273 lines
10 KiB
Go
273 lines
10 KiB
Go
//go:build unit
|
|
// +build unit
|
|
|
|
/*
|
|
Copyright 2021 The Flux authors
|
|
|
|
Licensed under the Apache License, Version 2.0 (the "License");
|
|
you may not use this file except in compliance with the License.
|
|
You may obtain a copy of the License at
|
|
|
|
http://www.apache.org/licenses/LICENSE-2.0
|
|
|
|
Unless required by applicable law or agreed to in writing, software
|
|
distributed under the License is distributed on an "AS IS" BASIS,
|
|
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
See the License for the specific language governing permissions and
|
|
limitations under the License.
|
|
*/
|
|
|
|
package main
|
|
|
|
import (
|
|
"context"
|
|
"os"
|
|
"strings"
|
|
"testing"
|
|
|
|
"github.com/fluxcd/flux2/v2/internal/build"
|
|
"github.com/fluxcd/pkg/ssa"
|
|
"github.com/fluxcd/pkg/ssa/normalize"
|
|
"k8s.io/apimachinery/pkg/apis/meta/v1/unstructured"
|
|
)
|
|
|
|
func TestDiffKustomization(t *testing.T) {
|
|
tests := []struct {
|
|
name string
|
|
args string
|
|
objectFile string
|
|
assert assertFunc
|
|
}{
|
|
{
|
|
name: "no args",
|
|
args: "diff kustomization podinfo",
|
|
objectFile: "",
|
|
assert: assertError("invalid resource path \"\""),
|
|
},
|
|
{
|
|
name: "diff nothing deployed",
|
|
args: "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false",
|
|
objectFile: "",
|
|
assert: assertGoldenFile("./testdata/diff-kustomization/diff-new-kustomization.golden"),
|
|
},
|
|
{
|
|
name: "diff with a deployment object",
|
|
args: "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false",
|
|
objectFile: "./testdata/diff-kustomization/deployment.yaml",
|
|
assert: assertGoldenFile("./testdata/diff-kustomization/diff-with-deployment.golden"),
|
|
},
|
|
{
|
|
name: "diff with a drifted service object",
|
|
args: "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false",
|
|
objectFile: "./testdata/diff-kustomization/service.yaml",
|
|
assert: assertGoldenFile("./testdata/diff-kustomization/diff-with-drifted-service.golden"),
|
|
},
|
|
{
|
|
name: "diff with a drifted secret object",
|
|
args: "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false",
|
|
objectFile: "./testdata/diff-kustomization/secret.yaml",
|
|
assert: assertGoldenFile("./testdata/diff-kustomization/diff-with-drifted-secret.golden"),
|
|
},
|
|
{
|
|
name: "diff with a drifted key in sops secret object",
|
|
args: "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false",
|
|
objectFile: "./testdata/diff-kustomization/key-sops-secret.yaml",
|
|
assert: assertGoldenFile("./testdata/diff-kustomization/diff-with-drifted-key-sops-secret.golden"),
|
|
},
|
|
{
|
|
name: "diff with a drifted value in sops secret object",
|
|
args: "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false",
|
|
objectFile: "./testdata/diff-kustomization/value-sops-secret.yaml",
|
|
assert: assertGoldenFile("./testdata/diff-kustomization/diff-with-drifted-value-sops-secret.golden"),
|
|
},
|
|
{
|
|
name: "diff with a sops dockerconfigjson secret object",
|
|
args: "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false",
|
|
objectFile: "./testdata/diff-kustomization/dockerconfigjson-sops-secret.yaml",
|
|
assert: assertGoldenFile("./testdata/diff-kustomization/diff-with-dockerconfigjson-sops-secret.golden"),
|
|
},
|
|
{
|
|
name: "diff with a sops stringdata secret object",
|
|
args: "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false",
|
|
objectFile: "./testdata/diff-kustomization/stringdata-sops-secret.yaml",
|
|
