Add example transform test

pkg/transform/oauth_transform_test.go

@@ -0,0 +1,84 @@
+package transform
+
+import (
+	"encoding/json"
+	"io/ioutil"
+	"testing"
+
+	"github.com/fusor/cpma/pkg/transform/oauth"
+	"github.com/stretchr/testify/assert"
+
+	configv1 "github.com/openshift/api/legacyconfig/v1"
+	k8sjson "k8s.io/apimachinery/pkg/runtime/serializer/json"
+	"k8s.io/client-go/kubernetes/scheme"
+)
+
+func loadTestIdentityProviders() []oauth.IdentityProvider {
+	// TODO: Something is broken here in a way that it's causing the translaters
+	// to fail. Need some help with creating test identiy providers in a way
+	// that won't crash the translator
+
+	// Build example identity providers, this is straight copy pasted from
+	// oauth test, IMO this loading of example identity providers should be
+	// some shared test helper
+	file := "testdata/bulk-test-master-config.yaml" // File copied into transform pkg testdata
+	content, _ := ioutil.ReadFile(file)
+	serializer := k8sjson.NewYAMLSerializer(k8sjson.DefaultMetaFactory, scheme.Scheme, scheme.Scheme)
+	var masterV3 configv1.MasterConfig
+	_, _, _ = serializer.Decode(content, nil, &masterV3)
+
+	var htContent []byte
+	var identityProviders []oauth.IdentityProvider
+	for _, identityProvider := range masterV3.OAuthConfig.IdentityProviders {
+		providerJSON, _ := identityProvider.Provider.MarshalJSON()
+		provider := oauth.Provider{}
+		json.Unmarshal(providerJSON, &provider)
+
+		identityProviders = append(identityProviders,
+			oauth.IdentityProvider{
+				provider.Kind,
+				provider.APIVersion,
+				identityProvider.MappingMethod,
+				identityProvider.Name,
+				identityProvider.Provider,
+				provider.File,
+				htContent,
+				identityProvider.UseAsChallenger,
+				identityProvider.UseAsLogin,
+			})
+	}
+	return identityProviders
+}
+
+func TestOAuthExtractionTransform(t *testing.T) {
+	actualManifestsChan := make(chan []Manifest)
+
+	// Override flush method
+	manifestTransformOutputFlush = func(manifests []Manifest) error {
+		t.Log("Running overridden manifestTransformOutputFlush")
+		actualManifestsChan <- manifests
+		return nil
+	}
+
+	// TODO: write expectedManifests
+
+	// TODO: Set up the extraction with dummy extracted values
+	testExtraction := OAuthExtraction{
+		IdentityProviders: loadTestIdentityProviders(),
+	}
+
+	go func() {
+		transformOutput, err := testExtraction.Transform()
+		if err != nil {
+			t.Error(err)
+		}
+		transformOutput.Flush()
+	}()
+
+	actualManifests := <-actualManifestsChan
+	t.Logf("Got actualManifests: %v", actualManifests)
+
+	// TODO: checkActualManifestsMatchExpectedManifests(t, actualManifests, expectedManifests)
+
+	assert.Equal(t, 2, 2)
+}

