github.com/castai/kvisor@v1.7.1-0.20240516114728-b3572a2607b5/cmd/linter/kubebench/kubernetes_version_test.go (about) 1 package kubebench 2 3 import ( 4 "crypto/tls" 5 "fmt" 6 "io/ioutil" 7 "net/http" 8 "net/http/httptest" 9 "os" 10 "strconv" 11 "testing" 12 ) 13 14 func TestLoadCertificate(t *testing.T) { 15 tmp, err := ioutil.TempDir("", "TestFakeLoadCertificate") 16 if err != nil { 17 t.Fatalf("unable to create temp directory: %v", err) 18 } 19 defer os.RemoveAll(tmp) 20 21 goodCertFile, _ := ioutil.TempFile(tmp, "good-cert-*") 22 _, _ = goodCertFile.Write([]byte(`-----BEGIN CERTIFICATE----- 23 MIICyDCCAbCgAwIBAgIBADANBgkqhkiG9w0BAQsFADAVMRMwEQYDVQQDEwprdWJl 24 cm5ldGVzMB4XDTE5MTEwODAxNDAwMFoXDTI5MTEwNTAxNDAwMFowFTETMBEGA1UE 25 AxMKa3ViZXJuZXRlczCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMn6 26 wjvhMc9e0MDwpQNhp8SPxmv1DsYJ4Btp1GeScIgKKDwppuoOmVizLiMNdV5+70yI 27 MgNfm/gwFRNDOtN3R7msfZDD5Dd1vI6qRTP21DFOGVdysFdwqJTs0nGcmfvZEOtw 28 9cjcsXrBi2Mg54v+X/pq2w51xajCGBt2+bpxJJ3WBiWqKYv0RQdNL0WZGm+V9BuP 29 pHRWPBeLxuCzt5K3Gx+1QDy8o6Y4sSRPssWC4RhD9Hs5/9eeGRyZslLs+AuqdDLQ 30 aziiSjHVtgCfRXE9nYVxaDIwTFuh+Q1IvtB36NRLyX47oya+BbX3PoCtSjA36RBb 31 tcJfulr3oNHnb2ZlfcUCAwEAAaMjMCEwDgYDVR0PAQH/BAQDAgKkMA8GA1UdEwEB 32 /wQFMAMBAf8wDQYJKoZIhvcNAQELBQADggEBAAeQDkbM6DilLkIVQDyxauETgJDV 33 2AaVzYaAgDApQGAoYV6WIY7Exk4TlmLeKQjWt2s/GtthQWuzUDKTcEvWcG6gNdXk 34 gzuCRRDMGu25NtG3m67w4e2RzW8Z/lzvbfyJZGoV2c6dN+yP9/Pw2MXlrnMWugd1 35 jLv3UYZRHMpuNS8BJU74BuVzVPHd55RAl+bV8yemdZJ7pPzMvGbZ7zRXWODTDlge 36 CQb9lY+jYErisH8Sq7uABFPvi7RaTh8SS7V7OxqHZvmttNTdZs4TIkk45JK7Y+Xq 37 FAjB57z2NcIgJuVpQnGRYtr/JcH2Qdsq8bLtXaojUIWOOqoTDRLYozdMOOQ= 38 -----END CERTIFICATE-----`)) 39 badCertFile, _ := ioutil.TempFile(tmp, "bad-cert-*") 40 41 cases := []struct { 42 file string 43 fail bool 44 }{ 45 { 46 file: "missing cert file", 47 fail: true, 48 }, 49 { 50 file: badCertFile.Name(), 51 fail: true, 52 }, 53 { 54 file: goodCertFile.Name(), 55 fail: false, 56 }, 57 } 58 59 for id, c := range cases { 60 t.Run(strconv.Itoa(id), func(t *testing.T) { 61 tlsCert, err := loadCertificate(c.file) 62 if !c.fail { 63 if err != nil { 64 t.Errorf("unexpected error: %v", err) 65 } 66 67 if tlsCert == nil { 68 t.Errorf("missing returned TLS Certificate") 69 } 70 } else { 71 if err == nil { 72 t.Errorf("Expected error") 73 } 74 } 75 }) 76 } 77 } 78 79 func TestGetWebData(t *testing.T) { 80 okfn := func(w http.ResponseWriter, r *http.Request) { 81 _, _ = fmt.Fprintln(w, `{ 82 "major": "1", 83 "minor": "15"}`) 84 } 85 errfn := func(w http.ResponseWriter, r *http.Request) { 86 http.Error(w, http.StatusText(http.StatusInternalServerError), 87 http.StatusInternalServerError) 88 } 89 token := "dummyToken" 90 var tlsCert tls.Certificate 91 92 cases := []struct { 93 fn http.HandlerFunc 94 fail bool 95 }{ 96 { 97 fn: okfn, 98 fail: false, 99 }, 100 { 101 fn: errfn, 102 fail: true, 103 }, 104 } 105 106 for id, c := range cases { 107 t.Run(strconv.Itoa(id), func(t *testing.T) { 108 ts := httptest.NewServer(c.fn) 109 defer ts.Close() 110 data, err := getWebData(ts.URL, token, &tlsCert) 111 if !c.fail { 112 if err != nil { 113 t.Errorf("unexpected error: %v", err) 114 } 115 116 if len(data) == 0 { 117 t.Errorf("missing data") 118 } 119 } else { 120 if err == nil { 121 t.Errorf("Expected error") 122 } 123 } 124 }) 125 } 126 } 127 128 func TestGetWebDataWithRetry(t *testing.T) { 129 okfn := func(w http.ResponseWriter, r *http.Request) { 130 _, _ = fmt.Fprintln(w, `{ 131 "major": "1", 132 "minor": "15"}`) 133 } 134 errfn := func(w http.ResponseWriter, r *http.Request) { 135 http.Error(w, http.StatusText(http.StatusInternalServerError), 136 http.StatusInternalServerError) 137 } 138 token := "dummyToken" 139 var tlsCert tls.Certificate 140 141 cases := []struct { 142 fn http.HandlerFunc 143 fail bool 144 }{ 145 { 146 fn: okfn, 147 fail: false, 148 }, 149 { 150 fn: errfn, 151 fail: true, 152 }, 153 } 154 155 for id, c := range cases { 156 t.Run(strconv.Itoa(id), func(t *testing.T) { 157 ts := httptest.NewServer(c.fn) 158 defer ts.Close() 159 data, err := getWebDataWithRetry(ts.URL, token, &tlsCert) 160 if !c.fail { 161 if err != nil { 162 t.Errorf("unexpected error: %v", err) 163 } 164 165 if len(data) == 0 { 166 t.Errorf("missing data") 167 } 168 } else { 169 if err == nil { 170 t.Errorf("Expected error") 171 } 172 } 173 }) 174 } 175 } 176 177 func TestExtractVersion(t *testing.T) { 178 okJSON := []byte(`{ 179 "major": "1", 180 "minor": "15", 181 "gitVersion": "v1.15.3", 182 "gitCommit": "2d3c76f9091b6bec110a5e63777c332469e0cba2", 183 "gitTreeState": "clean", 184 "buildDate": "2019-08-20T18:57:36Z", 185 "goVersion": "go1.12.9", 186 "compiler": "gc", 187 "platform": "linux/amd64" 188 }`) 189 190 invalidJSON := []byte(`{ 191 "major": "1", 192 "minor": "15", 193 "gitVersion": "v1.15.3", 194 "gitCommit": "2d3c76f9091b6bec110a5e63777c332469e0cba2", 195 "gitTreeState": "clean",`) 196 197 cases := []struct { 198 data []byte 199 fail bool 200 expectedVer string 201 }{ 202 { 203 data: okJSON, 204 fail: false, 205 expectedVer: "1.15", 206 }, 207 { 208 data: invalidJSON, 209 fail: true, 210 }, 211 } 212 213 for id, c := range cases { 214 t.Run(strconv.Itoa(id), func(t *testing.T) { 215 ver, err := extractVersion(c.data) 216 if !c.fail { 217 if err != nil { 218 t.Errorf("unexpected error: %v", err) 219 } 220 if c.expectedVer != ver.BaseVersion() { 221 t.Errorf("Expected %q but Got %q", c.expectedVer, ver) 222 } 223 } else { 224 if err == nil { 225 t.Errorf("Expected error") 226 } 227 } 228 }) 229 } 230 } 231 232 func TestGetKubernetesURL(t *testing.T) { 233 resetEnvs := func() { 234 os.Unsetenv("KUBE_BENCH_K8S_ENV") 235 os.Unsetenv("KUBERNETES_SERVICE_HOST") 236 os.Unsetenv("KUBERNETES_SERVICE_PORT_HTTPS") 237 } 238 239 setEnvs := func() { 240 os.Setenv("KUBE_BENCH_K8S_ENV", "1") 241 os.Setenv("KUBERNETES_SERVICE_HOST", "testHostServer") 242 os.Setenv("KUBERNETES_SERVICE_PORT_HTTPS", "443") 243 } 244 245 cases := []struct { 246 useDefault bool 247 expected string 248 }{ 249 { 250 useDefault: true, 251 expected: "https://kubernetes.default.svc/version", 252 }, 253 { 254 useDefault: false, 255 expected: "https://testHostServer:443/version", 256 }, 257 } 258 for id, c := range cases { 259 t.Run(strconv.Itoa(id), func(t *testing.T) { 260 resetEnvs() 261 defer resetEnvs() 262 if !c.useDefault { 263 setEnvs() 264 } 265 k8sURL := getKubernetesURL() 266 267 if k8sURL != c.expected { 268 t.Errorf("Expected %q but Got %q", k8sURL, c.expected) 269 } 270 }) 271 } 272 }