sigs.k8s.io/cluster-api-provider-aws@v1.5.5/pkg/cloud/services/iamauth/reconcile_test.go (about) 1 package iamauth 2 3 import ( 4 "context" 5 "fmt" 6 "testing" 7 8 "github.com/golang/mock/gomock" 9 . "github.com/onsi/gomega" 10 corev1 "k8s.io/api/core/v1" 11 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" 12 "k8s.io/utils/pointer" 13 14 infrav1 "sigs.k8s.io/cluster-api-provider-aws/api/v1beta1" 15 ekscontrolplanev1 "sigs.k8s.io/cluster-api-provider-aws/controlplane/eks/api/v1beta1" 16 expinfrav1 "sigs.k8s.io/cluster-api-provider-aws/exp/api/v1beta1" 17 "sigs.k8s.io/cluster-api-provider-aws/pkg/cloud/scope" 18 clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1" 19 expclusterv1 "sigs.k8s.io/cluster-api/exp/api/v1beta1" 20 "sigs.k8s.io/cluster-api/util" 21 ) 22 23 func TestReconcileIAMAuth(t *testing.T) { 24 var ( 25 mockCtrl *gomock.Controller 26 ctx context.Context 27 ) 28 setup := func(t *testing.T) { 29 t.Helper() 30 mockCtrl = gomock.NewController(t) 31 ctx = context.TODO() 32 } 33 34 teardown := func() { 35 mockCtrl.Finish() 36 } 37 t.Run("Should successfully find roles for MachineDeployments and MachinePools", func(t *testing.T) { 38 g := NewWithT(t) 39 setup(t) 40 namespace, err := testEnv.CreateNamespace(ctx, fmt.Sprintf("integ-test-%s", util.RandomString(5))) 41 g.Expect(err).To(BeNil()) 42 ns := namespace.Name 43 name := "default" 44 eksCluster := createEKSCluster(name, ns) 45 g.Expect(testEnv.Create(ctx, eksCluster)).To(Succeed()) 46 awsMP := createAWSMachinePoolForClusterWithInstanceProfile(name, ns, eksCluster.Name, "nodes.cluster-api-provider-aws.sigs.k8s.io") 47 infraRef := corev1.ObjectReference{ 48 Kind: awsMP.TypeMeta.Kind, 49 Name: awsMP.Name, 50 Namespace: awsMP.Namespace, 51 APIVersion: awsMP.TypeMeta.APIVersion, 52 } 53 g.Expect(testEnv.Create(ctx, awsMP)).To(Succeed()) 54 mp := createMachinepoolForCluster(name, ns, eksCluster.Name, infraRef) 55 g.Expect(testEnv.Create(ctx, mp)).To(Succeed()) 56 57 awsMachineTemplate := createAWSMachineTemplateForClusterWithInstanceProfile(name, ns, eksCluster.Name, "eks-nodes.cluster-api-provider-aws.sigs.k8s.io") 58 infraRefForMD := corev1.ObjectReference{ 59 Kind: awsMachineTemplate.TypeMeta.Kind, 60 Name: awsMachineTemplate.Name, 61 Namespace: awsMachineTemplate.Namespace, 62 APIVersion: awsMachineTemplate.TypeMeta.APIVersion, 63 } 64 g.Expect(testEnv.Create(ctx, awsMachineTemplate)).To(Succeed()) 65 md := createMachineDeploymentForCluster(name, ns, eksCluster.Name, infraRefForMD) 66 g.Expect(testEnv.Create(ctx, md)).To(Succeed()) 67 68 expectedRoles := map[string]struct{}{ 69 "nodes.cluster-api-provider-aws.sigs.k8s.io": {}, 70 "eks-nodes.cluster-api-provider-aws.sigs.k8s.io": {}, 71 } 72 73 controllerIdentity := createControllerIdentity() 74 g.Expect(testEnv.Create(ctx, controllerIdentity)).To(Succeed()) 75 managedScope, err := scope.NewManagedControlPlaneScope(scope.ManagedControlPlaneScopeParams{ 76 Client: testEnv, 77 ControlPlane: eksCluster, 78 Cluster: &clusterv1.Cluster{ 79 ObjectMeta: metav1.ObjectMeta{ 80 Name: name, 81 Namespace: ns, 82 }, 83 }, 84 }) 85 g.Expect(err).To(BeNil(), "failed to create managedScope") 86 authService := NewService(managedScope, BackendTypeConfigMap, managedScope.Client) 87 gotRoles, err := authService.getRolesForWorkers(ctx) 88 g.Expect(err).To(BeNil(), "failed to get roles for workers") 89 g.Expect(gotRoles).To(BeEquivalentTo(expectedRoles), "did not get correct roles for workers") 90 defer teardown() 91 defer t.Cleanup(func() { 92 g.Expect(testEnv.Cleanup(ctx, namespace, eksCluster, awsMP, mp, awsMachineTemplate, md, controllerIdentity)).To(Succeed()) 