mirrors/kyverno
1
0
Fork 0
mirror of https://github.com/kyverno/kyverno.git synced 2024-12-14 11:57:48 +00:00
Code Activity
kyverno/pkg/engine/context/context_test.go
Charles-Edouard Brétéché 544fe04508
refactor: introduce jmespath interface (#6882) 
* refactor: introduce jmespath interface

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

* fix

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>

---------

Signed-off-by: Charles-Edouard Brétéché <charles.edouard@nirmata.com>
2023-04-13 11:29:40 +00:00

125 lines
2.6 KiB
Go
Raw Blame History

package context
import (
"reflect"
"testing"
urkyverno "github.com/kyverno/kyverno/api/kyverno/v1beta1"
"github.com/kyverno/kyverno/pkg/config"
"github.com/kyverno/kyverno/pkg/engine/jmespath"
authenticationv1 "k8s.io/api/authentication/v1"
)
var jp = jmespath.New(config.NewDefaultConfiguration(false))
func Test_addResourceAndUserContext(t *testing.T) {
var err error
rawResource := []byte(`
{
"apiVersion": "v1",
"kind": "Pod",
"metadata": {
"name": "image-with-hostpath",
"labels": {
"app.type": "prod",
"namespace": "my-namespace"
}
},
"spec": {
"containers": [
{
"name": "image-with-hostpath",
"image": "docker.io/nautiker/curl",
"volumeMounts": [
{
"name": "var-lib-etcd",
"mountPath": "/var/lib"
}
]
}
],
"volumes": [
{
"name": "var-lib-etcd",
"emptyDir": {}
}
]
}
}
`)
userInfo := authenticationv1.UserInfo{
Username: "system:serviceaccount:nirmata:user1",
UID: "014fbff9a07c",
}
userRequestInfo := urkyverno.RequestInfo{
Roles: nil,
ClusterRoles: nil,
AdmissionUserInfo: userInfo,
}
var expectedResult string
ctx := NewContext(jp)
err = AddResource(ctx, rawResource)
if err != nil {
t.Error(err)
}
result, err := ctx.Query("request.object.apiVersion")
if err != nil {
t.Error(err)
}
expectedResult = "v1"
t.Log(result)
if !reflect.DeepEqual(expectedResult, result) {
t.Error("exected result does not match")
}
err = ctx.AddUserInfo(userRequestInfo)
if err != nil {
t.Error(err)
}
result, err = ctx.Query("request.object.apiVersion")
if err != nil {
t.Error(err)
}
expectedResult = "v1"
t.Log(result)
if !reflect.DeepEqual(expectedResult, result) {
t.Error("exected result does not match")
}
result, err = ctx.Query("request.userInfo.username")
if err != nil {
t.Error(err)
}
expectedResult = "system:serviceaccount:nirmata:user1"
t.Log(result)
if !reflect.DeepEqual(expectedResult, result) {
t.Error("exected result does not match")
}
// Add service account Name
err = ctx.AddServiceAccount(userRequestInfo.AdmissionUserInfo.Username)
if err != nil {
t.Error(err)
}
result, err = ctx.Query("serviceAccountName")
if err != nil {
t.Error(err)
}
expectedResult = "user1"
t.Log(result)
if !reflect.DeepEqual(expectedResult, result) {
t.Error("exected result does not match")
}
// Add service account Namespace
result, err = ctx.Query("serviceAccountNamespace")
if err != nil {
t.Error(err)
}
expectedResult = "nirmata"
t.Log(result)
if !reflect.DeepEqual(expectedResult, result) {
t.Error("expected result does not match")
}
}
View git blame Copy permalink