-
Notifications
You must be signed in to change notification settings - Fork 6
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Merge remote-tracking branch 'origin/stage' into VKPR-140-teste-autom…
…atizado-whoami
- Loading branch information
Showing
173 changed files
with
1,837 additions
and
667 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,60 @@ | ||
# TESTS | ||
|
||
Automated BATS tests for VKPR formulas. | ||
|
||
## BATS in VKPR | ||
|
||
Tests written using [BATS](https://bats-core.readthedocs.io/en/stable/index.html). | ||
|
||
BATS itself is installed by `vkpr init` formula. | ||
|
||
A few points: | ||
|
||
- BATS supports `setup` and `teardown` operations defined in each `.bats` file (invoked before and after **each test** in that file). | ||
- BATS also supports `setup_file` and `teardown_file` operations defined in each `.bats` file (invoked **once** before and after each file). | ||
- VKPR tests also rely on a shared `common_setup.bash` that is invoked by all `setup_file` operations (by convention), to implement "smart" warm-ups and caches for all tests | ||
|
||
A typical `bats` file is like this: | ||
|
||
```sh | ||
VKPR_HOME=~/.vkpr | ||
|
||
setup_file() { | ||
load 'common-setup' | ||
_common_setup | ||
# here goes 'once per file' setup code | ||
} | ||
|
||
setup() { | ||
load $VKPR_HOME/bats/bats-support/load.bash | ||
load $VKPR_HOME/bats/bats-assert/load.bash | ||
# here goes 'once per test' setup code | ||
} | ||
|
||
# here goes all tests | ||
@test "this is a test" { | ||
# here is some test code | ||
} | ||
``` | ||
|
||
## Running individual tests | ||
|
||
You can run individual tests quickly (for a TDD approach) by disabling teardown and specifying the test file: | ||
|
||
``` | ||
VKPR_TEST_SKIP_TEARDOWN=true ~/.vkpr/bats/bin/bats ingress-test.bats | ||
``` | ||
|
||
or to disable only the "common" teardown (cluster destruction): | ||
|
||
``` | ||
VKPR_TEST_SKIP_COMMON_TEARDOWN=true ~/.vkpr/bats/bin/bats ingress-test.bats | ||
``` | ||
|
||
## Running all tests | ||
|
||
You can run all tests by running BATS against the tests folder: | ||
|
||
``` | ||
~/.vkpr/bats/bin/bats vkpr-tests | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,77 @@ | ||
VKPR_HOME=~/.vkpr | ||
|
||
setup_file() { | ||
#load 'common-setup' | ||
#_common_setup | ||
if [ "$VKPR_TEST_SKIP_SETUP" == "true" ]; then | ||
echo "setup: skipping setup due to VKPR_TEST_SKIP_SETUP=true" >&3 | ||
else | ||
echo "setup: starting private ACME server..." >&3 | ||
DOCKER0_IP=$(ifconfig docker0 | grep "inet " | awk '{printf $2}'0) | ||
docker run --rm -d --name step \ | ||
-p 9000:9000 \ | ||
--add-host "host.k3d.internal:$DOCKER0_IP" \ | ||
-e "DOCKER_STEPCA_INIT_NAME=Smallstep" \ | ||
-e "DOCKER_STEPCA_INIT_DNS_NAMES=host.k3d.internal,localhost,step,$(hostname -f)" \ | ||
smallstep/step-ca | ||
sleep 20 | ||
docker exec step step ca provisioner add acme --type ACME | ||
docker kill -s 1 step | ||
|
||
#docker logs -f step | ||
|
||
echo "setup: copying root_ca.crt from ACME server..." >&3 | ||
docker cp step:/home/step/certs/root_ca.crt /tmp/ | ||
chmod +r /tmp/root_ca.crt | ||
|
||
echo "setup: initialising infra. Cluster running on port 80 , 443 is manadatory for this test." >&3 | ||
rit vkpr infra start --http_port 80 --https_port 443 | ||
kubectl wait --all-namespaces --for=condition=ready --timeout=20m pod --all | ||
sleep 2 | ||
|
||
