class TestPutSecret(object): update_data = [{ "secret_name": "{}-ares-opaque-secret".format(settings.RESOURCE_PREFIX), "secret_type": "Opaque", "opaque_key": "new_opaque_key", "opaque_value": str(base64.b64encode("new_opaque_value".encode('utf-8')), 'utf8') }, { "secret_name": "{}-ares-ssh-secret".format(settings.RESOURCE_PREFIX), "secret_type": "kubernetes.io/ssh-auth", "ssh_privatevalue": str(base64.b64encode("new_value".encode('utf-8')), 'utf8'), }, { "secret_name": "{}-ares-base-secret".format(settings.RESOURCE_PREFIX), "secret_type": "kubernetes.io/basic-auth", "username": str(base64.b64encode("new_username".encode('utf-8')), 'utf8'), "password": str(base64.b64encode("new_password".encode('utf-8')), 'utf8') }, { "secret_name": "{}-ares-docker-secret".format(settings.RESOURCE_PREFIX), "secret_type": "kubernetes.io/dockerconfigjson", "dockerconfigjson": dockerjson("new.index.alauda.cn", "new_alauda", "new_alauda", "*****@*****.**"), }] casename_list = ["Opaque类型", "SSH类型", "用户名-密码类型", "镜像服务类型"] def setup_class(self): self.secret_tool = Secret() self.verify_template = Common.generate_jinja_template( self, './verify_data/secret/create_response.jinja2') @pytest.mark.parametrize("data", update_data, ids=casename_list) def 测试更新各种类型保密字典的数据(self, data): data.update({ "K8S_NAMESPACE": settings.K8S_NAMESPACE, "description": "update secret" }) ret = self.secret_tool.update_secret( data['secret_name'], './test_data/secret/create_secret.jinja2', data=data) assert ret.status_code == 200, "更新{}类型保密字典失败:{}".format( data["secret_type"], ret.text) value = self.verify_template.render(data) assert self.secret_tool.is_sub_dict(json.loads(value), ret.json()), \ "更新保密字典比对数据失败,返回数据:{},期望数据:{}".format(ret.json(), json.loads(value)) @pytest.mark.skipif(settings.AUDIT_UNABLED, reason="do not have audit") def 测试保密字典更新审计(self): payload = { "user_name": settings.USERNAME, "operation_type": "update", "resource_type": "secrets", "resource_name": self.update_data[0]['secret_name'] } result = self.secret_tool.search_audit(payload) payload.update({ "namespace": settings.K8S_NAMESPACE, "region_name": settings.REGION_NAME }) values = self.secret_tool.generate_jinja_data( "./verify_data/audit/audit.jinja2", payload) assert self.secret_tool.is_sub_dict(values, result.json()), "审计数据不符合预期"
class TestDeleteSecret(object): data = { "secret_name": "{}-ares-opaque-secret-2".format(settings.RESOURCE_PREFIX), "secret_type": "Opaque", "opaque_key": "opaque_key", "opaque_value": str(base64.b64encode("opaque_value".encode('utf-8')), 'utf8'), "description": "多组数据" } data_list = Secret.data_list def setup_class(self): self.secret_tool = Secret() self.verify_delete_template = Common.generate_jinja_template( self, './verify_data/secret/delete_response.jinja2') def 测试删除含有多组数据的保密字典(self): ret = self.secret_tool.delete_secret(self.data["secret_name"]) assert ret.status_code == 200, "删除{}类型的保密字典失败:{}".format( self.data["secret_type", ret.text]) assert self.secret_tool.check_exists( self.secret_tool.get_secret_url( secret_name=self.data["secret_name"]), 404), "删除失败" value = self.verify_delete_template.render(self.data) assert self.secret_tool.is_sub_dict(json.loads(value), ret.json()), \ "删除包含多组数据的保密字典比对数据失败,返回数据:{},期望数据:{}".format(ret.json(), json.loads(value)) @pytest.mark.parametrize("data", data_list, ids=Secret.casename_list) def 测试删除保密字典(self, data): ret = self.secret_tool.delete_secret(data["secret_name"]) assert ret.status_code == 200, "删除{}类型的保密字典失败:{}".format( data["secret_type", ret.text]) assert self.secret_tool.check_exists( self.secret_tool.get_secret_url(secret_name=data["secret_name"]), 404), "删除失败" value = self.verify_delete_template.render(data) assert self.secret_tool.is_sub_dict(json.loads(value), ret.json()), \ "删除保密字典比对数据失败,返回数据:{},期望数据:{}".format(ret.json(), json.loads(value)) @pytest.mark.skipif(settings.AUDIT_UNABLED, reason="do not have audit") def 测试保密字典删除审计(self): payload = { "user_name": settings.USERNAME, "operation_type": "delete", "resource_type": "secrets", "resource_name": self.data['secret_name'] } result = self.secret_tool.search_audit(payload) payload.update({ "namespace": settings.K8S_NAMESPACE, "region_name": settings.REGION_NAME }) values = self.secret_tool.generate_jinja_data( "./verify_data/audit/audit.jinja2", payload) assert self.secret_tool.is_sub_dict(values, result.json()), "审计数据不符合预期"
class TestPostSecret(object): data = { "secret_name": "{}-ares-opaque-secret-2".format(settings.RESOURCE_PREFIX), "secret_type": "Opaque", "opaque_key": "opaque_key", "opaque_value": str(base64.b64encode("opaque_value".encode('utf-8')), 'utf8'), "description": "多组数据" } data_list = Secret.data_list def setup_class(self): self.secret_tool = Secret() self.verify_template = Common.generate_jinja_template( self, './verify_data/secret/create_response.jinja2') @pytest.mark.parametrize("data", data_list, ids=Secret.casename_list) def 测试创建各种保密字典(self, data): data.update({"K8S_NAMESPACE": settings.K8S_NAMESPACE}) # create manager_secret_basic_auth ret = self.secret_tool.create_secret( './test_data/secret/create_secret.jinja2', data=data) assert ret.status_code == 201, "创建{}类型保密字典失败:{}".format( data['secret_type'], ret.text) value = self.verify_template.render(data) assert self.secret_tool.is_sub_dict(json.loads(value), ret.json()), \ "创建保密字典比对数据失败,返回数据:{},期望数据:{}".format(ret.json(), json.loads(value)) def 测试创建包含多组数据的保密字典(self, data=data): data.update({"K8S_NAMESPACE": settings.K8S_NAMESPACE}) ret = self.secret_tool.create_secret( './test_data/secret/create_secret.jinja2', data=data) assert ret.status_code == 201, "创建包含多组数据的{}类型的保密字典失败:{}".format( data['secret_type'], ret.text) value = self.verify_template.render(data) assert self.secret_tool.is_sub_dict(json.loads(value), ret.json()), \ "创建保密字典比对数据失败,返回数据:{},期望数据:{}".format(ret.json(), json.loads(value)) @pytest.mark.skipif(settings.AUDIT_UNABLED, reason="do not have audit") def 不测试保密字典创建审计(self): payload = { "user_name": settings.USERNAME, "operation_type": "create", "resource_type": "secrets", "resource_name": self.data['secret_name'] } result = self.secret_tool.search_audit(payload) payload.update({ "namespace": settings.K8S_NAMESPACE, "region_name": settings.REGION_NAME, "code": 201 }) values = self.secret_tool.generate_jinja_data( "./verify_data/audit/audit.jinja2", payload) assert self.secret_tool.is_sub_dict(values, result.json()), "审计数据不符合预期"