instance_creation unit test: exposition.go tested

netgroup-polito · Jan 7, 2021 · b6aeb92 · b6aeb92
1 parent 002c271
commit b6aeb92
Show file tree

Hide file tree

Showing 3 changed files with 220 additions and 41 deletions.
diff --git a/operators/pkg/instance-creation/cloud-init_test.go b/operators/pkg/instance-creation/cloud-init_test.go
@@ -1,13 +1,52 @@
 package instance_creation
 
 import (
+	"strings"
 	"testing"
 
 	"github.com/stretchr/testify/assert"
 	"gopkg.in/yaml.v2"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
 
+func TestCreateUserData(t *testing.T) {
+	var (
+		nextUsername     = "usertest"
+		nextPassword     = "passtest"
+		nextCloudBaseUrl = "nextcloud.url"
+	)
+	publicKeys := []string{"key1", "key2", "key3"}
+
+	rawConfig := createUserdata(nextUsername, nextPassword, nextCloudBaseUrl, publicKeys)
+
+	var config cloudInitConfig
+
+	err := yaml.Unmarshal([]byte(rawConfig["userdata"]), &config)
+
+	assert.Equal(t, err, nil, "Yaml parser should return nil error.")
+
+	// check if header comment is present
+	hc := strings.HasPrefix(rawConfig["userdata"], "#cloud-config\n")
+
+	var (
+		expectedmount       = []string{nextCloudBaseUrl + "/remote.php/dav/files/" + nextUsername, "/media/MyDrive", "davfs", "_netdev,auto,user,rw,uid=1000,gid=1000", "0", "0"}
+		expectedcontent     = "/media/MyDrive " + nextUsername + " " + nextPassword
+		expectedpath        = "/etc/davfs2/secrets"
+		expectedpermissions = "0600"
+	)
+	assert.Equal(t, hc, true, "Cloud-init head comment should be present.")
+	assert.Equal(t, config.Network.Version, 2, "Network version should be set to 2.")
+	assert.Equal(t, config.Network.ID0.Dhcp4, true, "DHCPv4 should be set to true.")
+	assert.Equal(t, config.Mounts[0], expectedmount, "Nextcloud mount should be set to "+strings.Join(expectedmount, ", ")+".")
+	assert.Equal(t, config.WriteFiles[0].Content, expectedcontent, "Nextcloud secret should be se to "+expectedcontent+" .")
+	assert.Equal(t, config.WriteFiles[0].Path, expectedpath, "Nextcloud secret path should be set to "+expectedpath+".")
+	assert.Equal(t, config.WriteFiles[0].Permissions, expectedpermissions, "Nextcloud secret permissions should be set to "+expectedpermissions+" .")
+	assert.Equal(t, config.SSHAuthorizedKeys[0], publicKeys[0], "Public key should be set to"+publicKeys[0]+" .")
+	assert.Equal(t, config.SSHAuthorizedKeys[1], publicKeys[1], "Public key should be set to"+publicKeys[1]+" .")
+	assert.Equal(t, config.SSHAuthorizedKeys[2], publicKeys[2], "Public key should be set to"+publicKeys[2]+" .")
+
+}
+
 func TestCreateCloudInitSecret(t *testing.T) {
 	var (
 		name             = "name"
@@ -42,7 +81,7 @@ func TestCreateCloudInitSecret(t *testing.T) {
 
 	//check config
 	assert.Equal(t, config.Network.Version, 2, "Network version should be set to 2.")
-	assert.Equal(t, config.Network.Dhcp4, true, "DHCPv4 should be set to true.")
+	assert.Equal(t, config.Network.ID0.Dhcp4, true, "DHCPv4 should be set to true.")
 	assert.Equal(t, config.Mounts[0], expectedmount)
 	assert.Equal(t, config.WriteFiles[0].Content, expectedcontent)
 	assert.Equal(t, config.WriteFiles[0].Path, expectedpath)

diff --git a/operators/pkg/instance-creation/creation_test.go b/operators/pkg/instance-creation/creation_test.go
@@ -2,14 +2,12 @@ package instance_creation
 
 import (
 	"strconv"
-	"strings"
 	"testing"
 
 	"github.com/netgroup-polito/CrownLabs/operators/api/v1alpha2"
 	"k8s.io/apimachinery/pkg/api/resource"
 
