kyverno/pkg/engine/overlay_test.go

package engine

import (
	"encoding/json"
	"reflect"
	"testing"

	jsonpatch "github.com/evanphx/json-patch"
	"gotest.tools/assert"
)

func compareJSONAsMap(t *testing.T, expected, actual []byte) {
	var expectedMap, actualMap map[string]interface{}
	assert.NilError(t, json.Unmarshal(expected, &expectedMap))
	assert.NilError(t, json.Unmarshal(actual, &actualMap))
	assert.Assert(t, reflect.DeepEqual(expectedMap, actualMap))
}

func TestProcessOverlayPatches_NestedListWithAnchor(t *testing.T) {
	resourceRaw := []byte(`
	 {  
		"apiVersion":"v1",
		"kind":"Endpoints",
		"metadata":{  
		   "name":"test-endpoint",
		   "labels":{  
			  "label":"test"
		   }
		},
		"subsets":[  
		   {  
			  "addresses":[  
				 {  
					"ip":"192.168.10.171"
				 }
			  ],
			  "ports":[  
				 {  
					"name":"secure-connection",
					"port":443,
					"protocol":"TCP"
				 }
			  ]
		   }
		]
	 }`)

	overlayRaw := []byte(`
	 {  
		"subsets":[  
		   {  
			  "ports":[  
				 {  
					"(name)":"secure-connection",
					"port":444,
					"protocol":"UDP"
				 }
			  ]
		   }
		]
	 }`)

	var resource, overlay interface{}

	json.Unmarshal(resourceRaw, &resource)
	json.Unmarshal(overlayRaw, &overlay)

	patches, err := processOverlayPatches(resource, overlay)
	assert.NilError(t, err)
	assert.Assert(t, patches != nil)

	patch := JoinPatches(patches)
	decoded, err := jsonpatch.DecodePatch(patch)
	assert.NilError(t, err)
	assert.Assert(t, decoded != nil)

	patched, err := decoded.Apply(resourceRaw)
	assert.NilError(t, err)
	assert.Assert(t, patched != nil)

	expectedResult := []byte(`
	 {  
		"apiVersion":"v1",
		"kind":"Endpoints",
		"metadata":{  
		   "name":"test-endpoint",
		   "labels":{  
			  "label":"test"
		   }
		},
		"subsets":[  
		   {  
			  "addresses":[  
				 {  
					"ip":"192.168.10.171"
				 }
			  ],
			  "ports":[  
				 {  
					"name":"secure-connection",
					"port":444.000000,
					"protocol":"UDP"
				 }
			  ]
		   }
		]
	 }`)

	compareJSONAsMap(t, expectedResult, patched)
}

func TestProcessOverlayPatches_InsertIntoArray(t *testing.T) {
	resourceRaw := []byte(`
	 {  
		"apiVersion":"v1",
		"kind":"Endpoints",
		"metadata":{  
		   "name":"test-endpoint",
		   "labels":{  
			  "label":"test"
		   }
		},
		"subsets":[  
		   {  
			  "addresses":[  
				 {  
					"ip":"192.168.10.171"
				 }
			  ],
			  "ports":[  
				 {  
					"name":"secure-connection",
					"port":443,
					"protocol":"TCP"
				 }
			  ]
		   }
		]
	 }`)
	overlayRaw := []byte(`
	 {  
		"subsets":[  
		   {  
			  "addresses":[  
				 {  
					"ip":"192.168.10.172"
				 },
				 {  
					"ip":"192.168.10.173"
				 }
			  ],
			  "ports":[  
				 {  
					"name":"insecure-connection",
					"port":80,
					"protocol":"UDP"
				 }
			  ]
		   }
		]
	 }`)

	var resource, overlay interface{}

	json.Unmarshal(resourceRaw, &resource)
	json.Unmarshal(overlayRaw, &overlay)

	patches, err := processOverlayPatches(resource, overlay)
	assert.NilError(t, err)
	assert.Assert(t, patches != nil)

	patch := JoinPatches(patches)

	decoded, err := jsonpatch.DecodePatch(patch)
	assert.NilError(t, err)
	assert.Assert(t, decoded != nil)

	patched, err := decoded.Apply(resourceRaw)
	assert.NilError(t, err)
	assert.Assert(t, patched != nil)

	expectedResult := []byte(`{  
		"apiVersion":"v1",
		"kind":"Endpoints",
		"metadata":{  
		   "name":"test-endpoint",
		   "labels":{  
			  "label":"test"
		   }
		},
		"subsets":[  
		   {  
			  "addresses":[  
				 {  
					"ip":"192.168.10.171"
				 }
			  ],
			  "ports":[  
				 {  
					"name":"secure-connection",
					"port":443,
					"protocol":"TCP"
				 }
			  ]
		   },
		   {  
			  "addresses":[  
				 {  
					"ip":"192.168.10.172"
				 },
				 {  
					"ip":"192.168.10.173"
				 }
			  ],
			  "ports":[  
				 {  
					"name":"insecure-connection",
					"port":80,
					"protocol":"UDP"
				 }
			  ]
		   }
		]
	 }`)

	compareJSONAsMap(t, expectedResult, patched)
}

func TestProcessOverlayPatches_TestInsertToArray(t *testing.T) {
	overlayRaw := []byte(`
	 {  
		"spec":{  
		   "template":{  
			  "spec":{  
				 "containers":[  
					{  
					   "name":"pi1",
					   "image":"vasylev.perl"
					}
				 ]
			  }
		   }
		}
	 }`)
	resourceRaw := []byte(`{  
		"apiVersion":"batch/v1",
		"kind":"Job",
		"metadata":{  
		   "name":"pi"
		},
		"spec":{  
		   "template":{  
			  "spec":{  
				 "containers":[  
					{  
					   "name":"piv0",
					   "image":"perl",
					   "command":[  
						  "perl"
					   ]
					},
					{  
					   "name":"pi",
					   "image":"perl",
					   "command":[  
						  "perl"
					   ]
					},
					{  
					   "name":"piv1",
					   "image":"perl",
					   "command":[  
						  "perl"
					   ]
					}
				 ],
				 "restartPolicy":"Never"
			  }
		   },
		   "backoffLimit":4
		}
	 }`)

