feat: SecretManagerSecret full test coverage & manual replication field #3371
Conversation
yuwenma
changed the title
| @@ -48,8 +48,7 @@ type SecretManagerSecretSpec struct { | |||
| // This is always provided on output, regardless of what was sent on input. | |||
| ExpireTime *string `json:"expireTime,omitempty"` | |||
|
|
|||
| // Input only. The TTL for the | |||
| // [Secret][google.cloud.secretmanager.v1.Secret]. | |||
| // Input only. A duration in seconds with up to nine fractional digits, ending with 's'. Example: "3.5s". | |||
There was a problem hiding this comment.
The TTL is a stale field that causes customers issues: it uses "Now()" when the resource is created that users cannot control or predict.
But since this is already in Beta, we still add the test coverage for it.
Also this change improves the user experience a little bit otherwise they don't now what value to give.
| @@ -26,7 +26,7 @@ if [[ -z "${KUBEBUILDER_ASSETS:-}" ]]; then | |||
| fi | |||
|
|
|||
| if [[ -z "${KCC_USE_DIRECT_RECONCILERS:-}" ]]; then | |||
| KCC_USE_DIRECT_RECONCILERS=ComputeForwardingRule,GKEHubFeatureMembership,SecretManagerSecret,SecretManagerSecretVersion | |||
There was a problem hiding this comment.
The test now covers both legacy controller and direct controller (via alpha direct annotation). we no longer need this
| if secret.Spec.Replication.UserManaged != nil { | ||
| for _, r := range secret.Spec.Replication.UserManaged.Replicas { | ||
| if r.CustomerManagedEncryption != nil { | ||
| kmsKeyRef := r.CustomerManagedEncryption.KmsKeyRef |
There was a problem hiding this comment.
I previously missed this field because I thought it is another field spec.customerManagedEncryption, which is not supported yet in the current released beta API.
yuwenma
force-pushed
the
secret-manager-wip
branch
from
2d81810 to
e96e317
Compare
|
[APPROVALNOTIFIER] This PR is NOT APPROVED This pull-request has been approved by: The full list of commands accepted by this bot can be found here.
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
yuwenma
force-pushed
the
secret-manager-wip
branch
2 times, most recently
from
08c7091 to
5aa4c54
Compare
yuwenma
force-pushed
the
secret-manager-wip
branch
4 times, most recently
from
16438ad to
c827a86
Compare
yuwenma
force-pushed
the
secret-manager-wip
branch
from
c827a86 to
4e61488
Compare
yuwenma
force-pushed
the
secret-manager-wip
branch
from
4e61488 to
32a002c
Compare
.../resourcefixture/testdata/basic/secretmanager/v1beta1/secretmanagersecretversion/create.yaml
Show resolved
Hide resolved
yuwenma
force-pushed
the
secret-manager-wip
branch
from
d810d99 to
52f0b95
Compare
|
/lgtm |
Improve SecretManager with full test coverage.
2nd git-commit is real gcp
3rd git-commit is mockgcp