2016-12-08 11:36:26 -05:00
|
|
|
require 'spec_helper'
|
|
|
|
|
2017-07-10 10:24:02 -04:00
|
|
|
describe KubernetesService, :use_clean_rails_memory_store_caching do
|
2016-11-22 14:55:56 -05:00
|
|
|
include KubernetesHelpers
|
|
|
|
include ReactiveCachingHelpers
|
|
|
|
|
2017-11-27 09:55:25 -05:00
|
|
|
let(:project) { create(:kubernetes_project) }
|
2017-11-27 08:35:16 -05:00
|
|
|
let(:service) { project.deployment_platform }
|
2016-11-22 14:55:56 -05:00
|
|
|
|
2017-11-02 06:14:10 -04:00
|
|
|
describe 'Associations' do
|
2016-12-08 11:36:26 -05:00
|
|
|
it { is_expected.to belong_to :project }
|
|
|
|
end
|
|
|
|
|
|
|
|
describe 'Validations' do
|
|
|
|
context 'when service is active' do
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
subject.active = true
|
|
|
|
end
|
2017-04-04 03:40:00 -04:00
|
|
|
|
|
|
|
it { is_expected.not_to validate_presence_of(:namespace) }
|
2016-12-08 11:36:26 -05:00
|
|
|
it { is_expected.to validate_presence_of(:api_url) }
|
|
|
|
it { is_expected.to validate_presence_of(:token) }
|
|
|
|
|
|
|
|
context 'namespace format' do
|
|
|
|
before do
|
|
|
|
subject.project = project
|
|
|
|
subject.api_url = "http://example.com"
|
|
|
|
subject.token = "test"
|
|
|
|
end
|
|
|
|
|
|
|
|
{
|
|
|
|
'foo' => true,
|
|
|
|
'1foo' => true,
|
|
|
|
'foo1' => true,
|
|
|
|
'foo-bar' => true,
|
|
|
|
'-foo' => false,
|
|
|
|
'foo-' => false,
|
|
|
|
'a' * 63 => true,
|
|
|
|
'a' * 64 => false,
|
|
|
|
'a.b' => false,
|
2017-08-22 02:12:27 -04:00
|
|
|
'a*b' => false,
|
2017-08-22 04:01:52 -04:00
|
|
|
'FOO' => true
|
2016-12-08 11:36:26 -05:00
|
|
|
}.each do |namespace, validity|
|
2017-04-04 03:40:00 -04:00
|
|
|
it "validates #{namespace} as #{validity ? 'valid' : 'invalid'}" do
|
2016-12-08 11:36:26 -05:00
|
|
|
subject.namespace = namespace
|
|
|
|
|
|
|
|
expect(subject.valid?).to eq(validity)
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when service is inactive' do
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
subject.active = false
|
|
|
|
end
|
2017-04-04 03:40:00 -04:00
|
|
|
|
2016-12-08 11:36:26 -05:00
|
|
|
it { is_expected.not_to validate_presence_of(:api_url) }
|
|
|
|
it { is_expected.not_to validate_presence_of(:token) }
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe '#initialize_properties' do
|
2017-04-04 03:40:00 -04:00
|
|
|
context 'without a project' do
|
|
|
|
it 'leaves the namespace unset' do
|
|
|
|
expect(described_class.new.namespace).to be_nil
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe '#fields' do
|
|
|
|
let(:kube_namespace) do
|
|
|
|
subject.fields.find { |h| h[:name] == 'namespace' }
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'as template' do
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
subject.template = true
|
|
|
|
end
|
2017-03-06 14:32:37 -05:00
|
|
|
|
2017-04-04 03:40:00 -04:00
|
|
|
it 'sets the namespace to the default' do
|
|
|
|
expect(kube_namespace).not_to be_nil
|
|
|
|
expect(kube_namespace[:placeholder]).to eq(subject.class::TEMPLATE_PLACEHOLDER)
|
2016-12-08 11:36:26 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-04-04 03:40:00 -04:00
|
|
|
context 'with associated project' do
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
subject.project = project
|
|
|
|
end
|
