def test_init_with_invalid_name(self): name = object() try: utils.create_secret(name=name) self.fail("Should not fail.") except Exception as err: self.assertIsInstance(err, SyntaxError)
def test_list(self): count = 10 config = utils.create_config() if utils.is_reachable(config.api_host): for i in range(0, count): name = "yosecret-{0}".format(str(uuid.uuid4())) secret = utils.create_secret(name=name) secret.create() secret = utils.create_secret(name="yosecret") _list = secret.list() self.assertEqual(count + 1, len(_list)) # including service-account-token
def test_list(self): count = 10 config = utils.create_config() if utils.is_reachable(config.api_host): for i in range(0, count): name = "yosecret-{0}".format(str(uuid.uuid4())) secret = utils.create_secret(name=name) secret.create() secret = utils.create_secret(name="yosecret") _list = secret.list() self.assertGreaterEqual( count + 1, len(_list)) # including service-account-token on GCE
def test_add_annotation_invalid_args(self): name = "yosecret" secret = utils.create_secret(name=name) k = object() v = object() with self.assertRaises(SyntaxError): secret.add_annotation(k, v)
def test_create(self): name = "yosecret-{0}".format(str(uuid.uuid4())) secret = utils.create_secret(name=name) if utils.is_reachable(secret.config.api_host): secret.create() _list = secret.list() self.assertEqual(2, len(_list)) # service-account-token + 1
def test_set_type(self): name = "yosecret" secret = utils.create_secret(name=name) secret_type = "yosecrettype" secret.set_type(secret_type=secret_type) self.assertIn('type', secret.model.model) self.assertEqual(secret_type, secret.model.model['type'])
def test_struct_secret(self): name = "yoname" secret = utils.create_secret(name=name) model = secret.model self.assertIsInstance(model, Secret) self.assertIsInstance(model.model, dict) self.assertIsInstance(model.secret_metadata, ObjectMeta)
def test_set_service_account_token_none_args(self): name = "yosecret" secret = utils.create_secret(name=name) try: secret.set_service_account_token() except Exception as err: self.assertIsInstance(err, SyntaxError)
def test_pod_secret(self): container_name = "nginx" container_image = "nginx:1.7.9" container = utils.create_container(name=container_name, image=container_image) secret_name = "yosecret" secret = utils.create_secret(name=secret_name) k = ".secret-file" v = "dmFsdWUtMg0KDQo=" secret.data = {k: v} vol_name = "secret" vol_type = "secret" volume = utils.create_volume(name=vol_name, type=vol_type) volume.secret_name = secret_name mount_name = vol_name mount_path = '/test-secret' mount = K8sVolumeMount(name=mount_name, mount_path=mount_path) container.add_volume_mount(mount) pod_name = "nginx" pod = utils.create_pod(name=pod_name) pod.add_volume(volume) pod.add_container(container) if utils.is_reachable(pod.config.api_host): secret.create() pod.create() volnames = [x.name for x in pod.volumes] self.assertIn(vol_name, volnames)
def test_set_data_invalid_value(self): name = "yosecret" secret = utils.create_secret(name=name) k = "yokey" v = {'key1': 'value1', 'key2': 'value2'} with self.assertRaises(SyntaxError): secret.data = {k: v}
def test_set_data(self): name = "yosecret" secret = utils.create_secret(name=name) k = "yokey" v = {'key1': 'value1', 'key2': 'value2'} secret.data = {k: json.dumps(v)} self.assertIn(k, secret.data) self.assertEqual(json.dumps(v), secret.data[k])
def test_add_label(self): name = "yosecret" secret = utils.create_secret(name=name) k = "yokey" v = "yovalue" secret.add_label(k, v) self.assertIn(k, secret.labels) self.assertEqual(v, secret.labels[k])
def test_add_annotation(self): name = "yosecret" secret = utils.create_secret(name=name) k = "yokey" v = "yovalue" secret.add_annotation(k, v) self.assertIn(k, secret.annotations) self.assertEqual(v, secret.annotations[k])
