Skip to content

Instantly share code, notes, and snippets.

@Oats87

Oats87/import_test.go

Last active April 28, 2023 19:18
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save Oats87/1bc8358bfa77aa7ae075b95f06a10932 to your computer and use it in GitHub Desktop.
Save Oats87/1bc8358bfa77aa7ae075b95f06a10932 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
import_test.go
package systemtemplate
import (
"bytes"
"crypto/sha256"
"encoding/hex"
"encoding/json"
"fmt"
"strings"
"testing"
apimgmtv3 "github.com/rancher/rancher/pkg/apis/management.cattle.io/v3"
corefakes "github.com/rancher/rancher/pkg/generated/norman/core/v1/fakes"
rketypes "github.com/rancher/rke/types"
"github.com/stretchr/testify/assert"
appsv1 "k8s.io/api/apps/v1"
corev1 "k8s.io/api/core/v1"
rbacv1 "k8s.io/api/rbac/v1"
apierror "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime/schema"
"k8s.io/client-go/kubernetes/scheme"
)
var (
mockSecrets = make(map[string]*corev1.Secret)
)
func resetMockSecrets() {
mockSecrets = make(map[string]*corev1.Secret)
}
func TestSystemTemplate_systemtemplate(t *testing.T) {
mockSecrets := map[string]*corev1.Secret{}
secretLister := &corefakes.SecretListerMock{
GetFunc: func(namespace string, name string) (*corev1.Secret, error) {
id := fmt.Sprintf("%s:%s", namespace, name)
secret, ok := mockSecrets[fmt.Sprintf("%s:%s", namespace, name)]
if !ok {
return nil, apierror.NewNotFound(schema.GroupResource{}, id)
}
return secret.DeepCopy(), nil
},
}
tests := []struct {
name string
cluster *apimgmtv3.Cluster
agentImage string
authImage string
namespace string
token string
url string
isWindowsCluster bool
features map[string]bool
taints []corev1.Taint
secrets map[string]*corev1.Secret
expectedDeploymentHashes map[string]string
expectedDaemonSetHashes map[string]string
expectedClusterRoleHashes map[string]string
expectedClusterRoleBindingHashes map[string]string
expectedNamespaceHashes map[string]string
expectedServiceHashes map[string]string
expectedServiceAccountHashes map[string]string
expectedSecretHashes map[string]string
}{
{
name: "test-rke",
cluster: &apimgmtv3.Cluster{
ObjectMeta: metav1.ObjectMeta{
Name: "test-rke",
},
Spec: apimgmtv3.ClusterSpec{
ClusterSpecBase: apimgmtv3.ClusterSpecBase{
RancherKubernetesEngineConfig: &rketypes.RancherKubernetesEngineConfig{},
},
},
},
expectedDeploymentHashes: map[string]string{
"cattle-cluster-agent": "330f7c7b4334037af63e4e394e2ac595d093a4ad8249bd57de7e8af2ae10e523",
},
expectedDaemonSetHashes: map[string]string{},
expectedClusterRoleHashes: map[string]string{
"proxy-clusterrole-kubeapiserver": "0d28ae2947ce0c5faef85ff59169a5f65e0490552bf9cb00f29a98eb97a02a7e",
"cattle-admin": "009abecc023b1e4ac1bc35e4153ef4492b2bc66a5972df9c5617a38f587c3f42",
},
expectedClusterRoleBindingHashes: map[string]string{
"proxy-role-binding-kubernetes-master": "0df909395597974e60d905e9860bc0a02367bd2df74528d430c635c3f7afdeb0",
"cattle-admin-binding": "0da37cf0d4c4b4d068a3000967c4e37d11e1cecd126779633095dbe30b39c6ba",
},
expectedNamespaceHashes: map[string]string{
"cattle-system": "fd527fed9cae2e8b27f9610d64e9476e692a3dfde42954aeaecba450fe2b9571",