2017-04-04 03:40:00 -04:00
|
|
|
|
|
|
|
it 'sets the namespace to the default' do
|
|
|
|
expect(kube_namespace).not_to be_nil
|
2017-05-24 16:59:26 -04:00
|
|
|
expect(kube_namespace[:placeholder]).to match(/\A#{Gitlab::PathRegex::PATH_REGEX_STR}-\d+\z/)
|
2016-12-08 11:36:26 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2017-06-13 11:31:23 -04:00
|
|
|
describe '#actual_namespace' do
|
|
|
|
subject { service.actual_namespace }
|
|
|
|
|
2017-10-26 10:38:10 -04:00
|
|
|
shared_examples 'a correctly formatted namespace' do
|
|
|
|
it 'returns a valid Kubernetes namespace name' do
|
|
|
|
expect(subject).to match(Gitlab::Regex.kubernetes_namespace_regex)
|
|
|
|
expect(subject).to eq(expected_namespace)
|
2017-06-13 11:31:23 -04:00
|
|
|
end
|
2017-10-26 10:38:10 -04:00
|
|
|
end
|
2017-06-13 11:31:23 -04:00
|
|
|
|
2017-10-26 10:38:10 -04:00
|
|
|
it_behaves_like 'a correctly formatted namespace' do
|
|
|
|
let(:expected_namespace) { service.send(:default_namespace) }
|
2017-06-13 11:31:23 -04:00
|
|
|
end
|
|
|
|
|
2017-10-26 10:38:10 -04:00
|
|
|
context 'when the project path contains forbidden characters' do
|
2017-06-13 11:31:23 -04:00
|
|
|
before do
|
2017-10-26 10:38:10 -04:00
|
|
|
project.path = '-a_Strange.Path--forSure'
|
2017-06-13 11:31:23 -04:00
|
|
|
end
|
|
|
|
|
2017-10-26 10:38:10 -04:00
|
|
|
it_behaves_like 'a correctly formatted namespace' do
|
|
|
|
let(:expected_namespace) { "a-strange-path--forsure-#{project.id}" }
|
2017-06-13 11:31:23 -04:00
|
|
|
end
|
|
|
|
end
|
2017-06-16 10:15:40 -04:00
|
|
|
|
2017-05-08 11:28:05 -04:00
|
|
|
context 'when namespace is specified' do
|
|
|
|
before do
|
|
|
|
service.namespace = 'my-namespace'
|
|
|
|
end
|
|
|
|
|
2017-10-26 10:38:10 -04:00
|
|
|
it_behaves_like 'a correctly formatted namespace' do
|
|
|
|
let(:expected_namespace) { 'my-namespace' }
|
2017-05-08 11:28:05 -04:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when service is not assigned to project' do
|
|
|
|
before do
|
|
|
|
service.project = nil
|
|
|
|
end
|
|
|
|
|
2017-10-26 10:38:10 -04:00
|
|
|
it 'does not return namespace' do
|
2017-05-08 11:28:05 -04:00
|
|
|
is_expected.to be_nil
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
2016-12-08 11:36:26 -05:00
|
|
|
describe '#test' do
|
2017-06-13 11:31:23 -04:00
|
|
|
let(:discovery_url) { 'https://kubernetes.example.com/api/v1' }
|
|
|
|
|
2016-11-22 14:55:56 -05:00
|
|
|
before do
|
2017-10-31 14:59:40 -04:00
|
|
|
stub_kubeclient_discover(service.api_url)
|
2016-11-22 14:55:56 -05:00
|
|
|
end
|
2016-12-08 11:36:26 -05:00
|
|
|
|
|
|
|
context 'with path prefix in api_url' do
|
|
|
|
let(:discovery_url) { 'https://kubernetes.example.com/prefix/api/v1' }
|
|
|
|
|
|
|
|
it 'tests with the prefix' do
|
2017-06-13 11:31:23 -04:00
|
|
|
service.api_url = 'https://kubernetes.example.com/prefix'
|
2017-10-31 14:59:40 -04:00
|
|
|
stub_kubeclient_discover(service.api_url)
|
2016-12-08 11:36:26 -05:00
|
|
|
|
|
|
|
expect(service.test[:success]).to be_truthy
|
|
|
|
expect(WebMock).to have_requested(:get, discovery_url).once
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with custom CA certificate' do
|
|
|
|
it 'is added to the certificate store' do
|
2016-11-22 14:55:56 -05:00
|
|
|
service.ca_pem = "CA PEM DATA"
|
2016-12-08 11:36:26 -05:00
