def test_legacy_strongbox_secrets(self, deployment, app_spec): config = mock.create_autospec(Configuration([]), spec_set=True) config.strongbox_init_container_image = STRONGBOX_IMAGE app_spec = app_spec._replace( strongbox=StrongboxSpec(enabled=True, iam_role="iam_role", aws_region="eu-west-1", groups=["group1", "group2"])) generic_init_secrets = mock.create_autospec(GenericInitSecrets(config), spec_set=True, instance=True) generic_init_secrets.supports.side_effect = lambda _type: _type == 'strongbox' secrets = Secrets( config, mock.create_autospec(KubernetesSecrets(), spec_set=True, instance=True), generic_init_secrets) expected_spec = SecretsSpec( type="strongbox", parameters={ "AWS_REGION": "eu-west-1", "SECRET_GROUPS": "group1,group2" }, annotations={"iam.amazonaws.com/role": "iam_role"}) secrets.apply(deployment, app_spec) generic_init_secrets.apply.assert_called_once_with( deployment, app_spec, expected_spec)
def test_app_spec_secrets(self, deployment, app_spec): config = mock.create_autospec(Configuration([]), spec_set=True) app_spec = app_spec._replace(secrets=APP_SPEC_SECRETS) generic_init_secrets = mock.create_autospec(GenericInitSecrets(config), spec_set=True, instance=True) secrets = Secrets( config, mock.create_autospec(KubernetesSecrets(), spec_set=True, instance=True), generic_init_secrets) expected_spec = APP_SPEC_SECRETS[0] secrets.apply(deployment, app_spec) generic_init_secrets.apply.assert_called_once_with( deployment, app_spec, expected_spec)
def test_default_secrets(self, deployment, app_spec): config = mock.create_autospec(Configuration([]), spec_set=True) config.secret_init_containers = {"default": DEFAULT_IMAGE} generic_init_secrets = mock.create_autospec(GenericInitSecrets(config), spec_set=True, instance=True) generic_init_secrets.supports.side_effect = lambda _type: _type == 'default' secrets = Secrets( config, mock.create_autospec(KubernetesSecrets(), spec_set=True, instance=True), generic_init_secrets) expected_spec = SecretsSpec(type="default", parameters={}, annotations={}) secrets.apply(deployment, app_spec) generic_init_secrets.apply.assert_called_once_with( deployment, app_spec, expected_spec)
def secrets(self, config, kubernetes_secrets, generic_init_secrets, strongbox_secrets): return Secrets(config, kubernetes_secrets, generic_init_secrets, strongbox_secrets)
def secrets(self, config): return mock.create_autospec(Secrets(config, None, None, None), spec_set=True, instance=True)