MCPcopy
hub / github.com/istio/istio / TestGCEPlugin

Function TestGCEPlugin

security/pkg/credentialfetcher/plugin/gce_test.go:176–235  ·  view source on GitHub ↗
(t *testing.T)

Source from the content-addressed store, hash-verified

174}
175
176func TestGCEPlugin(t *testing.T) {
177 testCases := map[string]struct {
178 jwt string
179 jwtPath string
180 expectedToken string
181 expectedCall int
182 expectedErr error
183 }{
184 "get VM credential": {
185 jwt: thirdPartyJwt,
186 jwtPath: fmt.Sprintf("/tmp/security-pkg-credentialfetcher-plugin-gcetest-%s", uuid.New().String()),
187 expectedToken: thirdPartyJwt,
188 expectedCall: 1,
189 },
190 "jwt path not set": {
191 jwt: thirdPartyJwt,
192 expectedCall: 1,
193 expectedErr: fmt.Errorf("jwtPath is unset"),
194 },
195 "fetch credential multiple times": {
196 expectedCall: 5,
197 jwtPath: fmt.Sprintf("/tmp/security-pkg-credentialfetcher-plugin-gcetest-%s", uuid.New().String()),
198 },
199 }
200
201 SetTokenRotation(false)
202 ms, err := StartMetadataServer()
203 if err != nil {
204 t.Fatalf("StartMetadataServer() returns err: %v", err)
205 }
206 t.Cleanup(func() {
207 ms.Stop()
208 SetTokenRotation(true)
209 })
210
211 for id, tc := range testCases {
212 p := GCEPlugin{
213 tokenCache: tc.jwt,
214 jwtPath: tc.jwtPath,
215 }
216 if err := creatJWTFile(tc.jwtPath); err != nil {
217 t.Fatalf("%s, creatJWTFile() returns err: %v", id, err)
218 }
219 ms.Reset()
220 ms.setToken(tc.jwt)
221
222 tokens, errs := getTokenFromServer(t, &p, tc.expectedCall)
223
224 verifyError(t, id, errs, tc.expectedErr)
225 if tc.expectedErr == nil {
226 if ms.NumGetTokenCall() != tc.expectedCall {
227 t.Errorf("%s, metadata server receives %d calls, want %d",
228 id, ms.NumGetTokenCall(), tc.expectedCall)
229 }
230 if tc.jwtPath != "" {
231 verifyToken(t, id, tc.jwtPath, tokens, tc.expectedToken)
232 }
233 }

Callers

nothing calls this directly

Calls 15

SetTokenRotationFunction · 0.85
StartMetadataServerFunction · 0.85
creatJWTFileFunction · 0.85
getTokenFromServerFunction · 0.85
verifyErrorFunction · 0.85
verifyTokenFunction · 0.85
setTokenMethod · 0.80
NumGetTokenCallMethod · 0.80
StringMethod · 0.65
NewMethod · 0.65
ErrorfMethod · 0.65
FatalfMethod · 0.65

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…