 	"github.com/stretchr/testify/assert"
-	"gopkg.in/yaml.v2"
 	v1 "k8s.io/api/core/v1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 )
@@ -49,44 +47,6 @@ func TestWhitelist(t *testing.T) {
 	assert.Equal(t, c2, false, "The two labels set should be different and return false.")
 }
 
-func TestCreateUserData(t *testing.T) {
-	var (
-		nextUsername     = "usertest"
-		nextPassword     = "passtest"
-		nextCloudBaseUrl = "nextcloud.url"
-	)
-	publicKeys := []string{"key1", "key2", "key3"}
-
-	rawConfig := createUserdata(nextUsername, nextPassword, nextCloudBaseUrl, publicKeys)
-
-	var config cloudInitConfig
-
-	err := yaml.Unmarshal([]byte(rawConfig["userdata"]), &config)
-
-	assert.Equal(t, err, nil, "Yaml parser should return nil error.")
-
-	// check if header comment is present
-	hc := strings.HasPrefix(rawConfig["userdata"], "#cloud-config\n")
-
-	var (
-		expectedmount       = []string{nextCloudBaseUrl + "/remote.php/dav/files/" + nextUsername, "/media/MyDrive", "davfs", "_netdev,auto,user,rw,uid=1000,gid=1000", "0", "0"}
-		expectedcontent     = "/media/MyDrive " + nextUsername + " " + nextPassword
-		expectedpath        = "/etc/davfs2/secrets"
-		expectedpermissions = "0600"
-	)
-	assert.Equal(t, hc, true, "Cloud-init head comment should be present.")
-	assert.Equal(t, config.Network.Version, 2, "Network version should be set to 2.")
-	assert.Equal(t, config.Network.ID0.Dhcp4, true, "DHCPv4 should be set to true.")
-	assert.Equal(t, config.Mounts[0], expectedmount, "Nextcloud mount should be set to "+strings.Join(expectedmount, ", ")+".")
-	assert.Equal(t, config.WriteFiles[0].Content, expectedcontent, "Nextcloud secret should be se to "+expectedcontent+" .")
-	assert.Equal(t, config.WriteFiles[0].Path, expectedpath, "Nextcloud secret path should be set to "+expectedpath+".")
-	assert.Equal(t, config.WriteFiles[0].Permissions, expectedpermissions, "Nextcloud secret permissions should be set to "+expectedpermissions+" .")
-	assert.Equal(t, config.SSHAuthorizedKeys[0], publicKeys[0], "Public key should be set to"+publicKeys[0]+" .")
-	assert.Equal(t, config.SSHAuthorizedKeys[1], publicKeys[1], "Public key should be set to"+publicKeys[1]+" .")
-	assert.Equal(t, config.SSHAuthorizedKeys[2], publicKeys[2], "Public key should be set to"+publicKeys[2]+" .")
-
-}
-
 func TestCreateVirtualMachineInstance(t *testing.T) {
 	tc1 := &v1alpha2.Environment{
 		Name:       "Test1",

