test: add helper function to check if using a Google git provider (#1807)

Camila-B · web-flow · commit b606e4bfc78e · 2025-08-01T20:08:50.000Z
diff --git a/e2e/nomostest/gitproviders/git-provider.go b/e2e/nomostest/gitproviders/git-provider.go
@@ -77,3 +77,8 @@ func NewGitProvider(t testing.NTB, provider, clusterName string, logger *testlog
 		return &LocalProvider{}
 	}
 }
+
+// IsGoogleGitProvider returns true if the GitProvider is a Google-hosted Git service.
+func IsGoogleGitProvider(provider GitProvider) bool {
+	return provider.Type() == e2e.CSR || provider.Type() == e2e.SSM
+}
diff --git a/e2e/nomostest/ssh.go b/e2e/nomostest/ssh.go
@@ -373,10 +373,9 @@ func downloadSSHKey(nt *NT) (string, error) {
 }
 
 // CreateNamespaceSecrets creates secrets in a given namespace using local paths.
-// It skips creating the Secret if the GitProvider is CSR because CSR uses either
-// 'gcenode' or 'gcpserviceaccount' for authentication, which doesn't require a Secret.
+// It skips creating the Secret if the GitProvider is CSR or SSM because neither require a Secret.
 func CreateNamespaceSecrets(nt *NT, ns string) error {
-	if nt.GitProvider.Type() != e2e.CSR && nt.GitProvider.Type() != e2e.SSM {
+	if !gitproviders.IsGoogleGitProvider(nt.GitProvider) {
 		privateKeypath := nt.gitPrivateKeyPath
 		if len(privateKeypath) == 0 {
 			privateKeypath = privateKeyPath(nt)
diff --git a/e2e/testcases/multi_sync_test.go b/e2e/testcases/multi_sync_test.go
@@ -225,7 +225,7 @@ func TestMultiSyncs_Unstructured_MixedControl(t *testing.T) {
 	// Reconciler-manager doesn't copy the secret of RootSync's secretRef.
 	validateReconcilerResource(nt, kinds.Secret(), map[string]string{metadata.SyncNamespaceLabel: configsync.ControllerNamespace}, 0)
 	// CSR and SSM auth type doesn't need to copy the secret
-	if nt.GitProvider.Type() != e2e.CSR && nt.GitProvider.Type() != e2e.SSM {
+	if !gitproviders.IsGoogleGitProvider(nt.GitProvider) {
 		validateReconcilerResource(nt, kinds.Secret(), map[string]string{metadata.SyncNamespaceLabel: testNs}, 5)
 		validateReconcilerResource(nt, kinds.Secret(), map[string]string{metadata.SyncNamespaceLabel: testNs2}, 1)
 		validateReconcilerResource(nt, kinds.Secret(), map[string]string{metadata.SyncNameLabel: repoSync1ID.Name}, 2)
diff --git a/e2e/testcases/reconciler_manager_test.go b/e2e/testcases/reconciler_manager_test.go
@@ -445,7 +445,7 @@ func validateRepoSyncDependencies(nt *nomostest.NT, ns, rsName string) []client.
 
 	// See nomostest.CreateNamespaceSecrets for creation of user secrets.
 	// The Secret is neither needed nor created when using CSR or SSM as the Git provider.
-	if nt.GitProvider.Type() != e2e.CSR && nt.GitProvider.Type() != e2e.SSM {
+	if !gitproviders.IsGoogleGitProvider(nt.GitProvider) {
 		repoSyncAuthSecret := &corev1.Secret{}
 		setNN(repoSyncAuthSecret, client.ObjectKey{
 			Name:      controllers.ReconcilerResourceName(repoSyncReconciler.Name, nomostest.NamespaceAuthSecretName),
@@ -941,7 +941,7 @@ func TestAutopilotReconcilerAdjustment(t *testing.T) {
 	}
 	// Filter container map down to just expected containers
 	filteredContainers := []string{reconcilermanager.Reconciler, reconcilermanager.GitSync, metrics.OtelAgentName}
-	if nt.GitProvider.Type() == e2e.CSR || nt.GitProvider.Type() == e2e.SSM {
+	if gitproviders.IsGoogleGitProvider(nt.GitProvider) {
 		filteredContainers = append(filteredContainers, reconcilermanager.GCENodeAskpassSidecar)
 	}
 	expectedResources = filterResourceMap(expectedResources, filteredContainers...)

Original file line number	Diff line number	Diff line change
`@@ -77,3 +77,8 @@ func NewGitProvider(t testing.NTB, provider, clusterName string, logger *testlog`
`77`	`77`	`return &LocalProvider{}`
`78`	`78`	`}`
`79`	`79`	`}`
	`80`	`+`
	`81`	`+// IsGoogleGitProvider returns true if the GitProvider is a Google-hosted Git service.`
	`82`	`+func IsGoogleGitProvider(provider GitProvider) bool {`
	`83`	`+ return provider.Type() == e2e.CSR \|\| provider.Type() == e2e.SSM`
	`84`	`+}`