-
Notifications
You must be signed in to change notification settings - Fork 74
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
2 changed files
with
305 additions
and
1 deletion.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,304 @@ | ||
| // | ||
| // DISCLAIMER | ||
| // | ||
| // Copyright 2018 ArangoDB GmbH, Cologne, Germany | ||
| // | ||
| // Licensed under the Apache License, Version 2.0 (the "License"); | ||
| // you may not use this file except in compliance with the License. | ||
| // You may obtain a copy of the License at | ||
| // | ||
| // http://www.apache.org/licenses/LICENSE-2.0 | ||
| // | ||
| // Unless required by applicable law or agreed to in writing, software | ||
| // distributed under the License is distributed on an "AS IS" BASIS, | ||
| // WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| // See the License for the specific language governing permissions and | ||
| // limitations under the License. | ||
| // | ||
| // Copyright holder is ArangoDB GmbH, Cologne, Germany | ||
| // | ||
| // Author Ewout Prangsma | ||
| // | ||
|
|
||
| package tests | ||
|
|
||
| import ( | ||
| "context" | ||
| "strings" | ||
| "testing" | ||
|
|
||
| "github.com/dchest/uniuri" | ||
| "github.com/stretchr/testify/assert" | ||
| "k8s.io/api/core/v1" | ||
| metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" | ||
| "k8s.io/client-go/kubernetes" | ||
|
|
||
| driver "github.com/arangodb/go-driver" | ||
| api "github.com/arangodb/kube-arangodb/pkg/apis/deployment/v1alpha" | ||
| "github.com/arangodb/kube-arangodb/pkg/client" | ||
| "github.com/arangodb/kube-arangodb/pkg/util" | ||
| ) | ||
|
|
||
| // TestServiceAccountSingle tests the creating of a single server deployment | ||
| // with default settings using a custom service account. | ||
| func TestServiceAccountSingle(t *testing.T) { | ||
| longOrSkip(t) | ||
| c := client.MustNewInCluster() | ||
| kubecli := mustNewKubeClient(t) | ||
| ns := getNamespace(t) | ||
|
|
||
| // Prepare service account | ||
| namePrefix := "test-sa-sng-" | ||
| saName := mustCreateServiceAccount(kubecli, namePrefix, ns, t) | ||
| defer deleteServiceAccount(kubecli, saName, ns) | ||
|
|
||
| // Prepare deployment config | ||
| depl := newDeployment(namePrefix + uniuri.NewLen(4)) | ||
| depl.Spec.Mode = api.NewMode(api.DeploymentModeSingle) | ||
| depl.Spec.Single.ServiceAccountName = util.NewString(saName) | ||
|
|
||
| // Create deployment | ||
| _, err := c.DatabaseV1alpha().ArangoDeployments(ns).Create(depl) | ||
| if err != nil { | ||
| t.Fatalf("Create deployment failed: %v", err) | ||
| } | ||
| // Prepare cleanup | ||
| defer removeDeployment(c, depl.GetName(), ns) | ||
|
|
||
| // Wait for deployment to be ready | ||
| apiObject, err := waitUntilDeployment(c, depl.GetName(), ns, deploymentIsReady()) | ||
| if err != nil { | ||
| t.Fatalf("Deployment not running in time: %v", err) | ||
| } | ||
|
|
||
| // Create a database client | ||
| ctx := context.Background() | ||
| client := mustNewArangodDatabaseClient(ctx, kubecli, apiObject, t) | ||
|
|
||
| // Wait for single server available | ||
| if err := waitUntilVersionUp(client, nil); err != nil { | ||
| t.Fatalf("Single server not running returning version in time: %v", err) | ||
| } | ||
|
|
||