	var resource, overlay interface{}

	json.Unmarshal(resourceRaw, &resource)
	json.Unmarshal(overlayRaw, &overlay)

	patches, err := processOverlayPatches(resource, overlay)
	assert.NilError(t, err)
	assert.Assert(t, patches != nil)

	patch := JoinPatches(patches)

	decoded, err := jsonpatch.DecodePatch(patch)
	assert.NilError(t, err)
	assert.Assert(t, decoded != nil)

	patched, err := decoded.Apply(resourceRaw)
	assert.NilError(t, err)
	assert.Assert(t, patched != nil)
}

func TestProcessOverlayPatches_ImagePullPolicy(t *testing.T) {
	overlayRaw := []byte(`{
		"spec": {
			"template": {
				"spec": {
					"containers": [
						{
							"(image)": "*:latest",
							"imagePullPolicy": "IfNotPresent",
							"ports": [
								{
									"containerPort": 8080
								}
							]
						}
					]
				}
			}
		}
	}`)
	resourceRaw := []byte(`{
		"apiVersion": "apps/v1",
		"kind": "Deployment",
		"metadata": {
			"name": "nginx-deployment",
			"labels": {
				"app": "nginx"
			}
		},
		"spec": {
			"replicas": 1,
			"selector": {
				"matchLabels": {
					"app": "nginx"
				}
			},
			"template": {
				"metadata": {
					"labels": {
						"app": "nginx"
					}
				},
				"spec": {
					"containers": [
						{
							"name": "nginx",
							"image": "nginx:latest",
							"ports": [
								{
									"containerPort": 80
								}
							]
						},
						{
							"name": "ghost",
							"image": "ghost:latest"
						}
					]
				}
			}
		}
	}`)

	var resource, overlay interface{}

	json.Unmarshal(resourceRaw, &resource)
	json.Unmarshal(overlayRaw, &overlay)

	patches, err := processOverlayPatches(resource, overlay)
	assert.NilError(t, err)
	assert.Assert(t, len(patches) != 0)

	doc, err := ApplyPatches(resourceRaw, patches)
	assert.NilError(t, err)
	expectedResult := []byte(`{  
		"apiVersion":"apps/v1",
		"kind":"Deployment",
		"metadata":{  
		   "name":"nginx-deployment",
		   "labels":{  
			  "app":"nginx"
		   }
		},
		"spec":{  
		   "replicas":1,
		   "selector":{  
			  "matchLabels":{  
				 "app":"nginx"
			  }
		   },
		   "template":{  
			  "metadata":{  
				 "labels":{  
					"app":"nginx"
				 }
			  },
			  "spec":{  
				 "containers":[  
					{  
					   "image":"nginx:latest",
					   "imagePullPolicy":"IfNotPresent",
					   "name":"nginx",
					   "ports":[  
						  {  
							 "containerPort":80
						  },
						  {  
							 "containerPort":8080
						  }
					   ]
					},
					{  
					   "image":"ghost:latest",
					   "imagePullPolicy":"IfNotPresent",
					   "name":"ghost",
					   "ports":[  
						  {  
							 "containerPort":8080
						  }
					   ]
					}
				 ]
			  }
		   }
		}
	 }`)

	compareJSONAsMap(t, expectedResult, doc)

	overlayRaw = []byte(`{
		"spec": {
			"template": {
				"metadata": {
					"labels": {
						"(app)": "nginx"
					}
				},
				"spec": {
					"containers": [
						{
							"(image)": "*:latest",
							"imagePullPolicy": "IfNotPresent",
							"ports": [
								{
									"containerPort": 8080
								}
							]
						}
					]
				}
			}
		}
	}`)

	json.Unmarshal(overlayRaw, &overlay)

	patches, err = processOverlayPatches(resource, overlay)
	assert.NilError(t, err)
	assert.Assert(t, len(patches) != 0)

	doc, err = ApplyPatches(resourceRaw, patches)
	assert.NilError(t, err)

	compareJSONAsMap(t, expectedResult, doc)

	overlayRaw = []byte(`{
		"spec": {
			"template": {
				"metadata": {
					"labels": {
						"(app)": "nginx1"
					}
				},
				"spec": {
					"containers": [
						{
							"(image)": "*:latest",
							"imagePullPolicy": "IfNotPresent",
							"ports": [
								{
									"containerPort": 8080
								}
							]
						}
					]
				}
			}
		}
	}`)

	json.Unmarshal(overlayRaw, &overlay)

	patches, err = processOverlayPatches(resource, overlay)
	assert.Error(t, err, "Conditions are not met")
	assert.Assert(t, len(patches) == 0)
}

func TestProcessOverlayPatches_AddingAnchor(t *testing.T) {
	overlayRaw := []byte(`{
		"metadata": {
			"name": "nginx-deployment",
			"labels": {
				"+(app)": "should-not-be-here",
				"+(key1)": "value1"
			}
		}
	}`)
	resourceRaw := []byte(`{
		"metadata": {
			"name": "nginx-deployment",
			"labels": {
				"app": "nginx"
			}
		}
	}`)

	var resource, overlay interface{}

	json.Unmarshal(resourceRaw, &resource)
	json.Unmarshal(overlayRaw, &overlay)

	patches, err := processOverlayPatches(resource, overlay)
	assert.NilError(t, err)
	assert.Assert(t, len(patches) != 0)

	doc, err := ApplyPatches(resourceRaw, patches)
	assert.NilError(t, err)
	expectedResult := []byte(`{  
		"metadata":{  
		   "labels":{  
			  "app":"nginx",
			  "key1":"value1"
		   },
		   "name":"nginx-deployment"
		}
	 }`)

	compareJSONAsMap(t, expectedResult, doc)
}

func TestProcessOverlayPatches_AddingAnchorInsideListElement(t *testing.T) {
	overlayRaw := []byte(`
	{
		"spec": {
			"template": {
				"spec": {
					"containers": [
						{
							"(image)": "*:latest",
							"+(imagePullPolicy)": "IfNotPresent"
						}
					]
				}
			}
		}
	}`)
	resourceRaw := []byte(`
	{  
		"apiVersion":"apps/v1",
		"kind":"Deployment",
		"metadata":{  
			"name":"nginx-deployment",
			"labels":{  
				"app":"nginx"
			}
		},
		"spec":{  
			"replicas":1,
			"selector":{  
				"matchLabels":{  
					"app":"nginx"
				}
			},
			"template":{  
				"metadata":{  
					"labels":{  
						"app":"nginx"
					}
				},
				"spec":{  
					"containers":[  
						{  
							"image":"nginx:latest"
						},
						{  
							"image":"ghost:latest",
							"imagePullPolicy":"Always"
						},
						{  
							"image":"debian:10"
						},
						{  
							"image":"ubuntu:18.04",
							"imagePullPolicy":"Always"
						}
					]
				}
			}
		}
	}`)

