Google Git
Sign in
apache / dubbo-kubernetes / 6bbae263526c80ea2ebb7ff81f36d84c03db51fa / . / pkg / webhook / patch / dubbosdk_test.go
blob: 02d2f730e58fb4eecad97cc788b140642bfb3505 [file] [log] [blame]
// Licensed to the Apache Software Foundation (ASF) under one or more
// contributor license agreements. See the NOTICE file distributed with
// this work for additional information regarding copyright ownership.
// The ASF licenses this file to You under the Apache License, Version 2.0
// (the "License"); you may not use this file except in compliance with
// the License. You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package patch
import (
"fmt"
"reflect"
"testing"
webhook2 "github.com/apache/dubbo-kubernetes/pkg/config/webhook"
"github.com/apache/dubbo-kubernetes/pkg/core/client/webhook"
dubbo_cp "github.com/apache/dubbo-kubernetes/pkg/config/app/dubbo-cp"
"github.com/apache/dubbo-kubernetes/pkg/config/kube"
"github.com/apache/dubbo-kubernetes/pkg/config/security"
"github.com/apache/dubbo-kubernetes/pkg/config/server"
v1 "k8s.io/api/core/v1"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
)
type fakeKubeClient struct {
webhook.Client
}
func (f *fakeKubeClient) GetNamespaceLabels(namespace string) map[string]string {
if namespace == "matched" {
return map[string]string{
"dubbo-ca.inject": "true",
RegistryInjectNacosLabel: Labeled,
}
} else {
return map[string]string{}
}
}
func (f *fakeKubeClient) ListServices(namespace string, listOptions metav1.ListOptions) *v1.ServiceList {
if namespace != "matched" {
return nil
}
for _, registry := range registryInjectLabelPriorities {
if listOptions.LabelSelector == fmt.Sprintf("%s=%s", registry, Labeled) {
if registry == RegistryInjectK8sLabel { // k8s registry
return nil
}
return &v1.ServiceList{
Items: []v1.Service{
{
ObjectMeta: metav1.ObjectMeta{
Name: fmt.Sprintf("%s-registry", registrySchemas[registry]),
Namespace: namespace,
},
},
},
}
}
}
if listOptions.LabelSelector == fmt.Sprintf("%s=%s", "dubbo.apache.org/prometheus", Labeled) {
return &v1.ServiceList{
Items: []v1.Service{
{
ObjectMeta: metav1.ObjectMeta{
Namespace: namespace,
},
},
},
}
}
return nil
}
func TestEmpty(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{}
newPod, _ := sdk.NewPodWithDubboCa(pod)
if !reflect.DeepEqual(newPod, pod) {
t.Error("should be equal")
}
}
func TestInjectFromLabel(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{}
pod.Labels = make(map[string]string)
pod.Labels["dubbo-ca.inject"] = "true"
newPod, _ := sdk.NewPodWithDubboCa(pod)
if reflect.DeepEqual(newPod, pod) {
t.Error("should not be equal")
}
}
func TestInjectFromNs(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{}
pod.Namespace = "matched"
newPod, _ := sdk.NewPodWithDubboCa(pod)
if reflect.DeepEqual(newPod, pod) {
t.Error("should not be equal")
}
}
func TestInjectVolumes(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{}
pod.Namespace = "matched"
newPod, _ := sdk.NewPodWithDubboCa(pod)
if reflect.DeepEqual(newPod, pod) {
t.Error("should not be equal")
}
if len(newPod.Spec.Volumes) != 2 {
t.Error("should have 1 volume")
}
if newPod.Spec.Volumes[0].Name != "dubbo-ca-token" {
t.Error("should have dubbo-ca-token volume")
}
if len(newPod.Spec.Volumes[0].Projected.Sources) != 1 {
t.Error("should have 1 projected source")
}
if newPod.Spec.Volumes[0].Projected.Sources[0].ServiceAccountToken.Path != "token" {
t.Error("should have token path")
}
if newPod.Spec.Volumes[0].Projected.Sources[0].ServiceAccountToken.Audience != "dubbo-ca" {
