Skip to content

Commit

Permalink
Re-arranging and finishing tests for now
Browse files Browse the repository at this point in the history
  • Loading branch information
jhbeskow committed Mar 24, 2024
1 parent 4cd365b commit ea67ec7
Show file tree
Hide file tree
Showing 7 changed files with 970 additions and 114 deletions.
9 changes: 5 additions & 4 deletions src/sm-operator/api/v1/bitwardensecret_types.go
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,6 @@ package v1

import (
"encoding/json"
"fmt"
"time"

corev1 "k8s.io/api/core/v1"
Expand Down Expand Up @@ -96,8 +95,10 @@ func (bwSecret *BitwardenSecret) ApplySecretMap(secret *corev1.Secret) {

if bwSecret.Spec.SecretMap != nil {
for _, mappedSecret := range bwSecret.Spec.SecretMap {
secret.Data[mappedSecret.SecretKeyName] = secret.Data[mappedSecret.BwSecretId]
delete(secret.Data, mappedSecret.BwSecretId)
if value, containsKey := secret.Data[mappedSecret.BwSecretId]; containsKey {
secret.Data[mappedSecret.SecretKeyName] = value
delete(secret.Data, mappedSecret.BwSecretId)
}
}
}
}
Expand All @@ -108,7 +109,7 @@ func (bwSecret *BitwardenSecret) SetK8sSecretAnnotations(secret *corev1.Secret)
secret.ObjectMeta.Annotations = map[string]string{}
}

secret.ObjectMeta.Annotations["k8s.bitwarden.com/sync-time"] = fmt.Sprint(time.Now().UTC())
secret.ObjectMeta.Annotations["k8s.bitwarden.com/sync-time"] = time.Now().UTC().Format(time.RFC3339Nano)

if bwSecret.Spec.SecretMap == nil {
delete(secret.ObjectMeta.Annotations, "k8s.bitwarden.com/custom-map")
Expand Down
40 changes: 28 additions & 12 deletions src/sm-operator/cmd/main.go
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ import (

// Import all Kubernetes client auth plugins (e.g. Azure, GCP, OIDC, etc.)
// to ensure that exec-entrypoint and run can make use of them.

_ "k8s.io/client-go/plugin/pkg/client/auth"

"k8s.io/apimachinery/pkg/runtime"
Expand Down Expand Up @@ -62,8 +63,13 @@ func main() {
var enableLeaderElection bool
var probeAddr string

bwApiUrl, identApiUrl, statePath, refreshIntervalSeconds := GetSettings()
bwClientFactory := controller.NewBitwardenClientFactory(bwApiUrl, identApiUrl)
bwApiUrl, identApiUrl, statePath, refreshIntervalSeconds, err := GetSettings()

if err != nil {
panic(err)
}

bwClientFactory := controller.NewBitwardenClientFactory(*bwApiUrl, *identApiUrl)

flag.StringVar(&metricsAddr, "metrics-bind-address", ":8080", "The address the metric endpoint binds to.")
flag.StringVar(&probeAddr, "health-probe-bind-address", ":8081", "The address the probe endpoint binds to.")
Expand Down Expand Up @@ -106,8 +112,8 @@ func main() {
Client: mgr.GetClient(),
Scheme: mgr.GetScheme(),
BitwardenClientFactory: bwClientFactory,
StatePath: statePath,
RefreshIntervalSeconds: refreshIntervalSeconds,
StatePath: *statePath,
RefreshIntervalSeconds: *refreshIntervalSeconds,
}).SetupWithManager(mgr); err != nil {
setupLog.Error(err, "unable to create controller", "controller", "BitwardenSecret")
os.Exit(1)
Expand All @@ -130,7 +136,7 @@ func main() {
}
}

func GetSettings() (string, string, string, int) {
func GetSettings() (*string, *string, *string, *int, error) {
bwApiUrl := strings.TrimSpace(os.Getenv("BW_API_URL"))
identApiUrl := strings.TrimSpace(os.Getenv("BW_IDENTITY_API_URL"))
statePath := strings.TrimSpace(os.Getenv("BW_SECRETS_MANAGER_STATE_PATH"))
Expand All @@ -154,14 +160,19 @@ func GetSettings() (string, string, string, int) {

if err != nil {
setupLog.Error(err, fmt.Sprintf("Bitwarden API URL is not valid. Value supplied: %s", bwApiUrl))
panic(err)
return nil, nil, nil, nil, err
}

