Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 3 additions & 3 deletions .tekton/rosa-cli-e2e-test-pull-request.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -162,7 +162,7 @@ spec:
- name: name
value: git-clone-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.2@sha256:12cbcf0b408e906f84e7eb3c62c6cd618e2b1f78a40218e10940fbaf2c45455d
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.2@sha256:7759aab088034f32df156db44569690442a85559b982f7a1a9c925a1ad42e650
- name: kind
value: task
resolver: bundles
Expand Down Expand Up @@ -272,7 +272,7 @@ spec:
- name: name
value: source-build-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.3@sha256:7c5575ac8e292f27f57716c021ab0324460dc958e73946724c588c5228e5f372
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.3@sha256:5f53518629ce04fee0466d25670700d0f36b2dbd296b6ae04eaad5d44f0d7d52
- name: kind
value: task
resolver: bundles
Expand Down Expand Up @@ -535,7 +535,7 @@ spec:
- name: name
value: apply-tags
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.3@sha256:3ab844157eccd68e95e4852adc06c3c4ea674edb7865a474b0a898227f2893d6
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.3@sha256:86170d1f69fa75c725952b083311f8107d6334f61b505c4a03213b59fd3199ff
- name: kind
value: task
resolver: bundles
Expand Down
6 changes: 3 additions & 3 deletions .tekton/rosa-cli-e2e-test-push.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -159,7 +159,7 @@ spec:
- name: name
value: git-clone-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.2@sha256:12cbcf0b408e906f84e7eb3c62c6cd618e2b1f78a40218e10940fbaf2c45455d
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.2@sha256:7759aab088034f32df156db44569690442a85559b982f7a1a9c925a1ad42e650
- name: kind
value: task
resolver: bundles
Expand Down Expand Up @@ -269,7 +269,7 @@ spec:
- name: name
value: source-build-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.3@sha256:7c5575ac8e292f27f57716c021ab0324460dc958e73946724c588c5228e5f372
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.3@sha256:5f53518629ce04fee0466d25670700d0f36b2dbd296b6ae04eaad5d44f0d7d52
- name: kind
value: task
resolver: bundles
Expand Down Expand Up @@ -532,7 +532,7 @@ spec:
- name: name
value: apply-tags
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.3@sha256:3ab844157eccd68e95e4852adc06c3c4ea674edb7865a474b0a898227f2893d6
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.3@sha256:86170d1f69fa75c725952b083311f8107d6334f61b505c4a03213b59fd3199ff
- name: kind
value: task
resolver: bundles
Expand Down
6 changes: 3 additions & 3 deletions .tekton/rosa-pull-request.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -158,7 +158,7 @@ spec:
- name: name
value: git-clone-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.2@sha256:12cbcf0b408e906f84e7eb3c62c6cd618e2b1f78a40218e10940fbaf2c45455d
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.2@sha256:7759aab088034f32df156db44569690442a85559b982f7a1a9c925a1ad42e650
- name: kind
value: task
resolver: bundles
Expand Down Expand Up @@ -266,7 +266,7 @@ spec:
- name: name
value: source-build-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.3@sha256:7c5575ac8e292f27f57716c021ab0324460dc958e73946724c588c5228e5f372
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.3@sha256:5f53518629ce04fee0466d25670700d0f36b2dbd296b6ae04eaad5d44f0d7d52
- name: kind
value: task
resolver: bundles
Expand Down Expand Up @@ -526,7 +526,7 @@ spec:
- name: name
value: apply-tags
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.3@sha256:3ab844157eccd68e95e4852adc06c3c4ea674edb7865a474b0a898227f2893d6
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.3@sha256:86170d1f69fa75c725952b083311f8107d6334f61b505c4a03213b59fd3199ff
- name: kind
value: task
resolver: bundles
Expand Down
6 changes: 3 additions & 3 deletions .tekton/rosa-push.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -155,7 +155,7 @@ spec:
- name: name
value: git-clone-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.2@sha256:12cbcf0b408e906f84e7eb3c62c6cd618e2b1f78a40218e10940fbaf2c45455d
value: quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta:0.2@sha256:7759aab088034f32df156db44569690442a85559b982f7a1a9c925a1ad42e650
- name: kind
value: task
resolver: bundles
Expand Down Expand Up @@ -263,7 +263,7 @@ spec:
- name: name
value: source-build-oci-ta
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.3@sha256:7c5575ac8e292f27f57716c021ab0324460dc958e73946724c588c5228e5f372
value: quay.io/konflux-ci/tekton-catalog/task-source-build-oci-ta:0.3@sha256:5f53518629ce04fee0466d25670700d0f36b2dbd296b6ae04eaad5d44f0d7d52
- name: kind
value: task
resolver: bundles
Expand Down Expand Up @@ -526,7 +526,7 @@ spec:
- name: name
value: apply-tags
- name: bundle
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.3@sha256:3ab844157eccd68e95e4852adc06c3c4ea674edb7865a474b0a898227f2893d6
value: quay.io/konflux-ci/tekton-catalog/task-apply-tags:0.3@sha256:86170d1f69fa75c725952b083311f8107d6334f61b505c4a03213b59fd3199ff
- name: kind
value: task
resolver: bundles
Expand Down
100 changes: 100 additions & 0 deletions cmd/create/oidcconfig/cmd_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,100 @@
package oidcconfig

