Skip to content

Commit 7128576

Browse files
m1kolam1kola
committed
Fix tests
1 parent 63ddc0c commit 7128576

File tree

3 files changed

+20
-21
lines changed

3 files changed

+20
-21
lines changed

controllers/operator/appdbreplicaset_controller_test.go

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -377,7 +377,7 @@ func TestTryConfigureMonitoringInOpsManager(t *testing.T) {
377377
require.NoError(t, err)
378378

379379
// attempt configuring monitoring when there is no api key secret
380-
podVars, err := reconciler.tryConfigureMonitoringInOpsManager(ctx, opsManager, "password", zap.S())
380+
podVars, err := reconciler.tryConfigureMonitoringInOpsManager(ctx, opsManager, "password", "/fake/aget-cert/path", zap.S())
381381
assert.NoError(t, err)
382382

383383
assert.Empty(t, podVars.ProjectID)
@@ -408,7 +408,7 @@ func TestTryConfigureMonitoringInOpsManager(t *testing.T) {
408408
assert.NoError(t, err)
409409

410410
// once the secret exists, monitoring should be fully configured
411-
podVars, err = reconciler.tryConfigureMonitoringInOpsManager(ctx, opsManager, "password", zap.S())
411+
podVars, err = reconciler.tryConfigureMonitoringInOpsManager(ctx, opsManager, "password", "/fake/aget-cert/path", zap.S())
412412
assert.NoError(t, err)
413413

414414
assert.Equal(t, om.TestGroupID, podVars.ProjectID)
@@ -522,7 +522,7 @@ func TestTryConfigureMonitoringInOpsManagerWithExternalDomains(t *testing.T) {
522522
require.NoError(t, err)
523523

524524
// attempt configuring monitoring when there is no api key secret
525-
podVars, err := reconciler.tryConfigureMonitoringInOpsManager(ctx, opsManager, "password", zap.S())
525+
podVars, err := reconciler.tryConfigureMonitoringInOpsManager(ctx, opsManager, "password", "/fake/aget-cert/path", zap.S())
526526
assert.NoError(t, err)
527527

528528
assert.Empty(t, podVars.ProjectID)
@@ -553,7 +553,7 @@ func TestTryConfigureMonitoringInOpsManagerWithExternalDomains(t *testing.T) {
553553
assert.NoError(t, err)
554554

555555
// once the secret exists, monitoring should be fully configured
556-
podVars, err = reconciler.tryConfigureMonitoringInOpsManager(ctx, opsManager, "password", zap.S())
556+
podVars, err = reconciler.tryConfigureMonitoringInOpsManager(ctx, opsManager, "password", "/fake/aget-cert/path", zap.S())
557557
assert.NoError(t, err)
558558

559559
assert.Equal(t, om.TestGroupID, podVars.ProjectID)

controllers/operator/authentication_test.go

Lines changed: 14 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -91,8 +91,7 @@ func TestUpdateOmAuthentication_NoAuthenticationEnabled(t *testing.T) {
9191

9292
kubeClient, omConnectionFactory := mock.NewDefaultFakeClient(rs)
9393
r := newReplicaSetReconciler(ctx, kubeClient, nil, "", "", false, false, omConnectionFactory.GetConnectionFunc)
94-
agentCertSecretSelector := rs.GetSecurity().AgentClientCertificateSecretName(rs.Name)
95-
r.updateOmAuthentication(ctx, conn, processNames, rs, agentCertSecretSelector, "", "", false, zap.S())
94+
r.updateOmAuthentication(ctx, conn, processNames, rs, corev1.SecretKeySelector{}, "", "", false, zap.S())
9695

9796
ac, _ := conn.ReadAutomationConfig()
9897

@@ -113,8 +112,7 @@ func TestUpdateOmAuthentication_EnableX509_TlsNotEnabled(t *testing.T) {
113112

114113
kubeClient, omConnectionFactory := mock.NewDefaultFakeClient(rs)
115114
r := newReplicaSetReconciler(ctx, kubeClient, nil, "", "", false, false, omConnectionFactory.GetConnectionFunc)
116-
agentCertSecretSelector := rs.GetSecurity().AgentClientCertificateSecretName(rs.Name)
117-
status, isMultiStageReconciliation := r.updateOmAuthentication(ctx, conn, []string{"my-rs-0", "my-rs-1", "my-rs-2"}, rs, agentCertSecretSelector, "", "", false, zap.S())
115+
status, isMultiStageReconciliation := r.updateOmAuthentication(ctx, conn, []string{"my-rs-0", "my-rs-1", "my-rs-2"}, rs, corev1.SecretKeySelector{}, "", "", false, zap.S())
118116

119117
assert.True(t, status.IsOK(), "configuring both options at once should not result in a failed status")
120118
assert.True(t, isMultiStageReconciliation, "configuring both tls and x509 at once should result in a multi stage reconciliation")
@@ -126,8 +124,7 @@ func TestUpdateOmAuthentication_EnableX509_WithTlsAlreadyEnabled(t *testing.T) {
126124
omConnectionFactory := om.NewCachedOMConnectionFactoryWithInitializedConnection(om.NewMockedOmConnection(deployment.CreateFromReplicaSet("fake-mongoDBImage", false, rs)))
127125
kubeClient := mock.NewDefaultFakeClientWithOMConnectionFactory(omConnectionFactory, rs)
128126
r := newReplicaSetReconciler(ctx, kubeClient, nil, "", "", false, false, omConnectionFactory.GetConnectionFunc)
129-
agentCertSecretSelector := rs.GetSecurity().AgentClientCertificateSecretName(rs.Name)
130-
status, isMultiStageReconciliation := r.updateOmAuthentication(ctx, omConnectionFactory.GetConnection(), []string{"my-rs-0", "my-rs-1", "my-rs-2"}, rs, agentCertSecretSelector, "", "", false, zap.S())
127+
status, isMultiStageReconciliation := r.updateOmAuthentication(ctx, omConnectionFactory.GetConnection(), []string{"my-rs-0", "my-rs-1", "my-rs-2"}, rs, corev1.SecretKeySelector{}, "", "", false, zap.S())
131128