|
|
|
|
2016-11-22 14:55:56 -05:00
|
|
|
cert = double("certificate")
|
|
|
|
expect(OpenSSL::X509::Certificate).to receive(:new).with(service.ca_pem).and_return(cert)
|
2016-12-08 11:36:26 -05:00
|
|
|
expect_any_instance_of(OpenSSL::X509::Store).to receive(:add_cert).with(cert)
|
|
|
|
|
|
|
|
expect(service.test[:success]).to be_truthy
|
|
|
|
expect(WebMock).to have_requested(:get, discovery_url).once
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'success' do
|
|
|
|
it 'reads the discovery endpoint' do
|
|
|
|
expect(service.test[:success]).to be_truthy
|
|
|
|
expect(WebMock).to have_requested(:get, discovery_url).once
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'failure' do
|
2016-11-22 14:55:56 -05:00
|
|
|
it 'fails to read the discovery endpoint' do
|
2017-06-13 11:31:23 -04:00
|
|
|
WebMock.stub_request(:get, service.api_url + '/api/v1').to_return(status: 404)
|
|
|
|
|
2016-12-08 11:36:26 -05:00
|
|
|
expect(service.test[:success]).to be_falsy
|
|
|
|
expect(WebMock).to have_requested(:get, discovery_url).once
|
|
|
|
end
|
|
|
|
end
|
|
|
|
end
|
2016-12-16 07:24:03 -05:00
|
|
|
|
|
|
|
describe '#predefined_variables' do
|
2017-06-16 10:15:40 -04:00
|
|
|
let(:kubeconfig) do
|
2017-08-26 05:18:18 -04:00
|
|
|
config_file = expand_fixture_path('config/kubeconfig.yml')
|
|
|
|
config = YAML.load(File.read(config_file))
|
|
|
|
config.dig('users', 0, 'user')['token'] = 'token'
|
|
|
|
config.dig('contexts', 0, 'context')['namespace'] = namespace
|
2017-07-06 07:38:41 -04:00
|
|
|
config.dig('clusters', 0, 'cluster')['certificate-authority-data'] =
|
2017-10-02 12:55:07 -04:00
|
|
|
Base64.strict_encode64('CA PEM DATA')
|
2017-07-06 07:38:41 -04:00
|
|
|
|
|
|
|
YAML.dump(config)
|
2017-06-16 10:15:40 -04:00
|
|
|
end
|
|
|
|
|
2016-12-16 07:24:03 -05:00
|
|
|
before do
|
|
|
|
subject.api_url = 'https://kube.domain.com'
|
|
|
|
subject.token = 'token'
|
|
|
|
subject.ca_pem = 'CA PEM DATA'
|
2017-04-04 03:40:00 -04:00
|
|
|
subject.project = project
|
2016-12-16 07:24:03 -05:00
|
|
|
end
|
|
|
|
|
2017-06-16 10:15:40 -04:00
|
|
|
shared_examples 'setting variables' do
|
2017-04-04 03:40:00 -04:00
|
|
|
it 'sets the variables' do
|
|
|
|
expect(subject.predefined_variables).to include(
|
|
|
|
{ key: 'KUBE_URL', value: 'https://kube.domain.com', public: true },
|
|
|
|
{ key: 'KUBE_TOKEN', value: 'token', public: false },
|
2017-06-16 10:15:40 -04:00
|
|
|
{ key: 'KUBE_NAMESPACE', value: namespace, public: true },
|
2017-07-06 03:55:40 -04:00
|
|
|
{ key: 'KUBECONFIG', value: kubeconfig, public: false, file: true },
|
2017-04-04 03:40:00 -04:00
|
|
|
{ key: 'KUBE_CA_PEM', value: 'CA PEM DATA', public: true },
|
2017-05-03 07:27:17 -04:00
|
|
|
{ key: 'KUBE_CA_PEM_FILE', value: 'CA PEM DATA', public: true, file: true }
|
2017-04-04 03:40:00 -04:00
|
|
|
)
|
|
|
|
end
|
2016-12-16 07:24:03 -05:00
|
|
|
end
|
|
|
|
|
2017-06-16 10:15:40 -04:00
|
|
|
context 'namespace is provided' do
|
|
|
|
let(:namespace) { 'my-project' }
|
|
|
|
|
|
|
|
before do
|
|
|
|
subject.namespace = namespace
|
2017-04-04 03:40:00 -04:00
|
|
|
end
|
2016-12-16 07:24:03 -05:00
|
|
|
|
2017-06-16 10:15:40 -04:00
|
|
|
it_behaves_like 'setting variables'
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'no namespace provided' do
