diff --git a/api/v1alpha2/zz_generated.deepcopy.go b/api/v1alpha2/zz_generated.deepcopy.go index 9aafa489..0c6e8d8a 100644 --- a/api/v1alpha2/zz_generated.deepcopy.go +++ b/api/v1alpha2/zz_generated.deepcopy.go @@ -2,7 +2,7 @@ // +build !ignore_autogenerated /* -Copyright 2023 Verlag der Tagesspiegel GmbH. +Copyright 2024 Verlag der Tagesspiegel GmbH. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/api/v1alpha3/zz_generated.deepcopy.go b/api/v1alpha3/zz_generated.deepcopy.go index bf1044a4..530b21b1 100644 --- a/api/v1alpha3/zz_generated.deepcopy.go +++ b/api/v1alpha3/zz_generated.deepcopy.go @@ -2,7 +2,7 @@ // +build !ignore_autogenerated /* -Copyright 2023 Verlag der Tagesspiegel GmbH. +Copyright 2024 Verlag der Tagesspiegel GmbH. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/internal/controller/passboltsecret_controller.go b/internal/controller/passboltsecret_controller.go index 00b270bc..c3129f7d 100644 --- a/internal/controller/passboltsecret_controller.go +++ b/internal/controller/passboltsecret_controller.go @@ -30,7 +30,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/log" "sigs.k8s.io/controller-runtime/pkg/reconcile" - passboltv1alpha3 "github.com/urbanmedia/passbolt-operator/api/v1alpha3" + passboltv1 "github.com/urbanmedia/passbolt-operator/api/v1" "github.com/urbanmedia/passbolt-operator/pkg/passbolt" "github.com/urbanmedia/passbolt-operator/pkg/util" ) @@ -69,7 +69,7 @@ func (r *PassboltSecretReconciler) Reconcile(ctx context.Context, req ctrl.Reque defer logr.Info("finished reconciliation", "name", req.NamespacedName) // get passbolt secret resource from Kubernetes - secret := &passboltv1alpha3.PassboltSecret{} + secret := &passboltv1.PassboltSecret{} err := r.Client.Get(ctx, req.NamespacedName, secret) if err != nil { if err = client.IgnoreNotFound(err); err != nil { @@ -78,7 +78,7 @@ func (r *PassboltSecretReconciler) Reconcile(ctx context.Context, req ctrl.Reque return errResult, err } // cleanup status - secret.Status.SyncErrors = []passboltv1alpha3.SyncError{} + secret.Status.SyncErrors = []passboltv1.SyncError{} if secret.Spec.PassboltSecretID == nil && secret.Spec.PassboltSecrets == nil && secret.Spec.PlainTextFields == nil { return errResult, fmt.Errorf("no passbolt secret id, passbolt secret references or plain text fields defined") @@ -87,8 +87,8 @@ func (r *PassboltSecretReconciler) Reconcile(ctx context.Context, req ctrl.Reque // make sure that the secret type is supported if secret.Spec.SecretType != corev1.SecretTypeOpaque && secret.Spec.SecretType != corev1.SecretTypeDockerConfigJson { logr.Info("unsupported secret type", "type", secret.Spec.SecretType) - secret.Status.SyncStatus = passboltv1alpha3.SyncStatusError - secret.Status.SyncErrors = append(secret.Status.SyncErrors, passboltv1alpha3.SyncError{ + secret.Status.SyncStatus = passboltv1.SyncStatusError + secret.Status.SyncErrors = append(secret.Status.SyncErrors, passboltv1.SyncError{ Message: fmt.Sprintf("unsupported secret type %q", secret.Spec.SecretType), Time: metav1.Now(), }) @@ -112,8 +112,8 @@ func (r *PassboltSecretReconciler) Reconcile(ctx context.Context, req ctrl.Reque opRslt, err := controllerutil.CreateOrUpdate(ctx, r.Client, k8sSecret, util.UpdateSecret(ctx, r.PassboltClient, r.Scheme, secret, k8sSecret)) if err != nil { - if snErr, ok := err.(passboltv1alpha3.SyncError); ok { - secret.Status.SyncStatus = passboltv1alpha3.SyncStatusError + if snErr, ok := err.