From 10cda2686fe63394028dd42836e71dd2a8c4493a Mon Sep 17 00:00:00 2001 From: Ti Zhou Date: Fri, 2 Feb 2018 11:11:13 +0800 Subject: [PATCH] Add tests for pkg/serviceaccount. --- pkg/serviceaccount/BUILD | 11 ++++ pkg/serviceaccount/util_test.go | 103 ++++++++++++++++++++++++++++++++ 2 files changed, 114 insertions(+) create mode 100644 pkg/serviceaccount/util_test.go diff --git a/pkg/serviceaccount/BUILD b/pkg/serviceaccount/BUILD index d3f44c7235..102b4cb7fb 100644 --- a/pkg/serviceaccount/BUILD +++ b/pkg/serviceaccount/BUILD @@ -54,3 +54,14 @@ filegroup( srcs = [":package-srcs"], tags = ["automanaged"], ) + +go_test( + name = "go_default_test", + srcs = ["util_test.go"], + embed = [":go_default_library"], + importpath = "k8s.io/kubernetes/pkg/serviceaccount", + deps = [ + "//vendor/k8s.io/api/core/v1:go_default_library", + "//vendor/k8s.io/apimachinery/pkg/apis/meta/v1:go_default_library", + ], +) diff --git a/pkg/serviceaccount/util_test.go b/pkg/serviceaccount/util_test.go new file mode 100644 index 0000000000..88888e2e44 --- /dev/null +++ b/pkg/serviceaccount/util_test.go @@ -0,0 +1,103 @@ +/* +Copyright 2018 The Kubernetes Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package serviceaccount + +import ( + "testing" + + "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" +) + +func TestIsServiceAccountToken(t *testing.T) { + + secretIns := &v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "token-secret-1", + Namespace: "default", + UID: "23456", + ResourceVersion: "1", + Annotations: map[string]string{ + v1.ServiceAccountNameKey: "default", + v1.ServiceAccountUIDKey: "12345", + }, + }, + Type: v1.SecretTypeServiceAccountToken, + Data: map[string][]byte{ + "token": []byte("ABC"), + "ca.crt": []byte("CA Data"), + "namespace": []byte("default"), + }, + } + + saIns := &v1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "default", + UID: "12345", + Namespace: "default", + ResourceVersion: "1", + }, + } + + saInsNameNotEqual := &v1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "non-default", + UID: "12345", + Namespace: "default", + ResourceVersion: "1", + }, + } + + saInsUIDNotEqual := &v1.ServiceAccount{ + ObjectMeta: metav1.ObjectMeta{ + Name: "default", + UID: "67890", + Namespace: "default", + ResourceVersion: "1", + }, + } + + tests := map[string]struct { + secret *v1.Secret + sa *v1.ServiceAccount + expect bool + }{ + "correct service account": { + secret: secretIns, + sa: saIns, + expect: true, + }, + "service account name not equal": { + secret: secretIns, + sa: saInsNameNotEqual, + expect: false, + }, + "service account uid not equal": { + secret: secretIns, + sa: saInsUIDNotEqual, + expect: false, + }, + } + + for k, v := range tests { + actual := IsServiceAccountToken(v.secret, v.sa) + if actual != v.expect { + t.Errorf("%s failed, expected %t but received %t", k, v.expect, actual) + } + } + +}