From 655471b9121f79d38208e0433670a9b1cc816fcc Mon Sep 17 00:00:00 2001 From: Nick Richardson Date: Fri, 2 Aug 2024 12:52:44 -0500 Subject: [PATCH 01/37] Add SecretKey to AWS SecretsManager TriggerAuthentication spec Signed-off-by: Nick Richardson --- .../v1alpha1/triggerauthentication_types.go | 2 ++ ...keda.sh_clustertriggerauthentications.yaml | 2 ++ .../bases/keda.sh_triggerauthentications.yaml | 2 ++ .../resolver/aws_secretmanager_handler.go | 31 +++++++++++++++++-- pkg/scaling/resolver/scale_resolvers.go | 4 +-- 5 files changed, 36 insertions(+), 5 deletions(-) diff --git a/apis/keda/v1alpha1/triggerauthentication_types.go b/apis/keda/v1alpha1/triggerauthentication_types.go index 0b0d9ffa315..7685e122660 100644 --- a/apis/keda/v1alpha1/triggerauthentication_types.go +++ b/apis/keda/v1alpha1/triggerauthentication_types.go @@ -376,6 +376,8 @@ type AwsSecretManagerSecret struct { VersionID string `json:"versionId,omitempty"` // +optional VersionStage string `json:"versionStage,omitempty"` + // +optional + SecretKey string `json:"secretKey,omitempty"` } func init() { diff --git a/config/crd/bases/keda.sh_clustertriggerauthentications.yaml b/config/crd/bases/keda.sh_clustertriggerauthentications.yaml index cd8db9c721e..005d1c54637 100644 --- a/config/crd/bases/keda.sh_clustertriggerauthentications.yaml +++ b/config/crd/bases/keda.sh_clustertriggerauthentications.yaml @@ -183,6 +183,8 @@ spec: type: string parameter: type: string + secretKey: + type: string versionId: type: string versionStage: diff --git a/config/crd/bases/keda.sh_triggerauthentications.yaml b/config/crd/bases/keda.sh_triggerauthentications.yaml index f6bb2f7bfe9..837490717f6 100644 --- a/config/crd/bases/keda.sh_triggerauthentications.yaml +++ b/config/crd/bases/keda.sh_triggerauthentications.yaml @@ -182,6 +182,8 @@ spec: type: string parameter: type: string + secretKey: + type: string versionId: type: string versionStage: diff --git a/pkg/scaling/resolver/aws_secretmanager_handler.go b/pkg/scaling/resolver/aws_secretmanager_handler.go index 3d10ba2e1e5..49ef75463d2 100644 --- a/pkg/scaling/resolver/aws_secretmanager_handler.go +++ b/pkg/scaling/resolver/aws_secretmanager_handler.go @@ -18,6 +18,7 @@ package resolver import ( "context" + "encoding/json" "fmt" "github.com/aws/aws-sdk-go-v2/aws" @@ -43,9 +44,9 @@ func NewAwsSecretManagerHandler(a *kedav1alpha1.AwsSecretManager) *AwsSecretMana } } -// Read fetches the secret value from AWS Secret Manager using the provided secret name, version ID(optional), and version stage(optional). +// Read fetches the secret value from AWS Secret Manager using the provided secret name, version ID(optional), version stage(optional), and secretKey(optional). // It returns the secret value as a string. -func (ash *AwsSecretManagerHandler) Read(ctx context.Context, logger logr.Logger, secretName, versionID, versionStage string) (string, error) { +func (ash *AwsSecretManagerHandler) Read(ctx context.Context, logger logr.Logger, secretName, versionID, versionStage string, secretKey string) (string, error) { input := &secretsmanager.GetSecretValueInput{ SecretId: aws.String(secretName), } @@ -60,7 +61,31 @@ func (ash *AwsSecretManagerHandler) Read(ctx context.Context, logger logr.Logger logger.Error(err, "Error getting credentials") return "", err } - return *result.SecretString, nil + if secretKey != "" { + // Parse the secret string as JSON + var secretMap map[string]interface{} + err = json.Unmarshal([]byte(*result.SecretString), &secretMap) + if err != nil { + logger.Error(err, "Error parsing secret string as JSON") + return "", err + } + + // Check if the specified secret key exists + if val, ok := secretMap[secretKey]; ok { + // Convert the value to a string and return it + if strVal, isString := val.(string); isString { + return strVal, nil + } else { + logger.Error(nil, "SecretKey value is not a string") + return "", fmt.Errorf("SecretKey value is not a string") + } + } else { + logger.Error(nil, "SecretKey Not Found") + return "", fmt.Errorf("SecretKey Not Found") + } + } else { + return *result.SecretString, nil + } } // Initialize sets up the AWS Secret Manager handler by configuring AWS credentials, AWS region, or using pod identity. diff --git a/pkg/scaling/resolver/scale_resolvers.go b/pkg/scaling/resolver/scale_resolvers.go index 54976381aee..5cc912acc6e 100644 --- a/pkg/scaling/resolver/scale_resolvers.go +++ b/pkg/scaling/resolver/scale_resolvers.go @@ -333,10 +333,10 @@ func resolveAuthRef(ctx context.Context, client client.Client, logger logr.Logge logger.Error(err, "error authenticating to Aws Secret Manager", "triggerAuthRef.Name", triggerAuthRef.Name) } else { for _, secret := range triggerAuthSpec.AwsSecretManager.Secrets { - res, err := awsSecretManagerHandler.Read(ctx, logger, secret.Name, secret.VersionID, secret.VersionStage) + res, err := awsSecretManagerHandler.Read(ctx, logger, secret.Name, secret.VersionID, secret.VersionStage, secret.SecretKey) if err != nil { logger.Error(err, "error trying to read secret from Aws Secret Manager", "triggerAuthRef.Name", triggerAuthRef.Name, - "secret.Name", secret.Name, "secret.Version", secret.VersionID, "secret.VersionStage", secret.VersionStage) + "secret.Name", secret.Name, "secret.Version", secret.VersionID, "secret.VersionStage", secret.VersionStage, "secret.SecretKey", secret.SecretKey) } else { result[secret.Parameter] = res } From 8025fd3afa76562700ec28c88360ba23a9541e69 Mon Sep 17 00:00:00 2001 From: Nick Richardson Date: Fri, 2 Aug 2024 12:56:28 -0500 Subject: [PATCH 02/37] Update CHANGELOG Signed-off-by: Nick Richardson --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 311e05cd298..35d08a5e413 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -66,6 +66,7 @@ Here is an overview of all new **experimental** features: ### Improvements +- General: Add SecretKey to AWS SecretsManager TriggerAuthentication to allow parsing JSON / Key/Value Pairs in secrets (#5940) - TODO ([#XXX](https://github.com/kedacore/keda/issues/XXX)) ### Fixes From fd88dd72e48c37a5f9b19b496a0fdc51c2f11d4d Mon Sep 17 00:00:00 2001 From: Nick Richardson Date: Fri, 2 Aug 2024 13:49:14 -0500 Subject: [PATCH 03/37] Fix linting issue Signed-off-by: Nick Richardson --- pkg/scaling/resolver/aws_secretmanager_handler.go | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/pkg/scaling/resolver/aws_secretmanager_handler.go b/pkg/scaling/resolver/aws_secretmanager_handler.go index 49ef75463d2..774266b1022 100644 --- a/pkg/scaling/resolver/aws_secretmanager_handler.go +++ b/pkg/scaling/resolver/aws_secretmanager_handler.go @@ -75,17 +75,14 @@ func (ash *AwsSecretManagerHandler) Read(ctx context.Context, logger logr.Logger // Convert the value to a string and return it if strVal, isString := val.(string); isString { return strVal, nil - } else { - logger.Error(nil, "SecretKey value is not a string") - return "", fmt.Errorf("SecretKey value is not a string") } - } else { - logger.Error(nil, "SecretKey Not Found") - return "", fmt.Errorf("SecretKey Not Found") + logger.Error(nil, "SecretKey value is not a string") + return "", fmt.Errorf("SecretKey value is not a string") } - } else { - return *result.SecretString, nil + logger.Error(nil, "SecretKey Not Found") + return "", fmt.Errorf("SecretKey Not Found") } + return *result.SecretString, nil } // Initialize sets up the AWS Secret Manager handler by configuring AWS credentials, AWS region, or using pod identity. From 124e48aec5475ce974e7104fdf93b38defda2078 Mon Sep 17 00:00:00 2001 From: Nick Richardson Date: Mon, 5 Aug 2024 13:33:39 -0500 Subject: [PATCH 04/37] Update E2E tests Signed-off-by: Nick Richardson --- .../aws_secretmanager_test.go | 121 +++++++++++++++--- .../aws_secretmanager_pod_identity_test.go | 107 ++++++++++++++-- 2 files changed, 205 insertions(+), 23 deletions(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index b185299f4f6..64c79d4b2fc 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -6,6 +6,7 @@ package aws_secret_manager_test import ( "context" "encoding/base64" + "encoding/json" "fmt" "os" "testing" @@ -151,6 +152,31 @@ spec: name: {{.SecretManagerSecretName}} ` +triggerAuthenticationSecretKeyTemplate = `apiVersion: keda.sh/v1alpha1 +kind: TriggerAuthentication +metadata: + name: {{.TriggerAuthenticationName}} + namespace: {{.TestNamespace}} +spec: + awsSecretManager: + credentials: + accessKey: + valueFrom: + secretKeyRef: + name: {{.AwsCredentialsSecretName}} + key: AWS_ACCESS_KEY_ID + accessSecretKey: + valueFrom: + secretKeyRef: + name: {{.AwsCredentialsSecretName}} + key: AWS_SECRET_ACCESS_KEY + region: {{.AwsRegion}} + secrets: + - parameter: connection + name: {{.SecretManagerSecretName}} + secretKey: connectionString +` + scaledObjectTemplate = `apiVersion: keda.sh/v1alpha1 kind: ScaledObject metadata: @@ -257,11 +283,12 @@ spec: ) func TestAwsSecretManager(t *testing.T) { + var useJSONSecretFormat = false require.NotEmpty(t, awsAccessKeyID, "TF_AWS_ACCESS_KEY env variable is required for AWS Secret Manager test") require.NotEmpty(t, awsSecretAccessKey, "TF_AWS_SECRET_KEY env variable is required for AWS Secret Manager test") - // Create the