93 }) 94 }) 95 } 96 97 func createEKSCluster(name, namespace string) *ekscontrolplanev1.AWSManagedControlPlane { 98 eksCluster := &ekscontrolplanev1.AWSManagedControlPlane{ 99 ObjectMeta: metav1.ObjectMeta{ 100 Name: name, 101 Namespace: namespace, 102 Labels: map[string]string{ 103 clusterv1.ClusterLabelName: name, 104 }, 105 }, 106 Spec: ekscontrolplanev1.AWSManagedControlPlaneSpec{}, 107 } 108 return eksCluster 109 } 110 111 func createAWSMachinePoolForClusterWithInstanceProfile(name, namespace, clusterName, instanceProfile string) *expinfrav1.AWSMachinePool { 112 awsMP := &expinfrav1.AWSMachinePool{ 113 TypeMeta: metav1.TypeMeta{ 114 Kind: "AWSMachinePool", 115 }, 116 ObjectMeta: metav1.ObjectMeta{ 117 Name: name, 118 Namespace: namespace, 119 Labels: map[string]string{ 120 clusterv1.ClusterLabelName: clusterName, 121 }, 122 }, 123 Spec: expinfrav1.AWSMachinePoolSpec{ 124 AWSLaunchTemplate: expinfrav1.AWSLaunchTemplate{ 125 IamInstanceProfile: instanceProfile, 126 }, 127 MaxSize: 1, 128 }, 129 } 130 return awsMP 131 } 132 133 func createMachinepoolForCluster(name, namespace, clusterName string, infrastructureRef corev1.ObjectReference) *expclusterv1.MachinePool { 134 mp := &expclusterv1.MachinePool{ 135 ObjectMeta: metav1.ObjectMeta{ 136 Name: name, 137 Namespace: namespace, 138 Labels: map[string]string{ 139 clusterv1.ClusterLabelName: clusterName, 140 }, 141 }, 142 Spec: expclusterv1.MachinePoolSpec{ 143 ClusterName: clusterName, 144 Template: clusterv1.MachineTemplateSpec{ 145 Spec: clusterv1.MachineSpec{ 146 ClusterName: clusterName, 147 InfrastructureRef: infrastructureRef, 148 }, 149 }, 150 }, 151 } 152 return mp 153 } 154 155 func createAWSMachineTemplateForClusterWithInstanceProfile(name, namespace, clusterName, instanceProfile string) *infrav1.AWSMachineTemplate { 156 mt := &infrav1.AWSMachineTemplate{ 157 TypeMeta: metav1.TypeMeta{ 158 Kind: "AWSMachineTemplate", 159 }, 160 ObjectMeta: metav1.ObjectMeta{ 161 Name: name, 162 Namespace: namespace, 163 Labels: map[string]string{ 164 clusterv1.ClusterLabelName: clusterName, 165 }, 166 }, 167 Spec: infrav1.AWSMachineTemplateSpec{ 168 Template: infrav1.AWSMachineTemplateResource{ 169 Spec: infrav1.AWSMachineSpec{ 170 IAMInstanceProfile: instanceProfile, 171 InstanceType: "m5.xlarge", 172 }, 173 }, 174 }, 175 } 176 return mt 177 } 178 179 func createMachineDeploymentForCluster(name, namespace, clusterName string, infrastructureRef corev1.ObjectReference) *clusterv1.MachineDeployment { 180 md := &clusterv1.MachineDeployment{ 181 ObjectMeta: metav1.ObjectMeta{ 182 Name: name, 183 Namespace: namespace, 184 Labels: map[string]string{ 185 clusterv1.ClusterLabelName: clusterName, 186 }, 187 }, 188 Spec: clusterv1.MachineDeploymentSpec{ 189 ClusterName: clusterName, 190 Template: clusterv1.MachineTemplateSpec{ 191 Spec: clusterv1.MachineSpec{ 192 ClusterName: clusterName, 193 InfrastructureRef: infrastructureRef, 194 }, 195 }, 196 Replicas: pointer.Int32(2), 197 }, 198 } 199 return md 200 } 201 202 func createControllerIdentity() *infrav1.AWSClusterControllerIdentity { 203 controllerIdentity := &infrav1.AWSClusterControllerIdentity{ 204 TypeMeta: metav1.TypeMeta{ 205 Kind: string(infrav1.ControllerIdentityKind), 206 }, 207 ObjectMeta: metav1.ObjectMeta{ 208 Name: "default", 209 }, 210 Spec: infrav1.AWSClusterControllerIdentitySpec{ 211 AWSClusterIdentitySpec: infrav1.AWSClusterIdentitySpec{ 212 AllowedNamespaces: &infrav1.AllowedNamespaces{}, 213 }, 214 }, 215 } 216 return controllerIdentity 217 }