	var resource, overlay interface{}

	json.Unmarshal(resourceRaw, &resource)
	json.Unmarshal(overlayRaw, &overlay)

	patches, err := processOverlayPatches(resource, overlay)
	assert.NilError(t, err)
	assert.Assert(t, len(patches) != 0)

	doc, err := ApplyPatches(resourceRaw, patches)
	assert.NilError(t, err)
	expectedResult := []byte(`
	{  
		"apiVersion":"apps/v1",
		"kind":"Deployment",
		"metadata":{  
			"name":"nginx-deployment",
			"labels":{  
				"app":"nginx"
			}
		},
		"spec":{  
			"replicas":1,
			"selector":{  
				"matchLabels":{  
					"app":"nginx"
				}
			},
			"template":{  
				"metadata":{  
					"labels":{  
						"app":"nginx"
					}
				},
				"spec":{  
					"containers":[  
						{  
							"image":"nginx:latest",
							"imagePullPolicy":"IfNotPresent"
						},
						{  
							"image":"ghost:latest",
							"imagePullPolicy":"Always"
						},
						{  
							"image":"debian:10"
						},
						{  
							"image":"ubuntu:18.04",
							"imagePullPolicy":"Always"
						}
					]
				}
			}
		}
	}`)
	compareJSONAsMap(t, expectedResult, doc)

	// multiple anchors
	overlayRaw = []byte(`
	{
		"spec": {
			"template": {
				"metadata": {
					"labels": {
						"(app)": "nginx"
					}
				},
				"spec": {
					"containers": [
						{
							"(image)": "*:latest",
							"+(imagePullPolicy)": "IfNotPresent"
						}
					]
				}
			}
		}
	}`)

	json.Unmarshal(overlayRaw, &overlay)

	patches, err = processOverlayPatches(resource, overlay)
	assert.NilError(t, err)
	assert.Assert(t, len(patches) != 0)

	doc, err = ApplyPatches(resourceRaw, patches)
	assert.NilError(t, err)

	compareJSONAsMap(t, expectedResult, doc)
}

func TestProcessOverlayPatches_anchorOnPeer(t *testing.T) {
	resourceRaw := []byte(`
	{  
	   "apiVersion":"v1",
	   "kind":"Endpoints",
	   "metadata":{  
		  "name":"test-endpoint",
		  "labels":{  
			 "label":"test"
		  }
	   },
	   "subsets":[  
		  {  
			 "addresses":[  
				{  
				   "ip":"192.168.10.171"
				}
			 ],
			 "ports":[  
				{  
				   "name":"secure-connection",
				   "port":443,
				   "protocol":"TCP"
				}
			 ]
		  }
	   ]
	}`)

	overlayRaw := []byte(`
	{  
	   "subsets":[  
		  {  
		   "addresses":[  
			   {  
				  "(ip)":"192.168.10.171"
			   }
			],
			 "ports":[  
				{  
				   "(name)":"secure-connection",
				   "port":444,
				   "protocol":"UDP"
				}
			 ]
		  }
	   ]
	}`)

	var resource, overlay interface{}

	json.Unmarshal(resourceRaw, &resource)
	json.Unmarshal(overlayRaw, &overlay)

	patches, err := processOverlayPatches(resource, overlay)
	assert.NilError(t, err)
	assert.Assert(t, len(patches) != 0)

	doc, err := ApplyPatches(resourceRaw, patches)
	assert.NilError(t, err)
	expectedResult := []byte(`	{  
		"apiVersion":"v1",
		"kind":"Endpoints",
		"metadata":{  
		   "name":"test-endpoint",
		   "labels":{  
			  "label":"test"
		   }
		},
		"subsets":[  
		   {  
			  "addresses":[  
				 {  
					"ip":"192.168.10.171"
				 }
			  ],
			  "ports":[  
				 {  
					"name":"secure-connection",
					"port":444,
					"protocol":"UDP"
				 }
			  ]
		   }
		]
	 }`)

	compareJSONAsMap(t, expectedResult, doc)

	overlayRaw = []byte(`
	{  
	   "subsets":[  
		  {  
		   "addresses":[  
			   {  
				  "ip":"192.168.10.171"
			   }
			],
			 "ports":[  
				{  
				   "(name)":"secure-connection",
				   "(port)":444,
				   "protocol":"UDP"
				}
			 ]
		  }
	   ]
	}`)

	json.Unmarshal(overlayRaw, &overlay)

	patches, err = processOverlayPatches(resource, overlay)
	assert.Error(t, err, "Conditions are not met")
	assert.Assert(t, len(patches) == 0)
}

func TestProcessOverlayPatches_insertWithCondition(t *testing.T) {
	resourceRaw := []byte(`{
		"apiVersion": "apps/v1",
		"kind": "Deployment",
		"metadata": {
		   "name": "psp-demo-unprivileged",
		   "labels": {
			  "app.type": "prod"
		   }
		},
		"spec": {
		   "replicas": 1,
		   "selector": {
			  "matchLabels": {
				 "app": "psp"
			  }
		   },
		   "template": {
			  "metadata": {
				 "labels": {
					"app": "psp"
				 }
			  },
			  "spec": {
				 "securityContext": {
					"runAsNonRoot": true
				 },
				 "containers": [
					{
					   "name": "sec-ctx-unprivileged",
					   "image": "nginxinc/nginx-unprivileged",
					   "securityContext": {
						  "runAsNonRoot": true,
						  "allowPrivilegeEscalation": false
					   },
					   "env": [
						  {
							 "name": "ENV_KEY",
							 "value": "ENV_VALUE"
						  }
					   ]
					}
				 ]
			  }
		   }
		}
	 }`)

