/
pod.go
73 lines (58 loc) · 2.47 KB
/
pod.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
// Copyright Amazon.com Inc. or its affiliates. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License"). You may
// not use this file except in compliance with the License. A copy of the
// License is located at
//
// http://aws.amazon.com/apache2.0/
//
// or in the "license" file accompanying this file. This file is distributed
// on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either
// express or implied. See the License for the specific language governing
// permissions and limitations under the License.
package verify
import (
"context"
"github.com/aws/amazon-vpc-resource-controller-k8s/pkg/config"
"github.com/aws/amazon-vpc-resource-controller-k8s/pkg/provider/branch/trunk"
"github.com/aws/amazon-vpc-resource-controller-k8s/test/framework"
. "github.com/onsi/ginkgo"
. "github.com/onsi/gomega"
v1 "k8s.io/api/core/v1"
)
type PodVerification struct {
frameWork *framework.Framework
ctx context.Context
}
func NewPodVerification(framework *framework.Framework, ctx context.Context) *PodVerification {
return &PodVerification{
frameWork: framework,
ctx: ctx,
}
}
func (v *PodVerification) PodHasExpectedSG(pod *v1.Pod, expectedSecurityGroup []string) []*trunk.ENIDetails {
By("getting the branch ENI from the pod's annotation")
eniDetails, err := v.frameWork.PodManager.GetENIDetailsFromPodAnnotation(pod.Annotations)
Expect(err).NotTo(HaveOccurred())
By("getting the security group for the ENI from AWS EC2 ")
actualSG, err := v.frameWork.EC2Manager.GetENISecurityGroups(eniDetails[0].ID)
Expect(err).NotTo(HaveOccurred())
Expect(expectedSecurityGroup).Should(ConsistOf(actualSG))
By("getting the same IP address as the branch ENI IP")
Expect(eniDetails[0].IPV4Addr).To(Equal(pod.Status.PodIP))
return eniDetails
}
func (v *PodVerification) PodsHaveExpectedSG(namespace string, podLabelKey string, podLabelVal string,
expectedSecurityGroup []string) {
By("getting the pod belonging to the deployment")
pods, err := v.frameWork.PodManager.GetPodsWithLabel(v.ctx, namespace, podLabelKey, podLabelVal)
Expect(err).ToNot(HaveOccurred())
for _, pod := range pods {
v.PodHasExpectedSG(&pod, expectedSecurityGroup)
}
}
func (v *PodVerification) PodHasNoBranchENIAnnotationInjected(pod *v1.Pod) {
By("getting the branch ENI from the pod's annotation")
_, hasNoAnnotation := pod.Annotations[config.ResourceNamePodENI]
Expect(hasNoAnnotation).To(BeFalse(), "Pod shouldn't have branch ENI annotations.")
}