echo "setup: Copying root_ca.crt to cert-manager namespace.." >&3 | ||
kubectl create namespace cert-manager | ||
kubectl create secret generic custom-ca-secret -n cert-manager \ | ||
--from-file=ca-certificates.crt=/tmp/root_ca.crt | ||
|
||
echo "setup: installing cert-manager...." >&3 | ||
rit vkpr cert-manager install custom-acme --email [email protected] | ||
kubectl wait --all-namespaces --for=condition=ready --timeout=5m pod --all | ||
sleep 2 | ||
|
||
echo "setup: instaling ingress..." >&3 | ||
rit vkpr ingress install | ||
kubectl wait --all-namespaces --for=condition=ready --timeout=5m pod --all | ||
sleep 2 | ||
|
||
echo "setup: installing whoami to create a certificate...." >&3 | ||
rit vkpr whoami install --domain "host.k3d.internal" | ||
kubectl wait --all-namespaces --for=condition=ready --timeout=5m pod --all | ||
sleep 1m | ||
fi | ||
} | ||
|
||
setup() { | ||
load $VKPR_HOME/bats/bats-support/load.bash | ||
load $VKPR_HOME/bats/bats-assert/load.bash | ||
} | ||
|
||
@test "curl to https://host.k3d.internal must return a Smallstep certificate" { | ||
run "$(curl -vvv -k --resolve host.k3d.internal:443:127.0.0.1 https://host.k3d.internal 2>&1 | awk 'BEGIN { cert=0 } /^\* Server certificate:/ { cert=1 } /^\*/ { if (cert) print }')" | ||
actual="${lines[4]}" | ||
trim "$actual" | ||
actual="$TRIMMED" | ||
expected="* issuer: O=Smallstep; CN=Smallstep Intermediate CA" | ||
assert_equal "$actual" "$expected" | ||
|
||
} | ||
|
||
|
||
trim() { | ||
local var="$*" | ||
# remove leading whitespace characters | ||
var="${var#"${var%%[![:space:]]*}"}" | ||
# remove trailing whitespace characters | ||
var="${var%"${var##*[![:space:]]}"}" | ||
TRIMMED="$var" | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,6 @@ | ||
log-dns-details=yes | ||
log-dns-queries=yes | ||
loglevel=6 | ||
cache-ttl=0 | ||
zone-cache-refresh-interval=0 | ||
zone-metadata-cache-ttl=0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,43 @@ | ||
# nginx service with external-dns annotations | ||
# | ||
# generated with the commands below: | ||
# | ||
# kubectl run nginx --image=nginx --port=80 --dry-run=client -o yaml | ||
# kubectl expose pod nginx --port=8000 --target-port=80 --type=LoadBalancer --dry-run=client -o yaml | ||
# | ||
apiVersion: v1 | ||
kind: Pod | ||
metadata: | ||
labels: | ||
run: nginx | ||
name: nginx | ||
spec: | ||
containers: | ||
- image: nginx | ||
name: nginx | ||
ports: | ||
- containerPort: 80 | ||
resources: {} | ||
dnsPolicy: ClusterFirst | ||
restartPolicy: Always | ||
status: {} | ||
|
||
--- | ||
|
||
apiVersion: v1 | ||
kind: Service | ||
metadata: | ||
labels: | ||
run: nginx | ||
name: nginx | ||
annotations: | ||
external-dns.alpha.kubernetes.io/ttl: "10" | ||
external-dns.alpha.kubernetes.io/hostname: nginx.example.com. | ||
spec: | ||
ports: | ||
- port: 8000 | ||
protocol: TCP | ||
targetPort: 80 | ||
selector: | ||
run: nginx | ||
type: LoadBalancer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,114 @@ | ||
# | ||
# External-DNS Tests | ||
# | ||
# We are starting a local PowerDNS authoritative server and creating a new "example.com" domain during setup. | ||
# Mora bout this in https://doc.powerdns.com/authoritative/PowerDNS-Authoritative.pdf. | ||
# | ||
VKPR_HOME=~/.vkpr | ||
|
||
setup_file() { | ||
load 'common-setup' | ||
_common_setup | ||
if [ "$VKPR_TEST_SKIP_SETUP" == "true" ]; then | ||
echo "setup: skipping setup due to VKPR_TEST_SKIP_SETUP=true" >&3 | ||
else | ||