	overlayRaw := []byte(`{
		"spec": {
		   "template": {
			  "spec": {
				 "containers": [
					{
					   "(image)": "*/nginx-unprivileged",
					   "securityContext": {
						  "(runAsNonRoot)": true,
						  "allowPrivilegeEscalation": true
					   },
					   "env": [
						  {
							 "name": "ENV_NEW_KEY",
							 "value": "ENV_NEW_VALUE"
						  }
					   ]
					}
				 ]
			  }
		   }
		}
	 }`)

	var resource, overlay interface{}

	json.Unmarshal(resourceRawAnchorOnPeers, &resource)
	json.Unmarshal(overlayRaw, &overlay)

	patches, err := processOverlayPatches(resource, overlay)
	assert.NilError(t, err)
	assert.Assert(t, len(patches) != 0)

	doc, err := ApplyPatches(resourceRaw, patches)
	assert.NilError(t, err)
	expectedResult := []byte(`{
		"apiVersion": "apps/v1",
		"kind": "Deployment",
		"metadata": {
		   "name": "psp-demo-unprivileged",
		   "labels": {
			  "app.type": "prod"
		   }
		},
		"spec": {
		   "replicas": 1,
		   "selector": {
			  "matchLabels": {
				 "app": "psp"
			  }
		   },
		   "template": {
			  "metadata": {
				 "labels": {
					"app": "psp"
				 }
			  },
			  "spec": {
				 "securityContext": {
					"runAsNonRoot": true
				 },
				 "containers": [
					{
					   "name": "sec-ctx-unprivileged",
					   "image": "nginxinc/nginx-unprivileged",
					   "securityContext": {
						  "runAsNonRoot": true,
						  "allowPrivilegeEscalation": true
					   },
					   "env": [
						  {
							 "name": "ENV_KEY",
							 "value": "ENV_VALUE"
						  },
						  {
							 "name": "ENV_NEW_KEY",
							 "value": "ENV_NEW_VALUE"
						 }
					   ]
					}
				 ]
			  }
		   }
		}
	 }`)

	compareJSONAsMap(t, expectedResult, doc)
}
Implemented base for Mutation Overlay 2019-05-21 18:27:56 +03:00			`package engine`

			`import (`
Updated mutation base due to spec 2019-05-22 18:28:38 +01:00			`"encoding/json"`
127: Implemented usage of result package in validation and mutation functions. 2019-06-05 13:43:07 +03:00			`"reflect"`
Implemented base for Mutation Overlay 2019-05-21 18:27:56 +03:00			`"testing"`

Finished mutating overlay. Added several tests 2019-05-22 22:34:25 +01:00			`jsonpatch "github.com/evanphx/json-patch"`
Implemented base for Mutation Overlay 2019-05-21 18:27:56 +03:00			`"gotest.tools/assert"`
			`)`

go vet corrections 2019-07-23 03:08:00 -04:00			`func compareJSONAsMap(t *testing.T, expected, actual []byte) {`
127: Implemented usage of result package in validation and mutation functions. 2019-06-05 13:43:07 +03:00			`var expectedMap, actualMap map[string]interface{}`
			`assert.NilError(t, json.Unmarshal(expected, &expectedMap))`
			`assert.NilError(t, json.Unmarshal(actual, &actualMap))`
			`assert.Assert(t, reflect.DeepEqual(expectedMap, actualMap))`
			`}`

update unit tests 2019-07-26 17:52:26 -07:00			`func TestProcessOverlayPatches_NestedListWithAnchor(t *testing.T) {`
Fixed minor issue in overlay logic. Added tests 2019-05-23 17:31:34 +03:00			resourceRaw := []byte(`
			`{`
			`"apiVersion":"v1",`
			`"kind":"Endpoints",`
			`"metadata":{`
			`"name":"test-endpoint",`
			`"labels":{`
			`"label":"test"`
			`}`
			`},`
			`"subsets":[`
			`{`
			`"addresses":[`
			`{`
			`"ip":"192.168.10.171"`
			`}`
			`],`
			`"ports":[`
			`{`
			`"name":"secure-connection",`
			`"port":443,`
			`"protocol":"TCP"`
			`}`
			`]`
			`}`
			`]`
			}`)

			overlayRaw := []byte(`
			`{`
			`"subsets":[`
			`{`
			`"ports":[`
			`{`
			`"(name)":"secure-connection",`
			`"port":444,`
			`"protocol":"UDP"`
			`}`
			`]`
			`}`
			`]`
			}`)
Updated mutation base due to spec 2019-05-22 18:28:38 +01:00
Finished mutating overlay. Added several tests 2019-05-22 22:34:25 +01:00			`var resource, overlay interface{}`
Updated mutation base due to spec 2019-05-22 18:28:38 +01:00
Finished mutating overlay. Added several tests 2019-05-22 22:34:25 +01:00			`json.Unmarshal(resourceRaw, &resource)`
			`json.Unmarshal(overlayRaw, &overlay)`
Updated mutation base due to spec 2019-05-22 18:28:38 +01:00
update unit tests 2019-07-26 17:52:26 -07:00			`patches, err := processOverlayPatches(resource, overlay)`
correct unit tests 2019-06-28 17:11:19 -07:00			`assert.NilError(t, err)`
Finished mutating overlay. Added several tests 2019-05-22 22:34:25 +01:00			`assert.Assert(t, patches != nil)`
Updated mutation base due to spec 2019-05-22 18:28:38 +01:00
Finished mutating overlay. Added several tests 2019-05-22 22:34:25 +01:00			`patch := JoinPatches(patches)`
			`decoded, err := jsonpatch.DecodePatch(patch)`
			`assert.NilError(t, err)`
			`assert.Assert(t, decoded != nil)`

			`patched, err := decoded.Apply(resourceRaw)`
			`assert.NilError(t, err)`
			`assert.Assert(t, patched != nil)`

