Summary
Write unit tests for the pure functions that generate deterministic names, transform data between types, and manage object annotations. All testable without envtest.
Testing Guidance
For each function, think about:
- What does it return for normal, expected input?
- What happens at the boundaries — empty strings, nil objects, missing fields?
- If there's branching logic, have you covered each branch?
Scope
internal/controller/devportal_helper.go
APIKeyRequestName() — generates a DNS-1123 compliant name from an APIKey using a SHA-256 hash suffix. Think about: does the output meet DNS-1123 rules? Is it deterministic (same input = same output)? Different namespace/name combinations that could collide without the hash.
internal/controller/apikey_secret_controller.go
enforcementSecretName() — same pattern as above, generates a deterministic name for enforcement secrets. Same considerations apply.
api/v1alpha1/apikey_types.go
APIProductKey() — returns an ObjectKey for the referenced APIProduct, falling back to the APIKey's own namespace if the ref namespace is empty. Test the fallback behaviour.
api/v1alpha1/apikeyrequest_types.go
ClientObject() — converts an APIKeyReference to an ObjectKey. Straightforward struct conversion.
api/v1alpha1/apiproduct_types.go
PlanPolicyIntoPlans() — converts a PlanPolicy's plan list into PlanSpec slice. Test with nil input, empty plan list, and multiple plans.
internal/controller/apiproduct_controller.go
extractIssuerURLFromAuthScheme() — finds the first JWT issuer URL from an auth scheme. Consider: no authentication map, authentication with non-JWT entries, multiple JWT entries (which one wins?), nil auth scheme.
internal/controller/apikeyrequest_controller.go
apiKeyRequestSpecMutator() — compares existing vs desired specs, mutates existing if different, returns whether mutation occurred. Test: specs are equal (no mutation), specs differ (mutation happens), verify the existing object is actually updated.
internal/reconcilers/base_reconcilers.go
TagObjectToDelete() / IsObjectTaggedToDelete() — adds/checks a deletion annotation. Test: object with no annotations, object with existing annotations, round-trip (tag then check).
Review & Verification
PRs should include:
- How to review the changes (areas of interest, suggested review order)
- Steps to confirm locally:
make test runs and passes
Summary
Write unit tests for the pure functions that generate deterministic names, transform data between types, and manage object annotations. All testable without envtest.
Testing Guidance
For each function, think about:
Scope
internal/controller/devportal_helper.goAPIKeyRequestName()— generates a DNS-1123 compliant name from an APIKey using a SHA-256 hash suffix. Think about: does the output meet DNS-1123 rules? Is it deterministic (same input = same output)? Different namespace/name combinations that could collide without the hash.internal/controller/apikey_secret_controller.goenforcementSecretName()— same pattern as above, generates a deterministic name for enforcement secrets. Same considerations apply.api/v1alpha1/apikey_types.goAPIProductKey()— returns an ObjectKey for the referenced APIProduct, falling back to the APIKey's own namespace if the ref namespace is empty. Test the fallback behaviour.api/v1alpha1/apikeyrequest_types.goClientObject()— converts an APIKeyReference to an ObjectKey. Straightforward struct conversion.api/v1alpha1/apiproduct_types.goPlanPolicyIntoPlans()— converts a PlanPolicy's plan list into PlanSpec slice. Test with nil input, empty plan list, and multiple plans.internal/controller/apiproduct_controller.goextractIssuerURLFromAuthScheme()— finds the first JWT issuer URL from an auth scheme. Consider: no authentication map, authentication with non-JWT entries, multiple JWT entries (which one wins?), nil auth scheme.internal/controller/apikeyrequest_controller.goapiKeyRequestSpecMutator()— compares existing vs desired specs, mutates existing if different, returns whether mutation occurred. Test: specs are equal (no mutation), specs differ (mutation happens), verify the existing object is actually updated.internal/reconcilers/base_reconcilers.goTagObjectToDelete()/IsObjectTaggedToDelete()— adds/checks a deletion annotation. Test: object with no annotations, object with existing annotations, round-trip (tag then check).Review & Verification
PRs should include:
make testruns and passes