-
Notifications
You must be signed in to change notification settings - Fork 24
Expand file tree
/
Copy pathclient_cyberark_test.go
More file actions
117 lines (102 loc) · 3.52 KB
/
client_cyberark_test.go
File metadata and controls
117 lines (102 loc) · 3.52 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
package client_test
import (
"crypto/x509"
"errors"
"testing"
"github.com/jetstack/venafi-connection-lib/http_client"
"github.com/stretchr/testify/require"
k8sversion "k8s.io/apimachinery/pkg/version"
"k8s.io/klog/v2"
"k8s.io/klog/v2/ktesting"
"github.com/jetstack/preflight/api"
"github.com/jetstack/preflight/internal/cyberark"
"github.com/jetstack/preflight/internal/cyberark/servicediscovery"
"github.com/jetstack/preflight/pkg/client"
"github.com/jetstack/preflight/pkg/testutil"
"github.com/jetstack/preflight/pkg/version"
_ "k8s.io/klog/v2/ktesting/init"
)
// TestCyberArkClient_PostDataReadingsWithOptions_MockAPI demonstrates that the
// dataupload code works with the mock CyberArk APIs.
// The environment variables are chosen to match those expected by the mock
// server.
func TestCyberArkClient_PostDataReadingsWithOptions_MockAPI(t *testing.T) {
t.Setenv("ARK_SUBDOMAIN", servicediscovery.MockDiscoverySubdomain)
t.Setenv("ARK_USERNAME", "test@example.com")
t.Setenv("ARK_SECRET", "somepassword")
t.Run("success", func(t *testing.T) {
logger := ktesting.NewLogger(t, ktesting.DefaultConfig)
ctx := klog.NewContext(t.Context(), logger)
httpClient := testutil.FakeCyberArk(t)
c, err := client.NewCyberArk(httpClient)
require.NoError(t, err)
readings := fakeReadings()
err = c.PostDataReadingsWithOptions(ctx, readings, client.Options{})
require.NoError(t, err)
})
}
// TestCyberArkClient_PostDataReadingsWithOptions_RealAPI demonstrates that the
// dataupload code works with the real CyberArk APIs.
//
// To enable verbose request logging:
//
// go test ./internal/cyberark/dataupload/... \
// -v -count 1 -run TestCyberArkClient_PostDataReadingsWithOptions_RealAPI -args -testing.v 6
func TestCyberArkClient_PostDataReadingsWithOptions_RealAPI(t *testing.T) {
t.Run("success", func(t *testing.T) {
logger := ktesting.NewLogger(t, ktesting.DefaultConfig)
ctx := klog.NewContext(t.Context(), logger)
var rootCAs *x509.CertPool
httpClient := http_client.NewDefaultClient(version.UserAgent(), rootCAs)
c, err := client.NewCyberArk(httpClient)
if err != nil {
if errors.Is(err, cyberark.ErrMissingEnvironmentVariables) {
t.Skipf("Skipping: %s", err)
}
require.NoError(t, err)
}
readings := fakeReadings()
err = c.PostDataReadingsWithOptions(ctx, readings, client.Options{})
require.NoError(t, err)
})
}
// defaultDynamicDatagathererNames is the list of dynamic datagatherers that
// are included in the defaultExtractorFunctions map in client_cyberark.go.
// This is used by fakeReadings to generate empty readings for all the
// dynamic datagatherers.
var defaultDynamicDatagathererNames = []string{
"ark/secrets",
"ark/serviceaccounts",
"ark/roles",
"ark/clusterroles",
"ark/rolebindings",
"ark/clusterrolebindings",
"ark/jobs",
"ark/cronjobs",
"ark/deployments",
"ark/statefulsets",
"ark/daemonsets",
"ark/pods",
}
// fakeReadings returns a set of fake readings that includes a discovery reading
// and empty readings for all the default dynamic datagatherers.
func fakeReadings() []*api.DataReading {
readings := make([]*api.DataReading, len(defaultDynamicDatagathererNames))
for i, name := range defaultDynamicDatagathererNames {
readings[i] = &api.DataReading{
DataGatherer: name,
Data: &api.DynamicData{},
}
}
return append([]*api.DataReading{
{
DataGatherer: "ark/discovery",
Data: &api.DiscoveryData{
ClusterID: "ffffffff-ffff-ffff-ffff-ffffffffffff",
ServerVersion: &k8sversion.Info{
GitVersion: "v1.21.0",
},
},
},
}, readings...)
}