u, err := url.Parse(bwApiUrl)

if err != nil || u.Scheme == "" || u.Host == "" {
setupLog.Error(err, fmt.Sprintf("Bitwarden API URL is not valid. Value supplied: %s", bwApiUrl))
panic(err)
message := fmt.Sprintf("Bitwarden API URL is not valid. Value supplied: %s", bwApiUrl)
if err == nil {
err = fmt.Errorf(message)
}

setupLog.Error(err, message)
return nil, nil, nil, nil, err
}
}

Expand All @@ -170,14 +181,19 @@ func GetSettings() (string, string, string, int) {

if err != nil {
setupLog.Error(err, fmt.Sprintf("Bitwarden Identity URL is not valid. Value supplied: %s", identApiUrl))
panic(err)
return nil, nil, nil, nil, err
}

u, err := url.ParseRequestURI(identApiUrl)

if err != nil || u.Scheme == "" || u.Host == "" {
setupLog.Error(err, fmt.Sprintf("Bitwarden Identity URL is not valid. Value supplied: %s", identApiUrl))
panic(err)
message := fmt.Sprintf("Bitwarden Identity URL is not valid. Value supplied: %s", identApiUrl)
if err == nil {
err = fmt.Errorf(message)
}

setupLog.Error(err, message)
return nil, nil, nil, nil, err
}
}

Expand All @@ -193,5 +209,5 @@ func GetSettings() (string, string, string, int) {
statePath = "/var/bitwarden/state"
}

return bwApiUrl, identApiUrl, statePath, refreshIntervalSeconds
return &bwApiUrl, &identApiUrl, &statePath, &refreshIntervalSeconds, nil
}
151 changes: 151 additions & 0 deletions src/sm-operator/cmd/suite_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,151 @@
/*
Source code in this repository is covered by one of two licenses: (i) the
GNU General Public License (GPL) v3.0 (ii) the Bitwarden License v1.0. The
default license throughout the repository is GPL v3.0 unless the header
specifies another license. Bitwarden Licensed code is found only in the
/bitwarden_license directory.
GPL v3.0:
https://github.com/bitwarden/server/blob/main/LICENSE_GPL.txt
Bitwarden License v1.0:
https://github.com/bitwarden/server/blob/main/LICENSE_BITWARDEN.txt
No grant of any rights in the trademarks, service marks, or logos of Bitwarden is
made (except as may be necessary to comply with the notice requirements as
applicable), and use of any Bitwarden trademarks must comply with Bitwarden
Trademark Guidelines
<https://github.com/bitwarden/server/blob/main/TRADEMARK_GUIDELINES.md>.
*/

package main

import (
"os"
"testing"

. "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"

logf "sigs.k8s.io/controller-runtime/pkg/log"
"sigs.k8s.io/controller-runtime/pkg/log/zap"
)

func TestSettings(t *testing.T) {
RegisterFailHandler(Fail)

RunSpecs(t, "Settings Suite")
}

var _ = BeforeSuite(func() {
logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true)))
})

var _ = AfterSuite(func() {
By(" tearing down")
})

var _ = Describe("Get settings", Ordered, func() {

It("Pulls the default settings", func() {
os.Setenv("BW_API_URL", "")
os.Setenv("BW_IDENTITY_API_URL", "")
os.Setenv("BW_SECRETS_MANAGER_STATE_PATH", "")
os.Setenv("BW_SECRETS_MANAGER_REFRESH_INTERVAL", "")
apiUri, identityUri, statePath, refreshInterval, err := GetSettings()
Expect(*apiUri).Should(Equal("https://api.bitwarden.com"))
Expect(*identityUri).Should(Equal("https://identity.bitwarden.com"))
Expect(*statePath).Should(Equal("/var/bitwarden/state"))
Expect(*refreshInterval).Should(Equal(300))
Expect(err).Should(BeNil())
})

It("Pulls some env settings", func() {
os.Setenv("BW_API_URL", "https://api.bitwarden.eu")
os.Setenv("BW_IDENTITY_API_URL", "https://identity.bitwarden.eu")
os.Setenv("BW_SECRETS_MANAGER_STATE_PATH", "~/state")
os.Setenv("BW_SECRETS_MANAGER_REFRESH_INTERVAL", "180")
apiUri, identityUri, statePath, refreshInterval, err := GetSettings()
Expect(*apiUri).Should(Equal("https://api.bitwarden.eu"))
Expect(*identityUri).Should(Equal("https://identity.bitwarden.eu"))
Expect(*statePath).Should(Equal("~/state"))
Expect(*refreshInterval).Should(Equal(180))
Expect(err).Should(BeNil())
})