pkg/transform/testdata/bulk-test-master-config.yaml

@@ -0,0 +1,160 @@
+oauthConfig:
+  assetPublicURL: https://openshift.gildub2.lab.pnq2.cee.redhat.com/console/
+  grantConfig:
+    method: auto
+  identityProviders:
+  - name: my_remote_basic_auth_provider 
+    challenge: true 
+    login: true 
+    mappingMethod: claim 
+    provider:
+      apiVersion: v1
+      kind: BasicAuthPasswordIdentityProvider
+      url: https://www.example.com/
+      ca: ca.file 
+      certFile: client.crt 
+      keyFile: client.key 
+  - name: github123456789
+    challenge: false
+    login: true
+    mappingMethod: claim
+    provider:
+      apiVersion: v1
+      kind: GitHubIdentityProvider
+      ca: github.crt
+      clientID: 2d85ea3f45d6777bffd7
+      clientSecret: e16a59ad33d7c29fd4354f46059f0950c609a7ea
+      hostname: test.example.com
+      organizations:
+      - myorganization1
+      - myorganization2
+      teams:
+      - myorganization1/team-a
+      - myorganization2/team-b
+  - name: gitlab123456789
+    challenge: true
+    login: true
+    mappingMethod: claim
+    provider:
+      apiVersion: v1
+      kind: GitLabIdentityProvider
+      legacy: true
+      url: https://gitlab.com/
+      clientID: fake-id
+      clientSecret: fake-secret
+  - name: google123456789123456789
+    challenge: false
+    login: true
+    mappingMethod: claim
+    provider:
+      apiVersion: v1
+      kind: GoogleIdentityProvider
+      clientID: 82342890327-tf5lqn4eikdf4cb4edfm85jiqotvurpq.apps.googleusercontent.com
+      clientSecret: e16a59ad33d7c29fd4354f46059f0950c609a7ea
+      hostedDomain: test.example.com
+  - name: htpasswd_auth
+    login: true
+    mappingMethod: claim
+    challenge: true
+    provider:
+      apiVersion: v1
+      file: /etc/origin/master/htpasswd
+      kind: HTPasswdPasswordIdentityProvider
+  - name: my_keystone_provider 
+    challenge: true 
+    login: true 
+    mappingMethod: claim 
+    provider:
+      apiVersion: v1
+      kind: KeystonePasswordIdentityProvider
+      domainName: default 
+      url: http://fake.url:5000
+      ca: keystone.pem 
+      certFile: clientcert.pem 
+      keyFile: clientkey.pem 
+      useKeystoneIdentity: false  
+  - name: "my_ldap_provider" 
+    challenge: true 
+    login: true 
+    mappingMethod: claim 
+    provider:
+      apiVersion: v1
+      kind: LDAPPasswordIdentityProvider
+      attributes:
+        id: 
+        - dn
+        email: 
+        - mail
+        name: 
+        - cn
+        preferredUsername: 
+        - uid
+      bindDN: "123" 
+      bindPassword: "321" 
+      ca: my-ldap-ca-bundle.crt 
+      insecure: false 
+      url: "ldap://ldap.example.com/ou=users,dc=acme,dc=com?uid"
+  - name: my_request_header_provider
+    challenge: true
+    login: true
+    mappingMethod: claim
+    provider:
+      apiVersion: v1
+      kind: RequestHeaderIdentityProvider
+      challengeURL: "https://example.com"
+      loginURL: "https://example.com"
+      clientCA: "cert.crt"
+      clientCommonNames:
+      - my-auth-proxy
+      headers:
+      - X-Remote-User
+      - SSO-User
+      emailHeaders:
+      - X-Remote-User-Email
+      nameHeaders:
+      - X-Remote-User-Display-Name
+      preferredUsernameHeaders:
+      - X-Remote-User-Login
+  - name: my_openid_connect
+    challenge: false
+    login: true
+    mappingMethod: claim
+    provider:
+      apiVersion: v1
+      kind: OpenIDIdentityProvider
+      clientID: testid
+      clientSecret: testsecret
+      ca: my-openid-ca-bundle.crt 
+      extraScopes: 
+      - email
+      - profile
+      extraAuthorizeParameters: 
+        include_granted_scopes: "true"
+      claims:
+        id: 
+        - custom_id_claim
+        - sub
+        preferredUsername: 
+        - preferred_username
+        - email
+        name: 
+        - nickname
+        - given_name
+        - name
+        email: 
+        - custom_email_claim
+        - email
+      urls:
+        authorize: https://myidp.example.com/oauth2/authorize
+        token: https://myidp.example.com/oauth2/token
+        userInfo: https://myidp.example.com/oauth2/userinfo
+  masterCA: ca-bundle.crt
+  masterPublicURL: https://openshift.gildub2.lab.pnq2.cee.redhat.com:443
+  masterURL: https://openshift.internal.gildub2.lab.pnq2.cee.redhat.com:443
+  sessionConfig:
+    sessionMaxAgeSeconds: 3600
+    sessionName: ssn
+    sessionSecretsFile: /etc/origin/master/session-secrets.yaml
+  tokenConfig:
+    accessTokenMaxAgeSeconds: 86400
+    authorizeTokenMaxAgeSeconds: 500

pkg/transform/transform.go

@@ -123,12 +123,16 @@ type TransformOutput interface {
 	Flush() error
 }
 
-func (m ManifestTransformOutput) Flush() error {
-	logrus.Info("Writing file data:")
-	DumpManifests(m.Manifests)
+var manifestTransformOutputFlush = func(manifests []Manifest) error {
+	logrus.Info("Flushing manifests to disk")
+	DumpManifests(manifests)
 	return nil
 }
 
+func (m ManifestTransformOutput) Flush() error {
+	return manifestTransformOutputFlush(m.Manifests)
+}
+
 func (r TransformRunner) Transform(transforms []Transform) error {
 	logrus.Info("TransformRunner::Transform")