mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-18 10:57:13 -05:00
c9873f2bfb
* Refactor GCP metadata/cloud API * Remove cloud controller manager from metadata package * Remove PublicIP * Move shared cloud packages * Remove dead code Signed-off-by: Daniel Weiße <dw@edgeless.systems>
139 lines
6.4 KiB
Go
139 lines
6.4 KiB
Go
/*
|
|
Copyright (c) Edgeless Systems GmbH
|
|
|
|
SPDX-License-Identifier: AGPL-3.0-only
|
|
*/
|
|
|
|
package gcpshared
|
|
|
|
import (
|
|
"net/url"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestServiceAccountKeyFromURI(t *testing.T) {
|
|
serviceAccountKey := ServiceAccountKey{
|
|
Type: "type",
|
|
ProjectID: "project-id",
|
|
PrivateKeyID: "private-key-id",
|
|
PrivateKey: "private-key",
|
|
ClientEmail: "client-email",
|
|
ClientID: "client-id",
|
|
AuthURI: "auth-uri",
|
|
TokenURI: "token-uri",
|
|
AuthProviderX509CertURL: "auth-provider-x509-cert-url",
|
|
ClientX509CertURL: "client-x509-cert-url",
|
|
}
|
|
testCases := map[string]struct {
|
|
cloudServiceAccountURI string
|
|
wantKey ServiceAccountKey
|
|
wantErr bool
|
|
}{
|
|
"successful": {
|
|
cloudServiceAccountURI: "serviceaccount://gcp?type=type&project_id=project-id&private_key_id=private-key-id&private_key=private-key&client_email=client-email&client_id=client-id&auth_uri=auth-uri&token_uri=token-uri&auth_provider_x509_cert_url=auth-provider-x509-cert-url&client_x509_cert_url=client-x509-cert-url",
|
|
wantKey: serviceAccountKey,
|
|
},
|
|
"missing type": {
|
|
cloudServiceAccountURI: "serviceaccount://gcp?project_id=project-id&private_key_id=private-key-id&private_key=private-key&client_email=client-email&client_id=client-id&auth_uri=auth-uri&token_uri=token-uri&auth_provider_x509_cert_url=auth-provider-x509-cert-url&client_x509_cert_url=client-x509-cert-url",
|
|
wantErr: true,
|
|
},
|
|
"missing project_id": {
|
|
cloudServiceAccountURI: "serviceaccount://gcp?type=type&private_key_id=private-key-id&private_key=private-key&client_email=client-email&client_id=client-id&auth_uri=auth-uri&token_uri=token-uri&auth_provider_x509_cert_url=auth-provider-x509-cert-url&client_x509_cert_url=client-x509-cert-url",
|
|
wantErr: true,
|
|
},
|
|
"missing private_key_id": {
|
|
cloudServiceAccountURI: "serviceaccount://gcp?type=type&project_id=project-id&private_key=private-key&client_email=client-email&client_id=client-id&auth_uri=auth-uri&token_uri=token-uri&auth_provider_x509_cert_url=auth-provider-x509-cert-url&client_x509_cert_url=client-x509-cert-url",
|
|
wantErr: true,
|
|
},
|
|
"missing private_key": {
|
|
cloudServiceAccountURI: "serviceaccount://gcp?type=type&project_id=project-id&private_key_id=private-key-id&client_email=client-email&client_id=client-id&auth_uri=auth-uri&token_uri=token-uri&auth_provider_x509_cert_url=auth-provider-x509-cert-url&client_x509_cert_url=client-x509-cert-url",
|
|
wantErr: true,
|
|
},
|
|
"missing client_email": {
|
|
cloudServiceAccountURI: "serviceaccount://gcp?type=type&project_id=project-id&private_key_id=private-key-id&private_key=private-key&client_id=client-id&auth_uri=auth-uri&token_uri=token-uri&auth_provider_x509_cert_url=auth-provider-x509-cert-url&client_x509_cert_url=client-x509-cert-url",
|
|
wantErr: true,
|
|
},
|
|
"missing client_id": {
|
|