Wrote additional comments 2019-06-12 12:21:52 +03:00			expectedResult := []byte(`
			`{`
			`"apiVersion":"v1",`
			`"kind":"Endpoints",`
			`"metadata":{`
			`"name":"test-endpoint",`
			`"labels":{`
			`"label":"test"`
			`}`
			`},`
			`"subsets":[`
			`{`
			`"addresses":[`
			`{`
			`"ip":"192.168.10.171"`
			`}`
			`],`
			`"ports":[`
			`{`
			`"name":"secure-connection",`
			`"port":444.000000,`
			`"protocol":"UDP"`
			`}`
			`]`
			`}`
			`]`
			}`)

go vet corrections 2019-07-23 03:08:00 -04:00			`compareJSONAsMap(t, expectedResult, patched)`
Finished mutating overlay. Added several tests 2019-05-22 22:34:25 +01:00			`}`

update unit tests 2019-07-26 17:52:26 -07:00			`func TestProcessOverlayPatches_InsertIntoArray(t *testing.T) {`
Fixed minor issue in overlay logic. Added tests 2019-05-23 17:31:34 +03:00			resourceRaw := []byte(`
			`{`
			`"apiVersion":"v1",`
			`"kind":"Endpoints",`
			`"metadata":{`
			`"name":"test-endpoint",`
			`"labels":{`
			`"label":"test"`
			`}`
			`},`
			`"subsets":[`
			`{`
			`"addresses":[`
			`{`
			`"ip":"192.168.10.171"`
			`}`
			`],`
			`"ports":[`
			`{`
			`"name":"secure-connection",`
			`"port":443,`
			`"protocol":"TCP"`
			`}`
			`]`
			`}`
			`]`
			}`)
			overlayRaw := []byte(`
			`{`
			`"subsets":[`
			`{`
			`"addresses":[`
			`{`
			`"ip":"192.168.10.172"`
			`},`
			`{`
			`"ip":"192.168.10.173"`
			`}`
			`],`
			`"ports":[`
			`{`
			`"name":"insecure-connection",`
			`"port":80,`
			`"protocol":"UDP"`
			`}`
			`]`
			`}`
			`]`
			}`)
Finished mutating overlay. Added several tests 2019-05-22 22:34:25 +01:00
			`var resource, overlay interface{}`

			`json.Unmarshal(resourceRaw, &resource)`
			`json.Unmarshal(overlayRaw, &overlay)`

update unit tests 2019-07-26 17:52:26 -07:00			`patches, err := processOverlayPatches(resource, overlay)`
correct unit tests 2019-06-28 17:11:19 -07:00			`assert.NilError(t, err)`
Finished mutating overlay. Added several tests 2019-05-22 22:34:25 +01:00			`assert.Assert(t, patches != nil)`

			`patch := JoinPatches(patches)`

			`decoded, err := jsonpatch.DecodePatch(patch)`
			`assert.NilError(t, err)`
			`assert.Assert(t, decoded != nil)`

			`patched, err := decoded.Apply(resourceRaw)`
			`assert.NilError(t, err)`
			`assert.Assert(t, patched != nil)`

Wrote additional comments 2019-06-12 12:21:52 +03:00			expectedResult := []byte(`{
			`"apiVersion":"v1",`
			`"kind":"Endpoints",`
			`"metadata":{`
			`"name":"test-endpoint",`
			`"labels":{`
			`"label":"test"`
			`}`
			`},`
			`"subsets":[`
			`{`
			`"addresses":[`
			`{`
			`"ip":"192.168.10.171"`
			`}`
			`],`
			`"ports":[`
			`{`
			`"name":"secure-connection",`
			`"port":443,`
			`"protocol":"TCP"`
			`}`
			`]`
			`},`
			`{`
			`"addresses":[`
			`{`
			`"ip":"192.168.10.172"`
			`},`
			`{`
			`"ip":"192.168.10.173"`
			`}`
			`],`
			`"ports":[`
			`{`
			`"name":"insecure-connection",`
			`"port":80,`
			`"protocol":"UDP"`
			`}`
			`]`
			`}`
			`]`
			}`)

go vet corrections 2019-07-23 03:08:00 -04:00			`compareJSONAsMap(t, expectedResult, patched)`
Implemented base for Mutation Overlay 2019-05-21 18:27:56 +03:00			`}`
Fixed: Overlay overwrites all items in the list 2019-05-23 16:31:00 +03:00
update unit tests 2019-07-26 17:52:26 -07:00			`func TestProcessOverlayPatches_TestInsertToArray(t *testing.T) {`
Fixed minor issue in overlay logic. Added tests 2019-05-23 17:31:34 +03:00			overlayRaw := []byte(`
			`{`
			`"spec":{`
			`"template":{`
			`"spec":{`
			`"containers":[`
			`{`
			`"name":"pi1",`
			`"image":"vasylev.perl"`
			`}`
			`]`
			`}`
			`}`
			`}`
			}`)
			resourceRaw := []byte(`{
			`"apiVersion":"batch/v1",`
			`"kind":"Job",`
			`"metadata":{`
			`"name":"pi"`
			`},`
			`"spec":{`
			`"template":{`
			`"spec":{`
			`"containers":[`
			`{`
			`"name":"piv0",`
			`"image":"perl",`
			`"command":[`
			`"perl"`
			`]`
			`},`
			`{`
			`"name":"pi",`
			`"image":"perl",`
			`"command":[`
			`"perl"`
			`]`
			`},`
			`{`
			`"name":"piv1",`
			`"image":"perl",`
			`"command":[`
			`"perl"`
			`]`
			`}`
			`],`
			`"restartPolicy":"Never"`
			`}`
			`},`
			`"backoffLimit":4`
			`}`
			}`)
Fixed: Overlay overwrites all items in the list 2019-05-23 16:31:00 +03:00
			`var resource, overlay interface{}`

			`json.Unmarshal(resourceRaw, &resource)`
			`json.Unmarshal(overlayRaw, &overlay)`

update unit tests 2019-07-26 17:52:26 -07:00			`patches, err := processOverlayPatches(resource, overlay)`
correct unit tests 2019-06-28 17:11:19 -07:00			`assert.NilError(t, err)`
Fixed: Overlay overwrites all items in the list 2019-05-23 16:31:00 +03:00			`assert.Assert(t, patches != nil)`

			`patch := JoinPatches(patches)`

			`decoded, err := jsonpatch.DecodePatch(patch)`
			`assert.NilError(t, err)`
			`assert.Assert(t, decoded != nil)`

