs for the spec package, "options are inherited by subgroups and subspecs" - Two tests are left pending to be filled in on the next commit 2020-07-30 01:18:42 +00:00			`})`
Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00
			`when("the token exchange fails", func() {`
			`it.Before(func() {`
Convert pkg/client to depend only on stdlib. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-29 21:24:16 +00:00			`tokenExchanger = func(ctx context.Context, token, caBundle, apiEndpoint string) (*client.Credential, error) {`
Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00			`return nil, fmt.Errorf("some error")`
			`}`
			`})`

			`it("returns an error", func() {`
Add a context parameter so we can enforce a timeout for the token exchange. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 14:10:40 +00:00			`err := run(envGetter, tokenExchanger, buffer, 30*time.Second)`
Minor test cleanup - `Before` gives a nice place to call `require.New(t)` to make the assertion lines more terse - Just delete the keys for testing when env vars are missing 2020-07-29 00:22:17 +00:00			`r.EqualError(err, "failed to login: some error")`
Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00			`})`
More tests for the PublisherController - Also, don't repeat `spec.Parallel()` because, according to the docs for the spec package, "options are inherited by subgroups and subspecs" - Two tests are left pending to be filled in on the next commit 2020-07-30 01:18:42 +00:00			`})`
Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00
Add a test for "failed to marshal response to stdout" error case. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 13:42:25 +00:00			`when("the JSON encoder fails", func() {`
			`it.Before(func() {`
Convert pkg/client to depend only on stdlib. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-29 21:24:16 +00:00			`tokenExchanger = func(ctx context.Context, token, caBundle, apiEndpoint string) (*client.Credential, error) {`
			`return &client.Credential{Token: "some token"}, nil`
Add a test for "failed to marshal response to stdout" error case. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 13:42:25 +00:00			`}`
			`})`

			`it("returns an error", func() {`
Now that we have a testutil package, put ioutil.go into it Signed-off-by: Ryan Richard <richardry@vmware.com> 2020-08-06 22:19:09 +00:00			`err := run(envGetter, tokenExchanger, &testutil.ErrorWriter{ReturnError: fmt.Errorf("some IO error")}, 30*time.Second)`
Minor test cleanup - `Before` gives a nice place to call `require.New(t)` to make the assertion lines more terse - Just delete the keys for testing when env vars are missing 2020-07-29 00:22:17 +00:00			`r.EqualError(err, "failed to marshal response to stdout: some IO error")`
Add a test for "failed to marshal response to stdout" error case. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 13:42:25 +00:00			`})`
More tests for the PublisherController - Also, don't repeat `spec.Parallel()` because, according to the docs for the spec package, "options are inherited by subgroups and subspecs" - Two tests are left pending to be filled in on the next commit 2020-07-30 01:18:42 +00:00			`})`
Add a test for "failed to marshal response to stdout" error case. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 13:42:25 +00:00
Add a context parameter so we can enforce a timeout for the token exchange. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 14:10:40 +00:00			`when("the token exchange times out", func() {`
			`it.Before(func() {`
Convert pkg/client to depend only on stdlib. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-29 21:24:16 +00:00			`tokenExchanger = func(ctx context.Context, token, caBundle, apiEndpoint string) (*client.Credential, error) {`
Add a context parameter so we can enforce a timeout for the token exchange. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 14:10:40 +00:00			`select {`
			`case <-time.After(100 * time.Millisecond):`
Convert pkg/client to depend only on stdlib. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-29 21:24:16 +00:00			`return &client.Credential{Token: "some token"}, nil`
Add a context parameter so we can enforce a timeout for the token exchange. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 14:10:40 +00:00			`case <-ctx.Done():`
			`return nil, ctx.Err()`
			`}`
			`}`
			`})`

