From 584ed03fbe9dd63dd6e9d87d7d68be2dfb091004 Mon Sep 17 00:00:00 2001 From: ajanikow <12255597+ajanikow@users.noreply.github.com> Date: Tue, 14 Jun 2022 16:44:35 +0000 Subject: [PATCH] [Bugfix] Fix License RAW value discovery --- CHANGELOG.md | 1 + pkg/util/k8sutil/license.go | 13 ++- pkg/util/k8sutil/license_test.go | 137 +++++++++++++++++++++++++++++++ 3 files changed, 147 insertions(+), 4 deletions(-) create mode 100644 pkg/util/k8sutil/license_test.go diff --git a/CHANGELOG.md b/CHANGELOG.md index 8fa4b3a79..eb21ed308 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -15,6 +15,7 @@ - (Bugfix) Allow ArangoBackup Creation during Upload state - (Hotfix) Fix `ArangoDeployment` SubResource in CRD auto-installer - (Bugfix) Fix Operator Logger NPE +- (Bugfix) Fix License RAW value discovery ## [1.2.13](https://github.com/arangodb/kube-arangodb/tree/1.2.13) (2022-06-07) - (Bugfix) Fix arangosync members state inspection diff --git a/pkg/util/k8sutil/license.go b/pkg/util/k8sutil/license.go index 604c0d883..423c8c11a 100644 --- a/pkg/util/k8sutil/license.go +++ b/pkg/util/k8sutil/license.go @@ -57,14 +57,19 @@ func GetLicenseFromSecret(secret secret.Inspector, name string) (LicenseSecret, } if v1, ok1 := s.Data[constants.SecretKeyV2License]; ok1 { - l.V2 = License(v1) + // some customers put the raw JSON-encoded value, but operator and DB servers expect the base64-encoded value + if isJSONBytes(v1) { + l.V2 = License(base64.StdEncoding.EncodeToString(v1)) + } else { + l.V2 = License(v1) + } } else if v2, ok2 := s.Data[constants.SecretKeyV2Token]; ok2 { - licenseV2 := v2 // some customers put the raw JSON-encoded value, but operator and DB servers expect the base64-encoded value if isJSONBytes(v2) { - base64.StdEncoding.Encode(v2, licenseV2) + l.V2 = License(base64.StdEncoding.EncodeToString(v2)) + } else { + l.V2 = License(v2) } - l.V2 = License(licenseV2) } return l, true diff --git a/pkg/util/k8sutil/license_test.go b/pkg/util/k8sutil/license_test.go new file mode 100644 index 000000000..5ec03b7ce --- /dev/null +++ b/pkg/util/k8sutil/license_test.go @@ -0,0 +1,137 @@ +// +// DISCLAIMER +// +// Copyright 2016-2022 ArangoDB GmbH, Cologne, Germany +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. +// +// Copyright holder is ArangoDB GmbH, Cologne, Germany +// + +package k8sutil + +import ( + "context" + "encoding/base64" + "encoding/json" + "fmt" + "testing" + + "github.com/arangodb/kube-arangodb/pkg/util/constants" + "github.com/arangodb/kube-arangodb/pkg/util/kclient" + "github.com/arangodb/kube-arangodb/pkg/util/tests" + "github.com/stretchr/testify/require" + core "k8s.io/api/core/v1" + meta "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/uuid" +) + +func encodeLicenseKey(in string) string { + return base64.StdEncoding.EncodeToString([]byte(in)) +} + +func createLicenseSecret(t *testing.T, c kclient.Client, key, value string) string { + s := fmt.Sprintf("secret-%s", uuid.NewUUID()) + + q := &core.Secret{ + ObjectMeta: meta.ObjectMeta{ + Name: s, + Namespace: tests.FakeNamespace, + }, + Data: map[string][]byte{ + key: []byte(value), + }, + } + + _, err := c.Kubernetes().CoreV1().Secrets(tests.FakeNamespace).Create(context.Background(), q, meta.CreateOptions{}) + require.NoError(t, err) + + return s +} + +func generateLK(t *testing.T) string { + z := map[string]string{ + "grant": "", + "signature": "", + } + + i, err := json.Marshal(z) + + require.NoError(t, err) + + return string(i) +} + +func Test_GetLicenseFromSecret(t *testing.T) { + lk := generateLK(t) + lke := encodeLicenseKey(lk) + + c := kclient.NewFakeClient() + i := tests.NewInspector(t, c) + + t.Run(constants.SecretKeyV2License, func(t *testing.T) { + t.Run("Encoded license", func(t *testing.T) { + n := createLicenseSecret(t, c, constants.SecretKeyV2License, lke) + + require.NoError(t, i.Refresh(context.Background())) + + license, ok := GetLicenseFromSecret(i, n) + require.True(t, ok) + + require.Empty(t, license.V1) + require.NotEmpty(t, license.V2) + require.EqualValues(t, lke, license.V2) + }) + + t.Run("Raw license", func(t *testing.T) { + n := createLicenseSecret(t, c, constants.SecretKeyV2License, lk) + + require.NoError(t, i.Refresh(context.Background())) + + license, ok := GetLicenseFromSecret(i, n) + require.True(t, ok) + + require.Empty(t, license.V1) + require.NotEmpty(t, license.V2) + require.EqualValues(t, lke, license.V2) + }) + }) + + t.Run(constants.SecretKeyV2Token, func(t *testing.T) { + t.Run("Encoded license", func(t *testing.T) { + n := createLicenseSecret(t, c, constants.SecretKeyV2Token, lke) + + require.NoError(t, i.Refresh(context.Background())) + + license, ok := GetLicenseFromSecret(i, n) + require.True(t, ok) + + require.Empty(t, license.V1) + require.NotEmpty(t, license.V2) + require.EqualValues(t, lke, license.V2) + }) + + t.Run("Raw license", func(t *testing.T) { + n := createLicenseSecret(t, c, constants.SecretKeyV2Token, lk) + + require.NoError(t, i.Refresh(context.Background())) + + license, ok := GetLicenseFromSecret(i, n) + require.True(t, ok) + + require.Empty(t, license.V1) + require.NotEmpty(t, license.V2) + require.EqualValues(t, lke, license.V2) + }) + }) +}