It("Fails on bad API URL", func() {
os.Setenv("BW_API_URL", "https:/api.bitwarden.com")
os.Setenv("BW_IDENTITY_API_URL", "https://identity.bitwarden.eu")
os.Setenv("BW_SECRETS_MANAGER_STATE_PATH", "~/state")
os.Setenv("BW_SECRETS_MANAGER_REFRESH_INTERVAL", "180")

bwApi, identityApi, statePath, refreshInterval, err := GetSettings()

Expect(bwApi).Should(BeNil())
Expect(identityApi).Should(BeNil())
Expect(statePath).Should(BeNil())
Expect(refreshInterval).Should(BeNil())
Expect(err).ShouldNot(BeNil())
Expect(err.Error()).Should(Equal("Bitwarden API URL is not valid. Value supplied: https:/api.bitwarden.com"))

os.Setenv("BW_API_URL", ".bitwarden.")

bwApi, identityApi, statePath, refreshInterval, err = GetSettings()

Expect(bwApi).Should(BeNil())
Expect(identityApi).Should(BeNil())
Expect(statePath).Should(BeNil())
Expect(refreshInterval).Should(BeNil())
Expect(err).ShouldNot(BeNil())
Expect(err.Error()).Should(Equal("parse \".bitwarden.\": invalid URI for request"))
})

It("Fails on bad Identity URL", func() {
os.Setenv("BW_API_URL", "https://identity.bitwarden.eu")
os.Setenv("BW_IDENTITY_API_URL", "https:/identity.bitwarden.com")
os.Setenv("BW_SECRETS_MANAGER_STATE_PATH", "~/state")
os.Setenv("BW_SECRETS_MANAGER_REFRESH_INTERVAL", "180")

bwApi, identityApi, statePath, refreshInterval, err := GetSettings()

Expect(bwApi).Should(BeNil())
Expect(identityApi).Should(BeNil())
Expect(statePath).Should(BeNil())
Expect(refreshInterval).Should(BeNil())
Expect(err).ShouldNot(BeNil())
Expect(err.Error()).Should(Equal("Bitwarden Identity URL is not valid. Value supplied: https:/identity.bitwarden.com"))

os.Setenv("BW_IDENTITY_API_URL", ".bitwarden.")

bwApi, identityApi, statePath, refreshInterval, err = GetSettings()

Expect(bwApi).Should(BeNil())
Expect(identityApi).Should(BeNil())
Expect(statePath).Should(BeNil())
Expect(refreshInterval).Should(BeNil())
Expect(err).ShouldNot(BeNil())
Expect(err.Error()).Should(Equal("parse \".bitwarden.\": invalid URI for request"))
})

It("Pulls with defaulted refresh interval", func() {
os.Setenv("BW_API_URL", "")
os.Setenv("BW_IDENTITY_API_URL", "")
os.Setenv("BW_SECRETS_MANAGER_STATE_PATH", "")
os.Setenv("BW_SECRETS_MANAGER_REFRESH_INTERVAL", "179")
apiUri, identityUri, statePath, refreshInterval, err := GetSettings()
Expect(*apiUri).Should(Equal("https://api.bitwarden.com"))
Expect(*identityUri).Should(Equal("https://identity.bitwarden.com"))
Expect(*statePath).Should(Equal("/var/bitwarden/state"))
Expect(*refreshInterval).Should(Equal(300))
Expect(err).Should(BeNil())

os.Setenv("BW_SECRETS_MANAGER_REFRESH_INTERVAL", "abc")
apiUri, identityUri, statePath, refreshInterval, err = GetSettings()
Expect(*apiUri).Should(Equal("https://api.bitwarden.com"))
Expect(*identityUri).Should(Equal("https://identity.bitwarden.com"))
Expect(*statePath).Should(Equal("/var/bitwarden/state"))
Expect(*refreshInterval).Should(Equal(300))
Expect(err).Should(BeNil())
})
})
Loading

0 comments on commit ea67ec7

Please sign in to comment.