| // Check service account name | ||
| checkMembersUsingServiceAccount(kubecli, ns, apiObject.Status.Members.Single, saName, t) | ||
|
|
||
| // Check server role | ||
| assert.NoError(t, client.SynchronizeEndpoints(ctx)) | ||
| role, err := client.ServerRole(ctx) | ||
| assert.NoError(t, err) | ||
| assert.Equal(t, driver.ServerRoleSingle, role) | ||
| } | ||
|
|
||
| // TestServiceAccountActiveFailover tests the creating of a ActiveFailover server deployment | ||
| // with default settings using a custom service account. | ||
| func TestServiceAccountActiveFailover(t *testing.T) { | ||
| longOrSkip(t) | ||
| c := client.MustNewInCluster() | ||
| kubecli := mustNewKubeClient(t) | ||
| ns := getNamespace(t) | ||
|
|
||
| // Prepare service account | ||
| namePrefix := "test-sa-rs-" | ||
| saName := mustCreateServiceAccount(kubecli, namePrefix, ns, t) | ||
| defer deleteServiceAccount(kubecli, saName, ns) | ||
|
|
||
| // Prepare deployment config | ||
| depl := newDeployment(namePrefix + uniuri.NewLen(4)) | ||
| depl.Spec.Mode = api.NewMode(api.DeploymentModeActiveFailover) | ||
| depl.Spec.Single.ServiceAccountName = util.NewString(saName) | ||
| depl.Spec.Agents.ServiceAccountName = util.NewString(saName) | ||
|
|
||
| // Create deployment | ||
| _, err := c.DatabaseV1alpha().ArangoDeployments(ns).Create(depl) | ||
| if err != nil { | ||
| t.Fatalf("Create deployment failed: %v", err) | ||
| } | ||
| // Prepare cleanup | ||
| defer removeDeployment(c, depl.GetName(), ns) | ||
|
|
||
| // Wait for deployment to be ready | ||
| apiObject, err := waitUntilDeployment(c, depl.GetName(), ns, deploymentIsReady()) | ||
| if err != nil { | ||
| t.Fatalf("Deployment not running in time: %v", err) | ||
| } | ||
|
|
||
| // Create a database client | ||
| ctx := context.Background() | ||
| client := mustNewArangodDatabaseClient(ctx, kubecli, apiObject, t) | ||
|
|
||
| // Wait for single server available | ||
| if err := waitUntilVersionUp(client, nil); err != nil { | ||
| t.Fatalf("ActiveFailover servers not running returning version in time: %v", err) | ||
| } | ||
|
|
||
| // Check service account name | ||
| checkMembersUsingServiceAccount(kubecli, ns, apiObject.Status.Members.Single, saName, t) | ||
| checkMembersUsingServiceAccount(kubecli, ns, apiObject.Status.Members.Agents, saName, t) | ||
|
|
||
| // Check server role | ||
| assert.NoError(t, client.SynchronizeEndpoints(ctx)) | ||
| role, err := client.ServerRole(ctx) | ||
| assert.NoError(t, err) | ||
| assert.Equal(t, driver.ServerRoleSingleActive, role) | ||
| } | ||
|
|
||
| // TestServiceAccountCluster tests the creating of a cluster deployment | ||
| // with default settings using a custom service account. | ||
| func TestServiceAccountCluster(t *testing.T) { | ||
| longOrSkip(t) | ||
| c := client.MustNewInCluster() | ||
| kubecli := mustNewKubeClient(t) | ||
| ns := getNamespace(t) | ||
|
|
||
| // Prepare service account | ||
| namePrefix := "test-sa-cls-" | ||
| saName := mustCreateServiceAccount(kubecli, namePrefix, ns, t) | ||
| defer deleteServiceAccount(kubecli, saName, ns) | ||
|
|
||
| // Prepare deployment config | ||
| depl := newDeployment(namePrefix + uniuri.NewLen(4)) | ||
| depl.Spec.Mode = api.NewMode(api.DeploymentModeCluster) | ||