secret in GCP - err := createAWSSecret(t) + // Create the secret in AWS + err := createAWSSecret(t, useJSONSecretFormat) assert.NoErrorf(t, err, "cannot create AWS Secret Manager secret - %s", err) // Create kubernetes resources for PostgreSQL server @@ -280,7 +307,7 @@ func TestAwsSecretManager(t *testing.T) { assert.True(t, ok, "executing a command on PostreSQL Pod should work; Output: %s, ErrorOutput: %s, Error: %s", out, errOut, err) // Create kubernetes resources for testing - data, templates := getTemplateData() + data, templates := getTemplateData(useJSONSecretFormat) KubectlApplyMultipleWithTemplate(t, data, templates) assert.True(t, WaitForDeploymentReplicaReadyCount(t, kc, deploymentName, testNamespace, minReplicaCount, 60, 3), @@ -292,7 +319,49 @@ func TestAwsSecretManager(t *testing.T) { KubectlDeleteMultipleWithTemplate(t, data, templates) DeleteKubernetesResources(t, testNamespace, data, postgreSQLtemplates) - // Delete the secret in GCP + // Delete the secret in AWS + err = deleteAWSSecret(t) + assert.NoErrorf(t, err, "cannot delete AWS Secret Manager secret - %s", err) +} + +func TestAwsSecretManagerJSONFormat(t *testing.T) { + var useJSONSecretFormat = true + require.NotEmpty(t, awsAccessKeyID, "TF_AWS_ACCESS_KEY env variable is required for AWS Secret Manager test") + require.NotEmpty(t, awsSecretAccessKey, "TF_AWS_SECRET_KEY env variable is required for AWS Secret Manager test") + + // Create the secret in AWS + err := createAWSSecret(t, useJSONSecretFormat) // Create JSON formatted Secret + assert.NoErrorf(t, err, "cannot create AWS Secret Manager secret - %s", err) + + // Create kubernetes resources for PostgreSQL server + kc := GetKubernetesClient(t) + data, postgreSQLtemplates := getPostgreSQLTemplateData() + + CreateKubernetesResources(t, kc, testNamespace, data, postgreSQLtemplates) + + assert.True(t, WaitForStatefulsetReplicaReadyCount(t, kc, postgreSQLStatefulSetName, testNamespace, 1, 60, 3), + "replica count should be %d after 3 minutes", 1) + + createTableSQL := "CREATE TABLE task_instance (id serial PRIMARY KEY,state VARCHAR(10));" + psqlCreateTableCmd := fmt.Sprintf("psql -U %s -d %s -c \"%s\"", postgreSQLUsername, postgreSQLDatabase, createTableSQL) + + ok, out, errOut, err := WaitForSuccessfulExecCommandOnSpecificPod(t, postgresqlPodName, testNamespace, psqlCreateTableCmd, 60, 3) + assert.True(t, ok, "executing a command on PostreSQL Pod should work; Output: %s, ErrorOutput: %s, Error: %s", out, errOut, err) + + // Create kubernetes resources for testing + data, templates := getTemplateData(useJSONSecretFormat) + + KubectlApplyMultipleWithTemplate(t, data, templates) + assert.True(t, WaitForDeploymentReplicaReadyCount(t, kc, deploymentName, testNamespace, minReplicaCount, 60, 3), + "replica count should be %d after 3 minutes", minReplicaCount) + + testScaleOut(t, kc, data) + + // cleanup + KubectlDeleteMultipleWithTemplate(t, data, templates) + DeleteKubernetesResources(t, testNamespace, data, postgreSQLtemplates) + + // Delete the secret in AWS err = deleteAWSSecret(t) assert.NoErrorf(t, err, "cannot delete AWS Secret Manager secret - %s", err) } @@ -324,14 +393,21 @@ func getPostgreSQLTemplateData() (templateData, []Template) { } } -func getTemplateData() (templateData, []Template) { - return data, []Template{ - {Name: "secretTemplate", Config: secretTemplate}, - {Name: "awsCredentialsSecretTemplate", Config: awsCredentialsSecretTemplate}, - {Name: "deploymentTemplate", Config: deploymentTemplate}, - {Name: "triggerAuthenticationTemplate", Config: triggerAuthenticationTemplate}, - {Name: "scaledObjectTemplate", Config: scaledObjectTemplate}, - } +func getTemplateData(useJSONFormat bool) (templateData, []Template) { + var triggerConfig string + if useJSONFormat { + triggerConfig = triggerAuthenticationSecretKeyTemplate + } else { + triggerConfig = triggerAuthenticationTemplate + } + + return data, []Template{ + {Name: "secretTemplate", Config: secretTemplate}, + {Name: "awsCredentialsSecretTemplate", Config: awsCredentialsSecretTemplate}, + {Name: "deploymentTemplate", Config: deploymentTemplate}, + {Name: "triggerAuthenticationTemplate", Config: triggerConfig}, + {Name: "scaledObjectTemplate", Config: scaledObjectTemplate}, + } } func testScaleOut(t *testing.T, kc *kubernetes.Clientset, data templateData) { @@ -342,7 +418,7 @@ func testScaleOut(t *testing.T, kc *kubernetes.Clientset, data templateData) { "replica count should be %d after 3 minutes", maxReplicaCount) } -func createAWSSecret(t *testing.T) error { +func createAWSSecret(t *testing.T, useJSONFormat bool) error { ctx := context.Background() // Create AWS configuration @@ -358,9 +434,24 @@ func createAWSSecret(t *testing.T) error { // Create a Secrets Manager client client := secretsmanager.NewFromConfig(cfg) - + // Create the secret value - secretString := postgreSQLConnectionString + var secretString string + if(useJSONFormat) { + secretObject := map[string]string{ + "connectionString": postgreSQLConnectionString, + } + // Convert the map to a JSON string + jsonData, err := json.Marshal(secretObject) + if err != nil { + return fmt.Errorf("Error converting to JSON: %v", err) + } + + // Print the JSON string + secretString := string(jsonData) + } else { + secretString := postgreSQLConnectionString + } _, err = client.CreateSecret(ctx, &secretsmanager.CreateSecretInput{ Name: &secretManagerSecretName, SecretString: &secretString, diff --git a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go index 290b9d07f8b..4018e653e92 100644 --- a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go +++ b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go @@ -6,6 +6,7 @@ package aws_secretmanager_pod_identity_test import ( "context" "encoding/base64" + "encoding/json" "fmt" "os" "testing" @@ -141,6 +142,31 @@ spec: name: {{.SecretManagerSecretName}} ` + triggerAuthenticationSecretKeyTemplate = `apiVersion: keda.sh/v1alpha1 +kind: TriggerAuthentication +metadata: + name: {{.TriggerAuthenticationName}} + namespace: {{.TestNamespace}} +spec: + awsSecretManager: + credentials: + accessKey: + valueFrom: + secretKeyRef: + name: {{.AwsCredentialsSecretName}} + key: AWS_ACCESS_KEY_ID + accessSecretKey: + valueFrom: + secretKeyRef: + name: {{.AwsCredentialsSecretName}} + key: AWS_SECRET_ACCESS_KEY + region: {{.AwsRegion}} + secrets: + - parameter: connection + name: {{.SecretManagerSecretName}} + secretKey: connectionString +` + scaledObjectTemplate = `apiVersion: keda.sh/v1alpha1 kind: ScaledObject metadata: @@ -247,11 +273,54 @@ spec: ) func TestAwsSecretManager(t *testing.T) { + var useJSONSecretFormat = false + require.NotEmpty(t, awsAccessKeyID, "TF_AWS_ACCESS_KEY env variable is required for AWS Secret Manager test") + require.NotEmpty(t, awsSecretAccessKey, "TF_AWS_SECRET_KEY env variable is required for AWS Secret Manager test") + + // Create the secret in AWS + err := createAWSSecret(t, useJSONSecretFormat) + assert.NoErrorf(t, err, "cannot create AWS Secret Manager secret - %s", err) + + // Create kubernetes resources for PostgreSQL server + kc := GetKubernetesClient(t) + data, postgreSQLtemplates := getPostgreSQLTemplateData() + + CreateKubernetesResources(t, kc, testNamespace, data, postgreSQLtemplates) + + assert.True(t, WaitForStatefulsetReplicaReadyCount(t, kc, postgreSQLStatefulSetName, testNamespace, 1, 60, 3), + "replica count should be %d after 3 minutes", 1) + + createTableSQL := "CREATE TABLE task_instance (id serial PRIMARY KEY,state VARCHAR(10));" + psqlCreateTableCmd := fmt.Sprintf("psql -U %s -d %s -c \"%s\"", postgreSQLUsername, postgreSQLDatabase, createTableSQL) + + ok, out, errOut, err := WaitForSuccessfulExecCommandOnSpecificPod(t, postgresqlPodName, testNamespace, psqlCreateTableCmd, 60, 3) + assert.True(t, ok, "executing a command on PostreSQL Pod should work; Output: %s, ErrorOutput: %s, Error: %s", out, errOut, err) + + // Create kubernetes resources for testing + data, templates := getTemplateData(useJSONSecretFormat) + + KubectlApplyMultipleWithTemplate(t, data, templates) + assert.True(t, WaitForDeploymentReplicaReadyCount(t, kc, deploymentName, testNamespace, minReplicaCount, 60, 3), + "replica count should be %d after 3 minutes", minReplicaCount) + + testScaleOut(t, kc, data) + + // cleanup + KubectlDeleteMultipleWithTemplate(t, data, templates) + DeleteKubernetesResources(t, testNamespace, data, postgreSQLtemplates) + + // Delete the secret in AWS + err = deleteAWSSecret(t) + assert.NoErrorf(t, err, "cannot delete AWS Secret Manager secret - %s", err) +} + +func TestAwsSecretManagerJSONFormat(t *testing.T) { + var useJSONSecretFormat = true require.NotEmpty(t, awsAccessKeyID, "TF_AWS_ACCESS_KEY env variable is required for AWS Secret Manager test") require.NotEmpty(t, awsSecretAccessKey, "TF_AWS_SECRET_KEY env variable is required for AWS Secret Manager test") - // Create the secret in GCP - err := createAWSSecret(t) + // Create the secret in AWS + err := createAWSSecret(t, useJSONSecretFormat) assert.NoErrorf(t, err, "cannot create AWS Secret Manager secret - %s", err) // Create kubernetes resources for PostgreSQL server @@ -270,7 +339,7 @@ func