debian-mirror-gitlab/spec/models/project_services/kubernetes_service_spec.rb

397 lines
12 KiB
Ruby
Raw Normal View History

2019-07-07 11:18:12 +05:30
# frozen_string_literal: true
2017-08-17 22:00:37 +05:30
require 'spec_helper'
2017-09-10 17:25:29 +05:30
describe KubernetesService, :use_clean_rails_memory_store_caching do
2017-08-17 22:00:37 +05:30
include KubernetesHelpers
include ReactiveCachingHelpers
2018-03-17 18:26:18 +05:30
let(:project) { create(:kubernetes_project) }
let(:service) { project.deployment_platform }
2017-08-17 22:00:37 +05:30
2018-03-17 18:26:18 +05:30
describe 'Associations' do
2017-08-17 22:00:37 +05:30
it { is_expected.to belong_to :project }
end
describe 'Validations' do
context 'when service is active' do
2017-09-10 17:25:29 +05:30
before do
subject.active = true
2019-09-04 21:01:54 +05:30
subject.skip_deprecation_validation = true
2017-09-10 17:25:29 +05:30
end
2017-08-17 22:00:37 +05:30
it { is_expected.not_to validate_presence_of(:namespace) }
it { is_expected.to validate_presence_of(:api_url) }
it { is_expected.to validate_presence_of(:token) }
context 'namespace format' do
before do
subject.project = project
subject.api_url = "http://example.com"
subject.token = "test"
end
{
'foo' => true,
'1foo' => true,
'foo1' => true,
'foo-bar' => true,
'-foo' => false,
'foo-' => false,
'a' * 63 => true,
'a' * 64 => false,
'a.b' => false,
2018-03-17 18:26:18 +05:30
'a*b' => false,
'FOO' => true
2017-08-17 22:00:37 +05:30
}.each do |namespace, validity|
it "validates #{namespace} as #{validity ? 'valid' : 'invalid'}" do
subject.namespace = namespace
expect(subject.valid?).to eq(validity)
end
end
end
end
context 'when service is inactive' do
2017-09-10 17:25:29 +05:30
before do
2018-03-17 18:26:18 +05:30
subject.project = project
2017-09-10 17:25:29 +05:30
subject.active = false
end
2017-08-17 22:00:37 +05:30
it { is_expected.not_to validate_presence_of(:api_url) }
it { is_expected.not_to validate_presence_of(:token) }
end
2018-03-17 18:26:18 +05:30
context 'with a deprecated service' do
let(:kubernetes_service) { create(:kubernetes_service) }
before do
kubernetes_service.update_attribute(:active, false)
2019-09-04 21:01:54 +05:30
kubernetes_service.skip_deprecation_validation = false
2018-11-08 19:23:39 +05:30
kubernetes_service.properties['namespace'] = "foo"
2018-03-17 18:26:18 +05:30
end
2019-07-07 11:18:12 +05:30
it 'does not update attributes' do
2018-03-17 18:26:18 +05:30
expect(kubernetes_service.save).to be_falsy
end
2019-07-07 11:18:12 +05:30
it 'includes an error with a deprecation message' do
2018-03-17 18:26:18 +05:30
kubernetes_service.valid?
