blob: 045bc12b8a81f48b779275e6cd98048d5034993a [file] [log] [blame]
// Licensed to the Apache Software Foundation (ASF) under one or more
// contributor license agreements. See the NOTICE file distributed with
// this work for additional information regarding copyright ownership.
// The ASF licenses this file to You under the Apache License, Version 2.0
// (the "License"); you may not use this file except in compliance with
// the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package v1
import (
"context"
"testing"
"github.com/stretchr/testify/require"
corev1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime"
clientgoscheme "k8s.io/client-go/kubernetes/scheme"
"sigs.k8s.io/controller-runtime/pkg/client/fake"
gatewayv1 "sigs.k8s.io/gateway-api/apis/v1"
apisixv1alpha1 "github.com/apache/apisix-ingress-controller/api/v1alpha1"
"github.com/apache/apisix-ingress-controller/internal/controller/config"
)
func buildConsumerValidator(t *testing.T, objects ...runtime.Object) *ConsumerCustomValidator {
t.Helper()
scheme := runtime.NewScheme()
require.NoError(t, clientgoscheme.AddToScheme(scheme))
require.NoError(t, apisixv1alpha1.AddToScheme(scheme))
require.NoError(t, gatewayv1.Install(scheme))
managed := []runtime.Object{
&gatewayv1.GatewayClass{
ObjectMeta: metav1.ObjectMeta{Name: "apisix-gateway-class"},
Spec: gatewayv1.GatewayClassSpec{
ControllerName: gatewayv1.GatewayController(config.ControllerConfig.ControllerName),
},
},
&gatewayv1.Gateway{
ObjectMeta: metav1.ObjectMeta{Name: "test-gateway", Namespace: "default"},
Spec: gatewayv1.GatewaySpec{
GatewayClassName: gatewayv1.ObjectName("apisix-gateway-class"),
},
},
}
allObjects := append(managed, objects...)
builder := fake.NewClientBuilder().WithScheme(scheme).WithRuntimeObjects(allObjects...)
return NewConsumerCustomValidator(builder.Build())
}
func TestConsumerValidator_MissingSecretDefaultNamespace(t *testing.T) {
consumer := &apisixv1alpha1.Consumer{
ObjectMeta: metav1.ObjectMeta{
Name: "demo",
Namespace: "default",
},
Spec: apisixv1alpha1.ConsumerSpec{
GatewayRef: apisixv1alpha1.GatewayRef{Name: "test-gateway"},
Credentials: []apisixv1alpha1.Credential{{
Type: "jwt-auth",
SecretRef: &apisixv1alpha1.SecretReference{
Name: "jwt-secret",
},
}},
},
}
validator := buildConsumerValidator(t)
warnings, err := validator.ValidateCreate(context.Background(), consumer)
require.NoError(t, err)
require.Len(t, warnings, 1)
require.Contains(t, warnings[0], "Referenced Secret 'default/jwt-secret' not found")
}
func TestConsumerValidator_MissingSecretCustomNamespace(t *testing.T) {
ns := "auth"
consumer := &apisixv1alpha1.Consumer{
ObjectMeta: metav1.ObjectMeta{
Name: "demo",
Namespace: "default",
},
Spec: apisixv1alpha1.ConsumerSpec{
GatewayRef: apisixv1alpha1.GatewayRef{Name: "test-gateway"},
Credentials: []apisixv1alpha1.Credential{{
Type: "jwt-auth",
SecretRef: &apisixv1alpha1.SecretReference{
Name: "jwt-secret",
Namespace: &ns,
},
}},
},
}
validator := buildConsumerValidator(t)
warnings, err := validator.ValidateCreate(context.Background(), consumer)
require.NoError(t, err)
require.Len(t, warnings, 1)
require.Contains(t, warnings[0], "Referenced Secret 'auth/jwt-secret' not found")
}
func TestConsumerValidator_NoWarnings(t *testing.T) {
ns := "auth"
consumer := &apisixv1alpha1.Consumer{
ObjectMeta: metav1.ObjectMeta{
Name: "demo",
Namespace: "default",
},
Spec: apisixv1alpha1.ConsumerSpec{
GatewayRef: apisixv1alpha1.GatewayRef{Name: "test-gateway"},
Credentials: []apisixv1alpha1.Credential{{
Type: "jwt-auth",
SecretRef: &apisixv1alpha1.SecretReference{
Name: "jwt-secret",
Namespace: &ns,
},
}, {
Type: "key-auth",
SecretRef: &apisixv1alpha1.SecretReference{
Name: "key-secret",
},
}},
},
}
objs := []runtime.Object{
&corev1.Secret{ObjectMeta: metav1.ObjectMeta{Name: "jwt-secret", Namespace: "auth"}},
&corev1.Secret{ObjectMeta: metav1.ObjectMeta{Name: "key-secret", Namespace: "default"}},
}
validator := buildConsumerValidator(t, objs...)
warnings, err := validator.ValidateCreate(context.Background(), consumer)
require.NoError(t, err)
require.Empty(t, warnings)
}