diff --git a/operators/pkg/instance-creation/exposition_test.go b/operators/pkg/instance-creation/exposition_test.go
@@ -0,0 +1,180 @@
+package instance_creation
+
+import (
+	"testing"
+
+	"github.com/stretchr/testify/assert"
+	corev1 "k8s.io/api/core/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/util/intstr"
+)
+
+func TestForgeService(t *testing.T) {
+	var (
+		name      = "usertest"
+		namespace = "namespacetest"
+	)
+
+	ownerRef := []metav1.OwnerReference{{
+		APIVersion: "crownlabs.polito.it/v1alpha2",
+		Kind:       "Instance",
+		Name:       "Test1",
+	},
+	}
+
+	service := ForgeService(name, namespace, ownerRef)
+
+	assert.Equal(t, service.ObjectMeta.Name, name+"-svc")
+	assert.Equal(t, service.ObjectMeta.Namespace, namespace)
+	assert.Equal(t, service.OwnerReferences[0].APIVersion, "crownlabs.polito.it/v1alpha2")
+	assert.Equal(t, service.OwnerReferences[0].Kind, "Instance")
+	assert.Equal(t, service.OwnerReferences[0].Name, "Test1")
+	assert.Equal(t, service.Spec.Ports[0].Name, "vnc")
+	assert.Equal(t, service.Spec.Ports[0].Port, int32(6080))
+	assert.Equal(t, service.Spec.Ports[1].Name, "ssh")
+	assert.Equal(t, service.Spec.Ports[1].Port, int32(22))
+	assert.Equal(t, service.Spec.Ports[0].Name, "vnc")
+	assert.Equal(t, service.Spec.Selector["name"], name)
+	assert.Equal(t, service.Spec.ClusterIP, "")
+	assert.Equal(t, service.Spec.Type, corev1.ServiceTypeClusterIP)
+}
+
+func TestForgeIngress(t *testing.T) {
+	var (
+		name           = "usertest"
+		namespace      = "namespacetest"
+		urlUUID        = "urlUUIDtest"
+		websiteBaseUrl = "websiteBaseUrlTest"
+		svc            = corev1.Service{
+			ObjectMeta: metav1.ObjectMeta{
+				Name: "svc-test",
+			},
+			Spec: corev1.ServiceSpec{
+				Ports: []corev1.ServicePort{
+					{
+						TargetPort: intstr.IntOrString{IntVal: 22},
+					},
+				},
+			},
+		}
+		url = websiteBaseUrl + "/" + urlUUID
+	)
+
+	ownerRef := []metav1.OwnerReference{{
+		APIVersion: "crownlabs.polito.it/v1alpha2",
+		Kind:       "Instance",
+		Name:       "Test1",
+	},
+	}
+
+	ingress := ForgeIngress(name, namespace, svc, urlUUID, websiteBaseUrl, ownerRef)
+
+	assert.Equal(t, ingress.ObjectMeta.Name, name+"-ingress")
+	assert.Equal(t, ingress.ObjectMeta.Namespace, namespace)
+	assert.Equal(t, ingress.Spec.Rules[0].IngressRuleValue.HTTP.Paths[0].Backend.Service.Name, svc.Name)
+	assert.Equal(t, ingress.Spec.Rules[0].IngressRuleValue.HTTP.Paths[0].Backend.Service.Port.Number, svc.Spec.Ports[0].TargetPort.IntVal)
+	assert.Equal(t, ingress.ObjectMeta.Annotations["nginx.ingress.kubernetes.io/auth-signin"], "https://$host/"+urlUUID+"/oauth2/start?rd=$escaped_request_uri")
+	assert.Equal(t, ingress.ObjectMeta.Annotations["nginx.ingress.kubernetes.io/auth-url"], "https://$host/"+urlUUID+"/oauth2/auth")
+	assert.Equal(t, ingress.ObjectMeta.Annotations["nginx.ingress.kubernetes.io/configuration-snippet"], `sub_filter '<head>' '<head> <base href="https://$host/`+urlUUID+`/index.html">';`)
+	assert.Equal(t, ingress.Spec.Rules[0].IngressRuleValue.HTTP.Paths[0].Path, "/"+urlUUID+"(/|$)(.*)")
+	assert.Equal(t, ingress.ObjectMeta.Annotations["crownlabs.polito.it/probe-url"], "https://"+url)
+	assert.Equal(t, ingress.Spec.TLS[0].Hosts[0], websiteBaseUrl)
+	assert.Equal(t, ingress.Spec.Rules[0].Host, websiteBaseUrl)
+	assert.Equal(t, ingress.OwnerReferences[0].APIVersion, "crownlabs.polito.it/v1alpha2")
+	assert.Equal(t, ingress.OwnerReferences[0].Kind, "Instance")
+	assert.Equal(t, ingress.OwnerReferences[0].Name, "Test1")
+}
+
+func TestForgeOauth2Deployment(t *testing.T) {
+	var (
+		name         = "usertest"
+		namespace    = "namespacetest"
+		urlUUID      = "urlUUIDtest"
