diff --git a/pkg/argocd/gitcreds_test.go b/pkg/argocd/gitcreds_test.go index 02f23dff..0343cbb2 100644 --- a/pkg/argocd/gitcreds_test.go +++ b/pkg/argocd/gitcreds_test.go @@ -8,6 +8,8 @@ import ( "github.com/argoproj-labs/argocd-image-updater/test/fake" "github.com/argoproj-labs/argocd-image-updater/test/fixture" + "github.com/argoproj/argo-cd/v2/pkg/apis/application/v1alpha1" + "github.com/stretchr/testify/assert" ) @@ -49,3 +51,110 @@ func TestGetCredsFromSecret(t *testing.T) { assert.Error(t, err) assert.EqualError(t, err, "unknown repository type") } + +func TestGetGitCredsSource(t *testing.T) { + kubeClient := &kube.KubernetesClient{} + wbc := &WriteBackConfig{ + GitRepo: "https://github.com/example/repo.git", + GitCreds: git.NoopCredsStore{}, + } + + // Test case 1: 'repocreds' credentials + creds1, err := getGitCredsSource("repocreds", kubeClient, wbc) + assert.NoError(t, err) + assert.NotNil(t, creds1) + + // Test case 2: 'secret:/' credentials + creds2, err := getGitCredsSource("secret:foo/bar", kubeClient, wbc) + assert.NoError(t, err) + assert.NotNil(t, creds2) + + // Test case 3: Unexpected credentials format + _, err = getGitCredsSource("invalid", kubeClient, wbc) + assert.Error(t, err) + assert.EqualError(t, err, "unexpected credentials format. Expected 'repocreds' or 'secret:/' but got 'invalid'") +} + +func TestGetCAPath(t *testing.T) { + // Test case 1: HTTPS URL + repoURL := "https://github.com/example/repo.git" + expectedCAPath := "" + caPath := getCAPath(repoURL) + assert.Equal(t, expectedCAPath, caPath) + + // Test case 2: OCI URL + repoURL = "oci://example.com/repo" + expectedCAPath = "" + caPath = getCAPath(repoURL) + assert.Equal(t, expectedCAPath, caPath) + + // Test case 3: SSH URL + repoURL = "git@github.com:example/repo.git" + expectedCAPath = "" + caPath = getCAPath(repoURL) + assert.Equal(t, expectedCAPath, caPath) + + // Test case 4: Invalid URL + repoURL = "invalid-url" + expectedCAPath = "" + caPath = getCAPath(repoURL) + assert.Equal(t, expectedCAPath, caPath) +} + +func TestGetGitCreds(t *testing.T) { + + store := git.NoopCredsStore{} + + // Test case 1: HTTP credentials + repo := &v1alpha1.Repository{ + Username: "myuser", + Password: "mypass", + Repo: "https://github.com/example/repo.git", + } + expectedHTTPSCreds := git.NewHTTPSCreds("myuser", "mypass", "", "", false, "", store, false) + httpCreds := GetGitCreds(repo, store) + assert.Equal(t, expectedHTTPSCreds, httpCreds) + + // Test case 2: SSH credentials + repo = &v1alpha1.Repository{ + Username: "myuser", + SSHPrivateKey: "privatekey", + Repo: "https://github.com/example/repo.git", + } + expectedSSHCreds := git.NewSSHCreds("privatekey", "", false, store, "") + sshCreds := GetGitCreds(repo, store) + assert.Equal(t, expectedSSHCreds, sshCreds) + + // Test case 3: GitHub App credentials + repo = &v1alpha1.Repository{ + Username: "myuser", + GithubAppPrivateKey: "appprivatekey", + GithubAppId: 123, + GithubAppInstallationId: 456, + GitHubAppEnterpriseBaseURL: "enterpriseurl", + Repo: "https://github.com/example/repo.git", + TLSClientCertData: "certdata", + TLSClientCertKey: "certkey", + Insecure: true, + Proxy: "proxy", + } + expectedGitHubAppCreds := git.NewGitHubAppCreds(123, 456, "appprivatekey", "enterpriseurl", "https://github.com/example/repo.git", "certdata", "certkey", true, "proxy", store) + githubAppCreds := GetGitCreds(repo, store) + assert.Equal(t, expectedGitHubAppCreds, githubAppCreds) + + // Test case 4: Google Cloud credentials + repo = &v1alpha1.Repository{ + Username: "myuser", + GCPServiceAccountKey: "serviceaccountkey", + } + expectedGoogleCloudCreds := git.NewGoogleCloudCreds("serviceaccountkey", store) + googleCloudCreds := GetGitCreds(repo, store) + repo.Password = "" + repo.SSHPrivateKey = "" + assert.Equal(t, expectedGoogleCloudCreds, googleCloudCreds) + + // Test case 5: No credentials + expectedNopCreds := git.NopCreds{} + nopCreds := GetGitCreds(nil, store) + assert.Equal(t, expectedNopCreds, nopCreds) +}