Skip to content

Commit

Permalink
test:add test case for kubenest util
Browse files Browse the repository at this point in the history
Signed-off-by: qiuwei <[email protected]>
  • Loading branch information
qiuwei68 committed Sep 23, 2024
1 parent 792479f commit ba6f80b
Show file tree
Hide file tree
Showing 25 changed files with 727 additions and 5,789 deletions.
3 changes: 1 addition & 2 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -26,7 +26,6 @@ require (
github.com/spf13/cobra v1.6.0
github.com/spf13/pflag v1.0.5
github.com/spf13/viper v1.12.0
github.com/stretchr/testify v1.8.1
github.com/vishvananda/netlink v1.2.1-beta.2.0.20220630165224-c591ada0fb2b
golang.org/x/sys v0.12.0
golang.org/x/term v0.12.0
Expand Down Expand Up @@ -140,7 +139,6 @@ require (
github.com/pelletier/go-toml v1.9.5 // indirect
github.com/pelletier/go-toml/v2 v2.0.1 // indirect
github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/projectcalico/go-json v0.0.0-20161128004156-6219dc7339ba // indirect
github.com/projectcalico/go-yaml-wrapper v0.0.0-20191112210931-090425220c54 // indirect
github.com/prometheus/client_golang v1.14.0 // indirect
Expand All @@ -151,6 +149,7 @@ require (
github.com/spf13/afero v1.9.2 // indirect
github.com/spf13/jwalterweatherman v1.1.0 // indirect
github.com/stoewer/go-strcase v1.2.0 // indirect
github.com/stretchr/testify v1.9.0 // indirect
github.com/subosito/gotenv v1.3.0 // indirect
github.com/vishvananda/netns v0.0.0-20210104183010-2eb08e3e575f // indirect
github.com/xlab/treeprint v1.1.0 // indirect
Expand Down
5 changes: 3 additions & 2 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -1387,8 +1387,8 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
github.com/stretchr/objx v0.5.0 h1:1zr/of2m5FGMsad5YfcqgdqdWrIhu+EBEJRhR1U7z/c=
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY=
github.com/stretchr/testify v0.0.0-20180303142811-b89eecf5ca5d/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
Expand All @@ -1398,8 +1398,9 @@ github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
github.com/stretchr/testify v1.9.0 h1:HtqpIVDClZ4nwg75+f6Lvsy/wHu+3BoSGCbBAcpTsTg=
github.com/stretchr/testify v1.9.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY=
github.com/subosito/gotenv v1.2.0/go.mod h1:N0PQaV/YGNqwC0u51sEeR/aUtSLEXKX9iv69rRypqCw=
github.com/subosito/gotenv v1.3.0 h1:mjC+YW8QpAdXibNi+vNWgzmgBH4+5l5dCXv8cNysBLI=
github.com/subosito/gotenv v1.3.0/go.mod h1:YzJjq/33h7nrwdY+iHMhEOEEbW0ovIz0tB6t6PwAXzs=
Expand Down
273 changes: 273 additions & 0 deletions pkg/kubenest/util/cert/certs_test.go
Original file line number Diff line number Diff line change
@@ -0,0 +1,273 @@
package cert

import (
"crypto/x509"
"net"
"testing"
"time"

"github.com/kosmos.io/kosmos/pkg/kubenest/constants"
)

func TestCertConfig_defaultPublicKeyAlgorithm(t *testing.T) {
// 测试场景 1:PublicKeyAlgorithm 未设置,应该设置为 x509.RSA
config := &CertConfig{
PublicKeyAlgorithm: x509.UnknownPublicKeyAlgorithm,
}
config.defaultPublicKeyAlgorithm()
if config.PublicKeyAlgorithm != x509.RSA {
t.Errorf("expected PublicKeyAlgorithm to be x509.RSA, got %v", config.PublicKeyAlgorithm)
}

// 测试场景 2:PublicKeyAlgorithm 已设置,不应更改
config = &CertConfig{
PublicKeyAlgorithm: x509.ECDSA,
}
config.defaultPublicKeyAlgorithm()
if config.PublicKeyAlgorithm != x509.ECDSA {
t.Errorf("expected PublicKeyAlgorithm to remain x509.ECDSA, got %v", config.PublicKeyAlgorithm)
}
}

func TestCertConfig_defaultNotAfter(t *testing.T) {
// 测试场景 1:NotAfter 未设置,应该自动设置为当前时间加上常量值
config := &CertConfig{
NotAfter: nil,
}
config.defaultNotAfter()
expectedNotAfter := time.Now().Add(constants.CertificateValidity)
if config.NotAfter == nil || config.NotAfter.Sub(expectedNotAfter) > time.Second {
t.Errorf("expected NotAfter to be %v, got %v", expectedNotAfter, config.NotAfter)
}

// 测试场景 2:NotAfter 已设置,不应更改
expectedTime := time.Now().Add(24 * time.Hour)
config = &CertConfig{
NotAfter: &expectedTime,
}
config.defaultNotAfter()
if config.NotAfter != &expectedTime {
t.Errorf("expected NotAfter to remain %v, got %v", expectedTime, config.NotAfter)
}
}

func TestGetDefaultCertList(t *testing.T) {
certList := GetDefaultCertList()