assert: assertGoldenFile("./testdata/diff-kustomization/diff-with-drifted-stringdata-sops-secret.golden"),
|
|
},
|
|
{
|
|
name: "diff where kustomization file has multiple objects with the same name",
|
|
args: "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false --kustomization-file ./testdata/diff-kustomization/flux-kustomization-multiobj.yaml",
|
|
objectFile: "",
|
|
assert: assertGoldenFile("./testdata/diff-kustomization/diff-new-kustomization.golden"),
|
|
},
|
|
{
|
|
name: "diff with recursive",
|
|
args: "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo-with-my-app --progress-bar=false --recursive --local-sources GitRepository/default/podinfo=./testdata/build-kustomization",
|
|
objectFile: "./testdata/diff-kustomization/my-app.yaml",
|
|
assert: assertGoldenFile("./testdata/diff-kustomization/diff-with-recursive.golden"),
|
|
},
|
|
}
|
|
|
|
tmpl := map[string]string{
|
|
"fluxns": allocateNamespace("flux-system"),
|
|
}
|
|
|
|
b, _ := build.NewBuilder("podinfo", "", build.WithClientConfig(kubeconfigArgs, kubeclientOptions))
|
|
|
|
resourceManager, err := b.Manager()
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
setup(t, tmpl)
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
if tt.objectFile != "" {
|
|
if _, err := resourceManager.ApplyAll(context.Background(), createObjectFromFile(tt.objectFile, tmpl, t), ssa.DefaultApplyOptions()); err != nil {
|
|
t.Error(err)
|
|
}
|
|
}
|
|
cmd := cmdTestCase{
|
|
args: tt.args + " -n " + tmpl["fluxns"],
|
|
assert: tt.assert,
|
|
}
|
|
cmd.runTestCmd(t)
|
|
if tt.objectFile != "" {
|
|
testEnv.DeleteObjectFile(tt.objectFile, tmpl, t)
|
|
}
|
|
})
|
|
}
|
|
}
|
|
|
|
// TestDiffKustomizationNotDeployed tests `flux diff ks` when the Kustomization
|
|
// CR does not exist in the cluster but is provided via --kustomization-file.
|
|
// Reproduces https://github.com/fluxcd/flux2/issues/5439
|
|
func TestDiffKustomizationNotDeployed(t *testing.T) {
|
|
// Use a dedicated namespace with NO setup() -- the Kustomization CR
|
|
// intentionally does not exist in the cluster.
|
|
tmpl := map[string]string{
|
|
"fluxns": allocateNamespace("flux-system"),
|
|
}
|
|
setupTestNamespace(tmpl["fluxns"], t)
|
|
|
|
tests := []struct {
|
|
name string
|
|
args string
|
|
assert assertFunc
|
|
}{
|
|
{
|
|
name: "fails without --ignore-not-found",
|
|
args: "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false " +
|
|
"--kustomization-file ./testdata/diff-kustomization/flux-kustomization-local-only.yaml",
|
|
assert: assertError("failed to get kustomization object: kustomizations.kustomize.toolkit.fluxcd.io \"podinfo\" not found"),
|
|
},
|
|
{
|
|
name: "succeeds with --ignore-not-found and --kustomization-file",
|
|
args: "diff kustomization podinfo --path ./testdata/build-kustomization/podinfo --progress-bar=false " +
|
|
"--kustomization-file ./testdata/diff-kustomization/flux-kustomization-local-only.yaml " +
|
|
"--ignore-not-found",
|
|
assert: assertGoldenFile("./testdata/diff-kustomization/diff-new-kustomization.golden"),
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
cmd := cmdTestCase{
|
|
args: tt.args + " -n " + tmpl["fluxns"],
|
|
assert: tt.assert,
|
|
}
|
|
cmd.runTestCmd(t)
|
|
})
|
|
}
|
|
}
|
|
|
|
// TestDiffKustomizationTakeOwnership tests `flux diff ks` when taking ownership
|
|
// of existing resources on the cluster. A "pre-existing" configmap is applied
|
|
// to the cluster, and the kustomization contains a matching configmap; the
|
|
// diff should show the labels added by flux
|
|
func TestDiffKustomizationTakeOwnership(t *testing.T) {
|
|
tmpl := map[string]string{
|
|