cloudServiceAccountURI: "serviceaccount://gcp?type=type&project_id=project-id&private_key_id=private-key-id&private_key=private-key&client_email=client-email&auth_uri=auth-uri&token_uri=token-uri&auth_provider_x509_cert_url=auth-provider-x509-cert-url&client_x509_cert_url=client-x509-cert-url",
|
|
wantErr: true,
|
|
},
|
|
"missing token_uri": {
|
|
cloudServiceAccountURI: "serviceaccount://gcp?type=type&project_id=project-id&private_key_id=private-key-id&private_key=private-key&client_email=client-email&client_id=client-id&auth_uri=auth-uri&auth_provider_x509_cert_url=auth-provider-x509-cert-url&client_x509_cert_url=client-x509-cert-url",
|
|
wantErr: true,
|
|
},
|
|
"missing auth_provider_x509_cert_url": {
|
|
cloudServiceAccountURI: "serviceaccount://gcp?type=type&project_id=project-id&private_key_id=private-key-id&private_key=private-key&client_email=client-email&client_id=client-id&auth_uri=auth-uri&token_uri=token-uri&client_x509_cert_url=client-x509-cert-url",
|
|
wantErr: true,
|
|
},
|
|
"missing client_x509_cert_url": {
|
|
cloudServiceAccountURI: "serviceaccount://gcp?type=type&project_id=project-id&private_key_id=private-key-id&private_key=private-key&client_email=client-email&client_id=client-id&auth_uri=auth-uri&token_uri=token-uri&auth_provider_x509_cert_url=auth-provider-x509-cert-url",
|
|
wantErr: true,
|
|
},
|
|
"invalid URI fails": {
|
|
cloudServiceAccountURI: "\x00",
|
|
wantErr: true,
|
|
},
|
|
"incorrect URI scheme fails": {
|
|
cloudServiceAccountURI: "invalid",
|
|
wantErr: true,
|
|
},
|
|
"incorrect URI host fails": {
|
|
cloudServiceAccountURI: "serviceaccount://incorrect",
|
|
wantErr: true,
|
|
},
|
|
}
|
|
|
|
for name, tc := range testCases {
|
|
t.Run(name, func(t *testing.T) {
|
|
assert := assert.New(t)
|
|
require := require.New(t)
|
|
|
|
key, err := ServiceAccountKeyFromURI(tc.cloudServiceAccountURI)
|
|
if tc.wantErr {
|
|
assert.Error(err)
|
|
return
|
|
}
|
|
require.NoError(err)
|
|
assert.Equal(tc.wantKey, key)
|
|
})
|
|
}
|
|
}
|
|
|
|
func TestConvertToCloudServiceAccountURI(t *testing.T) {
|
|
assert := assert.New(t)
|
|
require := require.New(t)
|
|
key := ServiceAccountKey{
|
|
Type: "type",
|
|
ProjectID: "project-id",
|
|
PrivateKeyID: "private-key-id",
|
|
PrivateKey: "private-key",
|
|
ClientEmail: "client-email",
|
|
ClientID: "client-id",
|
|
AuthURI: "auth-uri",
|
|
TokenURI: "token-uri",
|
|
AuthProviderX509CertURL: "auth-provider-x509-cert-url",
|
|
ClientX509CertURL: "client-x509-cert-url",
|
|
}
|
|
cloudServiceAccountURI := key.ToCloudServiceAccountURI()
|
|
uri, err := url.Parse(cloudServiceAccountURI)
|
|
require.NoError(err)
|
|
query := uri.Query()
|
|
assert.Equal("serviceaccount", uri.Scheme)
|
|
assert.Equal("gcp", uri.Host)
|
|
assert.Equal(url.Values{
|
|
"type": []string{"type"},
|
|
"project_id": []string{"project-id"},
|
|
"private_key_id": []string{"private-key-id"},
|
|
"private_key": []string{"private-key"},
|
|
"client_email": []string{"client-email"},
|
|
"client_id": []string{"client-id"},
|
|
"auth_uri": []string{"auth-uri"},
|
|
"token_uri": []string{"token-uri"},
|
|
"auth_provider_x509_cert_url": []string{"auth-provider-x509-cert-url"},
|
|
"client_x509_cert_url": []string{"client-x509-cert-url"},
|
|
}, query)
|
|
}
|