132129
assert.True(t, status.IsOK(), "configuring x509 when tls has already been enabled should not result in a failed status")
133130
assert.False(t, isMultiStageReconciliation, "if tls is already enabled, we should be able to configure x509 is a single reconciliation")
@@ -143,8 +140,7 @@ func TestUpdateOmAuthentication_AuthenticationIsNotConfigured_IfAuthIsNotSet(t *
143140
kubeClient := mock.NewDefaultFakeClientWithOMConnectionFactory(omConnectionFactory, rs)
144141
r := newReplicaSetReconciler(ctx, kubeClient, nil, "", "", false, false, omConnectionFactory.GetConnectionFunc)
145142

146-
agentCertSecretSelector := rs.GetSecurity().AgentClientCertificateSecretName(rs.Name)
147-
status, _ := r.updateOmAuthentication(ctx, omConnectionFactory.GetConnection(), []string{"my-rs-0", "my-rs-1", "my-rs-2"}, rs, agentCertSecretSelector, "", "", false, zap.S())
143+
status, _ := r.updateOmAuthentication(ctx, omConnectionFactory.GetConnection(), []string{"my-rs-0", "my-rs-1", "my-rs-2"}, rs, corev1.SecretKeySelector{}, "", "", false, zap.S())
148144
assert.True(t, status.IsOK(), "no authentication should have been configured")
149145

150146
ac, _ := omConnectionFactory.GetConnection().ReadAutomationConfig()
@@ -213,9 +209,14 @@ func TestUpdateOmAuthentication_EnableX509_FromEmptyDeployment(t *testing.T) {
213209
omConnectionFactory := om.NewCachedOMConnectionFactoryWithInitializedConnection(om.NewMockedOmConnection(om.NewDeployment()))
214210
kubeClient := mock.NewDefaultFakeClientWithOMConnectionFactory(omConnectionFactory, rs)
215211
r := newReplicaSetReconciler(ctx, kubeClient, nil, "", "", false, false, omConnectionFactory.GetConnectionFunc)
216-
createAgentCSRs(t, ctx, 1, r.client, certsv1.CertificateApproved)
212+
secretName := util.AgentSecretName
213+
secretKey := "fakeAgentCertHash"
214+
createAgentCSRs(t, ctx, r.client, secretName, secretKey, certsv1.CertificateApproved)
217215

218-
agentCertSecretSelector := rs.GetSecurity().AgentClientCertificateSecretName(rs.Name)
216+
agentCertSecretSelector := corev1.SecretKeySelector{
217+
LocalObjectReference: corev1.LocalObjectReference{Name: secretName},
218+
Key: secretKey,
219+
}
219220
status, isMultiStageReconciliation := r.updateOmAuthentication(ctx, omConnectionFactory.GetConnection(), []string{"my-rs-0", "my-rs-1", "my-rs-2"}, rs, agentCertSecretSelector, "", "", false, zap.S())
220221
assert.True(t, status.IsOK(), "configuring x509 and tls when there are no processes should not result in a failed status")
221222
assert.False(t, isMultiStageReconciliation, "if we are enabling tls and x509 at once, this should be done in a single reconciliation")
@@ -812,17 +813,14 @@ func Test_NoExternalDomainPresent(t *testing.T) {
812813
}
813814

814815
// createAgentCSRs creates all the agent CSRs needed for x509 at the specified condition type
815-
func createAgentCSRs(t *testing.T, ctx context.Context, numAgents int, client kubernetesClient.Client, conditionType certsv1.RequestConditionType) {
816-
if numAgents != 1 && numAgents != 3 {
817-
return
818-
}
816+
func createAgentCSRs(t *testing.T, ctx context.Context, client kubernetesClient.Client, secretName, secretKey string, conditionType certsv1.RequestConditionType) {
819817
// create the secret the agent certs will exist in
820818
certAuto, _ := os.ReadFile("testdata/certificates/cert_auto")
821819

822820
builder := secret.Builder().
823821
SetNamespace(mock.TestNamespace).
824-
SetName(util.AgentSecretName).
825-
SetField(util.AutomationAgentPemSecretKey, string(certAuto))
822+
SetName(secretName).
823+
SetField(secretKey, string(certAuto))
826824

827825
err := client.CreateSecret(ctx, builder.Build())
828826
assert.NoError(t, err)

pkg/util/constants.go

Lines changed: 2 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -122,7 +122,8 @@ const (
122122
MmsPemKeyFileDirInContainer = "/opt/mongodb/mms/secrets"
123123
AppDBMmsCaFileDirInContainer = "/opt/mongodb/mms/ca/"
124124

125-
AutomationAgentName = "mms-automation-agent"
125+
AutomationAgentName = "mms-automation-agent"
126+
// TODO: Remove this one
126127
AutomationAgentPemSecretKey = AutomationAgentName + "-pem"
127128

128129
// Key used in concatenated pem secrets to denote the hash of the latest certificate

0 commit comments

Comments
 (0)