			`patched, err := decoded.Apply(resourceRaw)`
			`assert.NilError(t, err)`
			`assert.Assert(t, patched != nil)`
			`}`
Fixed output of validation messages. Added test whcih validates ImagePullPolicy. 2019-06-05 15:02:58 +03:00
update unit tests 2019-07-26 17:52:26 -07:00			`func TestProcessOverlayPatches_ImagePullPolicy(t *testing.T) {`
Fixed output of validation messages. Added test whcih validates ImagePullPolicy. 2019-06-05 15:02:58 +03:00			overlayRaw := []byte(`{
			`"spec": {`
			`"template": {`
			`"spec": {`
			`"containers": [`
			`{`
			`"(image)": "*:latest",`
			`"imagePullPolicy": "IfNotPresent",`
			`"ports": [`
			`{`
			`"containerPort": 8080`
			`}`
			`]`
			`}`
			`]`
			`}`
			`}`
			`}`
			}`)
			resourceRaw := []byte(`{
			`"apiVersion": "apps/v1",`
			`"kind": "Deployment",`
			`"metadata": {`
			`"name": "nginx-deployment",`
			`"labels": {`
			`"app": "nginx"`
			`}`
			`},`
			`"spec": {`
			`"replicas": 1,`
			`"selector": {`
			`"matchLabels": {`
			`"app": "nginx"`
			`}`
			`},`
			`"template": {`
			`"metadata": {`
			`"labels": {`
			`"app": "nginx"`
			`}`
			`},`
			`"spec": {`
			`"containers": [`
			`{`
			`"name": "nginx",`
			`"image": "nginx:latest",`
			`"ports": [`
			`{`
			`"containerPort": 80`
			`}`
			`]`
			`},`
			`{`
			`"name": "ghost",`
			`"image": "ghost:latest"`
			`}`
			`]`
			`}`
			`}`
			`}`
			}`)

			`var resource, overlay interface{}`

			`json.Unmarshal(resourceRaw, &resource)`
			`json.Unmarshal(overlayRaw, &overlay)`

update unit tests 2019-07-26 17:52:26 -07:00			`patches, err := processOverlayPatches(resource, overlay)`
correct unit tests 2019-06-28 17:11:19 -07:00			`assert.NilError(t, err)`
Fixed output of validation messages. Added test whcih validates ImagePullPolicy. 2019-06-05 15:02:58 +03:00			`assert.Assert(t, len(patches) != 0)`

			`doc, err := ApplyPatches(resourceRaw, patches)`
			`assert.NilError(t, err)`
Wrote additional comments 2019-06-12 12:21:52 +03:00			expectedResult := []byte(`{
			`"apiVersion":"apps/v1",`
			`"kind":"Deployment",`
			`"metadata":{`
			`"name":"nginx-deployment",`
			`"labels":{`
			`"app":"nginx"`
			`}`
			`},`
			`"spec":{`
			`"replicas":1,`
			`"selector":{`
			`"matchLabels":{`
			`"app":"nginx"`
			`}`
			`},`
			`"template":{`
			`"metadata":{`
			`"labels":{`
			`"app":"nginx"`
			`}`
			`},`
			`"spec":{`
			`"containers":[`
			`{`
			`"image":"nginx:latest",`
			`"imagePullPolicy":"IfNotPresent",`
			`"name":"nginx",`
			`"ports":[`
			`{`
			`"containerPort":80`
			`},`
			`{`
			`"containerPort":8080`
			`}`
			`]`
			`},`
			`{`
			`"image":"ghost:latest",`
			`"imagePullPolicy":"IfNotPresent",`
			`"name":"ghost",`
			`"ports":[`
			`{`
			`"containerPort":8080`
			`}`
			`]`
			`}`
			`]`
			`}`
			`}`
			`}`
			}`)

go vet corrections 2019-07-23 03:08:00 -04:00			`compareJSONAsMap(t, expectedResult, doc)`
update unit tests 2019-07-26 17:52:26 -07:00
			overlayRaw = []byte(`{
			`"spec": {`
			`"template": {`
			`"metadata": {`
			`"labels": {`
			`"(app)": "nginx"`
			`}`
			`},`
			`"spec": {`
			`"containers": [`
			`{`
			`"(image)": "*:latest",`
			`"imagePullPolicy": "IfNotPresent",`
			`"ports": [`
			`{`
			`"containerPort": 8080`
			`}`
			`]`
			`}`
			`]`
			`}`
			`}`
			`}`
			}`)

			`json.Unmarshal(overlayRaw, &overlay)`

			`patches, err = processOverlayPatches(resource, overlay)`
			`assert.NilError(t, err)`
			`assert.Assert(t, len(patches) != 0)`

			`doc, err = ApplyPatches(resourceRaw, patches)`
			`assert.NilError(t, err)`

			`compareJSONAsMap(t, expectedResult, doc)`

			overlayRaw = []byte(`{
			`"spec": {`
			`"template": {`
			`"metadata": {`
			`"labels": {`
			`"(app)": "nginx1"`
			`}`
			`},`
			`"spec": {`
			`"containers": [`
			`{`
			`"(image)": "*:latest",`
			`"imagePullPolicy": "IfNotPresent",`
			`"ports": [`
			`{`
			`"containerPort": 8080`
			`}`
			`]`
			`}`
			`]`
			`}`
			`}`
			`}`
			}`)

			`json.Unmarshal(overlayRaw, &overlay)`

			`patches, err = processOverlayPatches(resource, overlay)`
			`assert.Error(t, err, "Conditions are not met")`
			`assert.Assert(t, len(patches) == 0)`
Fixed output of validation messages. Added test whcih validates ImagePullPolicy. 2019-06-05 15:02:58 +03:00			`}`
Implemented logic "Add if not exist" 2019-06-14 17:19:32 +03:00
update unit tests 2019-07-26 17:52:26 -07:00			`func TestProcessOverlayPatches_AddingAnchor(t *testing.T) {`
Implemented logic "Add if not exist" 2019-06-14 17:19:32 +03:00			overlayRaw := []byte(`{
			`"metadata": {`
			`"name": "nginx-deployment",`
			`"labels": {`
			`"+(app)": "should-not-be-here",`
			`"+(key1)": "value1"`
			`}`
			`}`
			}`)
			resourceRaw := []byte(`{
			`"metadata": {`
			`"name": "nginx-deployment",`
			`"labels": {`
			`"app": "nginx"`
			`}`
			`}`
			}`)