expect(kubernetes_service.errors[:base].first).to match(/Kubernetes service integration has been deprecated/)
end
end
context 'with an active and deprecated service' do
let(:kubernetes_service) { create(:kubernetes_service) }
before do
2019-09-04 21:01:54 +05:30
kubernetes_service.skip_deprecation_validation = false
2018-03-17 18:26:18 +05:30
kubernetes_service.active = false
2018-11-08 19:23:39 +05:30
kubernetes_service.properties['namespace'] = 'foo'
2018-03-17 18:26:18 +05:30
kubernetes_service.save
end
2019-07-07 11:18:12 +05:30
it 'deactivates the service' do
2018-03-17 18:26:18 +05:30
expect(kubernetes_service.active?).to be_falsy
end
2019-07-07 11:18:12 +05:30
it 'does not include a deprecation message as error' do
2018-03-17 18:26:18 +05:30
expect(kubernetes_service.errors.messages.count).to eq(0)
end
2019-07-07 11:18:12 +05:30
it 'updates attributes' do
2018-11-08 19:23:39 +05:30
expect(kubernetes_service.properties['namespace']).to eq("foo")
2018-03-17 18:26:18 +05:30
end
end
2017-08-17 22:00:37 +05:30
end
describe '#initialize_properties' do
context 'without a project' do
it 'leaves the namespace unset' do
expect(described_class.new.namespace).to be_nil
end
end
end
describe '#fields' do
let(:kube_namespace) do
subject.fields.find { |h| h[:name] == 'namespace' }
end
context 'as template' do
2017-09-10 17:25:29 +05:30
before do
subject.template = true
end
2017-08-17 22:00:37 +05:30
it 'sets the namespace to the default' do
expect(kube_namespace).not_to be_nil
expect(kube_namespace[:placeholder]).to eq(subject.class::TEMPLATE_PLACEHOLDER)
end
end
context 'with associated project' do
2017-09-10 17:25:29 +05:30
before do
subject.project = project
end
2017-08-17 22:00:37 +05:30
it 'sets the namespace to the default' do
expect(kube_namespace).not_to be_nil
2017-09-10 17:25:29 +05:30
expect(kube_namespace[:placeholder]).to match(/\A#{Gitlab::PathRegex::PATH_REGEX_STR}-\d+\z/)
end
end
end
2019-09-04 21:01:54 +05:30
describe '#kubernetes_namespace_for' do
subject { service.kubernetes_namespace_for(project) }
2017-09-10 17:25:29 +05:30
2018-03-17 18:26:18 +05:30
shared_examples 'a correctly formatted namespace' do
it 'returns a valid Kubernetes namespace name' do
expect(subject).to match(Gitlab::Regex.kubernetes_namespace_regex)
expect(subject).to eq(expected_namespace)
2017-09-10 17:25:29 +05:30
end
2018-03-17 18:26:18 +05:30
end
2017-09-10 17:25:29 +05:30
2018-03-17 18:26:18 +05:30
it_behaves_like 'a correctly formatted namespace' do
let(:expected_namespace) { service.send(:default_namespace) }
2017-09-10 17:25:29 +05:30
end
2018-03-17 18:26:18 +05:30
context 'when the project path contains forbidden characters' do
2017-09-10 17:25:29 +05:30
before do
2018-03-17 18:26:18 +05:30
project.path = '-a_Strange.Path--forSure'
2017-09-10 17:25:29 +05:30
end
2018-03-17 18:26:18 +05:30
it_behaves_like 'a correctly formatted namespace' do
let(:expected_namespace) { "a-strange-path--forsure-#{project.id}" }
2017-08-17 22:00:37 +05:30
end
end
2017-09-10 17:25:29 +05:30
2017-08-17 22:00:37 +05:30
context 'when namespace is specified' do
before do
service.namespace = 'my-namespace'
end
2018-03-17 18:26:18 +05:30
it_behaves_like 'a correctly formatted namespace' do
let(:expected_namespace) { 'my-namespace' }
2017-08-17 22:00:37 +05:30
end
end
context 'when service is not assigned to project' do
before do
service.project = nil
end
2018-03-17 18:26:18 +05:30
it 'does not return namespace' do
2017-08-17 22:00:37 +05:30
is_expected.to be_nil
end
end
end
describe '#test' do
2017-09-10 17:25:29 +05:30
let(:discovery_url) { 'https://kubernetes.example.com/api/v1' }
2017-08-17 22:00:37 +05:30
before do
2018-03-17 18:26:18 +05:30