import (
"net/http"

. "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
"github.com/openshift-online/ocm-common/pkg/rosa/oidcconfigs"
. "github.com/openshift-online/ocm-sdk-go/testing"

"github.com/openshift/rosa/pkg/interactive"
"github.com/openshift/rosa/pkg/test"
)

var _ = Describe("Create OIDC Config", func() {
Context("getOidcConfigStrategy", func() {
var input *oidcconfigs.OidcConfigInput

BeforeEach(func() {
input = &oidcconfigs.OidcConfigInput{}
args.rawFiles = false
args.managed = false
})

It("returns raw strategy when rawFiles is true", func() {
args.rawFiles = true

strategy, err := getOidcConfigStrategy(interactive.ModeAuto, input)
Expect(err).NotTo(HaveOccurred())
Expect(strategy).To(BeAssignableToTypeOf(&CreateUnmanagedOidcConfigRawStrategy{}))
})

It("returns managed auto strategy when managed is true", func() {
args.managed = true

strategy, err := getOidcConfigStrategy(interactive.ModeAuto, input)
Expect(err).NotTo(HaveOccurred())
Expect(strategy).To(BeAssignableToTypeOf(&CreateManagedOidcConfigAutoStrategy{}))
})

It("returns unmanaged auto strategy for auto mode", func() {
strategy, err := getOidcConfigStrategy(interactive.ModeAuto, input)
Expect(err).NotTo(HaveOccurred())
Expect(strategy).To(BeAssignableToTypeOf(&CreateUnmanagedOidcConfigAutoStrategy{}))
})

It("returns unmanaged manual strategy for manual mode", func() {
strategy, err := getOidcConfigStrategy(interactive.ModeManual, input)
Expect(err).NotTo(HaveOccurred())
Expect(strategy).To(BeAssignableToTypeOf(&CreateUnmanagedOidcConfigManualStrategy{}))
})

It("returns error for invalid mode", func() {
_, err := getOidcConfigStrategy("invalid", input)
Expect(err).To(HaveOccurred())
Expect(err.Error()).To(ContainSubstring("Invalid mode"))
})
})

Context("ManagedOidcConfigAutoStrategy.executeNoExit", func() {
var t *test.TestingRuntime

BeforeEach(func() {
t = test.NewTestRuntime()
})

It("returns the OIDC config ID on success", func() {
t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusOK, `{
"kind": "OidcConfig",
"id": "managed-oidc-123",
"managed": true,
"issuer_url": "https://oidc.managed.example.com"
}`))

input := &oidcconfigs.OidcConfigInput{}
strategy := &CreateManagedOidcConfigAutoStrategy{oidcConfigInput: input}

id, err := strategy.executeNoExit(t.RosaRuntime)
Expect(err).NotTo(HaveOccurred())
Expect(id).To(Equal("managed-oidc-123"))
})

It("returns error when CreateOidcConfig fails", func() {
t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusInternalServerError, `{
"kind": "Error",
"id": "500",
"href": "/api/clusters_mgmt/v1/errors/500",
"code": "CLUSTERS-MGMT-500",
"reason": "internal error"
}`))

input := &oidcconfigs.OidcConfigInput{}
strategy := &CreateManagedOidcConfigAutoStrategy{oidcConfigInput: input}

_, err := strategy.executeNoExit(t.RosaRuntime)
Expect(err).To(HaveOccurred())
Expect(err.Error()).To(ContainSubstring("managed OIDC Configuration"))
})
})
})
13 changes: 13 additions & 0 deletions cmd/create/oidcconfig/oidcconfig_suite_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
package oidcconfig

import (
"testing"

