mirror of
https://github.com/shankar0123/certctl.git
synced 2026-06-11 11:28:51 +00:00
claude
188a41774a
Phase 13 verification surfaced gofmt-formatting drift in 6 files across the bundle's new code: - internal/api/handler/metrics.go (struct field alignment) - internal/connector/target/k8ssecret/validate_only_test.go (alignment) - internal/connector/target/nginx/nginx.go (alignment) - internal/connector/target/postfix/postfix.go (alignment) - internal/connector/target/ssh/validate_only_test.go (alignment) - internal/service/deploy_counters.go (alignment) Pure mechanical gofmt -w fixes; no behavior changes. CI's make verify gate (which runs `go fmt ./...`) didn't catch these because go fmt is more lenient than gofmt -l, but golangci-lint v2.11.4 + the explicit gofmt step in Phase 13 verification did. Phase 13 full-matrix verification all green: - gofmt -l: empty across all bundle-touched files - go vet ./internal/deploy/... ./internal/connector/target/... ./internal/service/ ./internal/api/handler/ ./cmd/agent/: clean - golangci-lint v2.11.4 (the version CI runs): 0 issues - go test -race -count=1 across deploy + nginx + apache + haproxy + agent + service: all green - INTEGRATION=1 go test -tags integration -run Deploy ./deploy/test/...: 4/4 e2e tests green Phase 14 next: release prep — Active Focus update, release notes, Reddit-beat draft, final tag handoff to operator.
54 lines
1.8 KiB
Go
54 lines
1.8 KiB
Go
package k8ssecret
|
|
|
|
import (
|
|
"context"
|
|
"errors"
|
|
"testing"
|
|
|
|
"github.com/shankar0123/certctl/internal/connector/target"
|
|
)
|
|
|
|
type stubK8s struct {
|
|
getErr error
|
|
}
|
|
|
|
func (s *stubK8s) GetSecret(_ context.Context, _, _ string) (*SecretData, error) {
|
|
return nil, s.getErr
|
|
}
|
|
|
|
func (s *stubK8s) CreateSecret(_ context.Context, _ string, _ *SecretData) error { return nil }
|
|
func (s *stubK8s) UpdateSecret(_ context.Context, _ string, _ *SecretData) error { return nil }
|
|
func (s *stubK8s) DeleteSecret(_ context.Context, _, _ string) error { return nil }
|
|
|
|
func TestK8s_ValidateOnly_Succeeds(t *testing.T) {
|
|
c := NewWithClient(&Config{Namespace: "ns", SecretName: "tls"}, &stubK8s{}, nil)
|
|
if err := c.ValidateOnly(context.Background(), target.DeploymentRequest{}); err != nil {
|
|
t.Errorf("got %v", err)
|
|
}
|
|
}
|
|
|
|
func TestK8s_ValidateOnly_RBACError(t *testing.T) {
|
|
c := NewWithClient(&Config{Namespace: "ns", SecretName: "tls"}, &stubK8s{getErr: errors.New("forbidden: secrets is restricted")}, nil)
|
|
err := c.ValidateOnly(context.Background(), target.DeploymentRequest{})
|
|
if err == nil {
|
|
t.Fatal("expected error")
|
|
}
|
|
if errors.Is(err, target.ErrValidateOnlyNotSupported) {
|
|
t.Error("got sentinel, want wrapped error")
|
|
}
|
|
}
|
|
|
|
func TestK8s_ValidateOnly_NoConfig_Sentinel(t *testing.T) {
|
|
c := NewWithClient(&Config{}, &stubK8s{}, nil)
|
|
if err := c.ValidateOnly(context.Background(), target.DeploymentRequest{}); !errors.Is(err, target.ErrValidateOnlyNotSupported) {
|
|
t.Errorf("got %v", err)
|
|
}
|
|
}
|
|
|
|
func TestK8s_ValidateOnly_NilClient_Sentinel(t *testing.T) {
|
|
c := &Connector{config: &Config{Namespace: "ns", SecretName: "tls"}}
|
|
if err := c.ValidateOnly(context.Background(), target.DeploymentRequest{}); !errors.Is(err, target.ErrValidateOnlyNotSupported) {
|
|
t.Errorf("got %v", err)
|
|
}
|
|
}
|