Skip to content

Commit 487d1c2

Browse files
Weeblinribbybibby
Weeblin
authored and
ribbybibby
committed
Generate single testcase RBAC
1 parent ab2ba72 commit 487d1c2

File tree

2 files changed

+25
-7
lines changed

2 files changed

+25
-7
lines changed

pkg/permissions/generate.go

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@ rules:
4040
return strings.TrimSuffix(ss, "\n")
4141
}
4242

43-
func GenerateRoles(dataGatherer []agent.DataGatherer) []rbac.ClusterRole {
43+
func GenerateClusterRoles(dataGatherer []agent.DataGatherer) []rbac.ClusterRole {
4444
out := []rbac.ClusterRole{}
4545

4646
for _, g := range dataGatherer {
@@ -78,7 +78,7 @@ func GenerateRoles(dataGatherer []agent.DataGatherer) []rbac.ClusterRole {
7878

7979
// }
8080

81-
func GenerateBindings(clusterRoles []rbac.ClusterRole) []rbac.ClusterRoleBinding {
81+
func GenerateClusterRoleBindings(clusterRoles []rbac.ClusterRole) []rbac.ClusterRoleBinding {
8282
out := []rbac.ClusterRoleBinding{}
8383
for _, cr := range clusterRoles {
8484
out = append(out, rbac.ClusterRoleBinding{

pkg/permissions/generate_test.go

Lines changed: 23 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -14,15 +14,14 @@ import (
1414
func TestGenerateRBAC(t *testing.T) {
1515
// Use these test cases to check if Generate function is correct
1616
testCases := []struct {
17-
// expectedClusterRoles is the collection of ClusterRole
17+
expectedClusterRoles []rbac.ClusterRole
1818
expectedClusterRoleBindings []rbac.ClusterRoleBinding
1919
dataGatherers []agent.DataGatherer
2020
description string
2121
}{
2222
{
2323
description: "Generate RBAC struct for pods datagatherer",
2424
dataGatherers: []agent.DataGatherer{
25-
2625
{
2726
Name: "k8s/secrets",
2827
Kind: "k8s-dynamic",
@@ -34,6 +33,24 @@ func TestGenerateRBAC(t *testing.T) {
3433
},
3534
},
3635
},
36+
expectedClusterRoles: []rbac.ClusterRole{
37+
{
38+
TypeMeta: metav1.TypeMeta{
39+
Kind: "ClusterRole",
40+
APIVersion: "rbac.authorization.k8s.io/v1",
41+
},
42+
ObjectMeta: metav1.ObjectMeta{
43+
Name: "jetstack-secure-agent-secrets-reader",
44+
},
45+
Rules: []rbac.PolicyRule{
46+
{
47+
Verbs: []string{"get", "list", "watch"},
48+
APIGroups: []string{""},
49+
Resources: []string{"secrets"},
50+
},
51+
},
52+
},
53+
},
3754
expectedClusterRoleBindings: []rbac.ClusterRoleBinding{
3855
{
3956
TypeMeta: metav1.TypeMeta{
@@ -62,9 +79,10 @@ func TestGenerateRBAC(t *testing.T) {
6279
}
6380

6481
for _, input := range testCases {
65-
got := GenerateRoles(input.dataGatherers)
66-
toBeTest := GenerateBindings(got)
82+
gotClusterRoles := GenerateClusterRoles(input.dataGatherers)
83+
gotClusterRoleBindings := GenerateClusterRoleBindings(gotClusterRoles)
6784

68-
td.Cmp(t, input.expectedClusterRoleBindings, toBeTest)
85+
td.Cmp(t, input.expectedClusterRoleBindings, gotClusterRoleBindings)
86+
td.Cmp(t, input.expectedClusterRoles, gotClusterRoles)
6987
}
7088
}

0 commit comments

Comments
 (0)