			`var resource, overlay interface{}`

			`json.Unmarshal(resourceRaw, &resource)`
			`json.Unmarshal(overlayRaw, &overlay)`

update unit tests 2019-07-26 17:52:26 -07:00			`patches, err := processOverlayPatches(resource, overlay)`
correct unit tests 2019-06-28 17:11:19 -07:00			`assert.NilError(t, err)`
Implemented logic "Add if not exist" 2019-06-14 17:19:32 +03:00			`assert.Assert(t, len(patches) != 0)`

			`doc, err := ApplyPatches(resourceRaw, patches)`
			`assert.NilError(t, err)`
			expectedResult := []byte(`{
			`"metadata":{`
			`"labels":{`
			`"app":"nginx",`
			`"key1":"value1"`
			`},`
			`"name":"nginx-deployment"`
			`}`
			}`)

go vet corrections 2019-07-23 03:08:00 -04:00			`compareJSONAsMap(t, expectedResult, doc)`
Implemented logic "Add if not exist" 2019-06-14 17:19:32 +03:00			`}`
Added tests for addingKey inside lists 2019-06-18 13:51:36 +03:00
update unit tests 2019-07-26 17:52:26 -07:00			`func TestProcessOverlayPatches_AddingAnchorInsideListElement(t *testing.T) {`
Added tests for addingKey inside lists 2019-06-18 13:51:36 +03:00			overlayRaw := []byte(`
			`{`
Added real test for adding anchor 2019-06-18 15:02:41 +03:00			`"spec": {`
			`"template": {`
			`"spec": {`
			`"containers": [`
			`{`
			`"(image)": "*:latest",`
			`"+(imagePullPolicy)": "IfNotPresent"`
			`}`
			`]`
			`}`
Added tests for addingKey inside lists 2019-06-18 13:51:36 +03:00			`}`
Added real test for adding anchor 2019-06-18 15:02:41 +03:00			`}`
Added tests for addingKey inside lists 2019-06-18 13:51:36 +03:00			}`)
			resourceRaw := []byte(`
Added real test for adding anchor 2019-06-18 15:02:41 +03:00			`{`
			`"apiVersion":"apps/v1",`
			`"kind":"Deployment",`
			`"metadata":{`
			`"name":"nginx-deployment",`
			`"labels":{`
			`"app":"nginx"`
			`}`
			`},`
			`"spec":{`
			`"replicas":1,`
			`"selector":{`
			`"matchLabels":{`
			`"app":"nginx"`
			`}`
Added tests for addingKey inside lists 2019-06-18 13:51:36 +03:00			`},`
Added real test for adding anchor 2019-06-18 15:02:41 +03:00			`"template":{`
			`"metadata":{`
			`"labels":{`
			`"app":"nginx"`
			`}`
			`},`
			`"spec":{`
			`"containers":[`
			`{`
			`"image":"nginx:latest"`
			`},`
			`{`
			`"image":"ghost:latest",`
			`"imagePullPolicy":"Always"`
			`},`
			`{`
			`"image":"debian:10"`
			`},`
			`{`
			`"image":"ubuntu:18.04",`
			`"imagePullPolicy":"Always"`
			`}`
			`]`
			`}`
Added tests for addingKey inside lists 2019-06-18 13:51:36 +03:00			`}`
Added real test for adding anchor 2019-06-18 15:02:41 +03:00			`}`
Added tests for addingKey inside lists 2019-06-18 13:51:36 +03:00			}`)

			`var resource, overlay interface{}`

			`json.Unmarshal(resourceRaw, &resource)`
			`json.Unmarshal(overlayRaw, &overlay)`

update unit tests 2019-07-26 17:52:26 -07:00			`patches, err := processOverlayPatches(resource, overlay)`
correct unit tests 2019-06-28 17:11:19 -07:00			`assert.NilError(t, err)`
Added tests for addingKey inside lists 2019-06-18 13:51:36 +03:00			`assert.Assert(t, len(patches) != 0)`

			`doc, err := ApplyPatches(resourceRaw, patches)`
			`assert.NilError(t, err)`
			expectedResult := []byte(`
Added real test for adding anchor 2019-06-18 15:02:41 +03:00			`{`
			`"apiVersion":"apps/v1",`
			`"kind":"Deployment",`
			`"metadata":{`
			`"name":"nginx-deployment",`
			`"labels":{`
			`"app":"nginx"`
			`}`
			`},`
			`"spec":{`
			`"replicas":1,`
			`"selector":{`
			`"matchLabels":{`
			`"app":"nginx"`
			`}`
			`},`
			`"template":{`
			`"metadata":{`
			`"labels":{`
			`"app":"nginx"`
			`}`
			`},`
			`"spec":{`
			`"containers":[`
			`{`
			`"image":"nginx:latest",`
			`"imagePullPolicy":"IfNotPresent"`
			`},`
			`{`
			`"image":"ghost:latest",`
			`"imagePullPolicy":"Always"`
			`},`
			`{`
			`"image":"debian:10"`
			`},`
			`{`
			`"image":"ubuntu:18.04",`
			`"imagePullPolicy":"Always"`
			`}`
			`]`
			`}`
			`}`
			`}`
			}`)
go vet corrections 2019-07-23 03:08:00 -04:00			`compareJSONAsMap(t, expectedResult, doc)`
update unit tests 2019-07-26 17:52:26 -07:00
			`// multiple anchors`
			overlayRaw = []byte(`
			`{`
			`"spec": {`
			`"template": {`
			`"metadata": {`
			`"labels": {`
			`"(app)": "nginx"`
			`}`
			`},`
			`"spec": {`
			`"containers": [`
			`{`
			`"(image)": "*:latest",`
			`"+(imagePullPolicy)": "IfNotPresent"`
			`}`
			`]`
			`}`
			`}`
			`}`
			}`)

			`json.Unmarshal(overlayRaw, &overlay)`

			`patches, err = processOverlayPatches(resource, overlay)`
			`assert.NilError(t, err)`
			`assert.Assert(t, len(patches) != 0)`