// 确认返回的 CertConfig 列表包含预期数量的配置
expectedCertCount := 9
if len(certList) != expectedCertCount {
t.Fatalf("expected %d certs, but got %d", expectedCertCount, len(certList))
}

// 验证每个 CertConfig 的 Name 是否符合预期
expectedNames := []string{
constants.CaCertAndKeyName, // CA cert
constants.VirtualClusterCertAndKeyName, // Admin cert
constants.ApiserverCertAndKeyName, // Apiserver cert
constants.FrontProxyCaCertAndKeyName, // Front proxy CA cert
constants.FrontProxyClientCertAndKeyName, // Front proxy client cert
constants.EtcdCaCertAndKeyName, // ETCD CA cert
constants.EtcdServerCertAndKeyName, // ETCD server cert
constants.EtcdClientCertAndKeyName, // ETCD client cert
constants.ProxyServerCertAndKeyName, // Proxy server cert
}

for i, certConfig := range certList {
if certConfig.Name != expectedNames[i] {
t.Errorf("expected cert name %s, but got %s", expectedNames[i], certConfig.Name)
}
}
}

func TestVirtualClusterProxyServer(t *testing.T) {
certConfig := VirtualClusterProxyServer()

// 验证 certConfig 的各项配置
if certConfig.Name != constants.ProxyServerCertAndKeyName {
t.Errorf("expected Name to be %s, but got %s", constants.ProxyServerCertAndKeyName, certConfig.Name)
}
if certConfig.CAName != constants.CaCertAndKeyName {
t.Errorf("expected CAName to be %s, but got %s", constants.CaCertAndKeyName, certConfig.CAName)
}
if certConfig.Config.CommonName != "virtualCluster-proxy-server" {
t.Errorf("expected CommonName to be virtualCluster-proxy-server, but got %s", certConfig.Config.CommonName)
}
expectedUsages := []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageClientAuth}
if len(certConfig.Config.Usages) != len(expectedUsages) {
t.Errorf("expected %d usages, but got %d", len(expectedUsages), len(certConfig.Config.Usages))
}
for i, usage := range certConfig.Config.Usages {
if usage != expectedUsages[i] {
t.Errorf("expected usage %v, but got %v", expectedUsages[i], usage)
}
}
}

func TestVirtualClusterCertEtcdCA(t *testing.T) {
certConfig := VirtualClusterCertEtcdCA()

// 验证 certConfig 的各项配置
if certConfig.Name != constants.EtcdCaCertAndKeyName {
t.Errorf("expected Name to be %s, but got %s", constants.EtcdCaCertAndKeyName, certConfig.Name)
}
if certConfig.Config.CommonName != "virtualcluster-etcd-ca" {
t.Errorf("expected CommonName to be virtualcluster-etcd-ca, but got %s", certConfig.Config.CommonName)
}
}

// Test VirtualClusterCertEtcdServer
func TestVirtualClusterCertEtcdServer(t *testing.T) {
certConfig := VirtualClusterCertEtcdServer()

// 验证 certConfig 的各项配置
if certConfig.Name != constants.EtcdServerCertAndKeyName {
t.Errorf("expected Name to be %s, but got %s", constants.EtcdServerCertAndKeyName, certConfig.Name)
}
if certConfig.CAName != constants.EtcdCaCertAndKeyName {
t.Errorf("expected CAName to be %s, but got %s", constants.EtcdCaCertAndKeyName, certConfig.CAName)
}
if certConfig.Config.CommonName != "virtualCluster-etcd-server" {
t.Errorf("expected CommonName to be virtualCluster-etcd-server, but got %s", certConfig.Config.CommonName)
}
expectedUsages := []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageClientAuth}
if len(certConfig.Config.Usages) != len(expectedUsages) {
t.Errorf("expected %d usages, but got %d", len(expectedUsages), len(certConfig.Config.Usages))
}
for i, usage := range certConfig.Config.Usages {
if usage != expectedUsages[i] {
t.Errorf("expected usage %v, but got %v", expectedUsages[i], usage)
}
}
}

// Test VirtualClusterCertEtcdClient
func TestVirtualClusterCertEtcdClient(t *testing.T) {
certConfig := VirtualClusterCertEtcdClient()

// 验证 certConfig 的各项配置
if certConfig.Name != constants.EtcdClientCertAndKeyName {
t.Errorf("expected Name to be %s, but got %s", constants.EtcdClientCertAndKeyName, certConfig.Name)
}
if certConfig.CAName != constants.EtcdCaCertAndKeyName {
t.Errorf("expected CAName to be %s, but got %s", constants.EtcdCaCertAndKeyName, certConfig.CAName)
}
if certConfig.Config.CommonName != "virtualCluster-etcd-client" {
t.Errorf("expected CommonName to be virtualCluster-etcd-client, but got %s", certConfig.Config.CommonName)
}
expectedUsages := []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth, x509.ExtKeyUsageClientAuth}
if len(certConfig.Config.Usages) != len(expectedUsages) {
t.Errorf("expected %d usages, but got %d", len(expectedUsages), len(certConfig.Config.Usages))
}
}

