add barebones for iam tests

giantswarm · Sep 18, 2023 · 47f98ed · 47f98ed
1 parent aea360d
commit 47f98ed
Show file tree

Hide file tree

Showing 3 changed files with 102 additions and 0 deletions.
diff --git a/pkg/iam/iam_suite_test.go b/pkg/iam/iam_suite_test.go
@@ -0,0 +1,13 @@
+package iam_test
+
+import (
+	"testing"
+
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+)
+
+func TestIam(t *testing.T) {
+	RegisterFailHandler(Fail)
+	RunSpecs(t, "Iam Suite")
+}
diff --git a/pkg/iam/iam_test.go b/pkg/iam/iam_test.go
@@ -0,0 +1,88 @@
+package iam_test
+
+import (
+	"errors"
+
+	"github.com/aws/aws-sdk-go/aws"
+	awsclientgo "github.com/aws/aws-sdk-go/aws/client"
+	"github.com/aws/aws-sdk-go/aws/session"
+	awsIAM "github.com/aws/aws-sdk-go/service/iam"
+	"github.com/aws/aws-sdk-go/service/iam/iamiface"
+	"github.com/giantswarm/capa-iam-operator/pkg/iam"
+	"github.com/giantswarm/capa-iam-operator/pkg/test/mocks"
+	"github.com/golang/mock/gomock"
+	. "github.com/onsi/ginkgo/v2"
+	. "github.com/onsi/gomega"
+	ctrl "sigs.k8s.io/controller-runtime"
+)
+
+var _ = Describe("ReconcileRole", func() {
+
+	var (
+		mockCtrl      *gomock.Controller
+		mockIAMClient *mocks.MockIAMAPI
+		iamService    *iam.IAMService
+		err           error
+		sess          awsclientgo.ConfigProvider
+	)
+
+	BeforeEach(func() {
+		//create me new iam service config with mocks
+		sess, err = session.NewSession(&aws.Config{
+			Region: aws.String("eu-west-1")},
+		)
+		Expect(err).NotTo(HaveOccurred())
+
+		mockCtrl = gomock.NewController(GinkgoT())
+		mockIAMClient = mocks.NewMockIAMAPI(mockCtrl)
+
+		iamConfig := iam.IAMServiceConfig{
+			ClusterName:      "test-cluster",
+			MainRoleName:     "test-role",
+			Region:           "test-region",
+			RoleType:         "control-plane",
+			PrincipalRoleARN: "test-principal-role-arn",
+			Log:              ctrl.Log,
+			AWSSession:       sess,
+			IAMClientFactory: func(session awsclientgo.ConfigProvider) iamiface.IAMAPI {
+				return mockIAMClient
+			},
+		}
+		iamService, err = iam.New(iamConfig)
+		Expect(err).To(BeNil())
+	})
+
+	When("role is present", func() {
+		BeforeEach(func() {
+			mockIAMClient.EXPECT().GetRole(&awsIAM.GetRoleInput{
+				RoleName: aws.String("test-role"),
+			}).Return(&awsIAM.GetRoleOutput{Role: &awsIAM.Role{
+				Tags: []*awsIAM.Tag{{Key: aws.String("capi-iam-controller/owned"), Value: aws.String("test-cluster")}},
+			}}, nil).AnyTimes()
+		})
+		When("inline policy is already attached", func() {
+			BeforeEach(func() {
+				mockIAMClient.EXPECT().ListRolePolicies(gomock.Any()).Return(&awsIAM.ListRolePoliciesOutput{PolicyNames: aws.StringSlice([]string{"control-plane-test-cluster-policy"})}, nil)
+			})
+			It("should return nil", func() {
+				err := iamService.ReconcileRole()
+				Expect(err).To(BeNil())
+			})
+		})
+		When("could not attach InlinePolicy", func() {
+			JustBeforeEach(func() {
+				mockIAMClient.EXPECT().ListRolePolicies(gomock.Any()).Return(&awsIAM.ListRolePoliciesOutput{}, nil).AnyTimes()
+				mockIAMClient.EXPECT().PutRolePolicy(gomock.Any()).Return(&awsIAM.PutRolePolicyOutput{}, errors.New("test error")).AnyTimes()
+			})
+			It("should return error", func() {
+				err := iamService.ReconcileRole()
+				Expect(err).NotTo(BeNil())
+			})
+		})
+
+	})
+
+	AfterEach(func() {
+		mockCtrl.Finish()
+	})
+})
diff --git a/pkg/test/mocks/generate.go b/pkg/test/mocks/generate.go
@@ -1,4 +1,5 @@
 //go:generate ../../../tools/mockgen -destination aws_iam_mock.go -package mocks github.com/aws/aws-sdk-go/service/iam/iamiface IAMAPI
 //go:generate ../../../tools/mockgen -destination awsclient_mock.go -package mocks -source ../../awsclient/awsclient.go AWSClient
+//go:generate ../../../tools/mockgen -destination eks_mock.go -package mocks github.com/aws/aws-sdk-go/service/eks/eksiface EKSAPI
 
 package mocks