TestAwsSecretManager(t *testing.T) { assert.True(t, ok, "executing a command on PostreSQL Pod should work; Output: %s, ErrorOutput: %s, Error: %s", out, errOut, err) // Create kubernetes resources for testing - data, templates := getTemplateData() + data, templates := getTemplateData(useJSONSecretFormat) KubectlApplyMultipleWithTemplate(t, data, templates) assert.True(t, WaitForDeploymentReplicaReadyCount(t, kc, deploymentName, testNamespace, minReplicaCount, 60, 3), @@ -282,7 +351,7 @@ func TestAwsSecretManager(t *testing.T) { KubectlDeleteMultipleWithTemplate(t, data, templates) DeleteKubernetesResources(t, testNamespace, data, postgreSQLtemplates) - // Delete the secret in GCP + // Delete the secret in AWS err = deleteAWSSecret(t) assert.NoErrorf(t, err, "cannot delete AWS Secret Manager secret - %s", err) } @@ -314,12 +383,19 @@ func getPostgreSQLTemplateData() (templateData, []Template) { } } -func getTemplateData() (templateData, []Template) { +func getTemplateData(useJSONFormat bool) (templateData, []Template) { + var triggerConfig string + if useJSONFormat { + triggerConfig = triggerAuthenticationSecretKeyTemplate + } else { + triggerConfig = triggerAuthenticationTemplate + } + return data, []Template{ {Name: "secretTemplate", Config: secretTemplate}, {Name: "awsCredentialsSecretTemplate", Config: awsCredentialsSecretTemplate}, {Name: "deploymentTemplate", Config: deploymentTemplate}, - {Name: "triggerAuthenticationTemplate", Config: triggerAuthenticationTemplate}, + {Name: "triggerAuthenticationTemplate", Config: triggerConfig}, {Name: "scaledObjectTemplate", Config: scaledObjectTemplate}, } } @@ -332,7 +408,7 @@ func testScaleOut(t *testing.T, kc *kubernetes.Clientset, data templateData) { "replica count should be %d after 3 minutes", maxReplicaCount) } -func createAWSSecret(t *testing.T) error { +func createAWSSecret(t *testing.T, useJSONFormat bool) error { ctx := context.Background() // Create AWS configuration @@ -350,7 +426,22 @@ func createAWSSecret(t *testing.T) error { client := secretsmanager.NewFromConfig(cfg) // Create the secret value - secretString := postgreSQLConnectionString + var secretString string + if useJSONFormat { + secretObject := map[string]string{ + "connectionString": postgreSQLConnectionString, + } + // Convert the map to a JSON string + jsonData, err := json.Marshal(secretObject) + if err != nil { + return fmt.Errorf("Error converting to JSON: %v", err) + } + + // Print the JSON string + secretString := string(jsonData) + } else { + secretString := postgreSQLConnectionString + } _, err = client.CreateSecret(ctx, &secretsmanager.CreateSecretInput{ Name: &secretManagerSecretName, SecretString: &secretString, From b9951d1354bd929d9cb2795528d107a82b2a97e9 Mon Sep 17 00:00:00 2001 From: Nick Richardson Date: Mon, 5 Aug 2024 13:38:25 -0500 Subject: [PATCH 05/37] Update E2E tests Signed-off-by: Nick Richardson --- .../aws_secretmanager_test.go | 36 +++++++++---------- .../aws_secretmanager_pod_identity_test.go | 2 +- 2 files changed, 19 insertions(+), 19 deletions(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 64c79d4b2fc..7c38564746a 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -152,7 +152,7 @@ spec: name: {{.SecretManagerSecretName}} ` -triggerAuthenticationSecretKeyTemplate = `apiVersion: keda.sh/v1alpha1 + triggerAuthenticationSecretKeyTemplate = `apiVersion: keda.sh/v1alpha1 kind: TriggerAuthentication metadata: name: {{.TriggerAuthenticationName}} @@ -395,19 +395,19 @@ func getPostgreSQLTemplateData() (templateData, []Template) { func getTemplateData(useJSONFormat bool) (templateData, []Template) { var triggerConfig string - if useJSONFormat { - triggerConfig = triggerAuthenticationSecretKeyTemplate - } else { - triggerConfig = triggerAuthenticationTemplate - } - - return data, []Template{ - {Name: "secretTemplate", Config: secretTemplate}, - {Name: "awsCredentialsSecretTemplate", Config: awsCredentialsSecretTemplate}, - {Name: "deploymentTemplate", Config: deploymentTemplate}, - {Name: "triggerAuthenticationTemplate", Config: triggerConfig}, - {Name: "scaledObjectTemplate", Config: scaledObjectTemplate}, - } + if useJSONFormat { + triggerConfig = triggerAuthenticationSecretKeyTemplate + } else { + triggerConfig = triggerAuthenticationTemplate + } + + return data, []Template{ + {Name: "secretTemplate", Config: secretTemplate}, + {Name: "awsCredentialsSecretTemplate", Config: awsCredentialsSecretTemplate}, + {Name: "deploymentTemplate", Config: deploymentTemplate}, + {Name: "triggerAuthenticationTemplate", Config: triggerConfig}, + {Name: "scaledObjectTemplate", Config: scaledObjectTemplate}, + } } func testScaleOut(t *testing.T, kc *kubernetes.Clientset, data templateData) { @@ -434,19 +434,19 @@ func createAWSSecret(t *testing.T, useJSONFormat bool) error { // Create a Secrets Manager client client := secretsmanager.NewFromConfig(cfg) - + // Create the secret value var secretString string - if(useJSONFormat) { + if useJSONFormat { secretObject := map[string]string{ "connectionString": postgreSQLConnectionString, } // Convert the map to a JSON string jsonData, err := json.Marshal(secretObject) if err != nil { - return fmt.Errorf("Error converting to JSON: %v", err) + return fmt.Errorf("Error converting to JSON: %w", err) } - + // Print the JSON string secretString := string(jsonData) } else { diff --git a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go index 4018e653e92..f63ed9ce1ec 100644 --- a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go +++ b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go @@ -434,7 +434,7 @@ func createAWSSecret(t *testing.T, useJSONFormat bool) error { // Convert the map to a JSON string jsonData, err := json.Marshal(secretObject) if err != nil { - return fmt.Errorf("Error converting to JSON: %v", err) + return fmt.Errorf("Error converting to JSON: %w", err) } // Print the JSON string From dabf94c5367e0b4b216bcf355399c41757a9396f Mon Sep 17 00:00:00 2001 From: Nick Richardson Date: Mon, 5 Aug 2024 14:03:57 -0500 Subject: [PATCH 06/37] Update E2E tests Signed-off-by: Nick Richardson --- .../aws_secretmanager/aws_secretmanager_test.go | 4 ++-- .../aws_secretmanager_pod_identity_test.go | 4 ++-- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 7c38564746a..5cb78fdc3c6 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -448,9 +448,9 @@ func createAWSSecret(t *testing.T, useJSONFormat bool) error { } // Print the JSON string - secretString := string(jsonData) + secretString = string(jsonData) } else { - secretString := postgreSQLConnectionString + secretString = postgreSQLConnectionString } _, err = client.CreateSecret(ctx, &secretsmanager.CreateSecretInput{ Name: &secretManagerSecretName, diff --git a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go index f63ed9ce1ec..c3bbe1d01ef 100644 --- a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go +++ b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go @@ -438,9 +438,9 @@ func createAWSSecret(t *testing.T, useJSONFormat bool) error { } // Print the JSON string - secretString := string(jsonData) + secretString = string(jsonData) } else { - secretString := postgreSQLConnectionString + secretString = postgreSQLConnectionString } _, err = client.CreateSecret(ctx, &secretsmanager.CreateSecretInput{ Name: &secretManagerSecretName, From f1717da1914dd74645c6aed6b5915b6cf794cf50 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Fri, 29 Nov 2024 12:11:22 -0800 Subject: [PATCH 07/37] fixed mixedxe tab/space issue Signed-off-by: michael pechner --- .golangci.yml | 2 +- .../aws_secretmanager_pod_identity_test.go | 5 ++++- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/.golangci.yml b/.golangci.yml index d23883526de..aa2f62b9130 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -27,7 +27,7 @@ linters: - unconvert - ineffassign - staticcheck - - exportloopref + - copyloopvar - depguard - dogsled - errcheck diff --git a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go index c3bbe1d01ef..e54df5adf65 100644 --- a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go +++ b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go @@ -4,6 +4,7 @@ package aws_secretmanager_pod_identity_test import ( + // Standard imports "context" "encoding/base64" "encoding/json" @@ -11,6 +12,7 @@ import ( "os" "testing" + // Third-party imports "github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/credentials" @@ -20,6 +22,7 @@ import ( "github.com/stretchr/testify/require" "k8s.io/client-go/kubernetes" + // Local imports . "github.com/kedacore/keda/v2/tests/helper" ) @@ -164,7 +167,7 @@ spec: secrets: - parameter: connection name: {{.SecretManagerSecretName}} - secretKey: connectionString + secretKey: connectionString ` scaledObjectTemplate = `apiVersion: keda.sh/v1alpha1 From f113aac6fdec67aa1eab0094f7cea0d66c10d063 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Fri, 29 Nov 2024 12:32:48 -0800 Subject: [PATCH 08/37] reverted back to exportloopref Signed-off-by: michael pechner --- .golangci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.golangci.yml b/.golangci.yml index aa2f62b9130..d23883526de 100644 --- a/.golangci.yml +++ b/.golangci.yml @@ -27,7 +27,7 @@ linters: - unconvert - ineffassign - staticcheck - - copyloopvar + - exportloopref - depguard - dogsled - errcheck From 1f34e8f54524c502a479a97e487f45df1fc67ed1 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Mon, 16 Dec 2024 14:39:06 -0800 Subject: [PATCH 09/37] remoace tab with spaces Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 5cb78fdc3c6..70debab270c 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -19,8 +19,6 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "k8s.io/client-go/kubernetes" - - . "github.com/kedacore/keda/v2/tests/helper" ) // Load environment variables from .env file @@ -174,7 +172,7 @@ spec: secrets: - parameter: connection name: {{.SecretManagerSecretName}} - secretKey: connectionString + secretKey: connectionString ` scaledObjectTemplate = `apiVersion: keda.sh/v1alpha1 From 3e92f5c9728c06f48ba8ae8d517d92fb824e0b94 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Tue, 17 Dec 2024 08:10:30 -0800 Subject: [PATCH 10/37] Needed the hlper added in here Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 70debab270c..244d25d6ef5 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -4,6 +4,7 @@ package aws_secret_manager_test import ( + // Standard imports "context" "encoding/base64" "encoding/json" @@ -11,6 +12,7 @@ import ( "os" "testing" + // Third-party imports "github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/credentials" @@ -19,6 +21,9 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "k8s.io/client-go/kubernetes" + + // Local imports + . "github.com/kedacore/keda/v2/tests/helper" ) // Load environment variables from .env file From e6ec7c423effa128256a07088fc0d5c9d3a3b353 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Sun, 22 Dec 2024 15:15:39 -0800 Subject: [PATCH 11/37] only changed awssecreetmanager_test.go to see if my approach is correct. Will remove REMOVETestAwsSecretManagerJSONFormat and change aws_secret_manager_pod_identity.go once I have changed this file as expected. Signed-off-by: michael pechner --- .../aws_secretmanager_test.go | 30 +++++++++++++++---- 1 file changed, 25 insertions(+), 5 deletions(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 244d25d6ef5..2845f33b163 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -21,9 +21,6 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "k8s.io/client-go/kubernetes" - - // Local imports - . "github.com/kedacore/keda/v2/tests/helper" ) // Load environment variables from .env file @@ -286,6 +283,29 @@ spec: ) func TestAwsSecretManager(t *testing.T) { + // Run the test twice with two different flag values + flags := []bool{true, false} + + for _, useJSONSecretFormat := range flags { + // Define a subtest for each flag value + t.Run(getTestNameForFlag(useJSONSecretFormat), func(t *testing.T) { + err := AwsSecretManager(t*testing.T, useJSONSecretFormat) + if err != nil { + t.Errorf("AwsSecretManager(%v) failed: %v", flag, err) + } + }) + } +} + +// Helper to get dynamic test names based on the flag +func getTestNameForFlag(flag bool) string { + if flag { + return "WithFlagTrue" + } + return "WithFlagFalse" +} + +func AwsSecretManager(t *testing.T) { var useJSONSecretFormat = false require.NotEmpty(t, awsAccessKeyID, "TF_AWS_ACCESS_KEY env variable is required for AWS Secret Manager test") require.NotEmpty(t, awsSecretAccessKey, "TF_AWS_SECRET_KEY env variable is required for AWS Secret Manager test") @@ -327,8 +347,8 @@ func TestAwsSecretManager(t *testing.T) { assert.NoErrorf(t, err, "cannot delete AWS Secret Manager secret - %s", err) } -func TestAwsSecretManagerJSONFormat(t *testing.T) { - var useJSONSecretFormat = true +// before I remove this I want to make sure I refactored code as expected. +func REMOVETestAwsSecretManagerJSONFormat(t *testing.T, useJSONSecretFormat bool) { require.NotEmpty(t, awsAccessKeyID, "TF_AWS_ACCESS_KEY env variable is required for AWS Secret Manager test") require.NotEmpty(t, awsSecretAccessKey, "TF_AWS_SECRET_KEY env variable is required for AWS Secret Manager test") From a0a839aa25274946f3aad3fca3f7baf717537186 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Sun, 22 Dec 2024 15:24:53 -0800 Subject: [PATCH 12/37] nd keeps removing // Local imports . "github.com/kedacore/keda/v2/tests/helper" Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 2845f33b163..2fa216d7b72 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -21,6 +21,9 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "k8s.io/client-go/kubernetes" + + // Local imports + . "github.com/kedacore/keda/v2/tests/helper" ) // Load environment variables from .env file From f294e18839a0c31678b658dfff65cf106a69d093 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Sun, 22 Dec 2024 15:36:54 -0800 Subject: [PATCH 13/37] Not sure what the correct way to import the local helper is. Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 2fa216d7b72..7689ba4ab78 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -22,8 +22,12 @@ import ( "github.com/stretchr/testify/require" "k8s.io/client-go/kubernetes" - // Local imports + // Local imports . "github.com/kedacore/keda/v2/tests/helper" + + + + ) // Load environment variables from .env file From fe3d0954677337c2d7b141359f76e20e5695d040 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Sun, 22 Dec 2024 18:17:18 -0800 Subject: [PATCH 14/37] Trying blank import. Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 7689ba4ab78..a88cdb56c42 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -18,16 +18,10 @@ import ( "github.com/aws/aws-sdk-go-v2/credentials" "github.com/aws/aws-sdk-go-v2/service/secretsmanager" "github.com/joho/godotenv" + _ "github.com/kedacore/keda/tests/helper" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "k8s.io/client-go/kubernetes" - - // Local imports - . "github.com/kedacore/keda/v2/tests/helper" - - - - ) // Load environment variables from .env file @@ -78,6 +72,7 @@ type templateData struct { SecretManagerSecretName string AwsAccessKeyID string AwsSecretAccessKey string + useJSONSecretFormat bool } const ( @@ -295,6 +290,7 @@ func TestAwsSecretManager(t *testing.T) { for _, useJSONSecretFormat := range flags { // Define a subtest for each flag value + t.Run(getTestNameForFlag(useJSONSecretFormat), func(t *testing.T) { err := AwsSecretManager(t*testing.T, useJSONSecretFormat) if err != nil { @@ -312,7 +308,7 @@ func getTestNameForFlag(flag bool) string { return "WithFlagFalse" } -func AwsSecretManager(t *testing.T) { +func AwsSecretManager(t *testing.Ti, useJSONSecretFormat bool) { var useJSONSecretFormat = false require.NotEmpty(t, awsAccessKeyID, "TF_AWS_ACCESS_KEY env variable is required for AWS Secret Manager test") require.NotEmpty(t, awsSecretAccessKey, "TF_AWS_SECRET_KEY env variable is required for AWS Secret Manager test") From 1b1c8c769ded8a7ac8af3432bd5cc749d19a11ed Mon Sep 17 00:00:00 2001 From: michael pechner Date: Sun, 22 Dec 2024 22:06:13 -0800 Subject: [PATCH 15/37] fix path "github.com/kedacore/keda/v2/tests/helper" Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index a88cdb56c42..b1d98307f12 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -18,7 +18,7 @@ import ( "github.com/aws/aws-sdk-go-v2/credentials" "github.com/aws/aws-sdk-go-v2/service/secretsmanager" "github.com/joho/godotenv" - _ "github.com/kedacore/keda/tests/helper" + _ "github.com/kedacore/keda/v2/tests/helper" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "k8s.io/client-go/kubernetes" From 07fa347166b8a62170d0fe2092dd8e93656b510f Mon Sep 17 00:00:00 2001 From: michael pechner Date: Sun, 22 Dec 2024 22:23:47 -0800 Subject: [PATCH 16/37] added call to GetRandomNumber() just to keep goimport from removeing the the helper. Fixed type Ti -> T Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index b1d98307f12..6945e55218f 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -18,15 +18,20 @@ import ( "github.com/aws/aws-sdk-go-v2/credentials" "github.com/aws/aws-sdk-go-v2/service/secretsmanager" "github.com/joho/godotenv" - _ "github.com/kedacore/keda/v2/tests/helper" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "k8s.io/client-go/kubernetes" + + //local + . "github.com/kedacore/keda/v2/tests/helper" ) // Load environment variables from .env file var _ = godotenv.Load("../../.env") +// makes sure helper is not removed +var _ = GetRandomNumber() + const ( testName = "aws-secret-manager-test" ) @@ -308,8 +313,8 @@ func getTestNameForFlag(flag bool) string { return "WithFlagFalse" } -func AwsSecretManager(t *testing.Ti, useJSONSecretFormat bool) { - var useJSONSecretFormat = false +func AwsSecretManager(t *testing.T, useJSONSecretFormat bool) { + require.NotEmpty(t, awsAccessKeyID, "TF_AWS_ACCESS_KEY env variable is required for AWS Secret Manager test") require.NotEmpty(t, awsSecretAccessKey, "TF_AWS_SECRET_KEY env variable is required for AWS Secret Manager test") @@ -410,6 +415,7 @@ var data = templateData{ AwsSecretAccessKey: base64.StdEncoding.EncodeToString([]byte(awsSecretAccessKey)), AwsRegion: awsRegion, AwsCredentialsSecretName: awsCredentialsSecretName, + useJSONSecretFormat: false, } func getPostgreSQLTemplateData() (templateData, []Template) { From 