def test_add_label_none_args(self): name = "yosecret" secret = utils.create_secret(name=name) try: secret.add_label() self.fail("Should not fail.") except Exception as err: self.assertIsInstance(err, SyntaxError)
def test_set_dockercfg_json_secret_none_arg(self): name = "yosecret" secret = utils.create_secret(name=name) try: secret.set_dockercfg_json_secret() self.fail("Should not fail.") except Exception as err: self.assertIsInstance(err, SyntaxError)
def test_init_with_name(self): name = "yoname" secret = utils.create_secret(name=name) self.assertIsNotNone(secret) self.assertIsInstance(secret, K8sSecret) self.assertEqual(secret.name, name) self.assertEqual('default', secret.config.namespace) self.assertEqual('Secret', secret.obj_type)
def test_set_data(self): name = "yosecret" secret = utils.create_secret(name=name) k = "yokey" v = {'key1': 'value1', 'key2': 'value2'} secret.set_data(k, json.dumps(v)) self.assertIn('data', secret.model.model) self.assertIn(k, secret.model.model['data']) self.assertEqual(json.dumps(v), base64.b64decode(secret.model.model['data'][k]))
def test_struct_k8s_secret(self): name = "yoname" secret = utils.create_secret(name=name) self.assertIsNotNone(secret) self.assertIsInstance(secret.base_url, str) self.assertIsInstance(secret.config, K8sConfig) self.assertIsInstance(secret.model, Secret) self.assertIsInstance(secret.name, str) self.assertIsInstance(secret.obj_type, str)
def test_list_without_create(self): name = "yosecret-{0}".format(str(uuid.uuid4())) secret = utils.create_secret(name=name) if utils.is_reachable(secret.config.api_host): _list = secret.list() self.assertGreaterEqual(1, len(_list)) # service-account-token on GCE for x in _list: self.assertIsInstance(x, K8sSecret)
def test_set_dockercfg_secret_invalid_arg(self): name = "yosecret" secret = utils.create_secret(name=name) data = object() try: secret.set_dockercfg_secret(data) self.fail("Should not fail.") except Exception as err: self.assertIsInstance(err, SyntaxError)
def test_get_doesnt_exist(self): name = "yosecret" secret = utils.create_secret(name=name) if utils.is_reachable(secret.config.api_host): try: secret.get() self.fail("Should not fail.") except Exception as err: self.assertIsInstance(err, NotFoundException)
def test_delete_nonexistent(self): name = "yosecret-{0}".format(str(uuid.uuid4())) secret = utils.create_secret(name=name) if utils.is_reachable(secret.config.api_host): try: secret.delete() self.fail("Should not fail.") except Exception as err: self.assertIsInstance(err, NotFoundException)
def test_create_already_exists(self): name = "yosecret-{0}".format(str(uuid.uuid4())) secret = utils.create_secret(name=name) if utils.is_reachable(secret.config.api_host): secret.create() try: secret.create() self.fail("Should not fail.") except Exception as err: self.assertIsInstance(err, AlreadyExistsException)
def test_init_with_name_and_config(self): name = "yoname" nspace = "yomama" config = K8sConfig(kubeconfig=utils.kubeconfig_fallback, namespace=nspace) secret = utils.create_secret(config=config, name=name) self.assertIsNotNone(secret) self.assertIsInstance(secret, K8sSecret) self.assertEqual(secret.name, name) self.assertEqual(secret.config.namespace, nspace) self.assertEqual('Secret', secret.obj_type)
def test_issue_64(self): name = "yosecret-{0}".format(str(uuid.uuid4())) secret_data = {"test": "test"} secret = utils.create_secret(name=name) secret.data = secret_data if utils.is_reachable(secret.config.api_host): secret.create() secret.get() self.assertIsInstance(secret, K8sSecret) self.assertEqual(secret.data, secret_data)
def test_set_data_invalid_value(self): name = "yosecret" secret = utils.create_secret(name=name) k = "yokey" v = {'key1': 'value1', 'key2': 'value2'} try: secret.set_data(k, v) self.fail("Should not fail.") except Exception as err: self.assertIsInstance(err, SyntaxError)