(passboltv1.SyncError); ok { + secret.Status.SyncStatus = passboltv1.SyncStatusError secret.Status.SyncErrors = append(secret.Status.SyncErrors, snErr) if err := r.Client.Status().Update(ctx, secret); err != nil { return errResult, err @@ -124,14 +124,14 @@ func (r *PassboltSecretReconciler) Reconcile(ctx context.Context, req ctrl.Reque } // if the secret was not changed and the status is already success, we can skip the update - if opRslt == controllerutil.OperationResultNone && secret.Status.SyncStatus == passboltv1alpha3.SyncStatusSuccess { + if opRslt == controllerutil.OperationResultNone && secret.Status.SyncStatus == passboltv1.SyncStatusSuccess { // secret was not changed logr.V(10).Info("secret was not changed! skipping... ") return ctrl.Result{}, nil } // update status - secret.Status.SyncStatus = passboltv1alpha3.SyncStatusSuccess + secret.Status.SyncStatus = passboltv1.SyncStatusSuccess secret.Status.LastSync = metav1.Now() err = r.Client.Status().Update(ctx, secret) if err != nil { @@ -144,7 +144,7 @@ func (r *PassboltSecretReconciler) Reconcile(ctx context.Context, req ctrl.Reque // SetupWithManager sets up the controller with the Manager. func (r *PassboltSecretReconciler) SetupWithManager(mgr ctrl.Manager) error { return ctrl.NewControllerManagedBy(mgr). - For(&passboltv1alpha3.PassboltSecret{}). + For(&passboltv1.PassboltSecret{}). Owns(&corev1.Secret{}). Complete(r) } diff --git a/internal/controller/passboltsecret_controller_test.go b/internal/controller/passboltsecret_controller_test.go index 2cb87f06..c11e8e17 100644 --- a/internal/controller/passboltsecret_controller_test.go +++ b/internal/controller/passboltsecret_controller_test.go @@ -21,10 +21,9 @@ import ( "time" . "github.com/onsi/ginkgo/v2" - "github.com/onsi/gomega" . "github.com/onsi/gomega" - passboltv1alpha3 "github.com/urbanmedia/passbolt-operator/api/v1alpha3" + passboltv1 "github.com/urbanmedia/passbolt-operator/api/v1" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/types" @@ -40,17 +39,17 @@ var _ = Describe("Run Controller", func() { namespace = "default" ) - gomega.SetDefaultEventuallyTimeout(timeout) - gomega.SetDefaultEventuallyPollingInterval(interval) + SetDefaultEventuallyTimeout(timeout) + SetDefaultEventuallyPollingInterval(interval) - passboltSecretV1Alpha3 := &passboltv1alpha3.PassboltSecret{ + passboltSecretV1 := &passboltv1.PassboltSecret{ ObjectMeta: metav1.ObjectMeta{ Name: name, Namespace: namespace, }, - Spec: passboltv1alpha3.PassboltSecretSpec{ + Spec: passboltv1.PassboltSecretSpec{ LeaveOnDelete: false, - PassboltSecrets: map[string]passboltv1alpha3.PassboltSecretRef{ + PassboltSecrets: map[string]passboltv1.PassboltSecretRef{ "amqp_dsn": { ID: "184734ea-8be3-4f5a-ba6c-5f4b3c0603e8", Value: func() *string { s := "amqp://{{ .Username }}:{{ .Password }}@{{ .URI }}/vhost"; return &s }(), @@ -85,22 +84,22 @@ var _ = Describe("Run Controller", func() { }) }) - Context("Version v1alpha3", func() { + Context("Version v1", func() { It("PassboltSecret", func() { // create the passbolt secret before the test By("By checking the PassboltSecret has been created") // test if the passbolt secret is created ctx := context.Background() - Expect(k8sClient.Create(ctx, passboltSecretV1Alpha3)).Should(Succeed()) + Expect(k8sClient.Create(ctx, passboltSecretV1)).Should(Succeed()) time.Sleep(5 * time.Second) By("By