| depl.Spec.Agents.ServiceAccountName = util.NewString(saName) | ||
| depl.Spec.DBServers.ServiceAccountName = util.NewString(saName) | ||
| depl.Spec.Coordinators.ServiceAccountName = util.NewString(saName) | ||
|
|
||
| // Create deployment | ||
| _, err := c.DatabaseV1alpha().ArangoDeployments(ns).Create(depl) | ||
| if err != nil { | ||
| t.Fatalf("Create deployment failed: %v", err) | ||
| } | ||
| // Prepare cleanup | ||
| defer removeDeployment(c, depl.GetName(), ns) | ||
|
|
||
| // Wait for deployment to be ready | ||
| apiObject, err := waitUntilDeployment(c, depl.GetName(), ns, deploymentIsReady()) | ||
| if err != nil { | ||
| t.Fatalf("Deployment not running in time: %v", err) | ||
| } | ||
|
|
||
| // Create a database client | ||
| ctx := context.Background() | ||
| client := mustNewArangodDatabaseClient(ctx, kubecli, apiObject, t) | ||
|
|
||
| // Wait for cluster to be available | ||
| if err := waitUntilVersionUp(client, nil); err != nil { | ||
| t.Fatalf("Cluster not running returning version in time: %v", err) | ||
| } | ||
|
|
||
| // Check service account name | ||
| checkMembersUsingServiceAccount(kubecli, ns, apiObject.Status.Members.Agents, saName, t) | ||
| checkMembersUsingServiceAccount(kubecli, ns, apiObject.Status.Members.Coordinators, saName, t) | ||
| checkMembersUsingServiceAccount(kubecli, ns, apiObject.Status.Members.DBServers, saName, t) | ||
|
|
||
| // Check server role | ||
| assert.NoError(t, client.SynchronizeEndpoints(ctx)) | ||
| role, err := client.ServerRole(ctx) | ||
| assert.NoError(t, err) | ||
| assert.Equal(t, driver.ServerRoleCoordinator, role) | ||
| } | ||
|
|
||
| // TestServiceAccountClusterWithSync tests the creating of a cluster deployment | ||
| // with default settings and sync enabled using a custom service account. | ||
| func TestServiceAccountClusterWithSync(t *testing.T) { | ||
| longOrSkip(t) | ||
| img := getEnterpriseImageOrSkip(t) | ||
| c := client.MustNewInCluster() | ||
| kubecli := mustNewKubeClient(t) | ||
| ns := getNamespace(t) | ||
|
|
||
| // Prepare service account | ||
| namePrefix := "test-sa-cls-sync-" | ||
| saName := mustCreateServiceAccount(kubecli, namePrefix, ns, t) | ||
| defer deleteServiceAccount(kubecli, saName, ns) | ||
|
|
||
| // Prepare deployment config | ||
| depl := newDeployment(namePrefix + uniuri.NewLen(4)) | ||
| depl.Spec.Mode = api.NewMode(api.DeploymentModeCluster) | ||
| depl.Spec.Image = util.NewString(img) | ||
| depl.Spec.Sync.Enabled = util.NewBool(true) | ||
| depl.Spec.Agents.ServiceAccountName = util.NewString(saName) | ||
| depl.Spec.DBServers.ServiceAccountName = util.NewString(saName) | ||
| depl.Spec.Coordinators.ServiceAccountName = util.NewString(saName) | ||
| depl.Spec.SyncMasters.ServiceAccountName = util.NewString(saName) | ||
| depl.Spec.SyncWorkers.ServiceAccountName = util.NewString(saName) | ||
|
|
||
| // Create deployment | ||
| _, err := c.DatabaseV1alpha().ArangoDeployments(ns).Create(depl) | ||
| if err != nil { | ||
| t.Fatalf("Create deployment failed: %v", err) | ||
| } | ||
| // Prepare cleanup | ||
| defer removeDeployment(c, depl.GetName(), ns) | ||
|
|
||
| // Wait for deployment to be ready | ||
| apiObject, err := waitUntilDeployment(c, depl.GetName(), ns, deploymentIsReady()) | ||