def test_add_label_invalid_args(self): name = "yosecret" secret = utils.create_secret(name=name) k = object() v = object() try: secret.add_label(k, v) self.fail("Should not fail.") except Exception as err: self.assertIsInstance(err, SyntaxError)
def test_get(self): name = "yosecret-{0}".format(str(uuid.uuid4())) secret = utils.create_secret(name=name) if utils.is_reachable(secret.config.api_host): from_create = secret.create() self.assertIsInstance(from_create, K8sSecret) self.assertEqual(from_create.name, name) from_get = secret.get() self.assertIsInstance(from_get, K8sSecret) self.assertEqual(from_get.name, name) self.assertEqual(from_create, from_get)
def test_add_label(self): name = "yosecret" secret = utils.create_secret(name=name) k = "yokey" v = "yovalue" secret.add_label(k, v) self.assertIn('labels', secret.model.model['metadata']) self.assertIn(k, secret.model.model['metadata']['labels']) self.assertEqual(secret.model.model['metadata']['labels']['yokey'], v) self.assertIn('labels', secret.model.secret_metadata.model) self.assertIn(k, secret.model.secret_metadata.model['labels'])
def test_set_dockercfg_json_secret(self): name = "yosecret" secret = utils.create_secret(name=name) data = "yodockercfgjson" secret.set_dockercfg_json_secret(data) self.assertIn('data', secret.model.model) self.assertIn('type', secret.model.model) self.assertIsInstance(secret.model.model['data'], dict) self.assertIsInstance(secret.model.model['type'], str) self.assertEqual('kubernetes.io/dockerconfigjson', secret.model.model['type']) self.assertIn('.dockerconfigjson', secret.model.model['data']) self.assertEqual(data, base64.b64decode(secret.model.model['data']['.dockerconfigjson']))
def test_update_dockercfg_json_secret_fails(self): name = "yosecret-{0}".format(str(uuid.uuid4())) secret = utils.create_secret(name=name) v = "yovalue" if utils.is_reachable(secret.config.api_host): secret.create() secret.set_dockercfg_json_secret(data=v) try: secret.update() self.fail("Should not fail.") except Exception as err: self.assertIsInstance(err, UnprocessableEntityException)
def test_update_data(self): name = "yosecret-{0}".format(str(uuid.uuid4())) secret = utils.create_secret(name=name) k = "yokey" v = "yovalue" if utils.is_reachable(secret.config.api_host): secret.create() secret.set_data(k=k, v=v) secret.update() from_get = secret.get() self.assertEqual('Opaque', from_get.get_type()) data = from_get.get_data(k) self.assertEqual(data, v)
def test_update_data(self): name = "yosecret-{0}".format(str(uuid.uuid4())) secret = utils.create_secret(name=name) k = "yokey" v = "yovalue" if utils.is_reachable(secret.config.api_host): secret.create() secret.data = {k: v} secret.update() from_get = secret.get() self.assertEqual('Opaque', from_get.type) d = from_get.data[k] self.assertEqual(d, v)
def test_delete(self): name = "yosecret-{0}".format(str(uuid.uuid4())) secret = utils.create_secret(name=name) if utils.is_reachable(secret.config.api_host): _list = secret.list() count_before_create = len(_list) secret.create() _list = secret.list() count_after_create = len(_list) self.assertEqual(count_before_create + 1, count_after_create) secret.delete() _list = secret.list() count_final = len(_list) self.assertEqual(count_before_create, count_final)
def test_list_without_create(self): name = "yosecret-{0}".format(str(uuid.uuid4())) secret = utils.create_secret(name=name) if utils.is_reachable(secret.config.api_host): _list = secret.list() self.assertGreaterEqual(1, len(_list)) # service-account-token on GCE secrets = [] for x in _list: s = Secret(x) k8s = K8sSecret(config=secret.config, name=x['metadata']['name']) k8s.model = s secrets.append(k8s)
