Skip to content

Commit

Permalink
Tests.
Browse files Browse the repository at this point in the history
  • Loading branch information
@Gerrit91
Gerrit91 committed Aug 30, 2024
1 parent 73dd149 commit 33f0968
Showing 1 changed file with 160 additions and 0 deletions.
160 changes: 160 additions & 0 deletions pkg/controller/operatingsystemconfig/actuator_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,14 +17,17 @@ package operatingsystemconfig_test
import (
"context"
_ "embed"
"encoding/json"

"github.com/gardener/gardener/extensions/pkg/controller/operatingsystemconfig"
extensionsv1alpha1 "github.com/gardener/gardener/pkg/apis/extensions/v1alpha1"
"github.com/gardener/gardener/pkg/utils/test"
"github.com/go-logr/logr"
metalextensionv1alpha1 "github.com/metal-stack/gardener-extension-provider-metal/pkg/apis/metal/v1alpha1"
. "github.com/metal-stack/os-metal-extension/pkg/controller/operatingsystemconfig"
. "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/utils/ptr"
"sigs.k8s.io/controller-runtime/pkg/client"
fakeclient "sigs.k8s.io/controller-runtime/pkg/client/fake"
Expand Down Expand Up @@ -78,6 +81,158 @@ var _ = Describe("Actuator", func() {
Expect(extensionUnits).To(BeEmpty())
Expect(extensionFiles).To(HaveLen(1))
})

It("network isolation files are added", func() {
osc = osc.DeepCopy()
osc.Spec.ProviderConfig = &runtime.RawExtension{
Raw: mustMarshal(&metalextensionv1alpha1.ImageProviderConfig{
NetworkIsolation: &metalextensionv1alpha1.NetworkIsolation{
AllowedNetworks: metalextensionv1alpha1.AllowedNetworks{
Ingress: []string{"10.0.0.1/24"},
Egress: []string{"100.0.0.1/24"},
},
DNSServers: []string{"1.1.1.1", "1.0.0.1"},
NTPServers: []string{"134.60.1.27", "134.60.111.110"},
RegistryMirrors: []metalextensionv1alpha1.RegistryMirror{
{
Name: "metal-stack registry",
Endpoint: "https://r.metal-stack.dev",
IP: "1.2.3.4",
Port: 443,
MirrorOf: []string{
"ghcr.io",
"quay.io",
},
},
{
Name: "local registry",
Endpoint: "http://localhost:8080",
IP: "127.0.0.1",
Port: 8080,
MirrorOf: []string{
"docker.io",
},
},
},
},
}),
}

userData, command, unitNames, fileNames, extensionUnits, extensionFiles, err := actuator.Reconcile(ctx, log, osc)
Expect(err).NotTo(HaveOccurred())

Expect(string(userData)).To(ContainSubstring("/etc/containerd/config.toml"))
Expect(string(userData)).To(HavePrefix("{")) // check we have ignition format
Expect(string(userData)).To(HaveSuffix("}")) // check we have ignition format
Expect(command).To(BeNil())
Expect(unitNames).To(ConsistOf("some-unit.service"))
Expect(fileNames).To(ConsistOf(
"/some/file",
"/etc/containerd/config.toml",
"/etc/systemd/resolved.conf.d/dns.conf",
"/etc/resolv.conf",
"/etc/systemd/timesyncd.conf",
"/etc/containerd/certs.d/ghcr.io/hosts.toml",
"/etc/containerd/certs.d/quay.io/hosts.toml",
"/etc/containerd/certs.d/docker.io/hosts.toml",
))
Expect(extensionUnits).To(BeEmpty())
Expect(extensionFiles).To(ConsistOf(
extensionsv1alpha1.File{
Path: "/etc/systemd/resolved.conf.d/dns.conf",
Content: extensionsv1alpha1.FileContent{
Inline: &extensionsv1alpha1.FileContentInline{
Encoding: string(extensionsv1alpha1.PlainFileCodecID),
Data: `# Generated by os-extension-metal
[Resolve]
DNS=1.1.1.1 1.0.0.1
Domain=~.
`,
},
},
},
extensionsv1alpha1.File{
Path: "/etc/resolv.conf",
Content: extensionsv1alpha1.FileContent{
Inline: &extensionsv1alpha1.FileContentInline{
Encoding: string(extensionsv1alpha1.PlainFileCodecID),
Data: `# Generated by os-extension-metal
nameserver 1.1.1.1
nameserver 1.0.0.1
`,
},
},
},
extensionsv1alpha1.File{
Path: "/etc/systemd/timesyncd.conf",
Content: extensionsv1alpha1.FileContent{
Inline: &extensionsv1alpha1.FileContentInline{
Encoding: string(extensionsv1alpha1.PlainFileCodecID),
Data: `# Generated by os-extension-metal
[Time]
NTP=134.60.1.27 134.60.111.110
`,
},
},
},
extensionsv1alpha1.File{
Path: "/etc/containerd/config.toml",
Permissions: ptr.To(int32(420)),
Content: extensionsv1alpha1.FileContent{
Inline: &extensionsv1alpha1.FileContentInline{
Encoding: string(extensionsv1alpha1.PlainFileCodecID),
Data: `# Generated by os-extension-metal
version = 2
imports = ["/etc/containerd/conf.d/*.toml"]
disabled_plugins = []
[plugins."io.containerd.grpc.v1.cri".registry]
config_path = "/etc/containerd/certs.d"
`,
},
},
},
extensionsv1alpha1.File{
Path: "/etc/containerd/certs.d/ghcr.io/hosts.toml",
Content: extensionsv1alpha1.FileContent{
Inline: &extensionsv1alpha1.FileContentInline{
Encoding: string(extensionsv1alpha1.PlainFileCodecID),
Data: `server = "https://ghcr.io"
[host."https://r.metal-stack.dev"]
capabilities = ["pull", "resolve"]
`,
},
},
},
extensionsv1alpha1.File{
Path: "/etc/containerd/certs.d/quay.io/hosts.toml",
Content: extensionsv1alpha1.FileContent{
Inline: &extensionsv1alpha1.FileContentInline{
Encoding: string(extensionsv1alpha1.PlainFileCodecID),
Data: `server = "https://quay.io"
[host."https://r.metal-stack.dev"]
capabilities = ["pull", "resolve"]
`,
},
},
},
extensionsv1alpha1.File{
Path: "/etc/containerd/certs.d/docker.io/hosts.toml",
Content: extensionsv1alpha1.FileContent{
Inline: &extensionsv1alpha1.FileContentInline{
Encoding: string(extensionsv1alpha1.PlainFileCodecID),
Data: `server = "https://docker.io"
[host."http://localhost:8080"]
capabilities = ["pull", "resolve"]
`,
},
},
},
))
})
})
})

Expand Down Expand Up @@ -157,3 +312,8 @@ var _ = Describe("Actuator", func() {
})
})
})

func mustMarshal(data any) []byte {
raw, _ := json.Marshal(data)

Check failure on line 317 in pkg/controller/operatingsystemconfig/actuator_test.go

View workflow job for this annotation

GitHub Actions / Docker Build 

Error return value of `encoding/json.Marshal` is not checked: unsafe type `any` found (errchkjson)
return raw
}

0 comments on commit 33f0968

Please sign in to comment.