|
| 1 | +# Copyright 2025 Canonical Ltd. |
| 2 | +# See LICENSE file for licensing details. |
| 3 | +# |
| 4 | +# Learn more about testing at: https://juju.is/docs/sdk/testing |
| 5 | + |
| 6 | +from unittest.mock import PropertyMock, patch |
| 7 | + |
| 8 | +import pytest |
| 9 | +from ops import testing |
| 10 | + |
| 11 | +from charm import CassandraCharm |
| 12 | +from core.state import PEER_RELATION |
| 13 | + |
| 14 | +BOOTSTRAP_RELATION = "bootstrap" |
| 15 | +PEER_SECRET = "cassandra-peers.cassandra.app" |
| 16 | + |
| 17 | + |
| 18 | +@pytest.mark.parametrize("bad_secret", [True, False]) |
| 19 | +def test_start_custom_secret(bad_secret: bool): |
| 20 | + ctx = testing.Context(CassandraCharm) |
| 21 | + peer_relation = testing.PeerRelation(id=1, endpoint=PEER_RELATION) |
| 22 | + bootstrap_relation = testing.PeerRelation(id=2, endpoint=BOOTSTRAP_RELATION) |
| 23 | + password_secret = testing.Secret( |
| 24 | + tracked_content={"foo": "bar"} if bad_secret else {"cassandra-password": "custom_password"} |
| 25 | + ) |
| 26 | + state = testing.State( |
| 27 | + leader=True, |
| 28 | + relations={peer_relation, bootstrap_relation}, |
| 29 | + config={"system_users": password_secret.id}, |
| 30 | + secrets={password_secret}, |
| 31 | + ) |
| 32 | + |
| 33 | + with ( |
| 34 | + patch("managers.config.ConfigManager.render_env"), |
| 35 | + patch("managers.config.ConfigManager.render_cassandra_config"), |
| 36 | + patch( |
| 37 | + "managers.database.DatabaseManager.update_system_user_password" |
| 38 | + ) as update_system_user_password, |
| 39 | + patch("charm.CassandraWorkload") as workload, |
| 40 | + patch("managers.tls.TLSManager.configure"), |
| 41 | + patch( |
| 42 | + "managers.cluster.ClusterManager.is_healthy", |
| 43 | + new_callable=PropertyMock(return_value=True), |
| 44 | + ), |
| 45 | + ): |
| 46 | + workload.return_value.generate_password.return_value = "password" |
| 47 | + |
| 48 | + state = ctx.run(ctx.on.start(), state) |
| 49 | + state = ctx.run(ctx.on.update_status(), state) |
| 50 | + |
| 51 | + targeted_password = "password" if bad_secret else "custom_password" |
| 52 | + peer_secret = state.get_secret(label="cassandra-peers.cassandra.app") |
| 53 | + assert ( |
| 54 | + peer_secret.latest_content |
| 55 | + and peer_secret.latest_content.get("cassandra-password") == targeted_password |
| 56 | + ) |
| 57 | + update_system_user_password.assert_called_once_with("cassandra", targeted_password) |
| 58 | + |
| 59 | + |
| 60 | +def test_update_custom_secret(): |
| 61 | + ctx = testing.Context(CassandraCharm) |
| 62 | + peer_relation = testing.PeerRelation( |
| 63 | + id=1, endpoint=PEER_RELATION, local_unit_data={"workload_state": "active"} |
| 64 | + ) |
| 65 | + bootstrap_relation = testing.PeerRelation(id=2, endpoint=BOOTSTRAP_RELATION) |
| 66 | + password_secret = testing.Secret( |
| 67 | + tracked_content={"cassandra-password": "custom_password"}, |
| 68 | + latest_content={"cassandra-password": "updated_password"}, |
| 69 | + ) |
| 70 | + state = testing.State( |
| 71 | + leader=True, |
| 72 | + relations={peer_relation, bootstrap_relation}, |
| 73 | + config={"system_users": password_secret.id}, |
| 74 | + secrets={password_secret}, |
| 75 | + ) |
| 76 | + |
| 77 | + with ( |
| 78 | + patch( |
| 79 | + "managers.database.DatabaseManager.update_system_user_password" |
| 80 | + ) as update_system_user_password, |
| 81 | + patch("charm.CassandraWorkload") as workload, |
| 82 | + ): |
| 83 | + workload.return_value.generate_password.return_value = "password" |
| 84 | + |
| 85 | + state = ctx.run(ctx.on.secret_changed(password_secret), state) |
| 86 | + |
| 87 | + peer_secret = state.get_secret(label="cassandra-peers.cassandra.app") |
| 88 | + assert ( |
| 89 | + peer_secret.latest_content |
| 90 | + and peer_secret.latest_content.get("cassandra-password") == "updated_password" |
| 91 | + ) |
| 92 | + update_system_user_password.assert_called_once_with("cassandra", "updated_password") |
0 commit comments