echo "setup: starting powerdns..." >&3 | ||
startPowerDNS | ||
echo "setup: installing externaldns...." >&3 | ||
rit vkpr external-dns install pdns --apiurl=http://host.k3d.internal | ||
# expose test service | ||
echo "setup: creating and exposing annotated service...." >&3 | ||
kubectl apply -f $BATS_TEST_DIRNAME/exposed-service.yml | ||
# wait for all to be ready | ||
kubectl wait --for=condition=ready --timeout=1m pod --all | ||
#sleep 20 | ||
fi | ||
} | ||
|
||
setup() { | ||
load $VKPR_HOME/bats/bats-support/load.bash | ||
load $VKPR_HOME/bats/bats-assert/load.bash | ||
} | ||
|
||
@test "tests name resolution of k3d host internal alias (host.k3d.internal)" { | ||
run get_host_ip | ||
} | ||
|
||
@test "dig test of powerdns container 'local.example.com'" { | ||
# ensures powerdns has been initialized correctly | ||
run dig_local | ||
assert_output '127.0.0.1' | ||
} | ||
|
||
dig_local(){ | ||
dig @localhost -4 -r -p 8553 local.example.com +short | ||
} | ||
|
||
@test "testing if external-dns dealt with exposed annotated service" { | ||
# service | ||
external_ip=$(kubectl get svc nginx --template="{{range .status.loadBalancer.ingress}}{{.ip}}{{end}}") | ||
trim "$external_ip" | ||
external_ip="$TRIMMED" | ||
echo "external_ip=$external_ip" >&3 | ||
refute [ -z "$external_ip" ] | ||
run dig_exposed_service | ||
assert_output "$external_ip" | ||
} | ||
|
||
dig_exposed_service(){ | ||
dig @localhost -4 -r -p 8553 nginx.example.com +short | ||
} | ||
|
||
get_host_ip() { | ||
kubectl run --rm=true -i busybox --image=busybox --restart=Never \ | ||
--command -- ping -c1 -n host.k3d.internal | head -n1 | sed 's/.*(\([0-9]*\.[0-9]*\.[0-9]*\.[0-9]*\)).*/\1/g' | ||
} | ||
|
||
startPowerDNS() { | ||
# define log/cache cfg (IMPORTANTE zerar os tempos de cache) | ||
cp $BATS_TEST_DIRNAME/dnslog.j2 /tmp/dnslog.j2 | ||
# start powerdns | ||
docker run -d --name pdns \ | ||
-p 8553:53/tcp -p 8553:53/udp -p 8081:8081 \ | ||
-e PDNS_AUTH_API_KEY=mykey \ | ||
-e TEMPLATE_FILES="dnslog" \ | ||
-v /tmp/dnslog.j2:/etc/powerdns/templates.d/dnslog.j2:ro \ | ||
powerdns/pdns-auth-45 | ||
# creates dns zone | ||
docker exec pdns pdnsutil create-zone example.com | ||
docker exec pdns pdnsutil set-kind example.com native | ||
docker exec pdns pdnsutil set-meta example.com SOA-EDIT INCEPTION-INCREMENT | ||
docker exec pdns pdnsutil increase-serial example.com | ||
docker exec pdns pdnsutil add-record example.com local A 60 "127.0.0.1" | ||
|
||
# creates rit powerdns credential | ||
rit set credential --provider='powerdns' --fields="apikey" --values="mykey" | ||
} | ||
|
||
stopPowerDNS() { | ||
docker stop pdns | ||
docker rm pdns | ||
} | ||
|
||
teardown_file() { | ||
if [ "$VKPR_TEST_SKIP_TEARDOWN" == "true" ]; then | ||
echo "teardown: skipping teardown due to VKPR_TEST_SKIP_TEARDOWN=true" >&3 | ||
else | ||
echo "teardown: removing annotated service...." >&3 | ||
kubectl delete --ignore-not-found=true -f $BATS_TEST_DIRNAME/exposed-service.yml | ||
echo "teardown: stopping power-dns...." >&3 | ||
stopPowerDNS | ||
echo "teardown: uninstalling external-dns...." >&3 | ||
rit vkpr external-dns remove | ||
fi | ||
_common_teardown | ||
} | ||
|
||
trim() { | ||
local var="$*" | ||
# remove leading whitespace characters | ||
var="${var#"${var%%[![:space:]]*}"}" | ||
# remove trailing whitespace characters | ||
var="${var%"${var##*[![:space:]]}"}" | ||
TRIMMED="$var" | ||
} |
Oops, something went wrong.