chore: move source to repo root and standardize config
Phase 1 — Structural overhaul: - Move all source from headlamp-sealed-secrets/ subdirectory to repo root - Delete 23 AI-generated docs, 8 pre-built tarballs, release snapshots dir - Remove all working-directory refs from CI/release workflows - Update install-plugin.sh and typedoc.json paths Phase 2 — Config standardization: - Create .eslintrc.js and .prettierrc.js (standard Headlamp configs) - Remove inline eslintConfig/prettier from package.json (drop jsx-a11y, prettier extends) - Rewrite tsconfig.json (package name extend, add compilerOptions.types) - Create vitest.config.mts and vitest.setup.ts (standard from polaris) - Replace headlamp-plugin CLI scripts with direct tool invocation - Rewrite .gitignore with standard baseline Phase 3 — MCP & Claude settings: - Create .mcp.json with github/kubernetes/flux/playwright servers - Create .claude/settings.local.json - Remove 7 specialized agents, keep 3 meta-orchestration agents Phase 4 — Documentation: - Rewrite CLAUDE.md (remove subdirectory refs, standard format) - Add ArtifactHub badge, Architecture section, standardized install methods to README.md - Create CONTRIBUTING.md and SECURITY.md - Fix pre-existing test bugs in validators.test.ts (isValidNamespace returns boolean, not ValidationResult; error message string mismatches) Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This commit is contained in:
DevContainer User
@@ -0,0 +1,208 @@
|
||||
/**
|
||||
* Unit tests for validators
|
||||
*
|
||||
* Tests validation functions for Kubernetes names, secret keys, and values
|
||||
*/
|
||||
|
||||
// Mock localStorage before importing any modules that might use it
|
||||
const localStorageMock = {
|
||||
getItem: () => null,
|
||||
setItem: () => {},
|
||||
removeItem: () => {},
|
||||
clear: () => {},
|
||||
};
|
||||
(global as any).localStorage = localStorageMock;
|
||||
|
||||
import { describe, expect, it } from 'vitest';
|
||||
import {
|
||||
isValidNamespace,
|
||||
validatePEMCertificate,
|
||||
validateSecretKey,
|
||||
validateSecretName,
|
||||
validateSecretValue,
|
||||
} from './validators';
|
||||
|
||||
describe('validators', () => {
|
||||
describe('validateSecretName', () => {
|
||||
it('should accept valid Kubernetes names', () => {
|
||||
expect(validateSecretName('my-secret').valid).toBe(true);
|
||||
expect(validateSecretName('secret-123').valid).toBe(true);
|
||||
expect(validateSecretName('a').valid).toBe(true);
|
||||
expect(validateSecretName('test-secret-name').valid).toBe(true);
|
||||
expect(validateSecretName('x'.repeat(253)).valid).toBe(true); // Max length
|
||||
});
|
||||
|
||||
it('should reject names with uppercase letters', () => {
|
||||
const result = validateSecretName('My-Secret');
|
||||
expect(result.valid).toBe(false);
|
||||
expect(result.error).toBeDefined();
|
||||
});
|
||||
|
||||
it('should reject names starting with hyphen', () => {
|
||||
const result = validateSecretName('-secret');
|
||||
expect(result.valid).toBe(false);
|
||||
expect(result.error).toBeDefined();
|
||||
});
|
||||
|
||||
it('should reject names ending with hyphen', () => {
|
||||
const result = validateSecretName('secret-');
|
||||
expect(result.valid).toBe(false);
|
||||
expect(result.error).toBeDefined();
|
||||
});
|
||||
|
||||
it('should reject names with underscores', () => {
|
||||
const result = validateSecretName('secret_name');
|
||||
expect(result.valid).toBe(false);
|
||||
expect(result.error).toBeDefined();
|
||||
});
|
||||
|
||||
it('should reject empty names', () => {
|
||||
const result = validateSecretName('');
|
||||
expect(result.valid).toBe(false);
|
||||
expect(result.error).toContain('required');
|
||||
});
|
||||
|
||||
it('should reject names exceeding 253 characters', () => {
|
||||
const result = validateSecretName('x'.repeat(254));
|
||||
expect(result.valid).toBe(false);
|
||||
expect(result.error).toContain('253 characters');
|
||||
});
|
||||
|
||||
it('should reject names with special characters', () => {
|
||||
expect(validateSecretName('secret@name').valid).toBe(false);
|
||||
expect(validateSecretName('secret:name').valid).toBe(false);
|
||||
expect(validateSecretName('secret name').valid).toBe(false);
|
||||
});
|
||||
|
||||
it('should accept names starting with numbers', () => {
|
||||
const result = validateSecretName('123-secret');
|
||||
expect(result.valid).toBe(true);
|
||||
});
|
||||
});
|
||||
|
||||
describe('validateNamespace', () => {
|
||||
it('should accept valid namespace names', () => {
|
||||
expect(isValidNamespace('default')).toBe(true);
|
||||
expect(isValidNamespace('kube-system')).toBe(true);
|
||||
expect(isValidNamespace('my-namespace')).toBe(true);
|
||||
expect(isValidNamespace('ns-123')).toBe(true);
|
||||
});
|
||||
|
||||
it('should reject invalid namespace names', () => {
|
||||
expect(isValidNamespace('')).toBe(false);
|
||||
expect(isValidNamespace('My-Namespace')).toBe(false);
|