checking, if PassboltSecret can be retrieved") - pbGetSecret := &passboltv1alpha3.PassboltSecret{} + pbGetSecret := &passboltv1.PassboltSecret{} Expect(k8sClient.Get(ctx, types.NamespacedName{Name: name, Namespace: namespace}, pbGetSecret)).Should(Succeed()) By("By checking if PassboltSecret has the correct sync status") - Expect(pbGetSecret.Status.SyncStatus).Should(Equal(passboltv1alpha3.SyncStatusSuccess)) + Expect(pbGetSecret.Status.SyncStatus).Should(Equal(passboltv1.SyncStatusSuccess)) }) It("Secret", func() { @@ -109,7 +108,7 @@ var _ = Describe("Run Controller", func() { Expect(k8sClient.Get(ctx, types.NamespacedName{Name: name, Namespace: namespace}, secret)).Should(Succeed()) By("By checking if Secret has the correct length") - Expect(secret.Data).Should(HaveLen(len(passboltSecretV1Alpha3.Spec.PassboltSecrets) + len(passboltSecretV1Alpha3.Spec.PlainTextFields))) + Expect(secret.Data).Should(HaveLen(len(passboltSecretV1.Spec.PassboltSecrets) + len(passboltSecretV1.Spec.PlainTextFields))) By("By checking if Secret has the correct keys") Eventually(secret.Data).Should(HaveKey("amqp_dsn")) @@ -118,9 +117,9 @@ var _ = Describe("Run Controller", func() { It("Should delete", func() { // delete the passbolt secret after the test - Expect(k8sClient.Delete(context.Background(), passboltSecretV1Alpha3)).Should(Succeed()) + Expect(k8sClient.Delete(context.Background(), passboltSecretV1)).Should(Succeed()) time.Sleep(time.Second * 5) - Expect(k8sClient.Get(ctx, types.NamespacedName{Name: name, Namespace: namespace}, &passboltv1alpha3.PassboltSecret{})).ShouldNot(Succeed()) + Expect(k8sClient.Get(ctx, types.NamespacedName{Name: name, Namespace: namespace}, &passboltv1.PassboltSecret{})).ShouldNot(Succeed()) time.Sleep(time.Second * 5) }) }) diff --git a/pkg/passbolt/passbolt.go b/pkg/passbolt/passbolt.go index 78f4d0bf..0a7b3e2b 100644 --- a/pkg/passbolt/passbolt.go +++ b/pkg/passbolt/passbolt.go @@ -25,7 +25,7 @@ import ( "github.com/passbolt/go-passbolt/api" "github.com/passbolt/go-passbolt/helper" "github.com/prometheus/client_golang/prometheus" - passboltv1alpha3 "github.com/urbanmedia/passbolt-operator/api/v1alpha3" + passboltv1 "github.com/urbanmedia/passbolt-operator/api/v1" "sigs.k8s.io/controller-runtime/pkg/metrics" ) @@ -90,13 +90,13 @@ type PassboltSecretDefinition struct { } // FieldValue returns the value of the given field by name. -func (p PassboltSecretDefinition) FieldValue(fieldName passboltv1alpha3.FieldName) string { +func (p PassboltSecretDefinition) FieldValue(fieldName passboltv1.FieldName) string { switch fieldName { - case passboltv1alpha3.FieldNameUsername: + case passboltv1.FieldNameUsername: return p.Username - case passboltv1alpha3.FieldNameUri: + case passboltv1.FieldNameUri: return p.URI - case passboltv1alpha3.FieldNamePassword: + case passboltv1.FieldNamePassword: return p.Password default: return "" diff --git a/pkg/passbolt/passbolt_test.go b/pkg/passbolt/passbolt_test.go index 06993ece..87b8d209 100644 --- a/pkg/passbolt/passbolt_test.go +++ b/pkg/passbolt/passbolt_test.go @@ -20,7 +20,7 @@ import ( "context" "testing" - passboltv1alpha3 "github.com/urbanmedia/passbolt-operator/api/v1alpha3" + passboltv1 "github.com/urbanmedia/passbolt-operator/api/v1" ) const ( @@ -129,7 +129,7 @@ func TestPassboltSecretDefinition_FieldValue(t *testing.T) { Description string } type args struct { - fieldName passboltv1alpha3.FieldName + fieldName passboltv1.FieldName } tests := []struct { name string @@ -148,7 +148,7 @@ func TestPassboltSecretDefinition_FieldValue(t *testing.T) { Description: "Description", }, args: args{ - fieldName: passboltv1alpha3.FieldNamePassword, + fieldName: passboltv1.FieldNamePassword, }, want: "Password", }, @@ -163,7 +163,7 @@ func TestPassboltSecretDefinition_FieldValue(t *testing.T) { Description: "Description", }, args: args{ - fieldName: passboltv1alpha3.FieldNameUsername, + fieldName: passboltv1.FieldNameUsername, }, want: "Username", }, @@ -178,7 +178,7 @@ func TestPassboltSecretDefinition_FieldValue(t *testing.T) { Description: "Description", }, args: args{ - fieldName: passboltv1alpha3.FieldNameUri, + fieldName: passboltv1.FieldNameUri, }, want: "URI", }, @@ -193,7 +193,7 @@ func TestPassboltSecretDefinition_FieldValue(t *testing.T) { Description: "Description", }, args: args{ - fieldName: passboltv1alpha3.FieldName("abc"), + fieldName: passboltv1.FieldName("abc"), }, want: "", }, diff --git a/pkg/util/secret.go b/pkg/util/secret.go index b69b6b24..7dfa4cd9 100644 --- a/pkg/util/secret.go +++ b/pkg/util/secret.go @@ -9,7 +9,7 @@ import ( "text/template" "github.com/Masterminds/sprig/v3" - passboltv1alpha3 "github.com/urbanmedia/passbolt-operator/api/v1alpha3" + passboltv1 "github.com/urbanmedia/passbolt-operator/api/v1" "github.com/urbanmedia/passbolt-operator/pkg/passbolt" corev1 "k8s.io/api/core/v1" v1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -19,8 +19,7 @@ import ( // UpdateSecret updates the kubernetes secret with the data from passbolt // The thrown error is of type SyncError -func UpdateSecret(ctx context.Context, clnt *passbolt.Client, scheme *runtime.Scheme, pbscrt *passboltv1alpha3.PassboltSecret, secret *corev1.Secret) func() error { - fmt.Println(pbscrt.Spec.SecretType) +func UpdateSecret(ctx context.Context, clnt *passbolt.Client, scheme *runtime.Scheme, pbscrt *passboltv1.PassboltSecret, secret *corev1.Secret) func() error { secret.Data = make(map[string][]byte) return func() error { switch pbscrt.Spec.SecretType { @@ -28,7 +27,7 @@ func UpdateSecret(ctx context.Context, clnt *passbolt.Client, scheme *runtime.Sc // get secret from passbolt secretData, err := clnt.GetSecret(ctx, *pbscrt.Spec.PassboltSecretID) if err != nil { - return passboltv1alpha3.SyncError{ + return passboltv1.SyncError{ Message: err.Error(), PassboltSecretID: *pbscrt.Spec.PassboltSecretID, Time: v1.Now(), @@ -36,7 +35,7 @@ func UpdateSecret(ctx context.Context, clnt *passbolt.Client, scheme *runtime.Sc } dockerConfigJson, err := getSecretDockerConfigJson(secretData) if err != nil { - return passboltv1alpha3.SyncError{ + return passboltv1.SyncError{ Message: err.Error(), PassboltSecretID: *pbscrt.Spec.PassboltSecretID, Time: v1.Now(), @@ -52,7 +51,7 @@ func UpdateSecret(ctx context.Context, clnt *passbolt.Client, scheme *runtime.Sc for secretKeyName, pbSecret := range pbscrt.Spec.PassboltSecrets { secretData, err := clnt.GetSecret(ctx, pbSecret.ID) if err != nil { - return passboltv1alpha3.SyncError{ + return passboltv1.SyncError{ Message: err.Error(), PassboltSecretID: pbSecret.ID, SecretKey: secretKeyName, @@ -62,9 +61,9 @@ func UpdateSecret(ctx context.Context, clnt *passbolt.Client, scheme *runtime.Sc // TODO: normally this should not be necessary because we already assigned an empty map // TODO: for some reason, it is necessary to