mirror of
https://github.com/kyverno/kyverno.git
synced 2025-03-09 17:37:12 +00:00
b320b4b433
Implemented tests for added methods. Added usage of Validate() methods to the code, removed old checks. Fixed some comments, added new comments.
149 lines
4.3 KiB
Go
149 lines
4.3 KiB
Go
package controller_test
|
|
|
|
import (
|
|
"gotest.tools/assert"
|
|
"testing"
|
|
|
|
types "github.com/nirmata/kube-policy/pkg/apis/policy/v1alpha1"
|
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
|
)
|
|
|
|
func TestPolicyCopyFrom_Validate(t *testing.T) {
|
|
copyFrom := types.PolicyCopyFrom{}
|
|
assert.Assert(t, copyFrom.Validate() != nil)
|
|
copyFrom.Name = "name"
|
|
assert.Assert(t, copyFrom.Validate() != nil)
|
|
copyFrom.Namespace = "ns"
|
|
assert.Assert(t, copyFrom.Validate() == nil)
|
|
}
|
|
|
|
func TestPolicyConfigGenerator_Validate(t *testing.T) {
|
|
// Not valid
|
|
generator := types.PolicyConfigGenerator{}
|
|
assert.Assert(t, generator.Validate() != nil)
|
|
generator.Name = "generator-name"
|
|
assert.Assert(t, generator.Validate() != nil)
|
|
generator.Data = make(map[string]string)
|
|
assert.Assert(t, generator.Validate() != nil)
|
|
// Valid
|
|
generator.Data["field"] = "value"
|
|
assert.Assert(t, generator.Validate() == nil)
|
|
generator.CopyFrom = &types.PolicyCopyFrom{
|
|
Name: "config-map-name",
|
|
Namespace: "custom-ns",
|
|
}
|
|
assert.Assert(t, generator.Validate() == nil)
|
|
generator.Data = nil
|
|
assert.Assert(t, generator.Validate() == nil)
|
|
// Not valid again
|
|
generator.CopyFrom = nil
|
|
}
|
|
|
|
func TestPolicyPatch_Validate(t *testing.T) {
|
|
// Not valid
|
|
patch := types.PolicyPatch{}
|
|
assert.Assert(t, patch.Validate() != nil)
|
|
patch.Path = "/path"
|
|
assert.Assert(t, patch.Validate() != nil)
|
|
patch.Operation = "add"
|
|
assert.Assert(t, patch.Validate() != nil)
|
|
// Valid
|
|
patch.Value = "some-value"
|
|
assert.Assert(t, patch.Validate() == nil)
|
|
patch.Operation = "replace"
|
|
assert.Assert(t, patch.Validate() == nil)
|
|
patch.Operation = "remove"
|
|
assert.Assert(t, patch.Validate() == nil)
|
|
// Valid without a value
|
|
patch.Value = ""
|
|
assert.Assert(t, patch.Validate() == nil)
|
|
// Not valid again
|
|
patch.Operation = "unknown"
|
|
assert.Assert(t, patch.Validate() != nil)
|
|
patch.Value = "some-another-value"
|
|
assert.Assert(t, patch.Validate() != nil)
|
|
}
|
|
|
|
func TestPolicyResource_Validate_Name(t *testing.T) {
|
|
// Not valid
|
|
resource := types.PolicyResource{}
|
|
assert.Assert(t, resource.Validate() != nil)
|
|
resource.Kind = "Deployment"
|
|
assert.Assert(t, resource.Validate() != nil)
|
|
// Valid
|
|
resourceName := "nginx"
|
|
resource.Name = &resourceName
|
|
assert.Assert(t, resource.Validate() == nil)
|
|
}
|
|
|
|
func TestPolicyResource_Validate_Selector(t *testing.T) {
|
|
// Not valid
|
|
resource := types.PolicyResource{
|
|
Kind: "ConfigMap",
|
|
Selector: new(metav1.LabelSelector),
|
|
}
|
|
assert.Assert(t, resource.Validate() != nil)
|
|
resource.Selector.MatchLabels = make(map[string]string)
|
|
assert.Assert(t, resource.Validate() != nil)
|
|
// Valid
|
|
resource.Selector.MatchLabels["new-label"] = "new-value"
|
|
assert.Assert(t, resource.Validate() == nil)
|
|
}
|
|
|
|
func makeValidRuleResource() types.PolicyResource {
|
|
resourceName := "test-deployment"
|
|
return types.PolicyResource{
|
|
Kind: "Deployment",
|
|
Name: &resourceName,
|
|
}
|
|
}
|
|
|
|
func TestPolicyRule_Validate_Resource(t *testing.T) {
|
|
// Not valid
|
|
rule := types.PolicyRule{}
|
|
assert.Assert(t, rule.Validate() != nil)
|
|
// Empty
|
|
rule.Resource = makeValidRuleResource()
|
|
// Validate resource toi ensure that it is the only valid field
|
|
assert.Assert(t, rule.Resource.Validate() == nil)
|
|
assert.Assert(t, rule.Validate() != nil)
|
|
}
|
|
|
|
func TestPolicyRule_Validate_Patches(t *testing.T) {
|
|
rule := types.PolicyRule{
|
|
Resource: makeValidRuleResource(),
|
|
}
|
|
// Not empty, but not valid
|
|
patch := types.PolicyPatch{}
|
|
rule.Patches = append(rule.Patches, patch)
|
|
// Not empty and valid
|
|
assert.Assert(t, rule.Validate() != nil)
|
|
rule.Patches[0] = types.PolicyPatch{
|
|
Path: "/",
|
|
Operation: "add",
|
|
Value: "some",
|
|
}
|
|
assert.Assert(t, rule.Validate() == nil)
|
|
}
|
|
|
|
func TestPolicyRule_Validate_ConfigGenerators(t *testing.T) {
|
|
rule := types.PolicyRule{
|
|
Resource: makeValidRuleResource(),
|
|
}
|
|
// Not empty, but not valid
|
|
rule.ConfigMapGenerator = &types.PolicyConfigGenerator{
|
|
Name: "test-generator",
|
|
}
|
|
assert.Assert(t, rule.Validate() != nil)
|
|
// Not empty and valid
|
|
rule.ConfigMapGenerator.Data = make(map[string]string)
|
|
rule.ConfigMapGenerator.Data["some-data"] = "some-value"
|
|
assert.Assert(t, rule.Validate() == nil)
|
|
rule.SecretGenerator = rule.ConfigMapGenerator
|
|
assert.Assert(t, rule.Validate() == nil)
|
|
rule.ConfigMapGenerator = nil
|
|
assert.Assert(t, rule.Validate() == nil)
|
|
// Not valid again
|
|
rule.SecretGenerator.Name = ""
|
|
assert.Assert(t, rule.Validate() != nil)
|
|
}
|