6791609b85cfb378e7fe316eeae5370b7b266440 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Sun, 22 Dec 2024 22:33:41 -0800 Subject: [PATCH 17/37] really am a noob. AwsSecretManager() does not return anything, so fixed the calling test Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 6945e55218f..2a628562b88 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -297,10 +297,7 @@ func TestAwsSecretManager(t *testing.T) { // Define a subtest for each flag value t.Run(getTestNameForFlag(useJSONSecretFormat), func(t *testing.T) { - err := AwsSecretManager(t*testing.T, useJSONSecretFormat) - if err != nil { - t.Errorf("AwsSecretManager(%v) failed: %v", flag, err) - } + AwsSecretManager(t*testing.T, useJSONSecretFormat) }) } } From 98e4d321d9836cde66ab02f6bf06506c05bfca7f Mon Sep 17 00:00:00 2001 From: michael pechner Date: Sun, 22 Dec 2024 22:45:07 -0800 Subject: [PATCH 18/37] another noob error. added test code back and making AwsSecretmanager() return nil Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 2a628562b88..e02f880a61f 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -297,7 +297,10 @@ func TestAwsSecretManager(t *testing.T) { // Define a subtest for each flag value t.Run(getTestNameForFlag(useJSONSecretFormat), func(t *testing.T) { - AwsSecretManager(t*testing.T, useJSONSecretFormat) + err := AwsSecretManager(t*testing.T, useJSONSecretFormat) + if err != nil { + t.Errorf("AwsSecretManager(%v) failed: %v", flag, err) + } }) } } @@ -350,6 +353,7 @@ func AwsSecretManager(t *testing.T, useJSONSecretFormat bool) { // Delete the secret in AWS err = deleteAWSSecret(t) assert.NoErrorf(t, err, "cannot delete AWS Secret Manager secret - %s", err) + return nil } // before I remove this I want to make sure I refactored code as expected. From f8f8bac2bc15ce65871182eea12e5f7fa21a0985 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Sun, 22 Dec 2024 22:54:21 -0800 Subject: [PATCH 19/37] really am gonna make every dumb mistake. Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index e02f880a61f..7182fffb643 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -297,7 +297,7 @@ func TestAwsSecretManager(t *testing.T) { // Define a subtest for each flag value t.Run(getTestNameForFlag(useJSONSecretFormat), func(t *testing.T) { - err := AwsSecretManager(t*testing.T, useJSONSecretFormat) + err := AwsSecretManager(t, useJSONSecretFormat) if err != nil { t.Errorf("AwsSecretManager(%v) failed: %v", flag, err) } From 455d5cfa38d9bbd4ec764559ebf0f58f9cad856c Mon Sep 17 00:00:00 2001 From: michael pechner Date: Sun, 22 Dec 2024 23:07:46 -0800 Subject: [PATCH 20/37] fixed return value Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 7182fffb643..795fc93354e 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -297,9 +297,9 @@ func TestAwsSecretManager(t *testing.T) { // Define a subtest for each flag value t.Run(getTestNameForFlag(useJSONSecretFormat), func(t *testing.T) { - err := AwsSecretManager(t, useJSONSecretFormat) + err := AwsSecretManager(t*testing.T, useJSONSecretFormat) if err != nil { - t.Errorf("AwsSecretManager(%v) failed: %v", flag, err) + t.Errorf("AwsSecretManager(%v) failed: %v", getTestNameForFlag(useJSONSecretFormat), err) } }) } @@ -313,7 +313,7 @@ func getTestNameForFlag(flag bool) string { return "WithFlagFalse" } -func AwsSecretManager(t *testing.T, useJSONSecretFormat bool) { +func AwsSecretManager(t *testing.T, useJSONSecretFormat bool) error { require.NotEmpty(t, awsAccessKeyID, "TF_AWS_ACCESS_KEY env variable is required for AWS Secret Manager test") require.NotEmpty(t, awsSecretAccessKey, "TF_AWS_SECRET_KEY env variable is required for AWS Secret Manager test") From 3034840d1202427574f2aad2c0d939bf1c82f914 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Sun, 22 Dec 2024 23:14:43 -0800 Subject: [PATCH 21/37] thought I fixed that. Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 795fc93354e..864d2d03ff0 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -297,7 +297,7 @@ func TestAwsSecretManager(t *testing.T) { // Define a subtest for each flag value t.Run(getTestNameForFlag(useJSONSecretFormat), func(t *testing.T) { - err := AwsSecretManager(t*testing.T, useJSONSecretFormat) + err := AwsSecretManager(t, useJSONSecretFormat) if err != nil { t.Errorf("AwsSecretManager(%v) failed: %v", getTestNameForFlag(useJSONSecretFormat), err) } From 9dbb6bea8c73b1f3090b62c9e37b197fc559a49e Mon Sep 17 00:00:00 2001 From: michael pechner Date: Sun, 22 Dec 2024 23:23:50 -0800 Subject: [PATCH 22/37] figured goland would have pointed these out Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 864d2d03ff0..b43020aab86 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -22,7 +22,7 @@ import ( "github.com/stretchr/testify/require" "k8s.io/client-go/kubernetes" - //local + // local . "github.com/kedacore/keda/v2/tests/helper" ) @@ -314,7 +314,6 @@ func getTestNameForFlag(flag bool) string { } func AwsSecretManager(t *testing.T, useJSONSecretFormat bool) error { - require.NotEmpty(t, awsAccessKeyID, "TF_AWS_ACCESS_KEY env variable is required for AWS Secret Manager test") require.NotEmpty(t, awsSecretAccessKey, "TF_AWS_SECRET_KEY env variable is required for AWS Secret Manager test") From 9c780ef59d6344e4ad53259fb1a70cc8558d5d7f Mon Sep 17 00:00:00 2001 From: michael pechner Date: Sun, 12 Jan 2025 18:36:34 -0800 Subject: [PATCH 23/37] removed duplicated function. Tests not run with useJSONSecretFormat true and false Signed-off-by: michael pechner --- .../aws_secretmanager_test.go | 45 ------------ .../aws_secretmanager_pod_identity_test.go | 68 +++++++------------ 2 files changed, 24 insertions(+), 89 deletions(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index b43020aab86..0b7aa4a2805 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -21,9 +21,6 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "k8s.io/client-go/kubernetes" - - // local - . "github.com/kedacore/keda/v2/tests/helper" ) // Load environment variables from .env file @@ -355,48 +352,6 @@ func AwsSecretManager(t *testing.T, useJSONSecretFormat bool) error { return nil } -// before I remove this I want to make sure I refactored code as expected. -func REMOVETestAwsSecretManagerJSONFormat(t *testing.T, useJSONSecretFormat bool) { - require.NotEmpty(t, awsAccessKeyID, "TF_AWS_ACCESS_KEY env variable is required for AWS Secret Manager test") - require.NotEmpty(t, awsSecretAccessKey, "TF_AWS_SECRET_KEY env variable is required for AWS Secret Manager test") - - // Create the secret in AWS - err := createAWSSecret(t, useJSONSecretFormat) // Create JSON formatted Secret - assert.NoErrorf(t, err, "cannot create AWS Secret Manager secret - %s", err) - - // Create kubernetes resources for PostgreSQL server - kc := GetKubernetesClient(t) - data, postgreSQLtemplates := getPostgreSQLTemplateData() - - CreateKubernetesResources(t, kc, testNamespace, data, postgreSQLtemplates) - - assert.True(t, WaitForStatefulsetReplicaReadyCount(t, kc, postgreSQLStatefulSetName, testNamespace, 1, 60, 3), - "replica count should be %d after 3 minutes", 1) - - createTableSQL := "CREATE TABLE task_instance (id serial PRIMARY KEY,state VARCHAR(10));" - psqlCreateTableCmd := fmt.Sprintf("psql -U %s -d %s -c \"%s\"", postgreSQLUsername, postgreSQLDatabase, createTableSQL) - - ok, out, errOut, err := WaitForSuccessfulExecCommandOnSpecificPod(t, postgresqlPodName, testNamespace, psqlCreateTableCmd, 60, 3) - assert.True(t, ok, "executing a command on PostreSQL Pod should work; Output: %s, ErrorOutput: %s, Error: %s", out, errOut, err) - - // Create kubernetes resources for testing - data, templates := getTemplateData(useJSONSecretFormat) - - KubectlApplyMultipleWithTemplate(t, data, templates) - assert.True(t, WaitForDeploymentReplicaReadyCount(t, kc, deploymentName, testNamespace, minReplicaCount, 60, 3), - "replica count should be %d after 3 minutes", minReplicaCount) - - testScaleOut(t, kc, data) - - // cleanup - KubectlDeleteMultipleWithTemplate(t, data, templates) - DeleteKubernetesResources(t, testNamespace, data, postgreSQLtemplates) - - // Delete the secret in AWS - err = deleteAWSSecret(t) - assert.NoErrorf(t, err, "cannot delete AWS Secret Manager secret - %s", err) -} - var data = templateData{ TestNamespace: testNamespace, PostgreSQLStatefulSetName: postgreSQLStatefulSetName, diff --git a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go index e54df5adf65..5107fc8fb1b 100644 --- a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go +++ b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go @@ -21,9 +21,6 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "k8s.io/client-go/kubernetes" - - // Local imports - . "github.com/kedacore/keda/v2/tests/helper" ) // Load environment variables from .env file @@ -74,6 +71,7 @@ type templateData struct { SecretManagerSecretName string AwsAccessKeyID string AwsSecretAccessKey string + useJSONSecretFormat bool } const ( @@ -276,49 +274,29 @@ spec: ) func TestAwsSecretManager(t *testing.T) { - var useJSONSecretFormat = false - require.NotEmpty(t, awsAccessKeyID, "TF_AWS_ACCESS_KEY env variable is required for AWS Secret Manager