Clean up agent rotator tests (#2604)

* Clean up agent rotator tests - Removes the agent client mock - Restructures as simple table-driven tests - Replaces Catalog with SVID Key Manager Signed-off-by: Andrew Harding <aharding@vmware.com>
spiffe · Oct 29, 2021 · fbffcf0 · fbffcf0
1 parent d27ee9d
commit fbffcf0
Show file tree

Hide file tree

Showing 6 changed files with 187 additions and 321 deletions.
diff --git a/Makefile b/Makefile
@@ -159,7 +159,6 @@ service-protos := \
 # mock-destination-pkg,src-go-pkg,interface[,additional interfaces]
 mockgen_mocks = \
 	test/mock/server/aws,github.com/spiffe/spire/pkg/server/plugin/nodeattestor/aws,Client \
-	test/mock/agent/client,github.com/spiffe/spire/pkg/agent/client,Client \
 	test/mock/common/plugin/k8s/apiserver,github.com/spiffe/spire/pkg/common/plugin/k8s/apiserver,Client \
 
 # The following vars are used in rule construction

diff --git a/pkg/agent/manager/config.go b/pkg/agent/manager/config.go
@@ -58,16 +58,16 @@ func newManager(c *Config) *manager {
 	cache := cache.New(c.Log.WithField(telemetry.SubsystemName, telemetry.CacheManager), c.TrustDomain, c.Bundle, c.Metrics)
 
 	rotCfg := &svid.RotatorConfig{
-		Catalog:      c.Catalog,
-		Log:          c.Log,
-		Metrics:      c.Metrics,
-		SVID:         c.SVID,
-		SVIDKey:      c.SVIDKey,
-		BundleStream: cache.SubscribeToBundleChanges(),
-		ServerAddr:   c.ServerAddr,
-		TrustDomain:  c.TrustDomain,
-		Interval:     c.RotationInterval,
-		Clk:          c.Clk,
+		SVIDKeyManager: keymanager.ForSVID(c.Catalog.GetKeyManager()),
+		Log:            c.Log,
+		Metrics:        c.Metrics,
+		SVID:           c.SVID,
+		SVIDKey:        c.SVIDKey,
+		BundleStream:   cache.SubscribeToBundleChanges(),
+		ServerAddr:     c.ServerAddr,
+		TrustDomain:    c.TrustDomain,
+		Interval:       c.RotationInterval,
+		Clk:            c.Clk,
 	}
 	svidRotator, client := svid.NewRotator(rotCfg)
 

diff --git a/pkg/agent/svid/rotator.go b/pkg/agent/svid/rotator.go
@@ -27,9 +27,14 @@ type Rotator interface {
 	SetRotationFinishedHook(func())
 }
 
+type Client interface {
+	RenewSVID(ctx context.Context, csr []byte) (*client.X509SVID, error)
+	Release()
+}
+
 type rotator struct {
 	c      *RotatorConfig
-	client client.Client
+	client Client
 
 	state observer.Property
 	clk   clock.Clock
@@ -139,14 +144,12 @@ func (r *rotator) rotateSVID(ctx context.Context) (err error) {
 	defer r.rotMtx.Unlock()
 	r.c.Log.Debug("Rotating agent SVID")
 
-	svidKM := keymanager.ForSVID(r.c.Catalog.GetKeyManager())
-
 	var existingKey keymanager.Key
 	if state, ok := r.state.Value().(State); ok && state.Key != nil {
 		existingKey, _ = state.Key.(keymanager.Key)
 	}
 
-	key, err := svidKM.GenerateKey(ctx, existingKey)
+	key, err := r.c.SVIDKeyManager.GenerateKey(ctx, existingKey)
 	if err != nil {
 		return err
 	}

diff --git a/pkg/agent/svid/rotator_config.go b/pkg/agent/svid/rotator_config.go
@@ -10,7 +10,6 @@ import (
 	"github.com/imkira/go-observer"
 	"github.com/sirupsen/logrus"
 	"github.com/spiffe/go-spiffe/v2/spiffeid"
-	"github.com/spiffe/spire/pkg/agent/catalog"
 	"github.com/spiffe/spire/pkg/agent/client"
 	"github.com/spiffe/spire/pkg/agent/common/backoff"
 	"github.com/spiffe/spire/pkg/agent/manager/cache"
@@ -21,11 +20,12 @@ import (
 const DefaultRotatorInterval = 5 * time.Second
 
 type RotatorConfig struct {
-	Catalog     catalog.Catalog
-	Log         logrus.FieldLogger
-	Metrics     telemetry.Metrics
-	TrustDomain spiffeid.TrustDomain
-	ServerAddr  string
+	SVIDKeyManager keymanager.SVIDKeyManager
+	Log            logrus.FieldLogger
+	Metrics        telemetry.Metrics
+	TrustDomain    spiffeid.TrustDomain
+	ServerAddr     string
+
 	// Initial SVID and key
 	SVID    []*x509.Certificate
 	SVIDKey keymanager.Key