t.Error("should have dubbo-ca audience")
}
if *newPod.Spec.Volumes[0].Projected.Sources[0].ServiceAccountToken.ExpirationSeconds != 1800 {
t.Error("should have 1800 expiration seconds")
}
if newPod.Spec.Volumes[1].Name != "dubbo-ca-cert" {
t.Error("should have dubbo-ca-cert volume")
}
if len(newPod.Spec.Volumes[1].Projected.Sources) != 1 {
t.Error("should have 1 projected source")
}
if newPod.Spec.Volumes[1].Projected.Sources[0].ConfigMap.Name != "dubbo-ca-cert" {
t.Error("should have dubbo-ca-cert configmap")
}
if len(newPod.Spec.Volumes[1].Projected.Sources[0].ConfigMap.Items) != 1 {
t.Error("should have 1 item")
}
if newPod.Spec.Volumes[1].Projected.Sources[0].ConfigMap.Items[0].Key != "ca.crt" {
t.Error("should have ca.crt key")
}
if newPod.Spec.Volumes[1].Projected.Sources[0].ConfigMap.Items[0].Path != "ca.crt" {
t.Error("should have ca.crt path")
}
}
func TestInjectOneContainer(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{}
pod.Namespace = "matched"
pod.Spec.Containers = make([]v1.Container, 1)
pod.Spec.Containers[0].Name = "test"
newPod, _ := sdk.NewPodWithDubboCa(pod)
if reflect.DeepEqual(newPod, pod) {
t.Error("should not be equal")
}
if len(newPod.Spec.Containers) != 1 {
t.Error("should have 1 container")
}
container := newPod.Spec.Containers[0]
checkContainer(t, container)
}
func TestInjectTwoContainer(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{}
pod.Namespace = "matched"
pod.Spec.Containers = make([]v1.Container, 2)
pod.Spec.Containers[0].Name = "test"
pod.Spec.Containers[1].Name = "test"
newPod, _ := sdk.NewPodWithDubboCa(pod)
if reflect.DeepEqual(newPod, pod) {
t.Error("should not be equal")
}
if len(newPod.Spec.Containers) != 2 {
t.Error("should have 2 container")
}
container := newPod.Spec.Containers[0]
checkContainer(t, container)
container = newPod.Spec.Containers[1]
checkContainer(t, container)
}
func checkContainer(t *testing.T, container v1.Container) {
if container.Name != "test" {
t.Error("should have test container")
}
if len(container.Env) != 4 {
t.Error("should have 3 env")
}
if container.Env[0].Name != "DUBBO_CA_ADDRESS" {
t.Error("should have DUBBO_CA_ADDRESS env")
}
if container.Env[0].Value != "dubbo-ca.dubbo-system.svc:30062" {
t.Error("should have dubbo-ca.dubbo-system.svc:30062 value")
}
if container.Env[1].Name != "DUBBO_CA_CERT_PATH" {
t.Error("should have DUBBO_CA_TOKEN_PATH env")
}
if container.Env[1].Value != "/var/run/secrets/dubbo-ca-cert/ca.crt" {
t.Error("should have /var/run/secrets/dubbo-ca-cert/ca.crt value")
}
if container.Env[2].Name != "DUBBO_OIDC_TOKEN" {
t.Error("should have DUBBO_OIDC_TOKEN env")
}
if container.Env[2].Value != "/var/run/secrets/dubbo-ca-token/token" {
t.Error("should have /var/run/secrets/dubbo-ca-token/token value")
}
if container.Env[3].Name != "DUBBO_OIDC_TOKEN_TYPE" {
t.Error("should have DUBBO_OIDC_TOKEN_TYPE env")
}
if container.Env[3].Value != "dubbo-ca-token" {
t.Error("should have dubbo-ca-token value")
}
if len(container.VolumeMounts) != 2 {
t.Error("should have 2 volume mounts")
}
if container.VolumeMounts[0].Name != "dubbo-ca-token" {
t.Error("should have dubbo-ca-token volume mount")
}
if container.VolumeMounts[0].MountPath != "/var/run/secrets/dubbo-ca-token" {
t.Error("should have /var/run/secrets/dubbo-ca-token mount path")
}
if container.VolumeMounts[1].Name != "dubbo-ca-cert" {
t.Error("should have dubbo-ca-cert volume mount")
}
if container.VolumeMounts[1].MountPath != "/var/run/secrets/dubbo-ca-cert" {
t.Error("should have /var/run/secrets/dubbo-ca-cert mount path")
