1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00

fix: kyverno test generated resource inconsistency (#8189)

* fix: kyverno test renerated resource inconsistency

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* unit test

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* makefile

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
This commit is contained in:
Charles-Edouard Brétéché 2023-08-31 02:24:41 +02:00 committed by GitHub
parent 4317519c81
commit acf1192599
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
4 changed files with 106 additions and 20 deletions

View file

@ -728,7 +728,6 @@ test-cli-registry: $(CLI_BIN)
test-cli-scenarios-to-cli: $(CLI_BIN) test-cli-scenarios-to-cli: $(CLI_BIN)
@$(CLI_BIN) test ./test/cli/scenarios_to_cli --registry @$(CLI_BIN) test ./test/cli/scenarios_to_cli --registry
############# #############
# HELM TEST # # HELM TEST #
############# #############

View file

@ -602,34 +602,28 @@ func isNamespacedPolicy(policyNames string) (bool, error) {
// getAndCompareResource --> Get the patchedResource or generatedResource from the path provided by user // getAndCompareResource --> Get the patchedResource or generatedResource from the path provided by user
// And compare this resource with engine generated resource. // And compare this resource with engine generated resource.
func getAndCompareResource(path string, engineResource unstructured.Unstructured, isGit bool, policyResourcePath string, fs billy.Filesystem, isGenerate bool) string { func getAndCompareResource(path string, actualResource unstructured.Unstructured, isGit bool, policyResourcePath string, fs billy.Filesystem, isGenerate bool) string {
var status string var status string
resourceType := "patchedResource" resourceType := "patchedResource"
if isGenerate { if isGenerate {
resourceType = "generatedResource" resourceType = "generatedResource"
} }
userResource, err := common.GetResourceFromPath(fs, path, isGit, policyResourcePath, resourceType) expectedResource, err := common.GetResourceFromPath(fs, path, isGit, policyResourcePath, resourceType)
if err != nil { if err != nil {
fmt.Printf("Error: failed to load resources (%s)", err) fmt.Printf("Error: failed to load resources (%s)", err)
return "" return ""
} }
if isGenerate { if isGenerate {
matched, err := generate.ValidateResourceWithPattern(log.Log, engineResource.UnstructuredContent(), userResource.UnstructuredContent()) unstructuredutils.FixupGenerateLabels(actualResource)
if err != nil { unstructuredutils.FixupGenerateLabels(expectedResource)
log.Log.V(3).Info("generatedResource mismatch", "error", err.Error()) }
equals, err := unstructuredutils.Compare(actualResource, expectedResource, true)
if err == nil {
if !equals {
status = "fail" status = "fail"
} else if matched == "" { } else {
status = "pass" status = "pass"
} }
} else {
equals, err := unstructuredutils.Compare(engineResource, userResource, true)
if err == nil {
if !equals {
status = "fail"
} else {
status = "pass"
}
}
} }
return status return status
} }

View file

@ -1,6 +1,8 @@
package unstructured package unstructured
import ( import (
"strings"
jsonpatch "github.com/evanphx/json-patch/v5" jsonpatch "github.com/evanphx/json-patch/v5"
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
) )
@ -45,16 +47,30 @@ func Tidy(obj unstructured.Unstructured) unstructured.Unstructured {
} }
} }
func Compare(a, b unstructured.Unstructured, tidy bool) (bool, error) { func FixupGenerateLabels(obj unstructured.Unstructured) {
tidy := map[string]string{
"app.kubernetes.io/managed-by": "kyverno",
}
if labels := obj.GetLabels(); labels != nil {
for k, v := range labels {
if !strings.HasPrefix(k, "generate.kyverno.io/") {
tidy[k] = v
}
}
}
obj.SetLabels(tidy)
}
func Compare(a, e unstructured.Unstructured, tidy bool) (bool, error) {
if tidy { if tidy {
a = Tidy(a) a = Tidy(a)
b = Tidy(b) e = Tidy(e)
} }
expected, err := a.MarshalJSON() actual, err := a.MarshalJSON()
if err != nil { if err != nil {
return false, err return false, err
} }
actual, err := b.MarshalJSON() expected, err := e.MarshalJSON()
if err != nil { if err != nil {
return false, err return false, err
} }

View file

@ -184,3 +184,80 @@ func TestCompare(t *testing.T) {
}) })
} }
} }
func TestFixupGenerateLabels(t *testing.T) {
tests := []struct {
name string
obj unstructured.Unstructured
want unstructured.Unstructured
}{{
name: "not set",
}, {
name: "empty",
obj: unstructured.Unstructured{Object: map[string]interface{}{}},
want: unstructured.Unstructured{Object: map[string]interface{}{
"metadata": map[string]interface{}{
"labels": map[string]interface{}{
"app.kubernetes.io/managed-by": "kyverno",
},
},
}},
}, {
name: "with label",
obj: unstructured.Unstructured{
Object: map[string]interface{}{
"metadata": map[string]interface{}{
"labels": map[string]interface{}{
"app.kubernetes.io/managed-by": "kyverno",
},
},
},
},
want: unstructured.Unstructured{
Object: map[string]interface{}{
"metadata": map[string]interface{}{
"labels": map[string]interface{}{
"app.kubernetes.io/managed-by": "kyverno",
},
},
},
},
}, {
name: "with generate labels",
obj: unstructured.Unstructured{
Object: map[string]interface{}{
"metadata": map[string]interface{}{
"labels": map[string]interface{}{
"foo": "bar",
"generate.kyverno.io/policy-name": "add-networkpolicy",
"generate.kyverno.io/policy-namespace": "",
"generate.kyverno.io/rule-name": "default-deny",
"generate.kyverno.io/trigger-group": "",
"generate.kyverno.io/trigger-kind": "Namespace",
"generate.kyverno.io/trigger-name": "hello-world-namespace",
"generate.kyverno.io/trigger-namespace": "default",
"generate.kyverno.io/trigger-version": "v1",
},
},
},
},
want: unstructured.Unstructured{
Object: map[string]interface{}{
"metadata": map[string]interface{}{
"labels": map[string]interface{}{
"app.kubernetes.io/managed-by": "kyverno",
"foo": "bar",
},
},
},
},
}}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
FixupGenerateLabels(tt.obj)
if !reflect.DeepEqual(tt.obj, tt.want) {
t.Errorf("FixupGenerateLabels() = %v, want %v", tt.obj, tt.want)
}
})
}
}