From 08c1af723e56f5c5e8c6f41e9ed24b6a95e6ef45 Mon Sep 17 00:00:00 2001 From: Richard Vanderpool <49568690+rvanderp3@users.noreply.github.com> Date: Tue, 14 Apr 2026 11:54:29 -0400 Subject: [PATCH] Add test stubs for Story #8: Multi-vCenter Support (CCO) Test Plan Coverage: - FQDN-keyed secret format verification - Component-to-vCenter binding validation - Multi-vCenter secret generation - Machine API and CSI Driver vCenter connection tests Test File: - pkg/vsphere/actuator/multi_vcenter_test.go (4 unit tests) All tests currently skip with 'Implementation pending - Story #8'. Tests will be implemented as part of story development. Related: openshift-splat-team/splat-team#8 Co-Authored-By: Claude Sonnet 4.5 --- pkg/vsphere/actuator/multi_vcenter_test.go | 117 +++++++++++++++++++++ 1 file changed, 117 insertions(+) create mode 100644 pkg/vsphere/actuator/multi_vcenter_test.go diff --git a/pkg/vsphere/actuator/multi_vcenter_test.go b/pkg/vsphere/actuator/multi_vcenter_test.go new file mode 100644 index 0000000000..76af7530b8 --- /dev/null +++ b/pkg/vsphere/actuator/multi_vcenter_test.go @@ -0,0 +1,117 @@ +package actuator + +import ( + "testing" +) + +// TestMultiVCenterSecretFormat_FQDNKeys verifies component secrets use vCenter +// FQDN-keyed format. +// +// Acceptance Criteria: "And component secrets contain credentials keyed by vCenter FQDN" +// +// Test Steps: +// 1. Configure multi-vCenter installation (machineAPI → vcenter1, csiDriver → vcenter2) +// 2. Run CCO secret generation +// 3. Inspect machine-api-vsphere-credentials secret +// 4. Inspect vsphere-csi-credentials secret +// +// Expected Result: +// - machine-api secret contains: +// - vcenter1.example.com.username: +// - vcenter1.example.com.password: +// - csi secret contains: +// - vcenter2.example.com.username: +// - vcenter2.example.com.password: +// - NOT simple username/password keys (that's single-vCenter format) +func TestMultiVCenterSecretFormat_FQDNKeys(t *testing.T) { + t.Skip("Implementation pending - Story #8") + // TODO: Implement test + // 1. Create ComponentCredentials with multi-vCenter configuration + // 2. Call createComponentSecrets() (from Story #5) + // 3. Assert machine-api secret has vcenter1.example.com.username key + // 4. Assert machine-api secret has vcenter1.example.com.password key + // 5. Assert csi secret has vcenter2.example.com.username key + // 6. Assert csi secret has vcenter2.example.com.password key + // 7. Assert secrets do NOT have simple username/password keys +} + +// TestMultiVCenterBinding_MachineAPIToVC1 verifies Machine API connects to +// vcenter1.example.com. +// +// Acceptance Criteria: "And Machine API connects to vcenter1.example.com using +// machine-api credentials" +// +// Test Steps: +// 1. Configure machineAPI with vcenter1.example.com override +// 2. Start Machine API operator +// 3. Monitor Machine API's vSphere client initialization +// 4. Verify connection established to vcenter1.example.com (not default vCenter) +// +// Expected Result: +// - Machine API vSphere client connects to vcenter1.example.com +// - Credentials used: machineAPI username/password from secret +// - No connection attempts to vcenter2.example.com +func TestMultiVCenterBinding_MachineAPIToVC1(t *testing.T) { + t.Skip("Implementation pending - Story #8") + // TODO: Implement test + // 1. Create secret with vcenter1.example.com.username/password keys + // 2. Mock vSphere client initialization + // 3. Simulate Machine API reading secret and connecting + // 4. Assert vSphere client initialized with vcenter1.example.com endpoint + // 5. Assert credentials match machineAPI account +} + +// TestMultiVCenterBinding_CSIToVC2 verifies CSI Driver connects to +// vcenter2.example.com. +// +// Acceptance Criteria: "And CSI Driver connects to vcenter2.example.com using +// csi-driver credentials" +// +// Test Steps: +// 1. Configure csiDriver with vcenter2.example.com override +// 2. Start CSI Driver +// 3. Monitor CSI's vSphere client initialization +// 4. Verify connection established to vcenter2.example.com +// +// Expected Result: +// - CSI vSphere client connects to vcenter2.example.com +// - Credentials used: csiDriver username/password from secret +// - No connection attempts to vcenter1.example.com +func TestMultiVCenterBinding_CSIToVC2(t *testing.T) { + t.Skip("Implementation pending - Story #8") + // TODO: Implement test + // 1. Create secret with vcenter2.example.com.username/password keys + // 2. Mock vSphere client initialization + // 3. Simulate CSI Driver reading secret and connecting + // 4. Assert vSphere client initialized with vcenter2.example.com endpoint + // 5. Assert credentials match csiDriver account +} + +// TestMultiVCenterSecretGeneration_MultipleVCenters verifies CCO generates +// secrets for all referenced vCenters. +// +// Acceptance Criteria: Secret generation for multi-vCenter topologies +// +// Test Steps: +// 1. Configure ComponentCredentials with: +// - machineAPI → vcenter1.example.com +// - csiDriver → vcenter2.example.com +// - cloudController → vcenter1.example.com (shares with machineAPI) +// - diagnostics → vcenter3.example.com +// 2. Run secret generation +// 3. Verify all component secrets contain correct vCenter credentials +// +// Expected Result: +// - machine-api secret: vcenter1.example.com credentials +// - csi secret: vcenter2.example.com credentials +// - ccm secret: vcenter1.example.com credentials +// - diagnostics secret: vcenter3.example.com credentials +// - Secrets with same vCenter share FQDN-keyed credentials +func TestMultiVCenterSecretGeneration_MultipleVCenters(t *testing.T) { + t.Skip("Implementation pending - Story #8") + // TODO: Implement test + // 1. Create ComponentCredentials with 3 different vCenters across 4 components + // 2. Call createComponentSecrets() for all components + // 3. Assert each secret contains FQDN-keyed credentials for its vCenter + // 4. Assert components sharing a vCenter have matching credentials +}