diff options
Diffstat (limited to 'spec')
| -rw-r--r-- | spec/services/clusters/gcp/finalize_creation_service_spec.rb | 45 | ||||
| -rw-r--r-- | spec/services/clusters/gcp/kubernetes/fetch_kubernetes_token_service_spec.rb | 8 |
2 files changed, 46 insertions, 7 deletions
diff --git a/spec/services/clusters/gcp/finalize_creation_service_spec.rb b/spec/services/clusters/gcp/finalize_creation_service_spec.rb index eede10b55c6..278ba795042 100644 --- a/spec/services/clusters/gcp/finalize_creation_service_spec.rb +++ b/spec/services/clusters/gcp/finalize_creation_service_spec.rb @@ -52,13 +52,14 @@ describe Clusters::Gcp::FinalizeCreationService do end context 'when suceeded to fetch kuberenetes token' do + let(:secret_name) { 'default-token-Y1a' } let(:token) { 'sample-token' } before do stub_kubeclient_get_secrets( api_url, { - metadata_name: 'gitlab-token-Y1a', + metadata_name: secret_name, token: Base64.encode64(token) } ) end @@ -81,6 +82,8 @@ describe Clusters::Gcp::FinalizeCreationService do end context 'rbac_clusters feature enabled' do + let(:secret_name) { 'gitlab-token-Y1a' } + before do stub_feature_flags(rbac_clusters: true) stub_kubeclient_create_service_account(api_url) @@ -106,20 +109,44 @@ describe Clusters::Gcp::FinalizeCreationService do end end - context 'when default-token is not found' do + context 'when no matching token is found' do before do - stub_kubeclient_get_secrets(api_url, metadata_name: 'aaaa') + stub_kubeclient_get_secrets(api_url, metadata_name: 'not-default-not-gitlab') end it_behaves_like 'error' + + context 'rbac_clusters feature enabled' do + before do + stub_feature_flags(rbac_clusters: true) + stub_kubeclient_create_service_account(api_url) + stub_kubeclient_create_cluster_role_binding(api_url) + end + + it_behaves_like 'error' + end end context 'when token is empty' do + let(:secret_name) { 'default-token-123' } + before do - stub_kubeclient_get_secrets(api_url, token: '') + stub_kubeclient_get_secrets(api_url, token: '', metadata_name: secret_name) end it_behaves_like 'error' + + context 'rbac_clusters feature enabled' do + let(:secret_name) { 'gitlab-token-321' } + + before do + stub_feature_flags(rbac_clusters: true) + stub_kubeclient_create_service_account(api_url) + stub_kubeclient_create_cluster_role_binding(api_url) + end + + it_behaves_like 'error' + end end context 'when failed to fetch kuberenetes token' do @@ -128,6 +155,16 @@ describe Clusters::Gcp::FinalizeCreationService do end it_behaves_like 'error' + + context 'rbac_clusters feature enabled' do + before do + stub_feature_flags(rbac_clusters: true) + stub_kubeclient_create_service_account(api_url) + stub_kubeclient_create_cluster_role_binding(api_url) + end + + it_behaves_like 'error' + end end end diff --git a/spec/services/clusters/gcp/kubernetes/fetch_kubernetes_token_service_spec.rb b/spec/services/clusters/gcp/kubernetes/fetch_kubernetes_token_service_spec.rb index bd6662d7566..74d58a6d206 100644 --- a/spec/services/clusters/gcp/kubernetes/fetch_kubernetes_token_service_spec.rb +++ b/spec/services/clusters/gcp/kubernetes/fetch_kubernetes_token_service_spec.rb @@ -2,11 +2,13 @@ require 'spec_helper' describe Clusters::Gcp::Kubernetes::FetchKubernetesTokenService do describe '#execute' do - subject { described_class.new(kubeclient).execute } + subject { described_class.new(kubeclient, service_account_name).execute } + let(:service_account_name) { 'gitlab-sa' } let(:api_url) { 'http://111.111.111.111' } let(:username) { 'admin' } let(:password) { 'xxx' } + let(:kubeclient) do Gitlab::Kubernetes::KubeClient.new( api_url, @@ -44,8 +46,8 @@ describe Clusters::Gcp::Kubernetes::FetchKubernetesTokenService do .to receive(:get_secrets).and_return(secrets_json) end - context 'when gitlab-token exists' do - let(:metadata_name) { 'gitlab-token-123' } + context 'when token for service account exists' do + let(:metadata_name) { 'gitlab-sa-token-123' } it { is_expected.to eq(token) } end |