From 7ef38da9fc22e9e09d1dad2f65ae5f3d49fea0c8 Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Tue, 4 Oct 2022 17:18:35 -0500 Subject: [PATCH 1/3] test: Add kubernetes runtime for executor opts tests --- executor/linux/opts_test.go | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/executor/linux/opts_test.go b/executor/linux/opts_test.go index 2a2af2d5..fd4b16b7 100644 --- a/executor/linux/opts_test.go +++ b/executor/linux/opts_test.go @@ -18,6 +18,7 @@ import ( "github.com/go-vela/types/pipeline" "github.com/go-vela/worker/runtime" "github.com/go-vela/worker/runtime/docker" + "github.com/go-vela/worker/runtime/kubernetes" "github.com/sirupsen/logrus" ) @@ -482,6 +483,11 @@ func TestLinux_Opt_WithRuntime(t *testing.T) { t.Errorf("unable to create docker runtime engine: %v", err) } + _kubernetes, err := kubernetes.NewMock(testPod(false)) + if err != nil { + t.Errorf("unable to create kubernetes runtime engine: %v", err) + } + // setup tests tests := []struct { name string @@ -493,6 +499,11 @@ func TestLinux_Opt_WithRuntime(t *testing.T) { failure: false, runtime: _docker, }, + { + name: "kubernetes runtime", + failure: false, + runtime: _kubernetes, + }, { name: "nil runtime", failure: true, From 69aa4595db37c5994f58d99e053dd35492fd8fd1 Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Tue, 4 Oct 2022 16:55:14 -0500 Subject: [PATCH 2/3] test: Add kubernetes runtime for secrets tests --- executor/linux/secret_test.go | 260 ++++++++++++++++++++++++++++++++++ 1 file changed, 260 insertions(+) diff --git a/executor/linux/secret_test.go b/executor/linux/secret_test.go index 0043872c..0b5bf148 100644 --- a/executor/linux/secret_test.go +++ b/executor/linux/secret_test.go @@ -47,6 +47,11 @@ func TestLinux_Secret_create(t *testing.T) { t.Errorf("unable to create docker runtime engine: %v", err) } + _kubernetes, err := kubernetes.NewMock(testPod(false)) + if err != nil { + t.Errorf("unable to create kubernetes runtime engine: %v", err) + } + // setup tests tests := []struct { name string @@ -68,6 +73,20 @@ func TestLinux_Secret_create(t *testing.T) { Pull: "not_present", }, }, + { + name: "kubernetes-good image tag", + failure: false, + runtime: _kubernetes, + container: &pipeline.Container{ + ID: "secret-github-octocat-1-vault", + Directory: "/vela/src/vcs.company.com/github/octocat", + Environment: map[string]string{"FOO": "bar"}, + Image: "target/secret-vault:latest", + Name: "vault", + Number: 1, + Pull: "not_present", + }, + }, { name: "docker-notfound image tag", failure: true, @@ -82,6 +101,20 @@ func TestLinux_Secret_create(t *testing.T) { Pull: "not_present", }, }, + //{ + // name: "kubernetes-notfound image tag", + // failure: true, // FIXME: make Kubernetes mock simulate failure similar to Docker mock + // runtime: _kubernetes, + // container: &pipeline.Container{ + // ID: "secret-github-octocat-1-vault", + // Directory: "/vela/src/vcs.company.com/github/octocat", + // Environment: map[string]string{"FOO": "bar"}, + // Image: "target/secret-vault:notfound", + // Name: "vault", + // Number: 1, + // Pull: "not_present", + // }, + //}, } // run tests @@ -122,6 +155,7 @@ func TestLinux_Secret_delete(t *testing.T) { _repo := testRepo() _user := testUser() _dockerSteps := testSteps(constants.DriverDocker) + _kubernetesSteps := testSteps(constants.DriverKubernetes) gin.SetMode(gin.TestMode) @@ -137,6 +171,11 @@ func TestLinux_Secret_delete(t *testing.T) { t.Errorf("unable to create docker runtime engine: %v", err) } + _kubernetes, err := kubernetes.NewMock(testPod(false)) + if err != nil { + t.Errorf("unable to create kubernetes runtime engine: %v", err) + } + _step := new(library.Step) _step.SetName("clone") _step.SetNumber(2) @@ -167,6 +206,22 @@ func TestLinux_Secret_delete(t *testing.T) { step: new(library.Step), steps: _dockerSteps, }, + { + name: "kubernetes-running container-empty step", + failure: false, + runtime: _kubernetes, + container: &pipeline.Container{ + ID: "secret-github-octocat-1-vault", + Directory: "/vela/src/vcs.company.com/github/octocat", + Environment: map[string]string{"FOO": "bar"}, + Image: "target/secret-vault:latest", + Name: "vault", + Number: 1, + Pull: "always", + }, + step: new(library.Step), + steps: _kubernetesSteps, + }, { name: "docker-running container-pending step", failure: false, @@ -183,6 +238,22 @@ func TestLinux_Secret_delete(t *testing.T) { step: _step, steps: _dockerSteps, }, + { + name: "kubernetes-running container-pending step", + failure: false, + runtime: _kubernetes, + container: &pipeline.Container{ + ID: "secret-github-octocat-1-vault", + Directory: "/vela/src/vcs.company.com/github/octocat", + Environment: map[string]string{"FOO": "bar"}, + Image: "target/secret-vault:latest", + Name: "vault", + Number: 2, + Pull: "always", + }, + step: _step, + steps: _kubernetesSteps, + }, { name: "docker-inspecting container failure due to invalid container id", failure: true, @@ -199,6 +270,22 @@ func TestLinux_Secret_delete(t *testing.T) { step: new(library.Step), steps: _dockerSteps, }, + //{ + // name: "kubernetes-inspecting container failure due to invalid container id", + // failure: true, // FIXME: make Kubernetes mock simulate failure similar to Docker mock + // runtime: _kubernetes, + // container: &pipeline.Container{ + // ID: "secret-github-octocat-1-notfound", + // Directory: "/vela/src/vcs.company.com/github/octocat", + // Environment: map[string]string{"FOO": "bar"}, + // Image: "target/secret-vault:latest", + // Name: "notfound", + // Number: 2, + // Pull: "always", + // }, + // step: new(library.Step), + // steps: _kubernetesSteps, + //}, { name: "docker-removing container failure", failure: true, @@ -215,6 +302,22 @@ func TestLinux_Secret_delete(t *testing.T) { step: new(library.Step), steps: _dockerSteps, }, + //{ + // name: "kubernetes-removing container failure", + // failure: true, // FIXME: make Kubernetes mock simulate failure similar to Docker mock + // runtime: _kubernetes, + // container: &pipeline.Container{ + // ID: "secret-github-octocat-1-ignorenotfound", + // Directory: "/vela/src/vcs.company.com/github/octocat", + // Environment: map[string]string{"FOO": "bar"}, + // Image: "target/secret-vault:latest", + // Name: "ignorenotfound", + // Number: 2, + // Pull: "always", + // }, + // step: new(library.Step), + // steps: _kubernetesSteps, + //}, } // run tests @@ -406,6 +509,11 @@ func TestLinux_Secret_pull(t *testing.T) { t.Errorf("unable to create docker runtime engine: %v", err) } + _kubernetes, err := kubernetes.NewMock(testPod(false)) + if err != nil { + t.Errorf("unable to create kubernetes runtime engine: %v", err) + } + // setup tests tests := []struct { name string @@ -426,6 +534,19 @@ func TestLinux_Secret_pull(t *testing.T) { Origin: &pipeline.Container{}, }, }, + { + name: "kubernetes-success with org secret", + failure: false, + runtime: _kubernetes, + secret: &pipeline.Secret{ + Name: "foo", + Value: "bar", + Key: "github/foo", + Engine: "native", + Type: "org", + Origin: &pipeline.Container{}, + }, + }, { name: "docker-failure with invalid org secret", failure: true, @@ -439,6 +560,19 @@ func TestLinux_Secret_pull(t *testing.T) { Origin: &pipeline.Container{}, }, }, + { + name: "kubernetes-failure with invalid org secret", + failure: true, + runtime: _kubernetes, + secret: &pipeline.Secret{ + Name: "foo", + Value: "bar", + Key: "foo/foo/foo", + Engine: "native", + Type: "org", + Origin: &pipeline.Container{}, + }, + }, { name: "docker-failure with org secret key not found", failure: true, @@ -452,6 +586,19 @@ func TestLinux_Secret_pull(t *testing.T) { Origin: &pipeline.Container{}, }, }, + { + name: "kubernetes-failure with org secret key not found", + failure: true, + runtime: _kubernetes, + secret: &pipeline.Secret{ + Name: "foo", + Value: "bar", + Key: "not-found", + Engine: "native", + Type: "org", + Origin: &pipeline.Container{}, + }, + }, { name: "docker-success with repo secret", failure: false, @@ -465,6 +612,19 @@ func TestLinux_Secret_pull(t *testing.T) { Origin: &pipeline.Container{}, }, }, + { + name: "kubernetes-success with repo secret", + failure: false, + runtime: _kubernetes, + secret: &pipeline.Secret{ + Name: "foo", + Value: "bar", + Key: "github/octocat/foo", + Engine: "native", + Type: "repo", + Origin: &pipeline.Container{}, + }, + }, { name: "docker-failure with invalid repo secret", failure: true, @@ -478,6 +638,19 @@ func TestLinux_Secret_pull(t *testing.T) { Origin: &pipeline.Container{}, }, }, + { + name: "kubernetes-failure with invalid repo secret", + failure: true, + runtime: _kubernetes, + secret: &pipeline.Secret{ + Name: "foo", + Value: "bar", + Key: "foo/foo/foo/foo", + Engine: "native", + Type: "repo", + Origin: &pipeline.Container{}, + }, + }, { name: "docker-failure with repo secret key not