||||
expect(isValidNamespace('-namespace')).toBe(false);
|
||||
expect(isValidNamespace('namespace-')).toBe(false);
|
||||
expect(isValidNamespace('namespace_name')).toBe(false);
|
||||
});
|
||||
|
||||
it('should reject namespaces exceeding 253 characters', () => {
|
||||
expect(isValidNamespace('x'.repeat(254))).toBe(false);
|
||||
});
|
||||
});
|
||||
|
||||
describe('validateSecretKey', () => {
|
||||
it('should accept valid secret keys', () => {
|
||||
expect(validateSecretKey('password').valid).toBe(true);
|
||||
expect(validateSecretKey('api-key').valid).toBe(true);
|
||||
expect(validateSecretKey('api_key').valid).toBe(true);
|
||||
expect(validateSecretKey('api.key').valid).toBe(true);
|
||||
expect(validateSecretKey('API_KEY').valid).toBe(true);
|
||||
expect(validateSecretKey('key123').valid).toBe(true);
|
||||
});
|
||||
|
||||
it('should reject empty keys', () => {
|
||||
const result = validateSecretKey('');
|
||||
expect(result.valid).toBe(false);
|
||||
expect(result.error).toContain('Key name is required');
|
||||
});
|
||||
|
||||
it('should reject keys with invalid characters', () => {
|
||||
expect(validateSecretKey('key@name').valid).toBe(false);
|
||||
expect(validateSecretKey('key name').valid).toBe(false);
|
||||
expect(validateSecretKey('key:name').valid).toBe(false);
|
||||
expect(validateSecretKey('key/name').valid).toBe(false);
|
||||
});
|
||||
|
||||
it('should reject keys exceeding 253 characters', () => {
|
||||
const result = validateSecretKey('x'.repeat(254));
|
||||
expect(result.valid).toBe(false);
|
||||
expect(result.error).toContain('253 characters');
|
||||
});
|
||||
});
|
||||
|
||||
describe('validateSecretValue', () => {
|
||||
it('should accept non-empty values', () => {
|
||||
expect(validateSecretValue('password123').valid).toBe(true);
|
||||
expect(validateSecretValue('a').valid).toBe(true);
|
||||
expect(validateSecretValue('multi\nline\nvalue').valid).toBe(true);
|
||||
expect(validateSecretValue('special!@#$%^&*()chars').valid).toBe(true);
|
||||
});
|
||||
|
||||
it('should reject empty values', () => {
|
||||
const result = validateSecretValue('');
|
||||
expect(result.valid).toBe(false);
|
||||
expect(result.error).toContain('required');
|
||||
});
|
||||
|
||||
it('should accept large values', () => {
|
||||
const largeValue = 'x'.repeat(10000);
|
||||
expect(validateSecretValue(largeValue).valid).toBe(true);
|
||||
});
|
||||
|
||||
it('should reject values exceeding 1MB', () => {
|
||||
const veryLargeValue = 'x'.repeat(1024 * 1024 + 1);
|
||||
const result = validateSecretValue(veryLargeValue);
|
||||
expect(result.valid).toBe(false);
|
||||
expect(result.error).toContain('1MB');
|
||||
});
|
||||
});
|
||||
|
||||
describe('validatePEMCertificate', () => {
|
||||
const validPEM = `-----BEGIN CERTIFICATE-----
|
||||
MIIBkTCB+wIJAKHHCgVZU1M0MA0GCSqGSIb3DQEBCwUAMBExDzANBgNVBAMMBnRl
|
||||
c3RjYTAeFw0yNDAxMDEwMDAwMDBaFw0yNTAxMDEwMDAwMDBaMBExDzANBgNVBAMM
|
||||
BnRlc3RjYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwKX5UvKZU8rKFXJN
|
||||
uTGBGGfLYmNHJ6U3kS7hVf8TQPKqKqEQ7vVwVnDFPFLPmqDYnVQH2hN4Z6YpXqKY
|
||||
KKKKKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKq
|
||||
KqKqKqKqKqKqKqKqKqKqKqIBAgMBAAEwDQYJKoZIhvcNAQELBQADgYEAoKKKKqKq
|
||||
KqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKq
|
||||
KqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKq
|
||||
KqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKq
|
||||
KqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKq
|
||||
KqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKqKq
|
||||
-----END CERTIFICATE-----`;
|
||||
|
||||
it('should accept valid PEM certificates', () => {
|
||||
expect(validatePEMCertificate(validPEM).valid).toBe(true);
|
||||
});
|
||||
|
||||
it('should reject empty certificates', () => {
|
||||
const result = validatePEMCertificate('');
|
||||
expect(result.valid).toBe(false);
|
||||
expect(result.error).toContain('required');
|
||||
});
|
||||
|
||||
it('should reject certificates without BEGIN marker', () => {
|
||||
const invalidPEM = validPEM.replace('-----BEGIN CERTIFICATE-----', '');
|
||||
const result = validatePEMCertificate(invalidPEM);
|
||||
expect(result.valid).toBe(false);
|
||||
});
|
||||
|
||||
it('should reject certificates without END marker', () => {
|
||||
const invalidPEM = validPEM.replace('-----END CERTIFICATE-----', '');
|
||||
const result = validatePEMCertificate(invalidPEM);
|
||||
expect(result.valid).toBe(false);
|
||||
});
|
||||
|
||||
it('should reject non-PEM text', () => {
|
||||
const result = validatePEMCertificate('This is not a PEM certificate');
|
||||
expect(result.valid).toBe(false);
|
||||
});
|
||||
|
||||
it('should accept PEM with extra whitespace', () => {
|
||||
const pemWithWhitespace = '\n\n' + validPEM + '\n\n';
|
||||
expect(validatePEMCertificate(pemWithWhitespace).valid).toBe(true);
|
||||
});
|
||||
});
|
||||
});
|
||||
Reference in New Issue
Block a user