			`it("returns an error", func() {`
			`err := run(envGetter, tokenExchanger, buffer, 1*time.Millisecond)`
Minor test cleanup - `Before` gives a nice place to call `require.New(t)` to make the assertion lines more terse - Just delete the keys for testing when env vars are missing 2020-07-29 00:22:17 +00:00			`r.EqualError(err, "failed to login: context deadline exceeded")`
Add a context parameter so we can enforce a timeout for the token exchange. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 14:10:40 +00:00			`})`
More tests for the PublisherController - Also, don't repeat `spec.Parallel()` because, according to the docs for the spec package, "options are inherited by subgroups and subspecs" - Two tests are left pending to be filled in on the next commit 2020-07-30 01:18:42 +00:00			`})`
Add a context parameter so we can enforce a timeout for the token exchange. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 14:10:40 +00:00
Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00			`when("the token exchange succeeds", func() {`
			`var actualToken, actualCaBundle, actualAPIEndpoint string`

			`it.Before(func() {`
Convert pkg/client to depend only on stdlib. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-29 21:24:16 +00:00			`tokenExchanger = func(ctx context.Context, token, caBundle, apiEndpoint string) (*client.Credential, error) {`
Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00			`actualToken, actualCaBundle, actualAPIEndpoint = token, caBundle, apiEndpoint`
Convert pkg/client to depend only on stdlib. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-29 21:24:16 +00:00			`now := time.Date(2020, 7, 29, 1, 2, 3, 0, time.UTC)`
			`return &client.Credential{`
			`ExpirationTimestamp: &now,`
			`ClientCertificateData: "some certificate",`
			`ClientKeyData: "some key",`
			`Token: "some token",`
Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00			`}, nil`
			`}`
			`})`

			`it("writes the execCredential to the given writer", func() {`
Add a context parameter so we can enforce a timeout for the token exchange. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 14:10:40 +00:00			`err := run(envGetter, tokenExchanger, buffer, 30*time.Second)`
Minor test cleanup - `Before` gives a nice place to call `require.New(t)` to make the assertion lines more terse - Just delete the keys for testing when env vars are missing 2020-07-29 00:22:17 +00:00			`r.NoError(err)`
			`r.Equal(fakeEnv["PLACEHOLDER_NAME_TOKEN"], actualToken)`
			`r.Equal(fakeEnv["PLACEHOLDER_NAME_CA_BUNDLE"], actualCaBundle)`
			`r.Equal(fakeEnv["PLACEHOLDER_NAME_K8S_API_ENDPOINT"], actualAPIEndpoint)`
			expected := `{
Fix a bug in placeholder-name CLI (wrong API version). This is kind of a subtle bug, but we were using the unversioned Kubernetes type package here, where we should have been using the v1beta1 version. They have the same fields, but they serialize to JSON differently. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 20:59:16 +00:00			`"kind": "ExecCredential",`
			`"apiVersion": "client.authentication.k8s.io/v1beta1",`
			`"spec": {},`
			`"status": {`
Convert pkg/client to depend only on stdlib. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-29 21:24:16 +00:00			`"expirationTimestamp":"2020-07-29T01:02:03Z",`
			`"clientCertificateData": "some certificate",`
			`"clientKeyData":"some key",`
Fix a bug in placeholder-name CLI (wrong API version). This is kind of a subtle bug, but we were using the unversioned Kubernetes type package here, where we should have been using the v1beta1 version. They have the same fields, but they serialize to JSON differently. Signed-off-by: Matt Moyer <moyerm@vmware.com> 2020-07-28 20:59:16 +00:00			`"token": "some token"`
			`}`
Minor test cleanup - `Before` gives a nice place to call `require.New(t)` to make the assertion lines more terse - Just delete the keys for testing when env vars are missing 2020-07-29 00:22:17 +00:00			}`
			`r.JSONEq(expected, buffer.String())`
Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00			`})`
More tests for the PublisherController - Also, don't repeat `spec.Parallel()` because, according to the docs for the spec package, "options are inherited by subgroups and subspecs" - Two tests are left pending to be filled in on the next commit 2020-07-30 01:18:42 +00:00			`})`
			`}, spec.Parallel(), spec.Report(report.Terminal{}))`
Add placeholder-name CLI - main and unit tests for main - client package to be done in a future commit Signed-off-by: Aram Price <pricear@vmware.com> 2020-07-27 23:49:43 +00:00			`}`