Skip to content

Commit

Permalink
Add test for invalid credentials in dns provider
Browse files Browse the repository at this point in the history
Signed-off-by: averevki <[email protected]>
  • Loading branch information
averevki committed Aug 27, 2024
1 parent 8a494cd commit 2ae8c75
Show file tree
Hide file tree
Showing 4 changed files with 54 additions and 2 deletions.
14 changes: 14 additions & 0 deletions testsuite/kuadrant/policy/dns.py
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,20 @@
from testsuite.gateway import Referencable
from testsuite.kubernetes.client import KubernetesClient
from testsuite.kuadrant.policy import Policy
from testsuite.utils import check_condition


def has_record_condition(condition_type, status="True", reason=None, message=None):
"""Returns function, that returns True if the DNSPolicy has specific record condition"""

def _check(obj):
for record in obj.model.status.recordConditions.values():
for condition in record:
if check_condition(condition, condition_type, status, reason, message):
return True
return False

return _check


class DNSPolicy(Policy):
Expand Down
4 changes: 2 additions & 2 deletions testsuite/kubernetes/secret.py
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@ def create_instance(
cluster,
name,
data: dict[str, str],
secret_type: Literal["kubernetes.io/tls", "Opaque"] = "Opaque",
secret_type: Literal["kubernetes.io/tls", "kuadrant.io/aws", "Opaque"] = "Opaque",
labels: dict[str, str] = None,
):
"""Creates new Secret"""
Expand Down Expand Up @@ -54,7 +54,7 @@ def create_instance( # type: ignore[override]
certificate: Certificate,
cert_name: str = "tls.crt",
key_name: str = "tls.key",
secret_type: Literal["kubernetes.io/tls", "Opaque"] = "kubernetes.io/tls",
secret_type: Literal["kubernetes.io/tls", "kuadrant.io/aws", "Opaque"] = "kubernetes.io/tls",
labels: dict[str, str] = None,
):
return super().create_instance(
Expand Down
Empty file.
Original file line number Diff line number Diff line change
@@ -0,0 +1,38 @@
"""Test DNSPolicy behavior when invalid credentials are provided"""

import pytest

from testsuite.kubernetes.secret import Secret
from testsuite.kuadrant.policy import has_condition
from testsuite.kuadrant.policy.dns import has_record_condition

pytestmark = [pytest.mark.kuadrant_only, pytest.mark.dnspolicy]


@pytest.fixture(scope="module")
def dns_provider_secret(request, cluster, module_label, blame):
"""Create AWS provider secret with invalid credentials"""
creds = {
"AWS_ACCESS_KEY_ID": "ABCDEFGHIJKL",
"AWS_SECRET_ACCESS_KEY": "abcdefg12345+",
}

secret = Secret.create_instance(cluster, blame("creds"), creds, "kuadrant.io/aws", labels={"app": module_label})
request.addfinalizer(secret.delete)
secret.commit()
return secret.name()


@pytest.fixture(scope="module", autouse=True)
def commit(request, dns_policy):
"""Commits dnspolicy without waiting for it to be ready"""
request.addfinalizer(dns_policy.delete)
dns_policy.commit()


def test_invalid_credentials(dns_policy):
"""Verify that DNSPolicy is not ready or enforced when invalid credentials are provided"""
assert dns_policy.wait_until(has_condition("Enforced", "False"))
assert dns_policy.wait_until(
has_record_condition("Ready", "False", "ProviderError", message="InvalidClientTokenId")
)

0 comments on commit 2ae8c75

Please sign in to comment.