mirror of
https://github.com/edgelesssys/constellation.git
synced 2025-01-07 05:38:03 -05:00
9667dfff58
* all vars have snail_case * make iam schema consistent * infrastructure schema * terraform: update AWS infrastructure module * fix ci * terraform: update AWS infrastructure module * terraform: update AWS IAM module * terraform: update Azure Infrastructure module inputs Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update Azure IAM module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update GCP infrastructure module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update GCP IAM module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update OpenStack Infrastructure module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: update QEMU Infrastructure module Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform-module: fix input name Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: tidy * cli: ignore whitespace in Terraform variable tests * terraform-module: fix AWS output names * terraform-module: fix output references Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> * terraform: rename `api_server_cert_sans` * Update terraform/infrastructure/aws/modules/public_private_subnet/variables.tf Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com> * fix self-managed * terraform: revert AWS modules output file renaming * terraform: remove duplicate varable declaration * terraform: rename Azure location field * ci: adjust output name in self-managed e2e test * e2e: continuously print output in upgrade test * e2e: write to output variables * cli: migrate IAM variable names * cli: make `location` field optional --------- Signed-off-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Moritz Sanft <58110325+msanft@users.noreply.github.com> Co-authored-by: Daniel Weiße <66256922+daniel-weisse@users.noreply.github.com>
185 lines
4.8 KiB
Go
185 lines
4.8 KiB
Go
/*
|
|
Copyright (c) Edgeless Systems GmbH
|
|
SPDX-License-Identifier: AGPL-3.0-only
|
|
*/
|
|
|
|
package cmd
|
|
|
|
import (
|
|
"context"
|
|
"io"
|
|
"path/filepath"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/edgelesssys/constellation/v2/cli/internal/terraform"
|
|
"github.com/edgelesssys/constellation/v2/internal/api/attestationconfigapi"
|
|
"github.com/edgelesssys/constellation/v2/internal/attestation/variant"
|
|
"github.com/edgelesssys/constellation/v2/internal/cloud/cloudprovider"
|
|
"github.com/edgelesssys/constellation/v2/internal/config"
|
|
"github.com/edgelesssys/constellation/v2/internal/constants"
|
|
"github.com/edgelesssys/constellation/v2/internal/file"
|
|
"github.com/edgelesssys/constellation/v2/internal/logger"
|
|
"github.com/spf13/afero"
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
)
|
|
|
|
func TestIamUpgradeApply(t *testing.T) {
|
|
setupFs := func(createConfig, createTerraformVars bool) file.Handler {
|
|
fs := afero.NewMemMapFs()
|
|
fh := file.NewHandler(fs)
|
|
if createConfig {
|
|
cfg := defaultConfigWithExpectedMeasurements(t, config.Default(), cloudprovider.Azure)
|
|
require.NoError(t, fh.WriteYAML(constants.ConfigFilename, cfg))
|
|
}
|
|
if createTerraformVars {
|
|
require.NoError(t, fh.Write(
|
|
filepath.Join(constants.TerraformIAMWorkingDir, "terraform.tfvars"),
|
|
[]byte(
|
|
"location = \"foo\"\n"+
|
|
"resource_group_name = \"bar\"\n"+
|
|
"service_principal_name = \"baz\"\n",
|
|
),
|
|
))
|
|
}
|
|
return fh
|
|
}
|
|
|
|
testCases := map[string]struct {
|
|
fh file.Handler
|
|