|
|
|
|
let(:namespace) { subject.actual_namespace }
|
|
|
|
|
|
|
|
it_behaves_like 'setting variables'
|
|
|
|
|
2017-04-04 03:40:00 -04:00
|
|
|
it 'sets the KUBE_NAMESPACE' do
|
|
|
|
kube_namespace = subject.predefined_variables.find { |h| h[:key] == 'KUBE_NAMESPACE' }
|
2017-02-20 16:02:24 -05:00
|
|
|
|
2017-04-04 03:40:00 -04:00
|
|
|
expect(kube_namespace).not_to be_nil
|
2017-05-24 16:59:26 -04:00
|
|
|
expect(kube_namespace[:value]).to match(/\A#{Gitlab::PathRegex::PATH_REGEX_STR}-\d+\z/)
|
2017-04-04 03:40:00 -04:00
|
|
|
end
|
2017-02-20 16:02:24 -05:00
|
|
|
end
|
2016-12-16 07:24:03 -05:00
|
|
|
end
|
2016-11-22 14:55:56 -05:00
|
|
|
|
|
|
|
describe '#terminals' do
|
|
|
|
let(:environment) { build(:environment, project: project, name: "env", slug: "env-000000") }
|
2017-05-08 11:28:05 -04:00
|
|
|
|
2016-11-22 14:55:56 -05:00
|
|
|
subject { service.terminals(environment) }
|
|
|
|
|
|
|
|
context 'with invalid pods' do
|
|
|
|
it 'returns no terminals' do
|
2017-02-21 18:33:53 -05:00
|
|
|
stub_reactive_cache(service, pods: [{ "bad" => "pod" }])
|
2016-11-22 14:55:56 -05:00
|
|
|
|
|
|
|
is_expected.to be_empty
|
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'with valid pods' do
|
|
|
|
let(:pod) { kube_pod(app: environment.slug) }
|
|
|
|
let(:terminals) { kube_terminals(service, pod) }
|
|
|
|
|
2017-01-26 13:16:50 -05:00
|
|
|
before do
|
|
|
|
stub_reactive_cache(
|
|
|
|
service,
|
2017-02-21 18:33:53 -05:00
|
|
|
pods: [pod, pod, kube_pod(app: "should-be-filtered-out")]
|
2017-01-26 13:16:50 -05:00
|
|
|
)
|
|
|
|
end
|
2016-11-22 14:55:56 -05:00
|
|
|
|
2017-01-26 13:16:50 -05:00
|
|
|
it 'returns terminals' do
|
2016-11-22 14:55:56 -05:00
|
|
|
is_expected.to eq(terminals + terminals)
|
|
|
|
end
|
2017-01-26 13:16:50 -05:00
|
|
|
|
|
|
|
it 'uses max session time from settings' do
|
|
|
|
stub_application_setting(terminal_max_session_time: 600)
|
|
|
|
|
|
|
|
times = subject.map { |terminal| terminal[:max_session_time] }
|
|
|
|
expect(times).to eq [600, 600, 600, 600]
|
|
|
|
end
|
2016-11-22 14:55:56 -05:00
|
|
|
end
|
|
|
|
end
|
|
|
|
|
|
|
|
describe '#calculate_reactive_cache' do
|
|
|
|
subject { service.calculate_reactive_cache }
|
|
|
|
|
|
|
|
context 'when service is inactive' do
|
2017-06-14 14:18:56 -04:00
|
|
|
before do
|
|
|
|
service.active = false
|
|
|
|
end
|
2016-11-22 14:55:56 -05:00
|
|
|
|
|
|
|
it { is_expected.to be_nil }
|
|
|
|
end
|
|
|
|
|
|
|
|
context 'when kubernetes responds with valid pods' do
|
2017-06-13 11:31:23 -04:00
|
|
|
before do
|
|
|
|
stub_kubeclient_pods
|
|
|
|
end
|
|
|
|
|
2016-11-22 14:55:56 -05:00
|
|
|
it { is_expected.to eq(pods: [kube_pod]) }
|
|
|
|
end
|
|
|
|
|
2017-06-13 11:31:23 -04:00
|
|
|
context 'when kubernetes responds with 500s' do
|
|
|
|
before do
|
|
|
|
stub_kubeclient_pods(status: 500)
|
|
|
|
end
|
2016-11-22 14:55:56 -05:00
|
|
|
|
|
|
|
it { expect { subject }.to raise_error(KubeException) }
|
|
|
|
end
|
|
|
|
|
2017-06-13 11:31:23 -04:00
|
|
|
context 'when kubernetes responds with 404s' do
|
|
|
|
before do
|
|
|
|
stub_kubeclient_pods(status: 404)
|
|
|
|
end
|
2016-11-22 14:55:56 -05:00
|
|
|
|
|
|
|
it { is_expected.to eq(pods: []) }
|
|
|
|
end
|
|
|
|
end
|
2016-12-08 11:36:26 -05:00
|
|
|
end
|