tests

Author: sgalsaleh

api/internal/managers/app/install/install_test.go

@@ -4,9 +4,10 @@ import (
 	"archive/tar"
 	"bytes"
 	"compress/gzip"
-	"context"
+	"encoding/base64"
 	"errors"
 	"fmt"
+	"os"
 	"testing"
 	"time"
 
@@ -23,6 +24,8 @@ import (
 	corev1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/client-go/kubernetes/scheme"
+	metadatafake "k8s.io/client-go/metadata/fake"
+	"sigs.k8s.io/controller-runtime/pkg/client"
 	"sigs.k8s.io/controller-runtime/pkg/client/fake"
 	kyaml "sigs.k8s.io/yaml"
 )
@@ -89,6 +92,25 @@ func TestAppInstallManager_Install(t *testing.T) {
 			}),
 		}
 
+		// Create registry settings for testing image pull secret creation
+		dockerConfigJSON := `{"auths":{"registry.example.com":{"auth":"dXNlcjpwYXNz"}}}`
+		registrySettings := &types.RegistrySettings{
+			ImagePullSecretName:  "test-pull-secret",
+			ImagePullSecretValue: base64.StdEncoding.EncodeToString([]byte(dockerConfigJSON)),
+		}
+
+		// Create a temp CA bundle file for testing
+		caContent := "-----BEGIN CERTIFICATE-----\ntest-ca-content\n-----END CERTIFICATE-----"
+		tmpCAFile, err := os.CreateTemp("", "ca-bundle-*.crt")
+		require.NoError(t, err)
+		defer os.Remove(tmpCAFile.Name())
+		_, err = tmpCAFile.WriteString(caContent)
+		require.NoError(t, err)
+		tmpCAFile.Close()
+
+		// Create fake metadata client for CA configmap creation
+		fakeMcli := metadatafake.NewSimpleMetadataClient(metadatafake.NewTestScheme())
+
 		// Create mock helm client that validates pre-processed values
 		mockHelmClient := &helm.MockClient{}
 
@@ -137,14 +159,34 @@ func TestAppInstallManager_Install(t *testing.T) {
 			WithHelmClient(mockHelmClient),
 			WithLogger(logger.NewDiscardLogger()),
 			WithKubeClient(fakeKcli),
+			WithMetadataClient(fakeMcli),
 		)
 		require.NoError(t, err)
 
-		// Run installation with InstallableHelmCharts
-		err = manager.Install(context.Background(), installableCharts, nil, "")
+		// Run installation with registry settings and host CA bundle path
+		err = manager.Install(t.Context(), installableCharts, registrySettings, tmpCAFile.Name())
 		require.NoError(t, err)
 
 		mockHelmClient.AssertExpectations(t)
+
+		// Verify image pull secret was created in the app namespace
+		secret := &corev1.Secret{}
+		err = fakeKcli.Get(t.Context(), client.ObjectKey{
+			Namespace: "test-app",
+			Name:      "test-pull-secret",
+		}, secret)
+		require.NoError(t, err)
+		assert.Equal(t, corev1.SecretTypeDockerConfigJson, secret.Type)
+		assert.Equal(t, dockerConfigJSON, string(secret.Data[".dockerconfigjson"]))
+
+		// Verify CA configmap was created in the app namespace
+		configMap := &corev1.ConfigMap{}
+		err = fakeKcli.Get(t.Context(), client.ObjectKey{
+			Namespace: "test-app",
+			Name:      "kotsadm-private-cas",
+		}, configMap)
+		require.NoError(t, err)
+		assert.Contains(t, configMap.Data["ca_0.crt"], "test-ca-content")
 	})
 
 	t.Run("Install updates status correctly", func(t *testing.T) {