Teststand

internal/parser/parser_test.go

@@ -0,0 +1,145 @@
+package parser
+
+import (
+	"testing"
+)
+
+func TestParseManifestsMultiDocAndSecretRedaction(t *testing.T) {
+	input := []byte(`
+apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: web
+  namespace: demo
+spec:
+  template:
+    metadata:
+      labels:
+        app: web
+    spec:
+      containers:
+      - name: app
+        image: nginx
+        env:
+        - name: PASSWORD
+          valueFrom:
+            secretKeyRef:
+              name: app-secret
+              key: password
+---
+apiVersion: v1
+kind: Service
+metadata:
+  name: web
+  namespace: demo
+spec:
+  selector:
+    app: web
+---
+apiVersion: v1
+kind: Secret
+metadata:
+  name: app-secret
+  namespace: demo
+data:
+  password: c2VjcmV0
+`)
+
+	ds, err := ParseManifests(input)
+	if err != nil {
+		t.Fatalf("ParseManifests returned error: %v", err)
+	}
+	if got, want := ds.Summary.Resources, 3; got != want {
+		t.Fatalf("resource count mismatch: got %d want %d", got, want)
+	}
+
+	sec := ds.Resources["demo/Secret/app-secret"]
+	if sec == nil {
+		t.Fatalf("secret not found")
+	}
+	if !sec.IsSensitive {
+		t.Fatalf("secret should be sensitive")
+	}
+	data, ok := sec.Raw["data"].(map[string]any)
+	if !ok {
+		t.Fatalf("secret data should exist")
+	}
+	if got := data["password"]; got != "<redacted>" {
+		t.Fatalf("secret value was not redacted: %v", got)
+	}
+}
+
+func TestParseManifestsInvalidYAML(t *testing.T) {
+	_, err := ParseManifests([]byte("apiVersion: v1\nkind"))
+	if err == nil {
+		t.Fatalf("expected parse error for invalid yaml")
+	}
+}
+
+func TestParseDeploymentWithEnvFromConfigMapRef(t *testing.T) {
+	input := []byte(`apiVersion: apps/v1
+kind: Deployment
+metadata:
+  name: kubeviz
+  namespace: kubeviz
+spec:
+  selector:
+    matchLabels:
+      app: kubeviz
+  template:
+    metadata:
+      labels:
+        app: kubeviz
+    spec:
+      containers:
+      - name: kubeviz
+        image: kubeviz:latest
+        envFrom:
+        - configMapRef:
+            name: kubeviz-config
+`)
+
+	ds, err := ParseManifests(input)
+	if err != nil {
+		t.Fatalf("ParseManifests returned error: %v", err)
+	}
+	if got, want := ds.Summary.Resources, 1; got != want {
+		t.Fatalf("resource count mismatch: got %d want %d", got, want)
+	}
+}
+
+func TestParseIngressTLSHostsAndSecretName(t *testing.T) {
+	input := []byte(`apiVersion: networking.k8s.io/v1
+kind: Ingress
+metadata:
+  name: kubeviz
+  namespace: kubeviz
+spec:
+  tls:
+  - hosts:
+    - kubeviz.local
+    secretName: kubeviz-tls
+  rules:
+  - host: kubeviz.local
+    http:
+      paths:
+      - path: /
+        pathType: Prefix
+        backend:
+          service:
+            name: kubeviz
+            port:
+              number: 80
+`)
+
+	ds, err := ParseManifests(input)
+	if err != nil {
+		t.Fatalf("ParseManifests returned error: %v", err)
+	}
+	if got, want := ds.Summary.Resources, 1; got != want {
+		t.Fatalf("resource count mismatch: got %d want %d", got, want)
+	}
+	if len(ds.Summary.Issues) != 0 {
+		t.Fatalf("expected no parse issues, got: %+v", ds.Summary.Issues)
+	}
+}