stub_kubeclient_discover(service.api_url)
2017-08-17 22:00:37 +05:30
end
context 'with path prefix in api_url' do
let(:discovery_url) { 'https://kubernetes.example.com/prefix/api/v1' }
it 'tests with the prefix' do
2017-09-10 17:25:29 +05:30
service.api_url = 'https://kubernetes.example.com/prefix'
2018-03-17 18:26:18 +05:30
stub_kubeclient_discover(service.api_url)
2017-08-17 22:00:37 +05:30
expect(service.test[:success]).to be_truthy
expect(WebMock).to have_requested(:get, discovery_url).once
end
end
context 'with custom CA certificate' do
it 'is added to the certificate store' do
service.ca_pem = "CA PEM DATA"
cert = double("certificate")
expect(OpenSSL::X509::Certificate).to receive(:new).with(service.ca_pem).and_return(cert)
expect_any_instance_of(OpenSSL::X509::Store).to receive(:add_cert).with(cert)
expect(service.test[:success]).to be_truthy
expect(WebMock).to have_requested(:get, discovery_url).once
end
end
context 'success' do
it 'reads the discovery endpoint' do
expect(service.test[:success]).to be_truthy
expect(WebMock).to have_requested(:get, discovery_url).once
end
end
context 'failure' do
it 'fails to read the discovery endpoint' do
2017-09-10 17:25:29 +05:30
WebMock.stub_request(:get, service.api_url + '/api/v1').to_return(status: 404)
2017-08-17 22:00:37 +05:30
expect(service.test[:success]).to be_falsy
expect(WebMock).to have_requested(:get, discovery_url).once
end
end
end
2018-12-13 13:39:08 +05:30
describe '#predefined_variable' do
2017-09-10 17:25:29 +05:30
let(:kubeconfig) do
2018-03-17 18:26:18 +05:30
config_file = expand_fixture_path('config/kubeconfig.yml')
config = YAML.load(File.read(config_file))
config.dig('users', 0, 'user')['token'] = 'token'
config.dig('contexts', 0, 'context')['namespace'] = namespace
2017-09-10 17:25:29 +05:30
config.dig('clusters', 0, 'cluster')['certificate-authority-data'] =
2018-03-17 18:26:18 +05:30
Base64.strict_encode64('CA PEM DATA')
2017-09-10 17:25:29 +05:30
YAML.dump(config)
end
2017-08-17 22:00:37 +05:30
before do
subject.api_url = 'https://kube.domain.com'
subject.token = 'token'
subject.ca_pem = 'CA PEM DATA'
subject.project = project
end
2017-09-10 17:25:29 +05:30
shared_examples 'setting variables' do
2017-08-17 22:00:37 +05:30
it 'sets the variables' do
2018-12-13 13:39:08 +05:30
expect(subject.predefined_variables(project: project)).to include(
2017-08-17 22:00:37 +05:30
{ key: 'KUBE_URL', value: 'https://kube.domain.com', public: true },
2019-07-07 11:18:12 +05:30
{ key: 'KUBE_TOKEN', value: 'token', public: false, masked: true },
2017-09-10 17:25:29 +05:30
{ key: 'KUBE_NAMESPACE', value: namespace, public: true },
{ key: 'KUBECONFIG', value: kubeconfig, public: false, file: true },
2017-08-17 22:00:37 +05:30
{ key: 'KUBE_CA_PEM', value: 'CA PEM DATA', public: true },
2017-09-10 17:25:29 +05:30
{ key: 'KUBE_CA_PEM_FILE', value: 'CA PEM DATA', public: true, file: true }
2017-08-17 22:00:37 +05:30
)
end
end
2017-09-10 17:25:29 +05:30
context 'namespace is provided' do
let(:namespace) { 'my-project' }
before do
subject.namespace = namespace
2017-08-17 22:00:37 +05:30
end
2017-09-10 17:25:29 +05:30
it_behaves_like 'setting variables'
end
context 'no namespace provided' do
2019-09-04 21:01:54 +05:30
let(:namespace) { subject.kubernetes_namespace_for(project) }
2017-09-10 17:25:29 +05:30
it_behaves_like 'setting variables'
2017-08-17 22:00:37 +05:30
it 'sets the KUBE_NAMESPACE' do
2018-12-13 13:39:08 +05:30
kube_namespace = subject.predefined_variables(project: project).find { |h| h[:key] == 'KUBE_NAMESPACE' }
2017-08-17 22:00:37 +05:30
expect(kube_namespace).not_to be_nil
2017-09-10 17:25:29 +05:30