| if err != nil { | ||
| t.Fatalf("Deployment not running in time: %v", err) | ||
| } | ||
|
|
||
| // Create a database client | ||
| ctx := context.Background() | ||
| client := mustNewArangodDatabaseClient(ctx, kubecli, apiObject, t) | ||
|
|
||
| // Wait for cluster to be available | ||
| if err := waitUntilVersionUp(client, nil); err != nil { | ||
| t.Fatalf("Cluster not running returning version in time: %v", err) | ||
| } | ||
|
|
||
| // Create a syncmaster client | ||
| syncClient := mustNewArangoSyncClient(ctx, kubecli, apiObject, t) | ||
|
|
||
| // Wait for syncmasters to be available | ||
| if err := waitUntilSyncVersionUp(syncClient, nil); err != nil { | ||
| t.Fatalf("SyncMasters not running returning version in time: %v", err) | ||
| } | ||
|
|
||
| // Check service account name | ||
| checkMembersUsingServiceAccount(kubecli, ns, apiObject.Status.Members.Agents, saName, t) | ||
| checkMembersUsingServiceAccount(kubecli, ns, apiObject.Status.Members.Coordinators, saName, t) | ||
| checkMembersUsingServiceAccount(kubecli, ns, apiObject.Status.Members.DBServers, saName, t) | ||
| checkMembersUsingServiceAccount(kubecli, ns, apiObject.Status.Members.SyncMasters, saName, t) | ||
| checkMembersUsingServiceAccount(kubecli, ns, apiObject.Status.Members.SyncWorkers, saName, t) | ||
|
|
||
| // Check server role | ||
| assert.NoError(t, client.SynchronizeEndpoints(ctx)) | ||
| role, err := client.ServerRole(ctx) | ||
| assert.NoError(t, err) | ||
| assert.Equal(t, driver.ServerRoleCoordinator, role) | ||
| } | ||
|
|
||
| // mustCreateServiceAccount creates an empty service account with random name and returns | ||
| // its name. On error, the test is failed. | ||
| func mustCreateServiceAccount(kubecli kubernetes.Interface, namePrefix, ns string, t *testing.T) string { | ||
| s := v1.ServiceAccount{ | ||
| ObjectMeta: metav1.ObjectMeta{ | ||
| Name: strings.ToLower(namePrefix + uniuri.NewLen(4)), | ||
| }, | ||
| } | ||
| if _, err := kubecli.CoreV1().ServiceAccounts(ns).Create(&s); err != nil { | ||
| t.Fatalf("Failed to create service account: %v", err) | ||
| } | ||
| return s.GetName() | ||
| } | ||
|
|
||
| // deleteServiceAccount deletes a service account with given name in given namespace. | ||
| func deleteServiceAccount(kubecli kubernetes.Interface, name, ns string) error { | ||
| if err := kubecli.CoreV1().ServiceAccounts(ns).Delete(name, &metav1.DeleteOptions{}); err != nil { | ||
| return maskAny(err) | ||
| } | ||
| return nil | ||
| } | ||
|
|
||
| // checkMembersUsingServiceAccount checks the serviceAccountName of the pods of all members | ||
| // to ensure that is equal to the given serviceAccountName. | ||
| func checkMembersUsingServiceAccount(kubecli kubernetes.Interface, ns string, members []api.MemberStatus, serviceAccountName string, t *testing.T) { | ||
| pods := kubecli.CoreV1().Pods(ns) | ||
| for _, m := range members { | ||
| if p, err := pods.Get(m.PodName, metav1.GetOptions{}); err != nil { | ||
| t.Errorf("Failed to get pod for member '%s': %v", m.ID, err) | ||
| } else if p.Spec.ServiceAccountName != serviceAccountName { | ||
| t.Errorf("Expected pod '%s' to have serviceAccountName '%s', got '%s'", p.GetName(), serviceAccountName, p.Spec.ServiceAccountName) | ||
| } | ||
| } | ||
| } |