def test_struct_secret_model(self): name = "yoname" secret = utils.create_secret(name=name) model = secret.model.model self.assertIsInstance(model, dict) self.assertIn('apiVersion', model) self.assertIn('kind', model) self.assertIn('metadata', model) self.assertIsInstance(model['apiVersion'], str) self.assertIsInstance(model['kind'], str) self.assertIsInstance(model['metadata'], dict) self.assertEqual(3, len(model['metadata'])) self.assertIn('labels', model['metadata']) self.assertIn('name', model['metadata']) self.assertIn('namespace', model['metadata']) self.assertEqual(name, model['metadata']['name'])
def test_set_service_account_token_invalid_args(self): name = "yosecret" account_name = object() account_uid = object() token = object() kubecfg_data = object() cacert = object() secret = utils.create_secret(name=name) try: secret.set_service_account_token(account_name=account_name, account_uid=account_uid, token=token, kubecfg_data=kubecfg_data, cacert=cacert) except Exception as err: self.assertIsInstance(err, SyntaxError)
def test_set_default_dockerconfigjson(self): name = "docker-registry" secret = utils.create_secret(name=name) data = { "auths": { "repo:port": { "auth": "authstring", "email": "*****@*****.**" } } } secret.dockerconfigjson = data self.assertEqual('kubernetes.io/.dockerconfigjson', secret.type) self.assertIn('.dockerconfigjson', secret.data) self.assertEqual(data, secret.dockerconfigjson) if utils.is_reachable(secret.config.api_host): s = secret.create() self.assertIsInstance(s, K8sSecret)
def test_set_service_account_token_invalid_args(self): name = "yosecret" account_name = object() account_uid = object() token = object() kubecfg_data = object() cacert = object() secret = utils.create_secret(name=name) try: secret.set_service_account_token( account_name=account_name, account_uid=account_uid, token=token, kubecfg_data=kubecfg_data, cacert=cacert ) except Exception as err: self.assertIsInstance(err, SyntaxError)
def test_set_service_account_token(self): name = "yosecret" account_name = "yoaccountname" account_uid = "yoaccountid" token = "yotoken" kubecfg_data = "yokubecfgdata" cacert = "yocacert" secret = utils.create_secret(name=name) secret.set_service_account_token(account_name=account_name, account_uid=account_uid, token=token, kubecfg_data=kubecfg_data, cacert=cacert) self.assertEqual('kubernetes.io/service-account-token', secret.type) self.assertIn('ca.crt', secret.data) self.assertIn('kubernetes.kubeconfig', secret.data) self.assertIn('token', secret.data) self.assertEqual(cacert, secret.data['ca.crt']) self.assertEqual(kubecfg_data, secret.data['kubernetes.kubeconfig']) self.assertEqual(token, secret.data['token']) self.assertIn('kubernetes.io/service-account.name', secret.annotations) self.assertIn('kubernetes.io/service-account.uid', secret.annotations) self.assertIn('kubernetes.io/service-account.name', secret.annotations) self.assertIn('kubernetes.io/service-account.uid', secret.annotations) self.assertEqual( account_name, secret.annotations['kubernetes.io/service-account.name']) self.assertEqual( account_uid, secret.annotations['kubernetes.io/service-account.uid']) self.assertEqual( account_name, secret.annotations['kubernetes.io/service-account.name']) self.assertEqual( account_uid, secret.annotations['kubernetes.io/service-account.uid'])
def test_rc_secret(self): container_name = "nginx" container_image = "nginx:1.7.9" container_nginx = utils.create_container(name=container_name, image=container_image) container_name = "redis" container_image = "redis:3.0.7" container_redis = utils.create_container(name=container_name, image=container_image) secret_name = "yosecret" secret = utils.create_secret(name=secret_name) k = ".secret-file" v = "dmFsdWUtMg0KDQo=" secret.data = {k: v} vol_name = "secret" vol_type = "secret" volume = utils.create_volume(name=vol_name, type=vol_type) volume.secret_name = secret_name mount_name = vol_name mount_path = '/test-secret' mount = K8sVolumeMount(name=mount_name, mount_path=mount_path) container_nginx.add_volume_mount(mount) container_redis.add_volume_mount(mount) rc_name = "app" rc = utils.create_rc(name=rc_name) rc.add_volume(volume) rc.add_container(container_nginx) rc.add_container(container_redis) rc.desired_replicas = 1 if utils.is_reachable(rc.config.api_host): secret.create() rc.create() volnames = [x.name for x in rc.volumes] self.assertIn(vol_name, volnames)
