public async Task AddRole( string roleName, string roleArn ) { var configMap = await _awsAuthConfigMapRepository.GetConfigMap(); configMap.Data = configMap.Data ?? new Dictionary <string, string> { { "mapRoles", "" } }; var groups = new[] { "DFDS-ReadOnly", roleName }; var modifiedYaml = ConfigMapEditor.AddRoleMapping( configMap.Data["mapRoles"], roleArn, roleName, groups ); configMap.Data["mapRoles"] = modifiedYaml; await _awsAuthConfigMapRepository.WriteConfigMap(configMap); var awsAuthConfigMapYaml = configMap.SerializeToYaml(); await _configMapPersistenceService.StoreFile(awsAuthConfigMapYaml); }
public void AddRoleMapping_GivenValidInput_ReturnsUsernameWithAddedSessionName() { // Arrange var roleARN = "arn:aws:iam::228426479489:role/KubernetesTest"; var username = "******"; var groups = new List <string> { "kub-test" }; // Act var result = ConfigMapEditor.AddRoleMapping(mapRolesInput, roleARN, username, groups); // Assert Assert.NotNull(result); Assert.Contains($"{username}:{{{{SessionName}}}}", result); }
public void AddRoleMapping_GivenValidInput_ReturnsValidOutputWithGroupAdded() { // Arrange var roleARN = "arn:aws:iam::228426479489:role/KubernetesTest"; var username = "******"; var groups = new List <string> { "kub-test" }; // Act var result = ConfigMapEditor.AddRoleMapping(mapRolesInput, roleARN, username, groups); // Assert Assert.NotNull(result); Assert.Contains(groups.First(), result); }
public void AddRoleMapping_MultipleMappings_ReturnsMultipleUsernamesAdded() { // Arrange var roleARN1 = "arn:aws:iam::228426479489:role/KubernetesTest"; var username1 = "kubernetes-test"; var roleARN2 = "arn:aws:iam::228426479489:role/KubernetesTest2"; var username2 = "kubernetes-test2"; var groups = new List <string> { "kub-test" }; // Act var result1 = ConfigMapEditor.AddRoleMapping(mapRolesInput, roleARN1, username1, groups); var result2 = ConfigMapEditor.AddRoleMapping(result1, roleARN2, username2, groups); // Assert Assert.NotNull(result2); Assert.Contains(username1, result2); Assert.Contains(username2, result2); }
public void Will_Place_RoleMapping_In_Correct_Place() { // Arrange var initialMap = "apiVersion: v1" + System.Environment.NewLine + "data:" + System.Environment.NewLine + " mapRoles: >" + System.Environment.NewLine + " - rolearn: arn:aws:iam::123456789012:role/Awesome" + System.Environment.NewLine + " username: Awesome:{{SessionName}}" + System.Environment.NewLine + " groups:" + System.Environment.NewLine + " - DFDS-ReadOnly" + System.Environment.NewLine + "kind: ConfigMap" + System.Environment.NewLine + "metadata:" + System.Environment.NewLine + " name: aws-auth" + System.Environment.NewLine + " namespace: kube-system"; // Act var resultMap = ConfigMapEditor.AddRoleMapping( initialMap, roleArn: "roleArn", userName: "******", groups: new[] { "group1", "group2" } ); // Assert var expected = "apiVersion: v1" + System.Environment.NewLine + "data:" + System.Environment.NewLine + " mapRoles: >" + System.Environment.NewLine + " - rolearn: arn:aws:iam::123456789012:role/Awesome" + System.Environment.NewLine + " username: Awesome:{{SessionName}}" + System.Environment.NewLine + " groups:" + System.Environment.NewLine + " - DFDS-ReadOnly" + System.Environment.NewLine + "kind: ConfigMap" + System.Environment.NewLine + "metadata:" + System.Environment.NewLine + " name: aws-auth" + System.Environment.NewLine + " namespace: kube-system" + System.Environment.NewLine + "- rolearn: roleArn" + System.Environment.NewLine + " username: userName:{{SessionName}}" + System.Environment.NewLine + " groups:" + System.Environment.NewLine + " - group1" + System.Environment.NewLine + " - group2" + System.Environment.NewLine + ""; Assert.Equal(expected, resultMap); }
public void Will_Place_RoleMapping_In_Correct_Place() { // Arrange var initialMap = "apiVersion: v1\r\ndata:\r\n mapRoles: >\r\n - rolearn: arn:aws:iam::123456789012:role/Awesome\r\n username: Awesome:{{SessionName}}\r\n groups:\r\n - DFDS-ReadOnly\r\nkind: ConfigMap\r\nmetadata:\r\n name: aws-auth\r\n namespace: kube-system"; // Act var resultMap = ConfigMapEditor.AddRoleMapping( initialMap, roleArn: "roleArn", userName: "******", groups: new[] { "group1", "group2" } ); // Assert var expected = "apiVersion: v1\r\ndata:\r\n mapRoles: >\r\n - rolearn: arn:aws:iam::123456789012:role/Awesome\r\n username: Awesome:{{SessionName}}\r\n groups:\r\n - DFDS-ReadOnly\r\nkind: ConfigMap\r\nmetadata:\r\n name: aws-auth\r\n namespace: kube-system\r\n- rolearn: roleArn\n username: userName:{{SessionName}}\n groups:\n - group1\n - group2\n"; Assert.Equal(expected, resultMap); }