Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Test the policy controller admission webhook (#8008)
The policy controller has an validating webhook for `Server` resources, but this functionality is not really tested. Before adding more policy resources that need validation, let's add an integration test that exercises resource validation. The initial test is pretty simplistic, but this is just setup. These test also help expose two issues: 1. The change in 8760c5f--to solely use the index for validation--is problematic, especially in CI where quick updates can pass validation when they should not. This is fixed by going back to making API calls when validating `Server` resources. 2. Our pod selector overlap detection is overly simplistic. This change updates it to at least detect when a server selects _all_ pods. There's probably more we can do here in followup changes. Tests are added in a new `policy-test` crate that only includes these tests and the utiltities they need. This crate is excluded when running unit tests and is only executed when it has a Kubernetes cluster it can execute against. A temporary namespace is created before each test is run and deleted as the test completes. The policy controller's CI workflow is updated to build the core control plane, run a k3d cluster, and exercise tests. This workflow has minimal dependencies on the existing script/CI tooling so that the dependencies are explicit and we can avoid some of the complexity of the existing test infrastructure. Signed-off-by: Oliver Gould <ver@buoyant.io>
- Loading branch information
Showing
15 changed files
with
562 additions
and
47 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.