def test_set_service_account_token(self): name = "yosecret" account_name = "yoaccountname" account_uid = "yoaccountid" token = "yotoken" kubecfg_data = "yokubecfgdata" cacert = "yocacert" secret = utils.create_secret(name=name) secret.set_service_account_token( account_name=account_name, account_uid=account_uid, token=token, kubecfg_data=kubecfg_data, cacert=cacert ) self.assertIn('data', secret.model.model) self.assertIn('type', secret.model.model) self.assertIsInstance(secret.model.model['data'], dict) self.assertIsInstance(secret.model.model['type'], str) self.assertEqual('kubernetes.io/service-account-token', secret.model.model['type']) self.assertIn('ca.crt', secret.model.model['data']) self.assertIn('kubernetes.kubeconfig', secret.model.model['data']) self.assertIn('token', secret.model.model['data']) self.assertEqual(cacert, base64.b64decode(secret.model.model['data']['ca.crt'])) self.assertEqual(kubecfg_data, base64.b64decode(secret.model.model['data']['kubernetes.kubeconfig'])) self.assertEqual(token, base64.b64decode(secret.model.model['data']['token'])) self.assertIn('annotations', secret.model.model['metadata']) self.assertIsInstance(secret.model.secret_metadata.model['annotations'], dict) self.assertIn('kubernetes.io/service-account.name', secret.model.model['metadata']['annotations']) self.assertIn('kubernetes.io/service-account.uid', secret.model.model['metadata']['annotations']) self.assertIn('kubernetes.io/service-account.name', secret.model.secret_metadata.model['annotations']) self.assertIn('kubernetes.io/service-account.uid', secret.model.secret_metadata.model['annotations']) self.assertEqual(account_name, secret.model.model['metadata']['annotations']['kubernetes.io/service-account.name']) self.assertEqual(account_uid, secret.model.model['metadata']['annotations']['kubernetes.io/service-account.uid']) self.assertEqual(account_name, secret.model.secret_metadata.model['annotations']['kubernetes.io/service-account.name']) self.assertEqual(account_uid, secret.model.secret_metadata.model['annotations']['kubernetes.io/service-account.uid'])
def test_set_system_dockerconfigjson(self): name = "docker-registry" config = utils.create_config() config.namespace = 'kube-system' secret = utils.create_secret(config=config, name=name) data = { "auths": { "repo:port": { "auth": "authstring", "email": "*****@*****.**" } } } secret.dockerconfigjson = data self.assertEqual('kubernetes.io/.dockerconfigjson', secret.type) self.assertIn('.dockerconfigjson', secret.data) self.assertEqual(data, secret.dockerconfigjson) if utils.is_reachable(secret.config.api_host): try: secret.delete() except NotFoundException: pass s = secret.create() self.assertIsInstance(s, K8sSecret)
def test_set_dockercfg_json_secret_invalid_arg(self): name = "yosecret" secret = utils.create_secret(name=name) data = object() with self.assertRaises(SyntaxError): secret.dockerconfigjson = data
def test_init_with_invalid_name(self): name = object() with self.assertRaises(SyntaxError): utils.create_secret(name=name)
def test_struct(self): name = "yoname" secret = utils.create_secret(name=name) model = secret.model self.assertIsInstance(model, Secret)
def test_add_annotation_none_args(self): name = "yosecret" secret = utils.create_secret(name=name) with self.assertRaises(SyntaxError): secret.add_annotation()