check if the map is nil at this point - if secret.Data == nil { - secret.Data = make(map[string][]byte) - } + // if secret.Data == nil { + // secret.Data = make(map[string][]byte) + // } switch { // check if field is set @@ -77,7 +76,7 @@ func UpdateSecret(ctx context.Context, clnt *passbolt.Client, scheme *runtime.Sc case pbSecret.Value != nil: bts, err := getSecretTemplateValueData(*pbSecret.Value, secretData) if err != nil { - return passboltv1alpha3.SyncError{ + return passboltv1.SyncError{ Message: err.Error(), PassboltSecretID: pbSecret.ID, SecretKey: secretKeyName, @@ -88,7 +87,7 @@ func UpdateSecret(ctx context.Context, clnt *passbolt.Client, scheme *runtime.Sc continue // neither field nor value is set default: - return passboltv1alpha3.SyncError{ + return passboltv1.SyncError{ Message: "either field or value must be set", PassboltSecretID: pbSecret.ID, SecretKey: secretKeyName, @@ -98,7 +97,7 @@ func UpdateSecret(ctx context.Context, clnt *passbolt.Client, scheme *runtime.Sc } // secret type is not supported default: - return passboltv1alpha3.SyncError{ + return passboltv1.SyncError{ Message: fmt.Sprintf("secret type %s is not supported", pbscrt.Spec.SecretType), Time: v1.Now(), } @@ -108,7 +107,7 @@ func UpdateSecret(ctx context.Context, clnt *passbolt.Client, scheme *runtime.Sc // set owner reference err := ctrl.SetControllerReference(pbscrt, secret, scheme) if err != nil { - return passboltv1alpha3.SyncError{ + return passboltv1.SyncError{ Message: err.Error(), Time: v1.Now(), } diff --git a/pkg/util/secret_test.go b/pkg/util/secret_test.go index a2c2f303..8a32ad63 100644 --- a/pkg/util/secret_test.go +++ b/pkg/util/secret_test.go @@ -6,7 +6,7 @@ import ( "testing" "github.com/google/go-cmp/cmp" - passboltv1alpha3 "github.com/urbanmedia/passbolt-operator/api/v1alpha3" + passboltv1 "github.com/urbanmedia/passbolt-operator/api/v1" "github.com/urbanmedia/passbolt-operator/pkg/passbolt" corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" @@ -128,7 +128,7 @@ func TestMain(m *testing.M) { log.Fatal(err) } - err = passboltv1alpha3.AddToScheme(scheme) + err = passboltv1.AddToScheme(scheme) if err != nil { log.Fatal(err) } @@ -141,7 +141,7 @@ func TestUpdateSecret(t *testing.T) { ctx context.Context clnt *passbolt.Client scheme *runtime.Scheme - pbscrt *passboltv1alpha3.PassboltSecret + pbscrt *passboltv1.PassboltSecret secret *corev1.Secret } tests := []struct { @@ -157,12 +157,12 @@ func TestUpdateSecret(t *testing.T) { ctx: context.Background(), clnt: client, scheme: scheme, - pbscrt: &passboltv1alpha3.PassboltSecret{ + pbscrt: &passboltv1.PassboltSecret{ ObjectMeta: metav1.ObjectMeta{ Name: "test", Namespace: "default", }, - Spec: passboltv1alpha3.PassboltSecretSpec{ + Spec: passboltv1.PassboltSecretSpec{ SecretType: corev1.SecretTypeDockerConfigJson, PassboltSecretID: func() *string { s := "184734ea-8be3-4f5a-ba6c-5f4b3c0603e8" @@ -184,7 +184,7 @@ func TestUpdateSecret(t *testing.T) { Namespace: "default", OwnerReferences: []metav1.OwnerReference{ { - APIVersion: "passbolt.tagesspiegel.de/v1alpha3", + APIVersion: "passbolt.tagesspiegel.de/v1", Kind: "PassboltSecret", Name: "test", Controller: func() *bool { b := true; return &b }(), @@ -205,12 +205,12 @@ func TestUpdateSecret(t *testing.T) { ctx: context.Background(), clnt: client, scheme: scheme, - pbscrt: &passboltv1alpha3.PassboltSecret{ + pbscrt: &passboltv1.PassboltSecret{ ObjectMeta: metav1.ObjectMeta{ Name: "test", Namespace: "default", }, - Spec: passboltv1alpha3.PassboltSecretSpec{ + Spec: passboltv1.PassboltSecretSpec{ SecretType: corev1.SecretTypeDockerConfigJson, PassboltSecretID: func() *string { s := "APP_EXAMPLE_4" @@ -236,17 +236,17 @@ func TestUpdateSecret(t *testing.T) { ctx: context.Background(), clnt: client, scheme: scheme, - pbscrt: &passboltv1alpha3.PassboltSecret{ + pbscrt: &passboltv1.PassboltSecret{ ObjectMeta: metav1.ObjectMeta{ Name: "test", Namespace: "default", }, - Spec: passboltv1alpha3.PassboltSecretSpec{ + Spec: passboltv1.PassboltSecretSpec{ SecretType: corev1.SecretTypeOpaque, - PassboltSecrets: map[string]passboltv1alpha3.PassboltSecretRef{ + PassboltSecrets: map[string]passboltv1.PassboltSecretRef{ "test": { ID: "184734ea-8be3-4f5a-ba6c-5f4b3c0603e8", - Field: passboltv1alpha3.FieldNameUsername, + Field: passboltv1.FieldNameUsername, }, }, }, @@ -265,7 +265,7 @@ func TestUpdateSecret(t *testing.T) { Namespace: "default", OwnerReferences: []metav1.OwnerReference{ { - APIVersion: "passbolt.tagesspiegel.de/v1alpha3", + APIVersion: "passbolt.tagesspiegel.de/v1", Kind: "PassboltSecret", Name: "test", Controller: func() *bool { b := true; return &b }(), @@ -286,14 +286,14 @@ func TestUpdateSecret(t *testing.T) { ctx: context.Background(), clnt: client, scheme: scheme, - pbscrt: &passboltv1alpha3.PassboltSecret{ + pbscrt: &passboltv1.PassboltSecret{ ObjectMeta: metav1.ObjectMeta{ Name: "test", Namespace: "default", }, - Spec: passboltv1alpha3.PassboltSecretSpec{ + Spec: passboltv1.PassboltSecretSpec{ SecretType: corev1.SecretTypeOpaque, - PassboltSecrets: map[string]passboltv1alpha3.PassboltSecretRef{ + PassboltSecrets: map[string]passboltv1.PassboltSecretRef{ "test": { ID: "184734ea-8be3-4f5a-ba6c-5f4b3c0603e8", Value: func() *string { s := "amqp://{{ .Username }}:{{ .Password }}@{{ .URI }}/sample"; return &s }(), @@ -315,7 +315,7 @@ func TestUpdateSecret(t *testing.T) { Namespace: "default", OwnerReferences: []metav1.OwnerReference{ { - APIVersion: "passbolt.tagesspiegel.de/v1alpha3", + APIVersion: "passbolt.tagesspiegel.de/v1", Kind: "PassboltSecret", Name: "test", Controller: func() *bool { b := true; return &b }(), @@ -336,17 +336,17 @@ func TestUpdateSecret(t *testing.T) { ctx: context.Background(), clnt: client, scheme: scheme, - pbscrt: &passboltv1alpha3.PassboltSecret{ + pbscrt: &passboltv1.PassboltSecret{ ObjectMeta: metav1.ObjectMeta{ Name: "test", Namespace: "default", }, - Spec: passboltv1alpha3.PassboltSecretSpec{ + Spec: passboltv1.PassboltSecretSpec{ SecretType: corev1.SecretTypeOpaque, - PassboltSecrets: map[string]passboltv1alpha3.PassboltSecretRef{ + PassboltSecrets: map[string]passboltv1.PassboltSecretRef{ "test": { ID: "184734ea-8be3-4f5a-ba6c-5f4b3c0603e8", - Field: passboltv1alpha3.FieldNameUsername, + Field: passboltv1.FieldNameUsername, }, }, PlainTextFields: map[string]string{ @@ -368,7 +368,7 @@ func TestUpdateSecret(t *testing.T) { Namespace: "default", OwnerReferences: []metav1.OwnerReference{ { - APIVersion: "passbolt.tagesspiegel.de/v1alpha3", + APIVersion: "passbolt.tagesspiegel.de/v1", Kind: "PassboltSecret", Name: "test", Controller: func() *bool { b := true; return &b }(), @@ -390,14 +390,14 @@ func TestUpdateSecret(t *testing.T) { ctx: context.Background(), clnt: client, scheme: scheme, - pbscrt: &passboltv1alpha3.PassboltSecret{ + pbscrt: &passboltv1.PassboltSecret{ ObjectMeta: metav1.ObjectMeta{ Name: "test", Namespace: "default", }, - Spec: passboltv1alpha3.PassboltSecretSpec{ + Spec: passboltv1.PassboltSecretSpec{ SecretType: corev1.SecretTypeOpaque, - PassboltSecrets: map[string]passboltv1alpha3.PassboltSecretRef{ + PassboltSecrets: map[string]passboltv1.PassboltSecretRef{ "test": { ID: "184734ea-8be3-4f5a-ba6c-5f4b3c0603e8", }, @@ -422,17 +422,17 @@ func TestUpdateSecret(t *testing.T) { ctx: context.Background(), clnt: client, scheme: scheme, - pbscrt: &passboltv1alpha3.PassboltSecret{ + pbscrt: &passboltv1.PassboltSecret{ ObjectMeta: metav1.ObjectMeta{ Name: "test", Namespace: "default", }, - Spec: passboltv1alpha3.PassboltSecretSpec{ + Spec: passboltv1.PassboltSecretSpec{ SecretType: corev1.SecretTypeBasicAuth, - PassboltSecrets: map[string]passboltv1alpha3.PassboltSecretRef{ + PassboltSecrets: map[string]passboltv1.PassboltSecretRef{ "test": { ID: "184734ea-8be3-4f5a-ba6c-5f4b3c0603e8", - Field: passboltv1alpha3.FieldNameUsername, + Field: passboltv1.FieldNameUsername, }, }, }, @@ -448,6 +448,106 @@ func TestUpdateSecret(t *testing.T) { want: nil, wantErr: true, }, + + { + name: "with nil data map in secret", + args: args{ + ctx: context.Background(), + clnt: client, + scheme: scheme, + pbscrt: &passboltv1.PassboltSecret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test", + Namespace: "default", + }, + Spec: passboltv1.PassboltSecretSpec{ + SecretType: corev1.SecretTypeOpaque, + PassboltSecrets: map[string]passboltv1.PassboltSecretRef{ + "test": { + ID: "184734ea-8be3-4f5a-ba6c-5f4b3c0603e8", + Field: passboltv1.FieldNameUsername, + }, + }, + }, + }, + secret: &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test", + Namespace: "default", + }, + Type: corev1.SecretTypeOpaque, + Data: nil, + }, + }, + want: &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test", + Namespace: "default", + OwnerReferences: []metav1.OwnerReference{ + { + APIVersion: "passbolt.tagesspiegel.de/v1", + Kind: "PassboltSecret", + Name: "test", + Controller: func() *bool { b := true; return &b }(), + BlockOwnerDeletion: func() *bool { b := true; return &b }(), + }, + }, + }, + Type: corev1.SecretTypeOpaque, + Data: map[string][]byte{ + "test": []byte(`admin`), + }, + }, + wantErr: false, + }, + { + name: "with ptr to empty secret", + args: args{ + ctx: context.Background(), + clnt: client, + scheme: scheme, + pbscrt: &passboltv1.PassboltSecret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test", + Namespace: "default", + }, + Spec: passboltv1.PassboltSecretSpec{ + SecretType: corev1.SecretTypeOpaque, + PassboltSecrets: map[string]passboltv1.PassboltSecretRef{ + "test": { + ID: "184734ea-8be3-4f5a-ba6c-5f4b3c0603e8", + Field: passboltv1.FieldNameUsername, + }, + }, + }, + }, + secret: &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test", + Namespace: "default", + }, + }, + }, + want: &corev1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: "test", + Namespace: "default", + OwnerReferences: []metav1.OwnerReference{ + { + APIVersion: "passbolt.tagesspiegel.de/v1", + Kind: "PassboltSecret", + Name: "test", + Controller: func() *bool { b := true; return &b }(), + BlockOwnerDeletion: func() *bool { b := true; return &b }(), + }, + }, + }, + Data: map[string][]byte{ + "test": []byte(`admin`), + }, + }, + wantErr: false, + }, } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) {