found", failure: true, @@ -491,6 +664,19 @@ func TestLinux_Secret_pull(t *testing.T) { Origin: &pipeline.Container{}, }, }, + { + name: "kubernetes-failure with repo secret key not found", + failure: true, + runtime: _kubernetes, + secret: &pipeline.Secret{ + Name: "foo", + Value: "bar", + Key: "not-found", + Engine: "native", + Type: "repo", + Origin: &pipeline.Container{}, + }, + }, { name: "docker-success with shared secret", failure: false, @@ -504,6 +690,19 @@ func TestLinux_Secret_pull(t *testing.T) { Origin: &pipeline.Container{}, }, }, + { + name: "kubernetes-success with shared secret", + failure: false, + runtime: _kubernetes, + secret: &pipeline.Secret{ + Name: "foo", + Value: "bar", + Key: "github/octokitties/foo", + Engine: "native", + Type: "shared", + Origin: &pipeline.Container{}, + }, + }, { name: "docker-failure with shared secret key not found", failure: true, @@ -517,6 +716,19 @@ func TestLinux_Secret_pull(t *testing.T) { Origin: &pipeline.Container{}, }, }, + { + name: "kubernetes-failure with shared secret key not found", + failure: true, + runtime: _kubernetes, + secret: &pipeline.Secret{ + Name: "foo", + Value: "bar", + Key: "not-found", + Engine: "native", + Type: "shared", + Origin: &pipeline.Container{}, + }, + }, { name: "docker-failure with invalid type", failure: true, @@ -530,6 +742,19 @@ func TestLinux_Secret_pull(t *testing.T) { Origin: &pipeline.Container{}, }, }, + { + name: "kubernetes-failure with invalid type", + failure: true, + runtime: _kubernetes, + secret: &pipeline.Secret{ + Name: "foo", + Value: "bar", + Key: "github/octokitties/foo", + Engine: "native", + Type: "invalid", + Origin: &pipeline.Container{}, + }, + }, } // run tests @@ -585,6 +810,11 @@ func TestLinux_Secret_stream(t *testing.T) { t.Errorf("unable to create docker runtime engine: %v", err) } + _kubernetes, err := kubernetes.NewMock(testPod(false)) + if err != nil { + t.Errorf("unable to create kubernetes runtime engine: %v", err) + } + // setup tests tests := []struct { name string @@ -608,6 +838,21 @@ func TestLinux_Secret_stream(t *testing.T) { Pull: "always", }, }, + { + name: "kubernetes-container step succeeds", + failure: false, + runtime: _kubernetes, + logs: new(library.Log), + container: &pipeline.Container{ + ID: "step-github-octocat-1-init", + Directory: "/home/github/octocat", + Environment: map[string]string{"FOO": "bar"}, + Image: "#init", + Name: "init", + Number: 1, + Pull: "always", + }, + }, { name: "docker-container step fails because of invalid container id", failure: true, @@ -623,6 +868,21 @@ func TestLinux_Secret_stream(t *testing.T) { Pull: "always", }, }, + //{ + // name: "kubernetes-container step fails because of invalid container id", + // failure: true, // FIXME: make Kubernetes mock simulate failure similar to Docker mock + // runtime: _kubernetes, + // logs: new(library.Log), + // container: &pipeline.Container{ + // ID: "secret-github-octocat-1-notfound", + // Directory: "/vela/src/vcs.company.com/github/octocat", + // Environment: map[string]string{"FOO": "bar"}, + // Image: "target/secret-vault:latest", + // Name: "notfound", + // Number: 2, + // Pull: "always", + // }, + //}, } // run tests From e2f7cd8c24573585c1df7fcc9cb1a5a3adbe8632 Mon Sep 17 00:00:00 2001 From: Jacob Floyd Date: Tue, 4 Oct 2022 16:55:14 -0500 Subject: [PATCH 3/3] test(executor): Add kubernetes runtime for secrets exec test --- executor/linux/secret_test.go | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/executor/linux/secret_test.go b/executor/linux/secret_test.go index 0b5bf148..e88d23b2 100644 --- a/executor/linux/secret_test.go +++ b/executor/linux/secret_test.go @@ -401,12 +401,24 @@ func TestLinux_Secret_exec(t *testing.T) { runtime: constants.DriverDocker, pipeline: "testdata/build/secrets/basic.yml", }, + { + name: "kubernetes-basic secrets pipeline", + failure: false, + runtime: constants.DriverKubernetes, + pipeline: "testdata/build/secrets/basic.yml", + }, { name: "docker-pipeline with secret name not found", failure: true, runtime: constants.DriverDocker, pipeline: "testdata/build/secrets/name_notfound.yml", }, + //{ + // name: "kubernetes-pipeline with secret name not found", + // failure: true, // FIXME: make Kubernetes mock simulate failure similar to Docker mock + // runtime: constants.DriverKubernetes, + // pipeline: "testdata/build/secrets/name_notfound.yml", + //}, } // run tests