}
}
func TestCheckVolume1(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{}
pod.Namespace = "matched"
pod.Spec.Containers = make([]v1.Container, 1)
pod.Spec.Containers[0].Name = "test"
pod.Spec.Volumes = make([]v1.Volume, 1)
pod.Spec.Volumes[0].Name = "dubbo-ca-token"
newPod, _ := sdk.NewPodWithDubboCa(pod)
if !reflect.DeepEqual(newPod, pod) {
t.Error("should be equal")
}
}
func TestCheckVolume2(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{}
pod.Namespace = "matched"
pod.Spec.Containers = make([]v1.Container, 1)
pod.Spec.Containers[0].Name = "test"
pod.Spec.Volumes = make([]v1.Volume, 1)
pod.Spec.Volumes[0].Name = "dubbo-ca-cert"
newPod, _ := sdk.NewPodWithDubboCa(pod)
if !reflect.DeepEqual(newPod, pod) {
t.Error("should be equal")
}
}
func TestCheckEnv1(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{}
pod.Namespace = "matched"
pod.Spec.Containers = make([]v1.Container, 1)
pod.Spec.Containers[0].Name = "test"
pod.Spec.Containers[0].Env = make([]v1.EnvVar, 1)
pod.Spec.Containers[0].Env[0].Name = "DUBBO_CA_ADDRESS"
newPod, _ := sdk.NewPodWithDubboCa(pod)
if !reflect.DeepEqual(newPod, pod) {
t.Error("should be equal")
}
}
func TestCheckEnv2(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{}
pod.Namespace = "matched"
pod.Spec.Containers = make([]v1.Container, 1)
pod.Spec.Containers[0].Name = "test"
pod.Spec.Containers[0].Env = make([]v1.EnvVar, 1)
pod.Spec.Containers[0].Env[0].Name = "DUBBO_CA_CERT_PATH"
newPod, _ := sdk.NewPodWithDubboCa(pod)
if !reflect.DeepEqual(newPod, pod) {
t.Error("should be equal")
}
}
func TestCheckEnv3(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{}
pod.Namespace = "matched"
pod.Spec.Containers = make([]v1.Container, 1)
pod.Spec.Containers[0].Name = "test"
pod.Spec.Containers[0].Env = make([]v1.EnvVar, 1)
pod.Spec.Containers[0].Env[0].Name = "DUBBO_OIDC_TOKEN"
newPod, _ := sdk.NewPodWithDubboCa(pod)
if !reflect.DeepEqual(newPod, pod) {
t.Error("should be equal")
}
}
func TestCheckEnv4(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{}
pod.Namespace = "matched"
pod.Spec.Containers = make([]v1.Container, 2)
pod.Spec.Containers[0].Name = "test"
pod.Spec.Containers[1].Name = "test"
pod.Spec.Containers[1].Env = make([]v1.EnvVar, 1)
pod.Spec.Containers[1].Env[0].Name = "DUBBO_OIDC_TOKEN"
newPod, _ := sdk.NewPodWithDubboCa(pod)
if !reflect.DeepEqual(newPod, pod) {
t.Error("should be equal")
}
}
func TestCheckContainerVolume1(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{}
pod.Namespace = "matched"
pod.Spec.Containers = make([]v1.Container, 1)
pod.Spec.Containers[0].Name = "test"
pod.Spec.Containers[0].VolumeMounts = make([]v1.VolumeMount, 1)
pod.Spec.Containers[0].VolumeMounts[0].Name = "dubbo-ca-token"
newPod, _ := sdk.NewPodWithDubboCa(pod)
if !reflect.DeepEqual(newPod, pod) {
t.Error("should be equal")
}
}
func TestCheckContainerVolume2(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{}
pod.Namespace = "matched"
pod.Spec.Containers = make([]v1.Container, 1)
pod.Spec.Containers[0].Name = "test"
pod.Spec.Containers[0].VolumeMounts = make([]v1.VolumeMount, 1)
pod.Spec.Containers[0].VolumeMounts[0].Name = "dubbo-ca-cert"
newPod, _ := sdk.NewPodWithDubboCa(pod)
if !reflect.DeepEqual(newPod, pod) {
t.Error("should be equal")
}
}
func TestCheckContainerVolume3(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{}
pod.Namespace = "matched"
pod.Spec.Containers = make([]v1.Container, 2)
pod.Spec.Containers[0].Name = "test"
pod.Spec.Containers[1].Name = "test"