"fluxns": allocateNamespace("flux-system"),
|
|
}
|
|
setupTestNamespace(tmpl["fluxns"], t)
|
|
|
|
b, _ := build.NewBuilder("configmaps", "", build.WithClientConfig(kubeconfigArgs, kubeclientOptions))
|
|
resourceManager, err := b.Manager()
|
|
if err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
// Pre-create the "existing" configmap in the cluster without Flux labels
|
|
if _, err := resourceManager.ApplyAll(context.Background(), createObjectFromFile("./testdata/diff-kustomization/existing-configmap.yaml", tmpl, t), ssa.DefaultApplyOptions()); err != nil {
|
|
t.Fatal(err)
|
|
}
|
|
|
|
cmd := cmdTestCase{
|
|
args: "diff kustomization configmaps --path ./testdata/build-kustomization/configmaps --progress-bar=false " +
|
|
"--kustomization-file ./testdata/diff-kustomization/flux-kustomization-configmaps.yaml " +
|
|
"--ignore-not-found" +
|
|
" -n " + tmpl["fluxns"],
|
|
assert: assertGoldenFile("./testdata/diff-kustomization/diff-taking-ownership.golden"),
|
|
}
|
|
cmd.runTestCmd(t)
|
|
}
|
|
|
|
// TestDiffKustomizationNewNamespaceAndConfigmap runs `flux diff ks` when the
|
|
// kustomization creates a new namespace and resources inside it. The server-side
|
|
// dry-run cannot resolve resources in a namespace that doesn't exist yet,
|
|
// consistent with `kubectl diff --server-side` behavior.
|
|
func TestDiffKustomizationNewNamespaceAndConfigmap(t *testing.T) {
|
|
tmpl := map[string]string{
|
|
"fluxns": allocateNamespace("flux-system"),
|
|
}
|
|
setupTestNamespace(tmpl["fluxns"], t)
|
|
|
|
cmd := cmdTestCase{
|
|
args: "diff kustomization new-namespace-and-configmap --path ./testdata/build-kustomization/new-namespace-and-configmap --progress-bar=false " +
|
|
"--kustomization-file ./testdata/diff-kustomization/flux-kustomization-new-namespace-and-configmap.yaml " +
|
|
"--ignore-not-found" +
|
|
" -n " + tmpl["fluxns"],
|
|
assert: assertError("ConfigMap/new-ns/app-config not found: namespaces \"new-ns\" not found"),
|
|
}
|
|
cmd.runTestCmd(t)
|
|
}
|
|
|
|
// TestDiffKustomizationNewNamespaceOnly runs `flux diff ks` when the
|
|
// kustomization creates only a new namespace. The diff should show the
|
|
// namespace as created.
|
|
func TestDiffKustomizationNewNamespaceOnly(t *testing.T) {
|
|
tmpl := map[string]string{
|
|
"fluxns": allocateNamespace("flux-system"),
|
|
}
|
|
setupTestNamespace(tmpl["fluxns"], t)
|
|
|
|
cmd := cmdTestCase{
|
|
args: "diff kustomization new-namespace-only --path ./testdata/build-kustomization/new-namespace-only --progress-bar=false " +
|
|
"--kustomization-file ./testdata/diff-kustomization/flux-kustomization-new-namespace-only.yaml " +
|
|
"--ignore-not-found" +
|
|
" -n " + tmpl["fluxns"],
|
|
assert: assertGoldenFile("./testdata/diff-kustomization/diff-new-namespace-only.golden"),
|
|
}
|
|
cmd.runTestCmd(t)
|
|
}
|
|
|
|
func createObjectFromFile(objectFile string, templateValues map[string]string, t *testing.T) []*unstructured.Unstructured {
|
|
buf, err := os.ReadFile(objectFile)
|
|
if err != nil {
|
|
t.Fatalf("Error reading file '%s': %v", objectFile, err)
|
|
}
|
|
content, err := executeTemplate(string(buf), templateValues)
|
|
if err != nil {
|
|
t.Fatalf("Error evaluating template file '%s': '%v'", objectFile, err)
|
|
}
|
|
clientObjects, err := readYamlObjects(strings.NewReader(content))
|
|
if err != nil {
|
|
t.Fatalf("Error decoding yaml file '%s': %v", objectFile, err)
|
|
}
|
|
|
|
if err := normalize.UnstructuredList(clientObjects); err != nil {
|
|
t.Fatalf("Error setting native kinds defaults for '%s': %v", objectFile, err)
|
|
}
|
|
|
|
return clientObjects
|
|
}
|