github.com/olli-ai/jx/v2@v2.0.400-0.20210921045218-14731b4dd448/pkg/kube/serviceaccount/serviceaccounts_integration_test.go (about) 1 // +build integration 2 3 package serviceaccount_test 4 5 import ( 6 "fmt" 7 "io/ioutil" 8 "strings" 9 "testing" 10 "time" 11 12 "github.com/olli-ai/jx/v2/pkg/kube/serviceaccount" 13 "github.com/olli-ai/jx/v2/pkg/util" 14 "github.com/pkg/errors" 15 v1 "k8s.io/kubernetes/staging/src/k8s.io/api/core/v1" 16 17 "github.com/Pallinder/go-randomdata" 18 19 "github.com/jenkins-x/jx-logging/pkg/log" 20 "github.com/olli-ai/jx/v2/pkg/cmd/clients" 21 "github.com/olli-ai/jx/v2/pkg/cmd/testhelpers" 22 . "github.com/onsi/ginkgo" 23 . "github.com/onsi/gomega" 24 core_v1 "k8s.io/api/core/v1" 25 meta_v1 "k8s.io/apimachinery/pkg/apis/meta/v1" 26 "k8s.io/client-go/kubernetes" 27 ) 28 29 func TestServiceAccounts(t *testing.T) { 30 RegisterFailHandler(Fail) 31 RunSpecs(t, "ServiceAccounts Suite") 32 } 33 34 var _ = Describe("ServiceAccounts methods", func() { 35 var ( 36 originalJxHome string 37 testJxHome string 38 39 originalKubeCfg string 40 testKubeConfig string 41 42 testNamespace string 43 44 factory clients.Factory 45 kubeClient kubernetes.Interface 46 47 testServiceAccountName = "service-account-integration-test-sa" 48 49 err error 50 ) 51 52 BeforeSuite(func() { 53 By("Setting up test logging") 54 // comment out to see logging output 55 log.SetOutput(ioutil.Discard) 56 _ = log.SetLevel("debug") 57 58 By("Setting test specific JX_HOME") 59 originalJxHome, testJxHome, err = testhelpers.CreateTestJxHomeDir() 60 log.Logger().Debugf("JX_HOME: %s", testJxHome) 61 Expect(err).To(BeNil()) 62 63 By("Setting test specific KUBECONFIG") 64 originalKubeCfg, testKubeConfig, err = testhelpers.CreateTestKubeConfigDir() 65 log.Logger().Debugf("KUBECONFIG: %s", testKubeConfig) 66 Expect(err).To(BeNil()) 67 68 By("Creating client factory") 69 factory = clients.NewFactory() 70 Expect(factory).NotTo(BeNil()) 71 72 By("Creating Kube client") 73 kubeClient, _, err = factory.CreateKubeClient() 74 75 By("Creating test namespace") 76 testNamespace = strings.ToLower(randomdata.SillyName()) 77 namespace := core_v1.Namespace{ 78 ObjectMeta: meta_v1.ObjectMeta{ 79 Name: testNamespace, 80 }, 81 } 82 83 _, err = kubeClient.CoreV1().Namespaces().Create(&namespace) 84 Expect(err).To(BeNil()) 85 log.Logger().Debugf("Test namespace '%s' created", testNamespace) 86 87 By("Creating test service account") 88 sa := &core_v1.ServiceAccount{ 89 ObjectMeta: meta_v1.ObjectMeta{ 90 Name: testServiceAccountName, 91 Namespace: testNamespace, 92 }, 93 } 94 sa, err = kubeClient.CoreV1().ServiceAccounts(testNamespace).Create(sa) 95 Expect(err).To(BeNil()) 96 log.Logger().Debugf("Test service account '%s' created", sa.Name) 97 98 err = util.Retry(60*time.Second, func() error { 99 secretList, err := kubeClient.CoreV1().Secrets(testNamespace).List(meta_v1.ListOptions{}) 100 if err != nil { 101 return err 102 } 103 for _, secret := range secretList.Items { 104 annotations := secret.ObjectMeta.Annotations 105 for k, v := range annotations { 106 if k == v1.ServiceAccountNameKey && v == testServiceAccountName { 107 return nil 108 } 109 } 110 } 111 return errors.New("unable to find secret") 112 }) 113 Expect(err).To(BeNil()) 114 }) 115 116 AfterSuite(func() { 117 By("Deleting test service account") 118 err = kubeClient.CoreV1().ServiceAccounts(testNamespace).Delete(testServiceAccountName, &meta_v1.DeleteOptions{}) 119 Expect(err).To(BeNil()) 120 121 By("Deleting test namespace") 122 err = kubeClient.CoreV1().Namespaces().Delete(testNamespace, &meta_v1.DeleteOptions{}) 123 Expect(err).To(BeNil()) 124 125 By("Resetting JX_HOME") 126 err = testhelpers.CleanupTestJxHomeDir(originalJxHome, testJxHome) 127 Expect(err).To(BeNil()) 128 129 By("Resetting KUBECONFIG") 130 err = testhelpers.CleanupTestKubeConfigDir(originalKubeCfg, testKubeConfig) 131 Expect(err).To(BeNil()) 132 }) 133 134 Describe("#GetServiceAccountToken", func() { 135 It("succeeds with valid service account", func() { 136 jwt, err := serviceaccount.GetServiceAccountToken(kubeClient, testNamespace, testServiceAccountName) 137 Expect(err).To(BeNil()) 138 Expect(jwt).NotTo(BeEmpty()) 139 }) 140 141 It("fails with unknown service account", func() { 142 ca, err := serviceaccount.GetServiceAccountToken(kubeClient, testNamespace, "fubar") 143 Expect(err).ToNot(BeNil()) 144 Expect(err.Error()).To(Equal(fmt.Sprintf("no token found for service account fubar in namespace %s", testNamespace))) 145 Expect(ca).To(BeEmpty()) 146 }) 147 }) 148 149 Describe("#GetServiceAccountCert", func() { 150 It("succeeds with valid service account", func() { 151 ca, err := serviceaccount.GetServiceAccountCert(kubeClient, testNamespace, testServiceAccountName) 152 Expect(err).To(BeNil()) 153 Expect(ca).NotTo(BeEmpty()) 154 lines := strings.Split(ca, "\n") 155 Expect(lines[0]).To(HavePrefix("-----BEGIN CERTIFICATE-----")) 156 Expect(lines[len(lines)-2]).To(HaveSuffix("-----END CERTIFICATE-----")) 157 Expect(lines[len(lines)-1]).To(BeEmpty()) 158 }) 159 160 It("fails with unknown service account", func() { 161 ca, err := serviceaccount.GetServiceAccountCert(kubeClient, testNamespace, "fubar") 162 Expect(err).ToNot(BeNil()) 163 Expect(err.Error()).To(Equal(fmt.Sprintf("no ca.crt found for service account fubar in namespace %s", testNamespace))) 164 Expect(ca).To(BeEmpty()) 165 }) 166 }) 167 })