k8s.io/kubernetes@v1.29.3/pkg/registry/networking/networkpolicy/storage/storage_test.go (about) 1 /* 2 Copyright 2017 The Kubernetes Authors. 3 4 Licensed under the Apache License, Version 2.0 (the "License"); 5 you may not use this file except in compliance with the License. 6 You may obtain a copy of the License at 7 8 http://www.apache.org/licenses/LICENSE-2.0 9 10 Unless required by applicable law or agreed to in writing, software 11 distributed under the License is distributed on an "AS IS" BASIS, 12 WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13 See the License for the specific language governing permissions and 14 limitations under the License. 15 */ 16 17 package storage 18 19 import ( 20 "testing" 21 22 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 23 "k8s.io/apimachinery/pkg/fields" 24 "k8s.io/apimachinery/pkg/labels" 25 "k8s.io/apimachinery/pkg/runtime" 26 "k8s.io/apimachinery/pkg/util/intstr" 27 "k8s.io/apiserver/pkg/registry/generic" 28 genericregistrytest "k8s.io/apiserver/pkg/registry/generic/testing" 29 etcd3testing "k8s.io/apiserver/pkg/storage/etcd3/testing" 30 api "k8s.io/kubernetes/pkg/apis/core" 31 "k8s.io/kubernetes/pkg/apis/networking" 32 _ "k8s.io/kubernetes/pkg/apis/networking/install" 33 "k8s.io/kubernetes/pkg/registry/registrytest" 34 ) 35 36 func newStorage(t *testing.T) (*REST, *etcd3testing.EtcdTestServer) { 37 etcdStorage, server := registrytest.NewEtcdStorage(t, networking.GroupName) 38 restOptions := generic.RESTOptions{ 39 StorageConfig: etcdStorage, 40 Decorator: generic.UndecoratedStorage, 41 DeleteCollectionWorkers: 1, 42 ResourcePrefix: "networkpolicies", 43 } 44 rest, err := NewREST(restOptions) 45 if err != nil { 46 t.Fatalf("unexpected error from REST storage: %v", err) 47 } 48 return rest, server 49 } 50 51 func validNetworkPolicy() *networking.NetworkPolicy { 52 return &networking.NetworkPolicy{ 53 ObjectMeta: metav1.ObjectMeta{ 54 Name: "foo", 55 Namespace: "default", 56 }, 57 Spec: networking.NetworkPolicySpec{ 58 PodSelector: metav1.LabelSelector{ 59 MatchLabels: map[string]string{"label-1": "value-1"}, 60 }, 61 Ingress: []networking.NetworkPolicyIngressRule{ 62 { 63 From: []networking.NetworkPolicyPeer{ 64 { 65 PodSelector: &metav1.LabelSelector{ 66 MatchLabels: map[string]string{"label-2": "value-2"}, 67 }, 68 }, 69 }, 70 }, 71 }, 72 }, 73 } 74 } 75 76 func TestCreate(t *testing.T) { 77 storage, server := newStorage(t) 78 defer server.Terminate(t) 79 defer storage.Store.DestroyFunc() 80 test := genericregistrytest.New(t, storage.Store) 81 np := validNetworkPolicy() 82 np.ObjectMeta = metav1.ObjectMeta{GenerateName: "foo-"} 83 test.TestCreate( 84 // valid 85 np, 86 // invalid 87 &networking.NetworkPolicy{ 88 ObjectMeta: metav1.ObjectMeta{Name: "name with spaces"}, 89 }, 90 ) 91 } 92 93 func TestUpdate(t *testing.T) { 94 protocolICMP := api.Protocol("ICMP") 95 storage, server := newStorage(t) 96 defer server.Terminate(t) 97 defer storage.Store.DestroyFunc() 98 test := genericregistrytest.New(t, storage.Store) 99 test.TestUpdate( 100 // valid 101 validNetworkPolicy(), 102 // updateFunc 103 func(obj runtime.Object) runtime.Object { 104 object := obj.(*networking.NetworkPolicy) 105 object.Spec.Ingress = []networking.NetworkPolicyIngressRule{ 106 { 107 From: []networking.NetworkPolicyPeer{ 108 { 109 IPBlock: &networking.IPBlock{ 110 CIDR: "192.168.0.0/16", 111 Except: []string{"192.168.3.0/24", "192.168.4.0/24"}, 112 }, 113 }, 114 }, 115 }, 116 } 117 return object 118 }, 119 // invalid updateFunc 120 func(obj runtime.Object) runtime.Object { 121 object := obj.(*networking.NetworkPolicy) 122 object.Spec.Ingress = []networking.NetworkPolicyIngressRule{ 123 { 124 Ports: []networking.NetworkPolicyPort{ 125 { 126 Protocol: &protocolICMP, 127 Port: &intstr.IntOrString{Type: intstr.Int, IntVal: 80}, 128 }, 129 }, 130 }, 131 } 132 return object 133 }, 134 ) 135 } 136 137 func TestDelete(t *testing.T) { 138 storage, server := newStorage(t) 139 defer server.Terminate(t) 140 defer storage.Store.DestroyFunc() 141 test := genericregistrytest.New(t, storage.Store) 142 test.TestDelete(validNetworkPolicy()) 143 } 144 145 func TestGet(t *testing.T) { 146 storage, server := newStorage(t) 147 defer server.Terminate(t) 148 defer storage.Store.DestroyFunc() 149 test := genericregistrytest.New(t, storage.Store) 150 test.TestGet(validNetworkPolicy()) 151 } 152 153 func TestList(t *testing.T) { 154 storage, server := newStorage(t) 155 defer server.Terminate(t) 156 defer storage.Store.DestroyFunc() 157 test := genericregistrytest.New(t, storage.Store) 158 test.TestList(validNetworkPolicy()) 159 } 160 161 func TestWatch(t *testing.T) { 162 storage, server := newStorage(t) 163 defer server.Terminate(t) 164 defer storage.Store.DestroyFunc() 165 test := genericregistrytest.New(t, storage.Store) 166 test.TestWatch( 167 validNetworkPolicy(), 168 // matching labels 169 []labels.Set{}, 170 // not matching labels 171 []labels.Set{ 172 {"foo": "bar"}, 173 }, 174 // matching fields 175 []fields.Set{ 176 {"metadata.name": "foo"}, 177 }, 178 // not matching fields 179 []fields.Set{ 180 {"metadata.name": "bar"}, 181 {"name": "foo"}, 182 }, 183 ) 184 } 185 186 func TestShortNames(t *testing.T) { 187 storage, server := newStorage(t) 188 defer server.Terminate(t) 189 defer storage.Store.DestroyFunc() 190 expected := []string{"netpol"} 191 registrytest.AssertShortNames(t, storage, expected) 192 }