			`doc, err = ApplyPatches(resourceRaw, patches)`
			`assert.NilError(t, err)`

			`compareJSONAsMap(t, expectedResult, doc)`
			`}`

			`func TestProcessOverlayPatches_anchorOnPeer(t *testing.T) {`
			resourceRaw := []byte(`
			`{`
			`"apiVersion":"v1",`
			`"kind":"Endpoints",`
			`"metadata":{`
			`"name":"test-endpoint",`
			`"labels":{`
			`"label":"test"`
			`}`
			`},`
			`"subsets":[`
			`{`
			`"addresses":[`
			`{`
			`"ip":"192.168.10.171"`
			`}`
			`],`
			`"ports":[`
			`{`
			`"name":"secure-connection",`
			`"port":443,`
			`"protocol":"TCP"`
			`}`
			`]`
			`}`
			`]`
			}`)

			overlayRaw := []byte(`
			`{`
			`"subsets":[`
			`{`
			`"addresses":[`
			`{`
			`"(ip)":"192.168.10.171"`
			`}`
			`],`
			`"ports":[`
			`{`
			`"(name)":"secure-connection",`
			`"port":444,`
			`"protocol":"UDP"`
			`}`
			`]`
			`}`
			`]`
			}`)

			`var resource, overlay interface{}`

			`json.Unmarshal(resourceRaw, &resource)`
			`json.Unmarshal(overlayRaw, &overlay)`

			`patches, err := processOverlayPatches(resource, overlay)`
			`assert.NilError(t, err)`
			`assert.Assert(t, len(patches) != 0)`

			`doc, err := ApplyPatches(resourceRaw, patches)`
			`assert.NilError(t, err)`
			expectedResult := []byte(` {
			`"apiVersion":"v1",`
			`"kind":"Endpoints",`
			`"metadata":{`
			`"name":"test-endpoint",`
			`"labels":{`
			`"label":"test"`
			`}`
			`},`
			`"subsets":[`
			`{`
			`"addresses":[`
			`{`
			`"ip":"192.168.10.171"`
			`}`
			`],`
			`"ports":[`
			`{`
			`"name":"secure-connection",`
			`"port":444,`
			`"protocol":"UDP"`
			`}`
			`]`
			`}`
			`]`
			}`)

			`compareJSONAsMap(t, expectedResult, doc)`

			overlayRaw = []byte(`
			`{`
			`"subsets":[`
			`{`
			`"addresses":[`
			`{`
			`"ip":"192.168.10.171"`
			`}`
			`],`
			`"ports":[`
			`{`
			`"(name)":"secure-connection",`
			`"(port)":444,`
			`"protocol":"UDP"`
			`}`
			`]`
			`}`
			`]`
			}`)

			`json.Unmarshal(overlayRaw, &overlay)`

			`patches, err = processOverlayPatches(resource, overlay)`
			`assert.Error(t, err, "Conditions are not met")`
			`assert.Assert(t, len(patches) == 0)`
Added tests for addingKey inside lists 2019-06-18 13:51:36 +03:00			`}`
add unit test case 2019-07-26 18:27:59 -07:00
			`func TestProcessOverlayPatches_insertWithCondition(t *testing.T) {`
			resourceRaw := []byte(`{
			`"apiVersion": "apps/v1",`
			`"kind": "Deployment",`
			`"metadata": {`
			`"name": "psp-demo-unprivileged",`
			`"labels": {`
			`"app.type": "prod"`
			`}`
			`},`
			`"spec": {`
			`"replicas": 1,`
			`"selector": {`
			`"matchLabels": {`
			`"app": "psp"`
			`}`
			`},`
			`"template": {`
			`"metadata": {`
			`"labels": {`
			`"app": "psp"`
			`}`
			`},`
			`"spec": {`
			`"securityContext": {`
			`"runAsNonRoot": true`
			`},`
			`"containers": [`
			`{`
			`"name": "sec-ctx-unprivileged",`
			`"image": "nginxinc/nginx-unprivileged",`
			`"securityContext": {`
			`"runAsNonRoot": true,`
			`"allowPrivilegeEscalation": false`
			`},`
			`"env": [`
			`{`
			`"name": "ENV_KEY",`
			`"value": "ENV_VALUE"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`}`
			`}`
			}`)

			overlayRaw := []byte(`{
			`"spec": {`
			`"template": {`
			`"spec": {`
			`"containers": [`
			`{`
			`"(image)": "*/nginx-unprivileged",`
			`"securityContext": {`
			`"(runAsNonRoot)": true,`
			`"allowPrivilegeEscalation": true`
			`},`
			`"env": [`
			`{`
			`"name": "ENV_NEW_KEY",`
			`"value": "ENV_NEW_VALUE"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`}`
			`}`
			}`)

			`var resource, overlay interface{}`

			`json.Unmarshal(resourceRawAnchorOnPeers, &resource)`
			`json.Unmarshal(overlayRaw, &overlay)`

			`patches, err := processOverlayPatches(resource, overlay)`
			`assert.NilError(t, err)`
			`assert.Assert(t, len(patches) != 0)`

			`doc, err := ApplyPatches(resourceRaw, patches)`
			`assert.NilError(t, err)`
			expectedResult := []byte(`{
			`"apiVersion": "apps/v1",`
			`"kind": "Deployment",`
			`"metadata": {`
			`"name": "psp-demo-unprivileged",`
			`"labels": {`
			`"app.type": "prod"`
			`}`
			`},`
			`"spec": {`
			`"replicas": 1,`
			`"selector": {`
			`"matchLabels": {`
			`"app": "psp"`
			`}`
			`},`
			`"template": {`
			`"metadata": {`
			`"labels": {`
			`"app": "psp"`
			`}`
			`},`
			`"spec": {`
			`"securityContext": {`
			`"runAsNonRoot": true`
			`},`
			`"containers": [`
			`{`
			`"name": "sec-ctx-unprivileged",`
			`"image": "nginxinc/nginx-unprivileged",`
			`"securityContext": {`
			`"runAsNonRoot": true,`
			`"allowPrivilegeEscalation": true`
			`},`
			`"env": [`
			`{`
			`"name": "ENV_KEY",`
			`"value": "ENV_VALUE"`
			`},`
			`{`
			`"name": "ENV_NEW_KEY",`
			`"value": "ENV_NEW_VALUE"`
			`}`
			`]`
			`}`
			`]`
			`}`
			`}`
			`}`
			}`)

			`compareJSONAsMap(t, expectedResult, doc)`
			`}`