expect(kube_namespace[:value]).to match(/\A#{Gitlab::PathRegex::PATH_REGEX_STR}-\d+\z/)
2017-08-17 22:00:37 +05:30
end
end
end
describe '#terminals' do
let(:environment) { build(:environment, project: project, name: "env", slug: "env-000000") }
subject { service.terminals(environment) }
context 'with invalid pods' do
it 'returns no terminals' do
stub_reactive_cache(service, pods: [{ "bad" => "pod" }])
is_expected.to be_empty
end
end
context 'with valid pods' do
2019-09-04 21:01:54 +05:30
let(:pod) { kube_pod(environment_slug: environment.slug, namespace: service.kubernetes_namespace_for(project), project_slug: project.full_path_slug) }
2019-07-07 11:18:12 +05:30
let(:pod_with_no_terminal) { kube_pod(environment_slug: environment.slug, project_slug: project.full_path_slug, status: "Pending") }
2017-08-17 22:00:37 +05:30
let(:terminals) { kube_terminals(service, pod) }
before do
stub_reactive_cache(
service,
2019-07-07 11:18:12 +05:30
pods: [pod, pod, pod_with_no_terminal, kube_pod(environment_slug: "should-be-filtered-out")]
2017-08-17 22:00:37 +05:30
)
end
it 'returns terminals' do
is_expected.to eq(terminals + terminals)
end
it 'uses max session time from settings' do
stub_application_setting(terminal_max_session_time: 600)
times = subject.map { |terminal| terminal[:max_session_time] }
expect(times).to eq [600, 600, 600, 600]
end
end
end
describe '#calculate_reactive_cache' do
subject { service.calculate_reactive_cache }
2019-09-04 21:01:54 +05:30
let(:namespace) { service.kubernetes_namespace_for(project) }
2017-08-17 22:00:37 +05:30
context 'when service is inactive' do
2017-09-10 17:25:29 +05:30
before do
service.active = false
end
2017-08-17 22:00:37 +05:30
it { is_expected.to be_nil }
end
context 'when kubernetes responds with valid pods' do
2017-09-10 17:25:29 +05:30
before do
2019-09-04 21:01:54 +05:30
stub_kubeclient_pods(namespace)
stub_kubeclient_deployments(namespace) # Used by EE
2017-09-10 17:25:29 +05:30
end
2019-07-07 11:18:12 +05:30
it { is_expected.to include(pods: [kube_pod]) }
2017-08-17 22:00:37 +05:30
end
2017-09-10 17:25:29 +05:30
context 'when kubernetes responds with 500s' do
before do
2019-09-04 21:01:54 +05:30
stub_kubeclient_pods(namespace, status: 500)
stub_kubeclient_deployments(namespace, status: 500) # Used by EE
2017-09-10 17:25:29 +05:30
end
2017-08-17 22:00:37 +05:30
2018-05-09 12:01:36 +05:30
it { expect { subject }.to raise_error(Kubeclient::HttpError) }
2017-08-17 22:00:37 +05:30
end
2017-09-10 17:25:29 +05:30
context 'when kubernetes responds with 404s' do
before do
2019-09-04 21:01:54 +05:30
stub_kubeclient_pods(namespace, status: 404)
stub_kubeclient_deployments(namespace, status: 404) # Used by EE
2017-09-10 17:25:29 +05:30
end
2017-08-17 22:00:37 +05:30
2019-07-07 11:18:12 +05:30
it { is_expected.to include(pods: []) }
2017-08-17 22:00:37 +05:30
end
end
2018-03-17 18:26:18 +05:30
describe "#deprecated?" do
let(:kubernetes_service) { create(:kubernetes_service) }
2019-09-04 21:01:54 +05:30
it 'returns true' do
expect(kubernetes_service.deprecated?).to be_truthy
2018-03-17 18:26:18 +05:30
end
end
describe "#deprecation_message" do
let(:kubernetes_service) { create(:kubernetes_service) }
2019-07-07 11:18:12 +05:30
it 'indicates the service is deprecated' do
2018-03-17 18:26:18 +05:30
expect(kubernetes_service.deprecation_message).to match(/Kubernetes service integration has been deprecated/)
end
context 'if the service is not active' do
2019-07-07 11:18:12 +05:30
it 'returns a message' do
2018-03-17 18:26:18 +05:30
kubernetes_service.update_attribute(:active, false)
expect(kubernetes_service.deprecation_message).to match(/Fields on this page are now uneditable/)
end
end
end
2017-08-17 22:00:37 +05:30
end