github.com/oam-dev/kubevela@v1.9.11/pkg/webhook/core.oam.dev/v1beta1/policydefinition/validating_handler_test.go

github.com/oam-dev/kubevela@v1.9.11/pkg/webhook/core.oam.dev/v1beta1/policydefinition/validating_handler_test.go (about)

     1  /*
     2  Copyright 2021. The KubeVela Authors.
     3  
     4  Licensed under the Apache License, Version 2.0 (the "License");
     5  you may not use this file except in compliance with the License.
     6  You may obtain a copy of the License at
     7  
     8  	http://www.apache.org/licenses/LICENSE-2.0
     9  
    10  Unless required by applicable law or agreed to in writing, software
    11  distributed under the License is distributed on an "AS IS" BASIS,
    12  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    13  See the License for the specific language governing permissions and
    14  limitations under the License.
    15  */
    16  
    17  package policydefinition
    18  
    19  import (
    20  	"context"
    21  	"encoding/json"
    22  	"testing"
    23  
    24  	"github.com/oam-dev/kubevela/apis/core.oam.dev/common"
    25  	"github.com/oam-dev/kubevela/apis/core.oam.dev/v1beta1"
    26  
    27  	. "github.com/onsi/ginkgo/v2"
    28  	. "github.com/onsi/gomega"
    29  	admissionv1 "k8s.io/api/admission/v1"
    30  	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
    31  	"k8s.io/apimachinery/pkg/runtime"
    32  	"sigs.k8s.io/controller-runtime/pkg/webhook/admission"
    33  )
    34  
    35  var handler ValidatingHandler
    36  var req admission.Request
    37  var reqResource metav1.GroupVersionResource
    38  var decoder *admission.Decoder
    39  var pd v1beta1.PolicyDefinition
    40  var pdRaw []byte
    41  var scheme = runtime.NewScheme()
    42  var validCueTemplate string
    43  var inValidCueTemplate string
    44  
    45  func TestPolicydefinition(t *testing.T) {
    46  	RegisterFailHandler(Fail)
    47  	RunSpecs(t, "Policydefinition Suite")
    48  }
    49  
    50  var _ = BeforeSuite(func() {
    51  
    52  	validCueTemplate = "{hello: 'world'}"
    53  	inValidCueTemplate = "{hello: world}"
    54  
    55  	pd = v1beta1.PolicyDefinition{}
    56  	pd.SetGroupVersionKind(v1beta1.PolicyDefinitionGroupVersionKind)
    57  
    58  	var err error
    59  	decoder, err = admission.NewDecoder(scheme)
    60  	Expect(err).Should(BeNil())
    61  })
    62  
    63  var _ = Describe("Test PolicyDefinition validating handler", func() {
    64  	BeforeEach(func() {
    65  		reqResource = metav1.GroupVersionResource{
    66  			Group:    v1beta1.Group,
    67  			Version:  v1beta1.Version,
    68  			Resource: "policydefinitions"}
    69  		handler = ValidatingHandler{}
    70  		handler.InjectDecoder(decoder)
    71  	})
    72  
    73  	It("Test wrong resource of admission request", func() {
    74  		wrongReqResource := metav1.GroupVersionResource{
    75  			Group:    v1beta1.Group,
    76  			Version:  v1beta1.Version,
    77  			Resource: "foos"}
    78  		req = admission.Request{
    79  			AdmissionRequest: admissionv1.AdmissionRequest{
    80  				Operation: admissionv1.Create,
    81  				Resource:  wrongReqResource,
    82  				Object:    runtime.RawExtension{Raw: []byte("")},
    83  			},
    84  		}
    85  		resp := handler.Handle(context.TODO(), req)
    86  		Expect(resp.Allowed).Should(BeFalse())
    87  	})
    88  
    89  	It("Test bad admission request", func() {
    90  		req = admission.Request{
    91  			AdmissionRequest: admissionv1.AdmissionRequest{
    92  				Operation: admissionv1.Create,
    93  				Resource:  reqResource,
    94  				Object:    runtime.RawExtension{Raw: []byte("bad request")},
    95  			},
    96  		}
    97  		resp := handler.Handle(context.TODO(), req)
    98  		Expect(resp.Allowed).Should(BeFalse())
    99  	})
   100  
   101  	Context("Test create/update operation admission request", func() {
   102  		It("Test cue template validation passed", func() {
   103  			pd.Spec = v1beta1.PolicyDefinitionSpec{
   104  				Schematic: &common.Schematic{
   105  					CUE: &common.CUE{
   106  						Template: validCueTemplate,
   107  					},
   108  				},
   109  			}
   110  			pdRaw, _ = json.Marshal(pd)
   111  
   112  			req = admission.Request{
   113  				AdmissionRequest: admissionv1.AdmissionRequest{
   114  					Operation: admissionv1.Create,
   115  					Resource:  reqResource,
   116  					Object:    runtime.RawExtension{Raw: pdRaw},
   117  				},
   118  			}
   119  			resp := handler.Handle(context.TODO(), req)
   120  			Expect(resp.Allowed).Should(BeTrue())
   121  		})
   122  		It("Test cue template validation failed", func() {
   123  			pd.Spec = v1beta1.PolicyDefinitionSpec{
   124  				Schematic: &common.Schematic{
   125  					CUE: &common.CUE{
   126  						Template: inValidCueTemplate,
   127  					},
   128  				},
   129  			}
   130  			pdRaw, _ = json.Marshal(pd)
   131  
   132  			req = admission.Request{
   133  				AdmissionRequest: admissionv1.AdmissionRequest{
   134  					Operation: admissionv1.Create,
   135  					Resource:  reqResource,
   136  					Object:    runtime.RawExtension{Raw: pdRaw},
   137  				},
   138  			}
   139  			resp := handler.Handle(context.TODO(), req)
   140  			Expect(resp.Allowed).Should(BeFalse())
   141  		})
   142  	})
   143  })