. "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
)

func TestOidcConfig(t *testing.T) {
RegisterFailHandler(Fail)
RunSpecs(t, "Create OidcConfig Suite")
}
118 changes: 118 additions & 0 deletions cmd/create/oidcprovider/cmd_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,118 @@
package oidcprovider

import (
"fmt"
"net/http"

"go.uber.org/mock/gomock"

. "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
. "github.com/openshift-online/ocm-sdk-go/testing"

awsClient "github.com/openshift/rosa/pkg/aws"
"github.com/openshift/rosa/pkg/test"
)

var _ = Describe("Create OIDC Provider", func() {
Context("CreateOIDCProvider", func() {
var t *test.TestingRuntime

BeforeEach(func() {
t = test.NewTestRuntime()
})

It("creates the provider successfully", func() {
oidcConfigId := "oidc-config-123"
issuerUrl := "https://oidc.example.com/abc123"
thumbprint := "a]b]c]d]e]f]0]1]2]3]4]5]6]7]8]9]a]b]c]d"

t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusOK, fmt.Sprintf(`{
"kind": "OidcConfig",
"id": "%s",
"issuer_url": "%s"
}`, oidcConfigId, issuerUrl)))

t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusOK, fmt.Sprintf(`{
"kind": "OidcThumbprint",
"thumbprint": "%s",
"oidc_config_id": "%s"
}`, thumbprint, oidcConfigId)))

mockAWS := t.RosaRuntime.AWSClient.(*awsClient.MockClient)
mockAWS.EXPECT().CreateOpenIDConnectProvider(
issuerUrl,
thumbprint,
gomock.Any(),
).Return("arn:aws:iam::123456789012:oidc-provider/oidc.example.com/abc123", nil)

err := CreateOIDCProvider(t.RosaRuntime, oidcConfigId, "", true)
Expect(err).NotTo(HaveOccurred())
})

It("returns error when GetOidcConfig fails", func() {
t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusNotFound, `{
"kind": "Error",
"id": "404",
"href": "/api/clusters_mgmt/v1/errors/404",
"code": "CLUSTERS-MGMT-404",
"reason": "not found"
}`))

err := CreateOIDCProvider(t.RosaRuntime, "nonexistent", "", true)
Expect(err).To(HaveOccurred())
Expect(err.Error()).To(ContainSubstring("retrieving OIDC Config"))
})

It("returns error when FetchOidcThumbprint fails", func() {
oidcConfigId := "oidc-config-123"
issuerUrl := "https://oidc.example.com/abc123"

t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusOK, fmt.Sprintf(`{
"kind": "OidcConfig",
"id": "%s",
"issuer_url": "%s"
}`, oidcConfigId, issuerUrl)))

t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusInternalServerError, `{
"kind": "Error",
"id": "500",
"href": "/api/clusters_mgmt/v1/errors/500",
"code": "CLUSTERS-MGMT-500",
"reason": "thumbprint service unavailable"
}`))

err := CreateOIDCProvider(t.RosaRuntime, oidcConfigId, "", true)
Expect(err).To(HaveOccurred())
})

It("returns error when CreateOpenIDConnectProvider fails", func() {
Comment thread
olucasfreitas marked this conversation as resolved.
oidcConfigId := "oidc-config-123"
issuerUrl := "https://oidc.example.com/abc123"
thumbprint := "a]b]c]d]e]f]0]1]2]3]4]5]6]7]8]9]a]b]c]d"

t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusOK, fmt.Sprintf(`{
"kind": "OidcConfig",
"id": "%s",
"issuer_url": "%s"
}`, oidcConfigId, issuerUrl)))

t.ApiServer.AppendHandlers(RespondWithJSON(http.StatusOK, fmt.Sprintf(`{
"kind": "OidcThumbprint",
"thumbprint": "%s",
"oidc_config_id": "%s"
}`, thumbprint, oidcConfigId)))

mockAWS := t.RosaRuntime.AWSClient.(*awsClient.MockClient)
mockAWS.EXPECT().CreateOpenIDConnectProvider(
issuerUrl,
thumbprint,
gomock.Any(),
).Return("", fmt.Errorf("access denied"))

err := CreateOIDCProvider(t.RosaRuntime, oidcConfigId, "", true)
Expect(err).To(HaveOccurred())
Expect(err.Error()).To(ContainSubstring("access denied"))
})
})
})
13 changes: 13 additions & 0 deletions cmd/create/oidcprovider/oidcprovider_suite_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
package oidcprovider

import (
"testing"

. "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
)

func TestCreateOidcProvider(t *testing.T) {
RegisterFailHandler(Fail)
RunSpecs(t, "Create OidcProvider Suite")
}
Loading