test") - require.NotEmpty(t, awsSecretAccessKey, "TF_AWS_SECRET_KEY env variable is required for AWS Secret Manager test") - - // Create the secret in AWS - err := createAWSSecret(t, useJSONSecretFormat) - assert.NoErrorf(t, err, "cannot create AWS Secret Manager secret - %s", err) - - // Create kubernetes resources for PostgreSQL server - kc := GetKubernetesClient(t) - data, postgreSQLtemplates := getPostgreSQLTemplateData() - - CreateKubernetesResources(t, kc, testNamespace, data, postgreSQLtemplates) - - assert.True(t, WaitForStatefulsetReplicaReadyCount(t, kc, postgreSQLStatefulSetName, testNamespace, 1, 60, 3), - "replica count should be %d after 3 minutes", 1) - - createTableSQL := "CREATE TABLE task_instance (id serial PRIMARY KEY,state VARCHAR(10));" - psqlCreateTableCmd := fmt.Sprintf("psql -U %s -d %s -c \"%s\"", postgreSQLUsername, postgreSQLDatabase, createTableSQL) - - ok, out, errOut, err := WaitForSuccessfulExecCommandOnSpecificPod(t, postgresqlPodName, testNamespace, psqlCreateTableCmd, 60, 3) - assert.True(t, ok, "executing a command on PostreSQL Pod should work; Output: %s, ErrorOutput: %s, Error: %s", out, errOut, err) - - // Create kubernetes resources for testing - data, templates := getTemplateData(useJSONSecretFormat) - - KubectlApplyMultipleWithTemplate(t, data, templates) - assert.True(t, WaitForDeploymentReplicaReadyCount(t, kc, deploymentName, testNamespace, minReplicaCount, 60, 3), - "replica count should be %d after 3 minutes", minReplicaCount) - - testScaleOut(t, kc, data) - - // cleanup - KubectlDeleteMultipleWithTemplate(t, data, templates) - DeleteKubernetesResources(t, testNamespace, data, postgreSQLtemplates) - - // Delete the secret in AWS - err = deleteAWSSecret(t) - assert.NoErrorf(t, err, "cannot delete AWS Secret Manager secret - %s", err) + // Run the test twice with two different flag values + flags := []bool{true, false} + + for _, useJSONSecretFormat := range flags { + // Define a subtest for each flag value + + t.Run(getTestNameForFlag(useJSONSecretFormat), func(t *testing.T) { + err := AwsSecretManager(t, useJSONSecretFormat) + if err != nil { + t.Errorf("AwsSecretManager(%v) failed: %v", getTestNameForFlag(useJSONSecretFormat), err) + } + }) + } } -func TestAwsSecretManagerJSONFormat(t *testing.T) { - var useJSONSecretFormat = true +// Helper to get dynamic test names based on the flag +func getTestNameForFlag(flag bool) string { + if flag { + return "WithFlagTrue" + } + return "WithFlagFalse" +} +func AwsSecretManager(t *testing.T, , useJSONSecretFormat bool) error { require.NotEmpty(t, awsAccessKeyID, "TF_AWS_ACCESS_KEY env variable is required for AWS Secret Manager test") require.NotEmpty(t, awsSecretAccessKey, "TF_AWS_SECRET_KEY env variable is required for AWS Secret Manager test") @@ -357,6 +335,7 @@ func TestAwsSecretManagerJSONFormat(t *testing.T) { // Delete the secret in AWS err = deleteAWSSecret(t) assert.NoErrorf(t, err, "cannot delete AWS Secret Manager secret - %s", err) + return nil } var data = templateData{ @@ -377,6 +356,7 @@ var data = templateData{ AwsSecretAccessKey: base64.StdEncoding.EncodeToString([]byte(awsSecretAccessKey)), AwsRegion: awsRegion, AwsCredentialsSecretName: awsCredentialsSecretName, + useJSONSecretFormat: false, } func getPostgreSQLTemplateData() (templateData, []Template) { From d0b9d05ee7d87433fe4f74c1c40ae48829ff4a87 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Sun, 12 Jan 2025 18:45:58 -0800 Subject: [PATCH 24/37] no excuse Signed-off-by: michael pechner --- .../aws_secretmanager_pod_identity_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go index 5107fc8fb1b..74117917f8c 100644 --- a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go +++ b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go @@ -296,7 +296,7 @@ func getTestNameForFlag(flag bool) string { } return "WithFlagFalse" } -func AwsSecretManager(t *testing.T, , useJSONSecretFormat bool) error { +func AwsSecretManager(t *testing.T, useJSONSecretFormat bool) error { require.NotEmpty(t, awsAccessKeyID, "TF_AWS_ACCESS_KEY env variable is required for AWS Secret Manager test") require.NotEmpty(t, awsSecretAccessKey, "TF_AWS_SECRET_KEY env variable is required for AWS Secret Manager test") From 2b7c7f9e58f5cfb173962682714a5bdfda6a4ada Mon Sep 17 00:00:00 2001 From: michael pechner Date: Sun, 12 Jan 2025 19:02:53 -0800 Subject: [PATCH 25/37] fixed . "github.com/kedacore/keda/v2/tests/helper" igoland linter keeps removng it. Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 2 ++ .../aws_secretmanager_pod_identity_test.go | 2 ++ 2 files changed, 4 insertions(+) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 0b7aa4a2805..79325afc759 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -21,6 +21,8 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "k8s.io/client-go/kubernetes" + + . "github.com/kedacore/keda/v2/tests/helper" ) // Load environment variables from .env file diff --git a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go index 74117917f8c..21ed2290b97 100644 --- a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go +++ b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go @@ -21,6 +21,8 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "k8s.io/client-go/kubernetes" + + . "github.com/kedacore/keda/v2/tests/helper" ) // Load environment variables from .env file From 784bdc2dec4bddb717bd45f054bd4ec07fe6c2db Mon Sep 17 00:00:00 2001 From: michael pechner Date: Sun, 12 Jan 2025 19:13:35 -0800 Subject: [PATCH 26/37] go fmt needs for 1 empty line Signed-off-by: michael pechner --- .../aws_secretmanager_pod_identity_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go index 21ed2290b97..c429b93835c 100644 --- a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go +++ b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go @@ -21,7 +21,7 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "k8s.io/client-go/kubernetes" - + . "github.com/kedacore/keda/v2/tests/helper" ) From bdcace4734e9ec1397843a395c8e1611dfa8d177 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Fri, 17 Jan 2025 16:31:00 -0800 Subject: [PATCH 27/37] In both tests deleteAWSSecret() is already coded to immediately delete the secret. Instead of tryinfg to further randomize the secretname, just let the code do what it should. Added a poll to wait on the secret to be removed. Hoping 2 minniutes is more than enough. Signed-off-by: michael pechner --- .../aws_secretmanager_test.go | 21 ++++++++++++++++ .../aws_secretmanager_pod_identity_test.go | 25 +++++++++++++++++++ 2 files changed, 46 insertions(+) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 79325afc759..3782fa73a52 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -480,6 +480,27 @@ func deleteAWSSecret(t *testing.T) error { return fmt.Errorf("failed to delete AWS Secret Manager secret: %w", err) } + + // Wait for the delete of the secret to really take effect + err = wait.PollImmediate(2*time.Second, 120*time.Second, func() (bool, error) { + _, err := client.DescribeSecret(ctx, &secretsmanager.DescribeSecretInput{ + SecretId: &secretManagerSecretName, + }) + if err != nil { + var notFoundErr *types.ResourceNotFoundException + if errors.As(err, ¬FoundErr) { + // Secret successfully deleted + return true, nil + } + // Unexpected error + return false, err + } + // If the secret still exists + return false, nil + }) + if err != nil { + return fmt.Errorf("failed to verify AWS Secret Manager secret deletion: %w", err) + } t.Log("Deleted secret from AWS Secret Manager.") return nil diff --git a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go index c429b93835c..6cf81031f98 100644 --- a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go +++ b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go @@ -28,6 +28,9 @@ import ( // Load environment variables from .env file var _ = godotenv.Load("../../.env") +// makes sure helper is not removed +var _ = GetRandomNumber() + const ( testName = "aws-secret-manage-pod-identity-test" ) @@ -466,6 +469,28 @@ func deleteAWSSecret(t *testing.T) error { return fmt.Errorf("failed to delete AWS Secret Manager secret: %w", err) } + // Wait for the delete of the secret to really take effect + err = wait.PollImmediate(2*time.Second, 120*time.Second, func() (bool, error) { + _, err := client.DescribeSecret(ctx, &secretsmanager.DescribeSecretInput{ + SecretId: &secretManagerSecretName, + }) + if err != nil { + var notFoundErr *types.ResourceNotFoundException + if errors.As(err, ¬FoundErr) { + // Secret successfully deleted + return true, nil + } + // Unexpected error + return false, err + } + // If the secret still exists + return false, nil + }) + if err != nil { + return fmt.Errorf("failed to verify AWS Secret Manager secret deletion: %w", err) + } + + t.Log("Verified secret deletion from AWS Secret Manager.") t.Log("Deleted secret from AWS Secret Manager.") return nil From c045b80af112a8e89dfc9fd394d9bff23f7c94b1 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Fri, 17 Jan 2025 16:37:56 -0800 Subject: [PATCH 28/37] In both tests deleteAWSSecret() is already coded to immediately delete the secret. Instead of trying to further randomize the secretname, just let the code do what it should. Added a poll to wait on the secret to be removed. Should happen within a few seconds. But we are talking AWS. 5 minutes really should be more then enough. Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 2 +- .../aws_secretmanager_pod_identity_test.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 3782fa73a52..0607ffaf510 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -482,7 +482,7 @@ func deleteAWSSecret(t *testing.T) error { // Wait for the delete of the secret to really take effect - err = wait.PollImmediate(2*time.Second, 120*time.Second, func() (bool, error) { + err = wait.PollImmediate(2*time.Second, 300*time.Second, func() (bool, error) { _, err := client.DescribeSecret(ctx, &secretsmanager.DescribeSecretInput{ SecretId: &secretManagerSecretName, }) diff --git a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go index 6cf81031f98..6fe95d8b095 100644 --- a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go +++ b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go @@ -470,7 +470,7 @@ func deleteAWSSecret(t *testing.T) error { } // Wait for the delete of the secret to really take effect - err = wait.PollImmediate(2*time.Second, 120*time.Second, func() (bool, error) { + err = wait.PollImmediate(2*time.Second, 300*time.Second, func() (bool, error) { _, err := client.DescribeSecret(ctx, &secretsmanager.DescribeSecretInput{ SecretId: &secretManagerSecretName, }) From 5d0cf035465ddd2ca89cf7b2002d55da60352b40 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Fri, 17 Jan 2025 16:50:32 -0800 Subject: [PATCH 29/37] forgot the import Signed-off-by: michael pechner --- .../secret-providers/aws_secretmanager/aws_secretmanager_test.go | 1 + .../aws_secretmanager_pod_identity_test.go | 1 + 2 files changed, 2 insertions(+) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 0607ffaf510..58f8ce4c0a6 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -21,6 +21,7 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "k8s.io/client-go/kubernetes" + "k8s.io/apimachinery/pkg/util/wait" . "github.com/kedacore/keda/v2/tests/helper" ) diff --git a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go index 6fe95d8b095..4c6efe4d07c 100644 --- a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go +++ b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go @@ -21,6 +21,7 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "k8s.io/client-go/kubernetes" + "k8s.io/apimachinery/pkg/util/wait" . "github.com/kedacore/keda/v2/tests/helper" ) From 982c17f2394f401ef7c5a2e8c5cabb229ab207ca Mon Sep 17 00:00:00 2001 From: michael pechner Date: Fri, 17 Jan 2025 16:52:19 -0800 Subject: [PATCH 30/37] format Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 3 +-- .../aws_secretmanager_pod_identity_test.go | 2 +- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 58f8ce4c0a6..3c1695a846c 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -20,8 +20,8 @@ import ( "github.com/joho/godotenv" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "k8s.io/client-go/kubernetes" "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/client-go/kubernetes" . "github.com/kedacore/keda/v2/tests/helper" ) @@ -481,7 +481,6 @@ func deleteAWSSecret(t *testing.T) error { return fmt.Errorf("failed to delete AWS Secret Manager secret: %w", err) } - // Wait for the delete of the secret to really take effect err = wait.PollImmediate(2*time.Second, 300*time.Second, func() (bool, error) { _, err := client.DescribeSecret(ctx, &secretsmanager.DescribeSecretInput{ diff --git a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go index 4c6efe4d07c..7ce659d902f 100644 --- a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go +++ b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go @@ -20,8 +20,8 @@ import ( "github.com/joho/godotenv" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "k8s.io/client-go/kubernetes" "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/client-go/kubernetes" . "github.com/kedacore/keda/v2/tests/helper" ) From 1b9c9d942ce3127d0efe0067d86f37cf66226d33 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Fri, 17 Jan 2025 17:00:38 -0800 Subject: [PATCH 31/37] Sorry. did not realize the needed imcludes for the wait code. Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 3 +++ .../aws_secretmanager_pod_identity_test.go | 3 +++ 2 files changed, 6 insertions(+) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 3c1695a846c..c01444cbc62 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -8,9 +8,11 @@ import ( "context" "encoding/base64" "encoding/json" + "errors" "fmt" "os" "testing" + "time" // Third-party imports "github.com/aws/aws-sdk-go-v2/aws" @@ -20,6 +22,7 @@ import ( "github.com/joho/godotenv" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/wait" "k8s.io/client-go/kubernetes" diff --git a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go index 7ce659d902f..94e36d9c729 100644 --- a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go +++ b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go @@ -8,9 +8,11 @@ import ( "context" "encoding/base64" "encoding/json" + "errors" "fmt" "os" "testing" + "time" // Third-party imports "github.com/aws/aws-sdk-go-v2/aws" @@ -20,6 +22,7 @@ import ( "github.com/joho/godotenv" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/wait" "k8s.io/client-go/kubernetes" From f78158ec37d018b3e7365c19992f8bdf8e1e1711 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Fri, 17 Jan 2025 17:38:44 -0800 Subject: [PATCH 32/37] compiles clean. found types.ResourceNotFoundException Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 2 +- .../aws_secretmanager_pod_identity_test.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index c01444cbc62..657d35460db 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -19,10 +19,10 @@ import ( "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/credentials" "github.com/aws/aws-sdk-go-v2/service/secretsmanager" + "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" "github.com/joho/godotenv" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/wait" "k8s.io/client-go/kubernetes" diff --git a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go index 94e36d9c729..217b3ce72ce 100644 --- a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go +++ b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go @@ -19,10 +19,10 @@ import ( "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/credentials" "github.com/aws/aws-sdk-go-v2/service/secretsmanager" + "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" "github.com/joho/godotenv" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "k8s.io/apimachinery/pkg/types" "k8s.io/apimachinery/pkg/util/wait" "k8s.io/client-go/kubernetes" From ff4e466701f33a0a65238fad7bbdfccfbcd6b72d Mon Sep 17 00:00:00 2001 From: michael pechner Date: Fri, 17 Jan 2025 17:58:16 -0800 Subject: [PATCH 33/37] swapped wait.PollImmediate for wait.PollUntilContextTimeout Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 8 +++++--- .../aws_secretmanager_pod_identity_test.go | 14 +++++++++++--- 2 files changed, 16 insertions(+), 6 deletions(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 657d35460db..97ef5f44072 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -483,10 +483,11 @@ func deleteAWSSecret(t *testing.T) error { if err != nil { return fmt.Errorf("failed to delete AWS Secret Manager secret: %w", err) } + ctx, cancel := context.WithTimeout(context.Background(), 300*time.Second) + defer cancel() - // Wait for the delete of the secret to really take effect - err = wait.PollImmediate(2*time.Second, 300*time.Second, func() (bool, error) { - _, err := client.DescribeSecret(ctx, &secretsmanager.DescribeSecretInput{ + err = wait.PollUntilContextTimeout(ctx, 2*time.Second, 300*time.Second, true, func(ctx context.Context) (done bool, err error) { + _, err = client.DescribeSecret(ctx, &secretsmanager.DescribeSecretInput{ SecretId: &secretManagerSecretName, }) if err != nil { @@ -501,6 +502,7 @@ func deleteAWSSecret(t *testing.T) error { // If the secret still exists return false, nil }) + if err != nil { return fmt.Errorf("failed to verify AWS Secret Manager secret deletion: %w", err) } diff --git a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go index 217b3ce72ce..7ab2bd15542 100644 --- a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go +++ b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go @@ -474,8 +474,16 @@ func deleteAWSSecret(t *testing.T) error { } // Wait for the delete of the secret to really take effect - err = wait.PollImmediate(2*time.Second, 300*time.Second, func() (bool, error) { - _, err := client.DescribeSecret(ctx, &secretsmanager.DescribeSecretInput{ + + if err != nil { + return fmt.Errorf("failed to verify AWS Secret Manager secret deletion: %w", err) + } + + ctx, cancel := context.WithTimeout(context.Background(), 300*time.Second) + defer cancel() + + err = wait.PollUntilContextTimeout(ctx, 2*time.Second, 300*time.Second, true, func(ctx context.Context) (done bool, err error) { + _, err = client.DescribeSecret(ctx, &secretsmanager.DescribeSecretInput{ SecretId: &secretManagerSecretName, }) if err != nil { @@ -490,11 +498,11 @@ func deleteAWSSecret(t *testing.T) error { // If the secret still exists return false, nil }) + if err != nil { return fmt.Errorf("failed to verify AWS Secret Manager secret deletion: %w", err) } - t.Log("Verified secret deletion from AWS Secret Manager.") t.Log("Deleted secret from AWS Secret Manager.") return nil From 89335bbfb1d127e990dfe5772d30331f96b1431f Mon Sep 17 00:00:00 2001 From: michael pechner Date: Fri, 17 Jan 2025 18:01:17 -0800 Subject: [PATCH 34/37] forgot to fmt 1 Signed-off-by: michael pechner --- .../aws_secretmanager/aws_secretmanager_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 97ef5f44072..bd6aa29b5d2 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -486,7 +486,7 @@ func deleteAWSSecret(t *testing.T) error { ctx, cancel := context.WithTimeout(context.Background(), 300*time.Second) defer cancel() - err = wait.PollUntilContextTimeout(ctx, 2*time.Second, 300*time.Second, true, func(ctx context.Context) (done bool, err error) { + err = wait.PollUntilContextTimeout(ctx, 2*time.Second, 300*time.Second, true, func(ctx context.Context) (done bool, err error) { _, err = client.DescribeSecret(ctx, &secretsmanager.DescribeSecretInput{ SecretId: &secretManagerSecretName, }) From f069c35aa958f7189d4f39167949c46241ca96b1 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Thu, 30 Jan 2025 17:03:06 -0800 Subject: [PATCH 35/37] as requested. removed wait on secret delete. made sure we set a new secret name for each run Signed-off-by: michael pechner --- .../aws_secretmanager_test.go | 30 ++------------- .../aws_secretmanager_pod_identity_test.go | 38 ++----------------- 2 files changed, 8 insertions(+), 60 deletions(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index bd6aa29b5d2..62ab78897b2 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -8,22 +8,18 @@ import ( "context" "encoding/base64" "encoding/json" - "errors" "fmt" "os" "testing" - "time" // Third-party imports "github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/credentials" "github.com/aws/aws-sdk-go-v2/service/secretsmanager" - "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" "github.com/joho/godotenv" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "k8s.io/apimachinery/pkg/util/wait" "k8s.io/client-go/kubernetes" . "github.com/kedacore/keda/v2/tests/helper" @@ -320,6 +316,10 @@ func AwsSecretManager(t *testing.T, useJSONSecretFormat bool) error { require.NotEmpty(t, awsAccessKeyID, "TF_AWS_ACCESS_KEY env variable is required for AWS Secret Manager test") require.NotEmpty(t, awsSecretAccessKey, "TF_AWS_SECRET_KEY env variable is required for AWS Secret Manager test") + // Resetting here since we need a unique value before each time this test function is called + secretManagerSecretName = fmt.Sprintf("connectionString-%d", GetRandomNumber()) + data.SecretManagerSecretName = secretManagerSecretName + // Create the secret in AWS err := createAWSSecret(t, useJSONSecretFormat) assert.NoErrorf(t, err, "cannot create AWS Secret Manager secret - %s", err) @@ -483,29 +483,7 @@ func deleteAWSSecret(t *testing.T) error { if err != nil { return fmt.Errorf("failed to delete AWS Secret Manager secret: %w", err) } - ctx, cancel := context.WithTimeout(context.Background(), 300*time.Second) - defer cancel() - err = wait.PollUntilContextTimeout(ctx, 2*time.Second, 300*time.Second, true, func(ctx context.Context) (done bool, err error) { - _, err = client.DescribeSecret(ctx, &secretsmanager.DescribeSecretInput{ - SecretId: &secretManagerSecretName, - }) - if err != nil { - var notFoundErr *types.ResourceNotFoundException - if errors.As(err, ¬FoundErr) { - // Secret successfully deleted - return true, nil - } - // Unexpected error - return false, err - } - // If the secret still exists - return false, nil - }) - - if err != nil { - return fmt.Errorf("failed to verify AWS Secret Manager secret deletion: %w", err) - } t.Log("Deleted secret from AWS Secret Manager.") return nil diff --git a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go index 7ab2bd15542..83b3e432a23 100644 --- a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go +++ b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go @@ -8,22 +8,18 @@ import ( "context" "encoding/base64" "encoding/json" - "errors" "fmt" "os" "testing" - "time" // Third-party imports "github.com/aws/aws-sdk-go-v2/aws" "github.com/aws/aws-sdk-go-v2/config" "github.com/aws/aws-sdk-go-v2/credentials" "github.com/aws/aws-sdk-go-v2/service/secretsmanager" - "github.com/aws/aws-sdk-go-v2/service/secretsmanager/types" "github.com/joho/godotenv" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "k8s.io/apimachinery/pkg/util/wait" "k8s.io/client-go/kubernetes" . "github.com/kedacore/keda/v2/tests/helper" @@ -309,6 +305,10 @@ func AwsSecretManager(t *testing.T, useJSONSecretFormat bool) error { require.NotEmpty(t, awsAccessKeyID, "TF_AWS_ACCESS_KEY env variable is required for AWS Secret Manager test") require.NotEmpty(t, awsSecretAccessKey, "TF_AWS_SECRET_KEY env variable is required for AWS Secret Manager test") + // Resetting here since we need a unique value before each time this test function is called + secretManagerSecretName = fmt.Sprintf("connectionString-%d", GetRandomNumber()) + data.SecretManagerSecretName = secretManagerSecretName + // Create the secret in AWS err := createAWSSecret(t, useJSONSecretFormat) assert.NoErrorf(t, err, "cannot create AWS Secret Manager secret - %s", err) @@ -473,36 +473,6 @@ func deleteAWSSecret(t *testing.T) error { return fmt.Errorf("failed to delete AWS Secret Manager secret: %w", err) } - // Wait for the delete of the secret to really take effect - - if err != nil { - return fmt.Errorf("failed to verify AWS Secret Manager secret deletion: %w", err) - } - - ctx, cancel := context.WithTimeout(context.Background(), 300*time.Second) - defer cancel() - - err = wait.PollUntilContextTimeout(ctx, 2*time.Second, 300*time.Second, true, func(ctx context.Context) (done bool, err error) { - _, err = client.DescribeSecret(ctx, &secretsmanager.DescribeSecretInput{ - SecretId: &secretManagerSecretName, - }) - if err != nil { - var notFoundErr *types.ResourceNotFoundException - if errors.As(err, ¬FoundErr) { - // Secret successfully deleted - return true, nil - } - // Unexpected error - return false, err - } - // If the secret still exists - return false, nil - }) - - if err != nil { - return fmt.Errorf("failed to verify AWS Secret Manager secret deletion: %w", err) - } - t.Log("Deleted secret from AWS Secret Manager.") return nil From 3f8b6a12acce66808275d0e29a98d8cfbef8c17e Mon Sep 17 00:00:00 2001 From: michael pechner Date: Mon, 3 Feb 2025 14:21:38 -0800 Subject: [PATCH 36/37] removed useJSONSecretFormat from test struct. Signed-off-by: michael pechner --- .../secret-providers/aws_secretmanager/aws_secretmanager_test.go | 1 - .../aws_secretmanager_pod_identity_test.go | 1 - 2 files changed, 2 deletions(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 62ab78897b2..149bed08002 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -76,7 +76,6 @@ type templateData struct { SecretManagerSecretName string AwsAccessKeyID string AwsSecretAccessKey string - useJSONSecretFormat bool } const ( diff --git a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go index 83b3e432a23..97c1e275220 100644 --- a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go +++ b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go @@ -76,7 +76,6 @@ type templateData struct { SecretManagerSecretName string AwsAccessKeyID string AwsSecretAccessKey string - useJSONSecretFormat bool } const ( From d5446a427347998a18858c77b94d4561b9139e40 Mon Sep 17 00:00:00 2001 From: michael pechner Date: Mon, 3 Feb 2025 16:01:15 -0800 Subject: [PATCH 37/37] missed a spot where useJSONSecretFormat was set Signed-off-by: michael pechner --- .../secret-providers/aws_secretmanager/aws_secretmanager_test.go | 1 - .../aws_secretmanager_pod_identity_test.go | 1 - 2 files changed, 2 deletions(-) diff --git a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go index 149bed08002..fb9c8e1234e 100644 --- a/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go +++ b/tests/secret-providers/aws_secretmanager/aws_secretmanager_test.go @@ -375,7 +375,6 @@ var data = templateData{ AwsSecretAccessKey: base64.StdEncoding.EncodeToString([]byte(awsSecretAccessKey)), AwsRegion: awsRegion, AwsCredentialsSecretName: awsCredentialsSecretName, - useJSONSecretFormat: false, } func getPostgreSQLTemplateData() (templateData, []Template) { diff --git a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go index 97c1e275220..2839bb7377a 100644 --- a/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go +++ b/tests/secret-providers/aws_secretmanager_pod_identity/aws_secretmanager_pod_identity_test.go @@ -364,7 +364,6 @@ var data = templateData{ AwsSecretAccessKey: base64.StdEncoding.EncodeToString([]byte(awsSecretAccessKey)), AwsRegion: awsRegion, AwsCredentialsSecretName: awsCredentialsSecretName, - useJSONSecretFormat: false, } func getPostgreSQLTemplateData() (templateData, []Template) {