Check the validity of the kubeconfig template [#13]

It's a little tricky to find a balance between "brittle" and "thorough"
in this test--I'd like to verify that e.g. the certificate is in
clusters[0].cluster.certificate-authority-data, not at the root. On the
other hand, we can't actually show that it's a valid kubeconfig file
without actually *using* it, so there's a hard upper limit on the
strength of the assertions. I've settled on verifying that all the
settings make it into the file and the file is syntactically-valid yaml.

go.mod

@@ -3,6 +3,7 @@ module github.com/pelotech/drone-helm3
 go 1.13
 
 require (
+	github.com/go-yaml/yaml v2.1.0+incompatible
 	github.com/golang/mock v1.3.1
 	github.com/kelseyhightower/envconfig v1.4.0
 	github.com/stretchr/testify v1.4.0

go.sum

@@ -1,5 +1,7 @@
 github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/go-yaml/yaml v2.1.0+incompatible h1:RYi2hDdss1u4YE7GwixGzWwVo47T8UQwnTLB6vQiq+o=
+github.com/go-yaml/yaml v2.1.0+incompatible/go.mod h1:w2MrLa16VYP0jy6N7M5kHaCkaLENm+P+Tv+MfurjSw0=
 github.com/golang/mock v1.3.1 h1:qGJ6qTW+x6xX/my+8YUVl4WNpX9B7+/l2tRsHGZ7f2s=
 github.com/golang/mock v1.3.1/go.mod h1:sBzyDLLjw3U8JLTeZvSv8jJB+tU5PVekmnlKIyFUx0Y=
 github.com/kelseyhightower/envconfig v1.4.0 h1:Im6hONhd3pLkfDFsbRgu68RDNkGF1r3dvMUtDTo2cv8=

internal/run/initkube_test.go

@@ -1,12 +1,12 @@
 package run
 
 import (
+	"github.com/go-yaml/yaml"
+	"github.com/stretchr/testify/suite"
 	"io/ioutil"
 	"os"
-	"text/template"
-	// "github.com/stretchr/testify/assert"
-	"github.com/stretchr/testify/suite"
 	"testing"
+	"text/template"
 )
 
 type InitKubeTestSuite struct {
@@ -58,6 +58,59 @@ namespace: Cisco
 	suite.Equal(want, string(conf))
 }
 
+func (suite *InitKubeTestSuite) TestExecuteGeneratesConfig() {
+	configFile, err := tempfile("kubeconfig********.yml", "")
+	defer os.Remove(configFile.Name())
+	suite.Require().NoError(err)
+
+	cfg := Config{
+		KubeConfig: configFile.Name(),
+		Namespace:  "marshmallow",
+	}
+	init := InitKube{
+		TemplateFile:   "../../assets/kubeconfig.tpl", // the actual kubeconfig template
+		APIServer:      "https://kube.cluster/peanut",
+		ServiceAccount: "chef",
+		Token:          "eWVhaCB3ZSB0b2tpbic=",
+		Certificate:    "d293LCB5b3UgYXJlIHNvIGNvb2wgZm9yIHNtb2tpbmcgd2VlZCDwn5mE",
+	}
+	suite.Require().NoError(init.Prepare(cfg))
+	suite.Require().NoError(init.Execute(cfg))
+
+	contents, err := ioutil.ReadFile(configFile.Name())
+	suite.Require().NoError(err)
+
+	// each setting should be reflected in the generated file
+	expectations := []string{
+		"namespace: marshmallow",
+		"server: https://kube.cluster/peanut",
+		"user: chef",
+		"name: chef",
+		"token: eWVhaCB3ZSB0b2tpbic",
+		"certificate-authority-data: d293LCB5b3UgYXJlIHNvIGNvb2wgZm9yIHNtb2tpbmcgd2VlZCDwn5mE",
+	}
+	for _, expected := range expectations {
+		suite.Contains(string(contents), expected)
+	}
+
+	// the generated config should be valid yaml, with no repeated keys
+	conf := map[string]interface{}{}
+	suite.NoError(yaml.UnmarshalStrict(contents, &conf))
+
+	// test the other branch of the certificate/SkipTLSVerify conditional
+	init.SkipTLSVerify = true
+	init.Certificate = ""
+
+	suite.Require().NoError(init.Prepare(cfg))
+	suite.Require().NoError(init.Execute(cfg))
+	contents, err = ioutil.ReadFile(configFile.Name())
+	suite.Require().NoError(err)
+	suite.Contains(string(contents), "insecure-skip-tls-verify: true")
+
+	conf = map[string]interface{}{}
+	suite.NoError(yaml.UnmarshalStrict(contents, &conf))
+}
+
 func (suite *InitKubeTestSuite) TestPrepareParseError() {
 	templateFile, err := tempfile("kubeconfig********.yml.tpl", `{{ NonexistentFunction }}`)
 	defer os.Remove(templateFile.Name())