github.com/ironcore-dev/gardener-extension-provider-ironcore@v0.3.2-0.20240314231816-8336447fb9a0/pkg/controller/bastion/configvalidator_test.go (about) 1 // SPDX-FileCopyrightText: 2023 SAP SE or an SAP affiliate company and IronCore contributors 2 // SPDX-License-Identifier: Apache-2.0 3 4 package bastion 5 6 import ( 7 "github.com/gardener/gardener/extensions/pkg/controller/bastion" 8 gardencorev1beta1 "github.com/gardener/gardener/pkg/apis/core/v1beta1" 9 gardenerextensionv1alpha1 "github.com/gardener/gardener/pkg/apis/extensions/v1alpha1" 10 "github.com/gardener/gardener/pkg/extensions" 11 . "github.com/gardener/gardener/pkg/utils/test/matchers" 12 . "github.com/onsi/ginkgo/v2" 13 . "github.com/onsi/gomega" 14 gstruct "github.com/onsi/gomega/gstruct" 15 networkingv1 "k8s.io/api/networking/v1" 16 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 17 "sigs.k8s.io/controller-runtime/pkg/log" 18 19 "github.com/ironcore-dev/gardener-extension-provider-ironcore/pkg/ironcore" 20 ) 21 22 var _ = Describe("ConfigValidator", func() { 23 ns := SetupTest() 24 25 var ( 26 configValidator bastion.ConfigValidator 27 cluster *extensions.Cluster 28 ) 29 30 BeforeEach(func() { 31 logger := log.Log.WithName("test") 32 configValidator = NewConfigValidator(k8sClient, logger) 33 }) 34 35 It("should return error for an empty bastion config", func(ctx SpecContext) { 36 errorList := configValidator.Validate(ctx, nil, cluster) 37 Expect(errorList).To(ConsistOfFields(gstruct.Fields{ 38 "Detail": Equal("bastion can not be nil"), 39 })) 40 }) 41 42 It("should return error for an empty bastion userdata", func(ctx SpecContext) { 43 bastion := &gardenerextensionv1alpha1.Bastion{ 44 ObjectMeta: metav1.ObjectMeta{ 45 Namespace: ns.Name, 46 Name: "bastion", 47 }, 48 Spec: gardenerextensionv1alpha1.BastionSpec{ 49 UserData: []byte{}, 50 }, 51 } 52 errorList := configValidator.Validate(ctx, bastion, cluster) 53 Expect(errorList).To(ConsistOfFields(gstruct.Fields{ 54 "Detail": Equal("bastion spec userdata can not be empty"), 55 })) 56 }) 57 58 It("should return error for an empty bastion CIDR", func(ctx SpecContext) { 59 bastion := &gardenerextensionv1alpha1.Bastion{ 60 ObjectMeta: metav1.ObjectMeta{ 61 Namespace: ns.Name, 62 Name: "bastion", 63 }, 64 Spec: gardenerextensionv1alpha1.BastionSpec{ 65 UserData: []byte("foo"), 66 Ingress: []gardenerextensionv1alpha1.BastionIngressPolicy{{ 67 IPBlock: networkingv1.IPBlock{ 68 CIDR: "", 69 }}, 70 }, 71 }, 72 } 73 errorList := configValidator.Validate(ctx, bastion, cluster) 74 Expect(errorList).To(ConsistOfFields(gstruct.Fields{ 75 "Detail": Equal("bastion spec Ingress CIDR can not be empty"), 76 })) 77 }) 78 79 It("should return error for an invalid bastion spec CIDR", func(ctx SpecContext) { 80 bastion := &gardenerextensionv1alpha1.Bastion{ 81 ObjectMeta: metav1.ObjectMeta{ 82 Namespace: ns.Name, 83 Name: "bastion", 84 }, 85 86 Spec: gardenerextensionv1alpha1.BastionSpec{ 87 DefaultSpec: gardenerextensionv1alpha1.DefaultSpec{ 88 Type: ironcore.Type, 89 }, 90 UserData: []byte("abcd"), 91 Ingress: []gardenerextensionv1alpha1.BastionIngressPolicy{{ 92 IPBlock: networkingv1.IPBlock{ 93 CIDR: "213.69.151.260/24", 94 }}, 95 }, 96 }, 97 } 98 errorList := configValidator.Validate(ctx, bastion, cluster) 99 Expect(errorList).To(ConsistOfFields(gstruct.Fields{ 100 "Detail": Equal("invalid bastion spec Ingress CIDR: invalid CIDR address: 213.69.151.260/24"), 101 })) 102 }) 103 104 It("should return error for an empty cluster", func(ctx SpecContext) { 105 bastion := &gardenerextensionv1alpha1.Bastion{ 106 ObjectMeta: metav1.ObjectMeta{ 107 Namespace: ns.Name, 108 Name: "bastion", 109 }, 110 111 Spec: gardenerextensionv1alpha1.BastionSpec{ 112 DefaultSpec: gardenerextensionv1alpha1.DefaultSpec{ 113 Type: ironcore.Type, 114 }, 115 UserData: []byte("abcd"), 116 Ingress: []gardenerextensionv1alpha1.BastionIngressPolicy{{ 117 IPBlock: networkingv1.IPBlock{ 118 CIDR: "213.69.151.246/24", 119 }}, 120 }, 121 }, 122 } 123 errorList := configValidator.Validate(ctx, bastion, nil) 124 Expect(errorList).To(ConsistOfFields(gstruct.Fields{ 125 "Detail": Equal("cluster can not be nil"), 126 })) 127 }) 128 129 It("should return error for an empty cluster shoot", func(ctx SpecContext) { 130 bastion := &gardenerextensionv1alpha1.Bastion{ 131 ObjectMeta: metav1.ObjectMeta{ 132 Namespace: ns.Name, 133 Name: "bastion", 134 }, 135 136 Spec: gardenerextensionv1alpha1.BastionSpec{ 137 DefaultSpec: gardenerextensionv1alpha1.DefaultSpec{ 138 Type: ironcore.Type, 139 }, 140 UserData: []byte("abcd"), 141 Ingress: []gardenerextensionv1alpha1.BastionIngressPolicy{{ 142 IPBlock: networkingv1.IPBlock{ 143 CIDR: "213.69.151.246/24", 144 }}, 145 }, 146 }, 147 } 148 149 cluster := &extensions.Cluster{ 150 ObjectMeta: metav1.ObjectMeta{ 151 Name: "testns", 152 }, 153 CloudProfile: &gardencorev1beta1.CloudProfile{}, 154 Shoot: nil, 155 } 156 errorList := configValidator.Validate(ctx, bastion, cluster) 157 Expect(errorList).To(ConsistOfFields(gstruct.Fields{ 158 "Detail": Equal("cluster shoot can not be empty"), 159 })) 160 }) 161 })