pod.Spec.Containers[1].VolumeMounts = make([]v1.VolumeMount, 1)
pod.Spec.Containers[1].VolumeMounts[0].Name = "dubbo-ca-cert"
newPod, _ := sdk.NewPodWithDubboCa(pod)
if !reflect.DeepEqual(newPod, pod) {
t.Error("should be equal")
}
}
func TestZkRegistryInjectFromLabel(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{
ObjectMeta: metav1.ObjectMeta{
Namespace: "matched",
Labels: map[string]string{
RegistryInjectZookeeperLabel: Labeled,
},
},
Spec: v1.PodSpec{
Containers: []v1.Container{
{},
},
},
}
newPod, err := sdk.NewPodWithDubboRegistryInject(pod)
if err != nil {
t.Error(err.Error())
}
if !checkExpectedEnv(newPod, EnvDubboRegistryAddress, "zookeeper://zookeeper-registry.matched.svc") {
t.Error("registry should be injected")
}
}
func TestNacosRegistryInjectFromLabel(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{
ObjectMeta: metav1.ObjectMeta{
Namespace: "matched",
Labels: map[string]string{
RegistryInjectNacosLabel: Labeled,
},
},
Spec: v1.PodSpec{
Containers: []v1.Container{
{},
},
},
}
newPod, err := sdk.NewPodWithDubboRegistryInject(pod)
if err != nil {
t.Error(err.Error())
}
if !checkExpectedEnv(newPod, EnvDubboRegistryAddress, "nacos://nacos-registry.matched.svc") {
t.Error("registry should be injected")
}
}
func TestK8sRegistryInjectFromLabel(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{
ObjectMeta: metav1.ObjectMeta{
Namespace: "matched",
Labels: map[string]string{
RegistryInjectK8sLabel: Labeled,
},
},
Spec: v1.PodSpec{
Containers: []v1.Container{
{},
},
},
}
newPod, err := sdk.NewPodWithDubboRegistryInject(pod)
if err != nil {
t.Error(err.Error())
}
if !checkExpectedEnv(newPod, EnvDubboRegistryAddress, DefaultK8sRegistryAddress) {
t.Error("registry should be injected")
}
}
func TestRegistryNotInjectFromLabel(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
userSpecifiedAddress := "some address"
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{
ObjectMeta: metav1.ObjectMeta{
Namespace: "matched",
},
Spec: v1.PodSpec{
Containers: []v1.Container{
{
Env: []v1.EnvVar{
{
Name: EnvDubboRegistryAddress,
Value: userSpecifiedAddress,
},
},
},
},
},
}
newPod, err := sdk.NewPodWithDubboRegistryInject(pod)
if err != nil {
t.Error(err.Error())
}
if !checkExpectedEnv(newPod, EnvDubboRegistryAddress, userSpecifiedAddress) {
t.Error("registry should not be injected")
}
}
func TestRegistryInjectFromNs(t *testing.T) {
t.Parallel()
options := &dubbo_cp.Config{
KubeConfig: kube.KubeConfig{
IsKubernetesConnected: false,
Namespace: "dubbo-system",
ServiceName: "dubbo-ca",
},
Security: security.SecurityConfig{
CaValidity: 30 * 24 * 60 * 60 * 1000, // 30 day
CertValidity: 1 * 60 * 60 * 1000, // 1 hour
},
Webhook: webhook2.Webhook{
Port: 30080,
AllowOnErr: false,
},
GrpcServer: server.ServerConfig{
PlainServerPort: 30060,
SecureServerPort: 30062,
DebugPort: 30070,
},
}
sdk := NewDubboSdk(options, &fakeKubeClient{}, nil)
pod := &v1.Pod{
Spec: v1.PodSpec{
Containers: []v1.Container{
{},
},
},
}
pod.Namespace = "matched"
newPod, err := sdk.NewPodWithDubboRegistryInject(pod)
if err != nil {
t.Error(err.Error())
}
if !checkExpectedEnv(newPod, EnvDubboRegistryAddress, "nacos://nacos-registry.matched.svc") {
t.Error("registry should be injected")
}
}
func checkExpectedEnv(pod *v1.Pod, expectedEnvName, expectedEnvValue string) bool {
if len(pod.Spec.Containers) <= 0 || len(pod.Spec.Containers[0].Env) <= 0 {
return false
}
for _, env := range pod.Spec.Containers[0].Env {
if env.Name == expectedEnvName {
if env.Value == expectedEnvValue {
return true
}
}
}
return false
}