+		image        = "imagetest"
+		clientSecret = "secrettest"
+		providerUrl  = "urltest"
+	)
+	ownerRef := []metav1.OwnerReference{{
+		APIVersion: "crownlabs.polito.it/v1alpha2",
+		Kind:       "Instance",
+		Name:       "Test1",
+	},
+	}
+
+	deploy := ForgeOauth2Deployment(name, namespace, urlUUID, image, clientSecret, providerUrl, ownerRef)
+
+	assert.Equal(t, deploy.ObjectMeta.Name, name+"-oauth2-deploy")
+	assert.Equal(t, deploy.ObjectMeta.Namespace, namespace)
+	assert.Equal(t, deploy.OwnerReferences[0].APIVersion, "crownlabs.polito.it/v1alpha2")
+	assert.Equal(t, deploy.OwnerReferences[0].Kind, "Instance")
+	assert.Equal(t, deploy.OwnerReferences[0].Name, "Test1")
+	assert.Equal(t, deploy.Spec.Template.Spec.Containers[0].Image, image)
+	assert.Contains(t, deploy.Spec.Template.Spec.Containers[0].Args, "--proxy-prefix=/"+urlUUID+"/oauth2")
+	assert.Contains(t, deploy.Spec.Template.Spec.Containers[0].Args, "--cookie-path=/"+urlUUID)
+	assert.Contains(t, deploy.Spec.Template.Spec.Containers[0].Args, "--client-secret="+clientSecret)
+	assert.Contains(t, deploy.Spec.Template.Spec.Containers[0].Args, "--login-url="+providerUrl+"/protocol/openid-connect/auth")
+	assert.Contains(t, deploy.Spec.Template.Spec.Containers[0].Args, "--redeem-url="+providerUrl+"/protocol/openid-connect/token")
+	assert.Contains(t, deploy.Spec.Template.Spec.Containers[0].Args, "--validate-url="+providerUrl+"/protocol/openid-connect/userinfo")
+
+}
+
+func TestForgeOauth2Service(t *testing.T) {
+	var (
+		name      = "usertest"
+		namespace = "namespacetest"
+	)
+	ownerRef := []metav1.OwnerReference{{
+		APIVersion: "crownlabs.polito.it/v1alpha2",
+		Kind:       "Instance",
+		Name:       "Test1",
+	},
+	}
+	service := ForgeOauth2Service(name, namespace, ownerRef)
+
+	assert.Equal(t, service.ObjectMeta.Name, name+"-oauth2-svc")
+	assert.Equal(t, service.ObjectMeta.Namespace, namespace)
+	assert.Equal(t, service.OwnerReferences[0].APIVersion, "crownlabs.polito.it/v1alpha2")
+	assert.Equal(t, service.OwnerReferences[0].Kind, "Instance")
+	assert.Equal(t, service.OwnerReferences[0].Name, "Test1")
+	assert.Equal(t, service.Spec.Selector["app"], name)
+}
+
+func TestForgeOauth2Ingress(t *testing.T) {
+	var (
+		name           = "usertest"
+		namespace      = "namespacetest"
+		urlUUID        = "urlUUIDtest"
+		websiteBaseUrl = "websiteBaseUrlTest"
+		svc            = corev1.Service{
+			ObjectMeta: metav1.ObjectMeta{
+				Name: "svc-test",
+			},
+			Spec: corev1.ServiceSpec{
+				Ports: []corev1.ServicePort{
+					{
+						TargetPort: intstr.IntOrString{IntVal: 22},
+					},
+				},
+			},
+		}
+	)
+	ownerRef := []metav1.OwnerReference{{
+		APIVersion: "crownlabs.polito.it/v1alpha2",
+		Kind:       "Instance",
+		Name:       "Test1",
+	},
+	}
+
+	ingress := ForgeOauth2Ingress(name, namespace, svc, urlUUID, websiteBaseUrl, ownerRef)
+
+	assert.Equal(t, ingress.ObjectMeta.Name, name+"-oauth2-ingress")
+	assert.Equal(t, ingress.ObjectMeta.Namespace, namespace)
+	assert.Equal(t, ingress.OwnerReferences[0].APIVersion, "crownlabs.polito.it/v1alpha2")
+	assert.Equal(t, ingress.OwnerReferences[0].Kind, "Instance")
+	assert.Equal(t, ingress.OwnerReferences[0].Name, "Test1")
+	assert.Equal(t, ingress.Spec.Rules[0].IngressRuleValue.HTTP.Paths[0].Backend.Service.Name, svc.Name)
+	assert.Equal(t, ingress.Spec.Rules[0].IngressRuleValue.HTTP.Paths[0].Backend.Service.Port.Number, svc.Spec.Ports[0].TargetPort.IntVal)
+	assert.Equal(t, ingress.Spec.Rules[0].IngressRuleValue.HTTP.Paths[0].Path, "/"+urlUUID+"/oauth2/.*")
+	assert.Equal(t, ingress.Spec.TLS[0].Hosts[0], websiteBaseUrl)
+	assert.Equal(t, ingress.Spec.Rules[0].Host, websiteBaseUrl)
+}