},
expectedServiceHashes: map[string]string{
"cattle-cluster-agent": "9512a8430f6d32f31eac6e4446724dc5a336c3d9c8147c824f2734c2f8afe792",
},
expectedServiceAccountHashes: map[string]string{
"cattle": "5cf160de85eaef5de9ce917130c64c23e91836920f7e9b2e2d7a8be8290079f2",
},
expectedSecretHashes: map[string]string{
"cattle-credentials-d41d8cd": "131d05388e50e23e5f22eb3b54676910e6ded959b3dd1333f7bc2096ee2e95e9",
},
},
{
name: "test-provisioned-import",
cluster: &apimgmtv3.Cluster{
ObjectMeta: metav1.ObjectMeta{
Name: "test-prov",
},
Spec: apimgmtv3.ClusterSpec{
ImportedConfig: &apimgmtv3.ImportedConfig{},
},
},
expectedDeploymentHashes: map[string]string{
"cattle-cluster-agent": "330f7c7b4334037af63e4e394e2ac595d093a4ad8249bd57de7e8af2ae10e523",
},
expectedDaemonSetHashes: map[string]string{},
expectedClusterRoleHashes: map[string]string{
"proxy-clusterrole-kubeapiserver": "0d28ae2947ce0c5faef85ff59169a5f65e0490552bf9cb00f29a98eb97a02a7e",
"cattle-admin": "009abecc023b1e4ac1bc35e4153ef4492b2bc66a5972df9c5617a38f587c3f42",
},
expectedClusterRoleBindingHashes: map[string]string{
"proxy-role-binding-kubernetes-master": "0df909395597974e60d905e9860bc0a02367bd2df74528d430c635c3f7afdeb0",
"cattle-admin-binding": "0da37cf0d4c4b4d068a3000967c4e37d11e1cecd126779633095dbe30b39c6ba",
},
expectedNamespaceHashes: map[string]string{
"cattle-system": "fd527fed9cae2e8b27f9610d64e9476e692a3dfde42954aeaecba450fe2b9571",
},
expectedServiceHashes: map[string]string{
"cattle-cluster-agent": "9512a8430f6d32f31eac6e4446724dc5a336c3d9c8147c824f2734c2f8afe792",
},
expectedServiceAccountHashes: map[string]string{
"cattle": "5cf160de85eaef5de9ce917130c64c23e91836920f7e9b2e2d7a8be8290079f2",
},
expectedSecretHashes: map[string]string{
"cattle-credentials-d41d8cd": "131d05388e50e23e5f22eb3b54676910e6ded959b3dd1333f7bc2096ee2e95e9",
},
},
{
name: "test-provisioned-import-custom-agent",
cluster: &apimgmtv3.Cluster{
ObjectMeta: metav1.ObjectMeta{
Name: "test-prov",
},
Spec: apimgmtv3.ClusterSpec{
ImportedConfig: &apimgmtv3.ImportedConfig{},
},
},
url: "some-dummy-url",
token: "some-dummy-token",
agentImage: "my/agent:image",
expectedDeploymentHashes: map[string]string{
"cattle-cluster-agent": "128b9ac4d8b308a2a3b343a185fda84a4fc7ab17d3391d707ee282b3bd9bd66c",
},
expectedDaemonSetHashes: map[string]string{},
expectedClusterRoleHashes: map[string]string{
"proxy-clusterrole-kubeapiserver": "0d28ae2947ce0c5faef85ff59169a5f65e0490552bf9cb00f29a98eb97a02a7e",
"cattle-admin": "009abecc023b1e4ac1bc35e4153ef4492b2bc66a5972df9c5617a38f587c3f42",
},
expectedClusterRoleBindingHashes: map[string]string{
"proxy-role-binding-kubernetes-master": "0df909395597974e60d905e9860bc0a02367bd2df74528d430c635c3f7afdeb0",
"cattle-admin-binding": "0da37cf0d4c4b4d068a3000967c4e37d11e1cecd126779633095dbe30b39c6ba",
},
expectedNamespaceHashes: map[string]string{
"cattle-system": "fd527fed9cae2e8b27f9610d64e9476e692a3dfde42954aeaecba450fe2b9571",
},
expectedServiceHashes: map[string]string{
"cattle-cluster-agent": "9512a8430f6d32f31eac6e4446724dc5a336c3d9c8147c824f2734c2f8afe792",
},
expectedServiceAccountHashes: map[string]string{