iamUpgrader *stubIamUpgrader
|
|
configFetcher *stubConfigFetcher
|
|
yesFlag bool
|
|
input string
|
|
wantErr bool
|
|
}{
|
|
"success": {
|
|
fh: setupFs(true, true),
|
|
configFetcher: &stubConfigFetcher{},
|
|
iamUpgrader: &stubIamUpgrader{},
|
|
},
|
|
"abort": {
|
|
fh: setupFs(true, true),
|
|
iamUpgrader: &stubIamUpgrader{},
|
|
configFetcher: &stubConfigFetcher{},
|
|
input: "no",
|
|
yesFlag: true,
|
|
},
|
|
"config missing": {
|
|
fh: setupFs(false, true),
|
|
iamUpgrader: &stubIamUpgrader{},
|
|
configFetcher: &stubConfigFetcher{},
|
|
yesFlag: true,
|
|
wantErr: true,
|
|
},
|
|
"iam vars missing": {
|
|
fh: setupFs(true, false),
|
|
iamUpgrader: &stubIamUpgrader{},
|
|
configFetcher: &stubConfigFetcher{},
|
|
yesFlag: true,
|
|
wantErr: true,
|
|
},
|
|
"plan error": {
|
|
fh: setupFs(true, true),
|
|
iamUpgrader: &stubIamUpgrader{
|
|
planErr: assert.AnError,
|
|
},
|
|
configFetcher: &stubConfigFetcher{},
|
|
yesFlag: true,
|
|
wantErr: true,
|
|
},
|
|
"apply error": {
|
|
fh: setupFs(true, true),
|
|
iamUpgrader: &stubIamUpgrader{
|
|
hasDiff: true,
|
|
applyErr: assert.AnError,
|
|
},
|
|
configFetcher: &stubConfigFetcher{},
|
|
yesFlag: true,
|
|
wantErr: true,
|
|
},
|
|
"restore error": {
|
|
fh: setupFs(true, true),
|
|
iamUpgrader: &stubIamUpgrader{
|
|
hasDiff: true,
|
|
rollbackErr: assert.AnError,
|
|
},
|
|
configFetcher: &stubConfigFetcher{},
|
|
input: "no\n",
|
|
wantErr: true,
|
|
},
|
|
"config fetcher err": {
|
|
fh: setupFs(true, true),
|
|
iamUpgrader: &stubIamUpgrader{
|
|
rollbackErr: assert.AnError,
|
|
},
|
|
configFetcher: &stubConfigFetcher{
|
|
fetchLatestErr: assert.AnError,
|
|
},
|
|
yesFlag: true,
|
|
wantErr: true,
|
|
},
|
|
}
|
|
|
|
for name, tc := range testCases {
|
|
t.Run(name, func(t *testing.T) {
|
|
assert := assert.New(t)
|
|
|
|
cmd := newIAMUpgradeApplyCmd()
|
|
cmd.SetIn(strings.NewReader(tc.input))
|
|
|
|
iamUpgradeApplyCmd := &iamUpgradeApplyCmd{
|
|
fileHandler: tc.fh,
|
|
log: logger.NewTest(t),
|
|
configFetcher: tc.configFetcher,
|
|
flags: iamUpgradeApplyFlags{
|
|
yes: tc.yesFlag,
|
|
},
|
|
}
|
|
|
|
err := iamUpgradeApplyCmd.iamUpgradeApply(cmd, tc.iamUpgrader, "")
|
|
if tc.wantErr {
|
|
assert.Error(err)
|
|
} else {
|
|
assert.NoError(err)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
type stubIamUpgrader struct {
|
|
hasDiff bool
|
|
planErr error
|
|
applyErr error
|
|
rollbackErr error
|
|
}
|
|
|
|
func (u *stubIamUpgrader) PlanIAMUpgrade(context.Context, io.Writer, terraform.Variables, cloudprovider.Provider) (bool, error) {
|
|
return u.hasDiff, u.planErr
|
|
}
|
|
|
|
func (u *stubIamUpgrader) ApplyIAMUpgrade(context.Context, cloudprovider.Provider) error {
|
|
return u.applyErr
|
|
}
|
|
|
|
func (u *stubIamUpgrader) RestoreIAMWorkspace() error {
|
|
return u.rollbackErr
|
|
}
|
|
|
|
type stubConfigFetcher struct {
|
|
fetchLatestErr error
|
|
}
|
|
|
|
func (s *stubConfigFetcher) FetchSEVSNPVersion(context.Context, attestationconfigapi.SEVSNPVersionAPI) (attestationconfigapi.SEVSNPVersionAPI, error) {
|
|
panic("not implemented")
|
|
}
|
|
|
|
func (s *stubConfigFetcher) FetchSEVSNPVersionList(context.Context, attestationconfigapi.SEVSNPVersionList) (attestationconfigapi.SEVSNPVersionList, error) {
|
|
panic("not implemented")
|
|
}
|
|
|
|
func (s *stubConfigFetcher) FetchSEVSNPVersionLatest(context.Context, variant.Variant) (attestationconfigapi.SEVSNPVersionAPI, error) {
|
|
return attestationconfigapi.SEVSNPVersionAPI{}, s.fetchLatestErr
|
|
}
|