146 lines
2.9 KiB
Go
146 lines
2.9 KiB
Go
package parser
|
|
|
|
import (
|
|
"testing"
|
|
)
|
|
|
|
func TestParseManifestsMultiDocAndSecretRedaction(t *testing.T) {
|
|
input := []byte(`
|
|
apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: web
|
|
namespace: demo
|
|
spec:
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: web
|
|
spec:
|
|
containers:
|
|
- name: app
|
|
image: nginx
|
|
env:
|
|
- name: PASSWORD
|
|
valueFrom:
|
|
secretKeyRef:
|
|
name: app-secret
|
|
key: password
|
|
---
|
|
apiVersion: v1
|
|
kind: Service
|
|
metadata:
|
|
name: web
|
|
namespace: demo
|
|
spec:
|
|
selector:
|
|
app: web
|
|
---
|
|
apiVersion: v1
|
|
kind: Secret
|
|
metadata:
|
|
name: app-secret
|
|
namespace: demo
|
|
data:
|
|
password: c2VjcmV0
|
|
`)
|
|
|
|
ds, err := ParseManifests(input)
|
|
if err != nil {
|
|
t.Fatalf("ParseManifests returned error: %v", err)
|
|
}
|
|
if got, want := ds.Summary.Resources, 3; got != want {
|
|
t.Fatalf("resource count mismatch: got %d want %d", got, want)
|
|
}
|
|
|
|
sec := ds.Resources["demo/Secret/app-secret"]
|
|
if sec == nil {
|
|
t.Fatalf("secret not found")
|
|
}
|
|
if !sec.IsSensitive {
|
|
t.Fatalf("secret should be sensitive")
|
|
}
|
|
data, ok := sec.Raw["data"].(map[string]any)
|
|
if !ok {
|
|
t.Fatalf("secret data should exist")
|
|
}
|
|
if got := data["password"]; got != "<redacted>" {
|
|
t.Fatalf("secret value was not redacted: %v", got)
|
|
}
|
|
}
|
|
|
|
func TestParseManifestsInvalidYAML(t *testing.T) {
|
|
_, err := ParseManifests([]byte("apiVersion: v1\nkind"))
|
|
if err == nil {
|
|
t.Fatalf("expected parse error for invalid yaml")
|
|
}
|
|
}
|
|
|
|
func TestParseDeploymentWithEnvFromConfigMapRef(t *testing.T) {
|
|
input := []byte(`apiVersion: apps/v1
|
|
kind: Deployment
|
|
metadata:
|
|
name: kubeviz
|
|
namespace: kubeviz
|
|
spec:
|
|
selector:
|
|
matchLabels:
|
|
app: kubeviz
|
|
template:
|
|
metadata:
|
|
labels:
|
|
app: kubeviz
|
|
spec:
|
|
containers:
|
|
- name: kubeviz
|
|
image: kubeviz:latest
|
|
envFrom:
|
|
- configMapRef:
|
|
name: kubeviz-config
|
|
`)
|
|
|
|
ds, err := ParseManifests(input)
|
|
if err != nil {
|
|
t.Fatalf("ParseManifests returned error: %v", err)
|
|
}
|
|
if got, want := ds.Summary.Resources, 1; got != want {
|
|
t.Fatalf("resource count mismatch: got %d want %d", got, want)
|
|
}
|
|
}
|
|
|
|
func TestParseIngressTLSHostsAndSecretName(t *testing.T) {
|
|
input := []byte(`apiVersion: networking.k8s.io/v1
|
|
kind: Ingress
|
|
metadata:
|
|
name: kubeviz
|
|
namespace: kubeviz
|
|
spec:
|
|
tls:
|
|
- hosts:
|
|
- kubeviz.local
|
|
secretName: kubeviz-tls
|
|
rules:
|
|
- host: kubeviz.local
|
|
http:
|
|
paths:
|
|
- path: /
|
|
pathType: Prefix
|
|
backend:
|
|
service:
|
|
name: kubeviz
|
|
port:
|
|
number: 80
|
|
`)
|
|
|
|
ds, err := ParseManifests(input)
|
|
if err != nil {
|
|
t.Fatalf("ParseManifests returned error: %v", err)
|
|
}
|
|
if got, want := ds.Summary.Resources, 1; got != want {
|
|
t.Fatalf("resource count mismatch: got %d want %d", got, want)
|
|
}
|
|
if len(ds.Summary.Issues) != 0 {
|
|
t.Fatalf("expected no parse issues, got: %+v", ds.Summary.Issues)
|
|
}
|
|
}
|