github.com/verrazzano/verrazzano@v1.7.1/tools/vz/pkg/internal/util/cluster/certificates_test.go (about) 1 // Copyright (c) 2023, 2024, Oracle and/or its affiliates. 2 // Licensed under the Universal Permissive License v 1.0 as shown at https://oss.oracle.com/licenses/upl. 3 package cluster 4 5 import ( 6 "testing" 7 8 "github.com/stretchr/testify/assert" 9 "github.com/verrazzano/verrazzano/tools/vz/pkg/internal/util/log" 10 "github.com/verrazzano/verrazzano/tools/vz/pkg/internal/util/report" 11 ) 12 13 // TestAnalyzeCertificateIssues tests whether an error does not occur if a valid input is provided and if an error occurs if a valid input is provided 14 // GIVEN a call to analyze certificate related issues in a cluster-snapshot 15 // WHEN a valid input or an invalid input is provided 16 // THEN an error is invoked when an invalid input is provided and invoked when a valid input is provided 17 func TestAnalyzeCertificateIssues(t *testing.T) { 18 report.ClearReports() 19 logger := log.GetDebugEnabledLogger() 20 assert.NoError(t, AnalyzeCertificateRelatedIssues(logger, "../../test/cluster/testCertificateExpirationIssue/cluster-snapshot")) 21 assert.Error(t, AnalyzeCertificateRelatedIssues(logger, "../../test/cluster/testCertificateExpirationIssueInvalid/cluster-snapshot")) 22 report.ClearReports() 23 24 } 25 26 // TestDetermineIfVZClientIsHangingDueToCerts tests whether the function is able to detect the VZ Client hanging on certificate-related issues 27 // GIVEN a call to see if the VZ Client is currently hanging 28 // WHEN VPO logs indicate that the VZ Client is hanging, or VPO logs do not indicate than the VZ Client is hanging 29 // THEN an appropriate output is provided depending on the VPO logs 30 func TestDetermineIfVZClientIsHangingDueToCerts(t *testing.T) { 31 report.ClearReports() 32 logger := log.GetDebugEnabledLogger() 33 listOfCerts, err := determineIfVZClientIsHangingDueToCerts(logger, "../../test/cluster/testCLIHangingIssue/cluster-snapshot") 34 assert.Equal(t, err, nil) 35 assert.Greater(t, len(listOfCerts), 0) 36 listOfCerts, err = determineIfVZClientIsHangingDueToCerts(logger, "../../test/cluster/testCertificateExpirationIssue/cluster-snapshot") 37 assert.Equal(t, err, nil) 38 assert.Equal(t, len(listOfCerts), 0) 39 } 40 41 // TestGetLatestCondition tests whether the certificate condition receives the latest condition and if the function ignores conditions if they do not have a timestamp 42 // GIVEN a call to analyze a cluster-snapshot and report if issues with certificates exist 43 // WHEN a condition in a certificate's conditionlist does not have a timestamp 44 // THEN it is ignored 45 func TestGetLatestCondition(t *testing.T) { 46 report.ClearReports() 47 logger := log.GetDebugEnabledLogger() 48 // In this example, two certificates have generic issues, but only one of the certificates has a condition time associated with its condition that reports this 49 err := AnalyzeCertificateRelatedIssues(logger, "../../test/cluster/testLatestCondition/cluster-snapshot") 50 assert.Nil(t, err) 51 reportedIssues := report.GetAllSourcesFilteredIssues(logger, true, 0, 0) 52 assert.NotNil(t, reportedIssues) 53 assert.True(t, len(reportedIssues) > 0) 54 problemsFound := 0 55 for _, issue := range reportedIssues { 56 if issue.Type == report.CertificateExperiencingIssuesInCluster { 57 problemsFound++ 58 } 59 } 60 assert.True(t, problemsFound == 1) 61 } 62 63 // TestNoIssuesFoundInCertificates tests that no issues are reported when a cluster-snapshot with no certificate issues is given to the function 64 // GIVEN a call to analyze cluster-snapshots 65 // WHEN these cluster-snapshots either have no certificate issues or a cluster-snapshot that does not possess any certificates.json files 66 // THEN no issues should be reported and no errors should be raised 67 func TestNoIssuesFoundInCertificates(t *testing.T) { 68 report.ClearReports() 69 logger := log.GetDebugEnabledLogger() 70 err := AnalyzeCertificateRelatedIssues(logger, "../../test/cluster/testValidCertificates/cluster-snapshot") 71 assert.Nil(t, err) 72 err = AnalyzeCertificateRelatedIssues(logger, "../../test/cluster/testNoCertificates/cluster-snapshot") 73 assert.Nil(t, err) 74 reportedIssues := report.GetAllSourcesFilteredIssues(logger, true, 0, 0) 75 assert.Nil(t, reportedIssues) 76 assert.True(t, len(reportedIssues) == 0) 77 } 78 79 // TestCertificatesAreNotGrantedReturnsNoError tests that an issue is reported when a cluster-snapshot has certificates that are waiting to be issued 80 // GIVEN a call to analyze a cluster-snapshot 81 // WHEN the cluster snapshot has certificates that are hanging/not yet granted 82 // Then a generic certificate issue should be reported and no errors should be raised 83 func TestCertificatesAreNotGrantedReturnsNoError(t *testing.T) { 84 report.ClearReports() 85 logger := log.GetDebugEnabledLogger() 86 err := AnalyzeCertificateRelatedIssues(logger, "../../test/cluster/testCertificatesNotGranted/cluster-snapshot") 87 assert.Nil(t, err) 88 reportedIssues := report.GetAllSourcesFilteredIssues(logger, true, 0, 0) 89 assert.True(t, len(reportedIssues) == 1) 90 } 91 92 func TestCaCertInfoFileWithNoIssueReturnsNoError(t *testing.T) { 93 report.ClearReports() 94 logger := log.GetDebugEnabledLogger() 95 err := AnalyzeCertificateRelatedIssues(logger, "../../test/cluster/testCaCertsNotExpired/cluster-snapshot") 96 assert.Nil(t, err) 97 reportedIssues := report.GetAllSourcesFilteredIssues(logger, true, 0, 0) 98 assert.True(t, len(reportedIssues) == 0) 99 } 100 101 func TestCaCertInfoFileWithExpirationReportsAnIssue(t *testing.T) { 102 report.ClearReports() 103 logger := log.GetDebugEnabledLogger() 104 err := AnalyzeCertificateRelatedIssues(logger, "../../test/cluster/testCaCertsExpired/cluster-snapshot") 105 assert.Nil(t, err) 106 reportedIssues := report.GetAllSourcesFilteredIssues(logger, true, 0, 0) 107 assert.True(t, len(reportedIssues) == 1) 108 }