// Test VirtualClusterCertFrontProxyCA
func TestVirtualClusterCertFrontProxyCA(t *testing.T) {
certConfig := VirtualClusterCertFrontProxyCA()

// 验证 certConfig 的各项配置
if certConfig.Name != constants.FrontProxyCaCertAndKeyName {
t.Errorf("expected Name to be %s, but got %s", constants.FrontProxyCaCertAndKeyName, certConfig.Name)
}
if certConfig.Config.CommonName != "front-proxy-ca" {
t.Errorf("expected CommonName to be front-proxy-ca, but got %s", certConfig.Config.CommonName)
}
}

// Test VirtualClusterFrontProxyClient
func TestVirtualClusterFrontProxyClient(t *testing.T) {
certConfig := VirtualClusterFrontProxyClient()

// 验证 certConfig 的各项配置
if certConfig.Name != constants.FrontProxyClientCertAndKeyName {
t.Errorf("expected Name to be %s, but got %s", constants.FrontProxyClientCertAndKeyName, certConfig.Name)
}
if certConfig.CAName != constants.FrontProxyCaCertAndKeyName {
t.Errorf("expected CAName to be %s, but got %s", constants.FrontProxyCaCertAndKeyName, certConfig.CAName)
}
if certConfig.Config.CommonName != "front-proxy-client" {
t.Errorf("expected CommonName to be front-proxy-client, but got %s", certConfig.Config.CommonName)
}
expectedUsages := []x509.ExtKeyUsage{x509.ExtKeyUsageClientAuth}
if len(certConfig.Config.Usages) != len(expectedUsages) {
t.Errorf("expected %d usages, but got %d", len(expectedUsages), len(certConfig.Config.Usages))
}
for i, usage := range certConfig.Config.Usages {
if usage != expectedUsages[i] {
t.Errorf("expected usage %v, but got %v", expectedUsages[i], usage)
}
}
}

// Test VirtualClusterCertApiserver
func TestVirtualClusterCertApiserver(t *testing.T) {
certConfig := VirtualClusterCertApiserver()

// 验证 certConfig 的各项配置
if certConfig.Name != constants.ApiserverCertAndKeyName {
t.Errorf("expected Name to be %s, but got %s", constants.ApiserverCertAndKeyName, certConfig.Name)
}
if certConfig.CAName != constants.CaCertAndKeyName {
t.Errorf("expected CAName to be %s, but got %s", constants.CaCertAndKeyName, certConfig.CAName)
}
if certConfig.Config.CommonName != "virtualCluster-apiserver" {
t.Errorf("expected CommonName to be virtualCluster-apiserver, but got %s", certConfig.Config.CommonName)
}
expectedUsages := []x509.ExtKeyUsage{x509.ExtKeyUsageServerAuth}
if len(certConfig.Config.Usages) != len(expectedUsages) {
t.Errorf("expected %d usages, but got %d", len(expectedUsages), len(certConfig.Config.Usages))
}
for i, usage := range certConfig.Config.Usages {
if usage != expectedUsages[i] {
t.Errorf("expected usage %v, but got %v", expectedUsages[i], usage)
}
}
}

// Test etcdServerAltNamesMutator
func TestEtcdServerAltNamesMutator(t *testing.T) {
cfg := &AltNamesMutatorConfig{
Name: "test",
Namespace: "default",
ClusterIPs: []string{
"10.96.0.1",
"10.96.0.2",
},
}

altNames, err := etcdServerAltNamesMutator(cfg)
if err != nil {
t.Fatalf("unexpected error: %v", err)
}

// 验证 DNS 名称
expectedDNSNames := []string{
"localhost",
"test.default.svc.cluster.local",
"*.test.default.svc.cluster.local",
}
if len(altNames.DNSNames) != len(expectedDNSNames) {
t.Fatalf("expected %d DNS names, but got %d", len(expectedDNSNames), len(altNames.DNSNames))
}
for i, dns := range altNames.DNSNames {
if dns != expectedDNSNames[i] {
t.Errorf("expected DNS name %s, but got %s", expectedDNSNames[i], dns)
}
}

// 验证 IP 地址
expectedIPs := []net.IP{
net.ParseIP("::1"),
net.IPv4(127, 0, 0, 1),
net.ParseIP("10.96.0.1"),
net.ParseIP("10.96.0.2"),
}
if len(altNames.IPs) != len(expectedIPs) {
t.Fatalf("expected %d IPs, but got %d", len(expectedIPs), len(altNames.IPs))
}
for i, ip := range altNames.IPs {
if !ip.Equal(expectedIPs[i]) {
t.Errorf("expected IP %v, but got %v", expectedIPs[i], ip)
}
}
}
Loading

0 comments on commit ba6f80b

Please sign in to comment.