"cattle": "5cf160de85eaef5de9ce917130c64c23e91836920f7e9b2e2d7a8be8290079f2",
},
expectedSecretHashes: map[string]string{
"cattle-credentials-ea6f059": "13abfa9516b89b23f9451a71c3258a358ab68abddd6d9b661a106dc762028ada",
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
defer resetMockSecrets()
mockSecrets = tt.secrets
var b bytes.Buffer
err := SystemTemplate(&b, tt.agentImage, tt.authImage, tt.namespace, tt.token, tt.url, tt.isWindowsCluster, tt.cluster, tt.features, tt.taints, secretLister)
assert.Nil(t, err)
decoder := scheme.Codecs.UniversalDeserializer()
for _, r := range strings.Split(b.String(), "---") {
if len(r) == 0 {
continue
}
obj, groupVersionKind, err := decoder.Decode([]byte(r), nil, nil)
if err != nil {
continue
}
switch groupVersionKind.Kind {
case "Deployment":
deployment := obj.(*appsv1.Deployment)
b, err := json.Marshal(deployment)
if err != nil {
assert.FailNow(t, err.Error())
}
assert.Equal(t, tt.expectedDeploymentHashes[deployment.Name], getHash(b), fmt.Sprintf("%s/%s", groupVersionKind.Kind, deployment.Name))
case "ClusterRole":
clusterrole := obj.(*rbacv1.ClusterRole)
b, err := json.Marshal(clusterrole)
if err != nil {
assert.FailNow(t, err.Error())
}
assert.Equal(t, tt.expectedClusterRoleHashes[clusterrole.Name], getHash(b), fmt.Sprintf("%s/%s", groupVersionKind.Kind, clusterrole.Name))
case "ClusterRoleBinding":
crb := obj.(*rbacv1.ClusterRoleBinding)
b, err := json.Marshal(crb)
if err != nil {
assert.FailNow(t, err.Error())
}
assert.Equal(t, tt.expectedClusterRoleBindingHashes[crb.Name], getHash(b), fmt.Sprintf("%s/%s", groupVersionKind.Kind, crb.Name))
case "Namespace":
ns := obj.(*corev1.Namespace)
b, err := json.Marshal(ns)
if err != nil {
assert.FailNow(t, err.Error())
}
assert.Equal(t, tt.expectedNamespaceHashes[ns.Name], getHash(b), fmt.Sprintf("%s/%s", groupVersionKind.Kind, ns.Name))
case "DaemonSet":
ds := obj.(*appsv1.DaemonSet)
b, err := json.Marshal(ds)
if err != nil {
assert.FailNow(t, err.Error())
}
assert.Equal(t, tt.expectedDaemonSetHashes[ds.Name], getHash(b), fmt.Sprintf("%s/%s", groupVersionKind.Kind, ds.Name))
case "Service":
svc := obj.(*corev1.Service)
b, err := json.Marshal(svc)
if err != nil {
assert.FailNow(t, err.Error())
}
assert.Equal(t, tt.expectedServiceHashes[svc.Name], getHash(b), fmt.Sprintf("%s/%s", groupVersionKind.Kind, svc.Name))
case "ServiceAccount":
svcacct := obj.(*corev1.ServiceAccount)
b, err := json.Marshal(svcacct)
if err != nil {
assert.FailNow(t, err.Error())
}
assert.Equal(t, tt.expectedServiceAccountHashes[svcacct.Name], getHash(b), fmt.Sprintf("%s/%s", groupVersionKind.Kind, svcacct.Name))
case "Secret":
secret := obj.(*corev1.Secret)
b, err := json.Marshal(secret)
if err != nil {
assert.FailNow(t, err.Error())
}
assert.Equal(t, tt.expectedSecretHashes[secret.Name], getHash(b), fmt.Sprintf("%s/%s", groupVersionKind.Kind, secret.Name))
default:
assert.FailNow(t, fmt.Sprintf("unexpected Kind for GVK: %s", groupVersionKind.String()))
}
}
})
}
}
func getHash(b []byte) string {
sum := sha256.Sum256(b)
return hex.EncodeToString(sum[:])
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment