diff --git a/internal/helm/getter.go b/internal/helm/getter.go index 5457acaf..c8b9234e 100644 --- a/internal/helm/getter.go +++ b/internal/helm/getter.go @@ -16,12 +16,16 @@ func ClientOptionsFromSecret(secret corev1.Secret) ([]getter.Option, func(), err if err != nil { return opts, nil, err } - opts = append(opts, basicAuth) + if basicAuth != nil { + opts = append(opts, basicAuth) + } tlsClientConfig, cleanup, err := TLSClientConfigFromSecret(secret) if err != nil { return opts, nil, err } - opts = append(opts, tlsClientConfig) + if tlsClientConfig != nil { + opts = append(opts, tlsClientConfig) + } return opts, cleanup, nil } diff --git a/internal/helm/getter_test.go b/internal/helm/getter_test.go new file mode 100644 index 00000000..ce5e3ada --- /dev/null +++ b/internal/helm/getter_test.go @@ -0,0 +1,124 @@ +package helm + +import ( + "testing" + + corev1 "k8s.io/api/core/v1" +) + +var ( + basicAuthSecretFixture = corev1.Secret{ + Data: map[string][]byte{ + "username": []byte("user"), + "password": []byte("password"), + }, + } + tlsSecretFixture = corev1.Secret{ + Data: map[string][]byte{ + "certFile": []byte(`fixture`), + "keyFile": []byte(`fixture`), + "caFile": []byte(`fixture`), + }, + } +) + +func TestClientOptionsFromSecret(t *testing.T) { + tests := []struct { + name string + secrets []corev1.Secret + }{ + {"basic auth", []corev1.Secret{basicAuthSecretFixture}}, + {"TLS", []corev1.Secret{tlsSecretFixture}}, + {"basic auth and TLS", []corev1.Secret{basicAuthSecretFixture, tlsSecretFixture}}, + {"empty", []corev1.Secret{}}, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + secret := corev1.Secret{Data: map[string][]byte{}} + for _, s := range tt.secrets { + for k, v := range s.Data { + secret.Data[k] = v + } + } + got, cleanup, err := ClientOptionsFromSecret(secret) + if cleanup != nil { + defer cleanup() + } + if err != nil { + t.Errorf("ClientOptionsFromSecret() error = %v", err) + return + } + if len(got) != len(tt.secrets) { + t.Errorf("ClientOptionsFromSecret() options = %v, expected = %v", got, len(tt.secrets)) + } + }) + } +} + +func TestBasicAuthFromSecret(t *testing.T) { + tests := []struct { + name string + secret corev1.Secret + modify func(secret *corev1.Secret) + wantErr bool + wantNil bool + }{ + {"username and password", basicAuthSecretFixture, nil,false, false}, + {"without username", basicAuthSecretFixture, func(s *corev1.Secret) { delete(s.Data, "username") }, true, true}, + {"without password", basicAuthSecretFixture, func(s *corev1.Secret) { delete(s.Data, "password") }, true, true}, + {"empty", corev1.Secret{}, nil, false, true}, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + secret := tt.secret.DeepCopy() + if tt.modify != nil { + tt.modify(secret) + } + got, err := BasicAuthFromSecret(*secret) + if (err != nil) != tt.wantErr { + t.Errorf("BasicAuthFromSecret() error = %v, wantErr %v", err, tt.wantErr) + return + } + if tt.wantNil && got != nil { + t.Error("BasicAuthFromSecret() != nil") + return + } + }) + } +} + +func TestTLSClientConfigFromSecret(t *testing.T) { + tests := []struct { + name string + secret corev1.Secret + modify func(secret *corev1.Secret) + wantErr bool + wantNil bool + }{ + {"certFile, keyFile and caFile", tlsSecretFixture, nil,false, false}, + {"without certFile", tlsSecretFixture, func(s *corev1.Secret) { delete(s.Data, "certFile") }, true, true}, + {"without keyFile", tlsSecretFixture, func(s *corev1.Secret) { delete(s.Data, "keyFile") }, true, true}, + {"without caFile", tlsSecretFixture, func(s *corev1.Secret) { delete(s.Data, "caFile") }, true, true}, + {"empty", corev1.Secret{}, nil, false, true}, + } + for _, tt := range tests { + t.Run(tt.name, func(t *testing.T) { + secret := tt.secret.DeepCopy() + if tt.modify != nil { + tt.modify(secret) + } + got, cleanup, err := TLSClientConfigFromSecret(*secret) + if cleanup != nil { + defer cleanup() + } + if (err != nil) != tt.wantErr { + t.Errorf("TLSClientConfigFromSecret() error = %v, wantErr %v", err, tt.wantErr) + return + } + if tt.wantNil && got != nil { + t.Error("TLSClientConfigFromSecret() != nil") + return + } + }) + } +}