diff options
Diffstat (limited to 'spec/lib/gitlab/kubernetes/cilium_network_policy_spec.rb')
-rw-r--r-- | spec/lib/gitlab/kubernetes/cilium_network_policy_spec.rb | 274 |
1 files changed, 0 insertions, 274 deletions
diff --git a/spec/lib/gitlab/kubernetes/cilium_network_policy_spec.rb b/spec/lib/gitlab/kubernetes/cilium_network_policy_spec.rb deleted file mode 100644 index ec1f46100a4..00000000000 --- a/spec/lib/gitlab/kubernetes/cilium_network_policy_spec.rb +++ /dev/null @@ -1,274 +0,0 @@ -# frozen_string_literal: true - -require 'spec_helper' - -RSpec.describe Gitlab::Kubernetes::CiliumNetworkPolicy do - let(:policy) do - described_class.new( - name: name, - namespace: namespace, - description: description, - selector: selector, - ingress: ingress, - egress: egress, - labels: labels, - resource_version: resource_version, - annotations: annotations - ) - end - - let(:resource) do - ::Kubeclient::Resource.new( - apiVersion: Gitlab::Kubernetes::CiliumNetworkPolicy::API_VERSION, - kind: Gitlab::Kubernetes::CiliumNetworkPolicy::KIND, - metadata: { name: name, namespace: namespace, resourceVersion: resource_version, annotations: annotations }, - spec: { endpointSelector: endpoint_selector, ingress: ingress, egress: egress }, - description: description - ) - end - - let(:selector) { endpoint_selector } - let(:labels) { nil } - let(:name) { 'example-name' } - let(:namespace) { 'example-namespace' } - let(:endpoint_selector) { { matchLabels: { role: 'db' } } } - let(:description) { 'example-description' } - let(:partial_class_name) { described_class.name.split('::').last } - let(:resource_version) { 101 } - let(:annotations) { { 'app.gitlab.com/alert': 'true' } } - let(:ingress) do - [ - { - fromEndpoints: [ - { matchLabels: { project: 'myproject' } } - ] - } - ] - end - - let(:egress) do - [ - { - ports: [{ port: 5978 }] - } - ] - end - - include_examples 'network policy common specs' - - describe '.from_yaml' do - let(:manifest) do - <<~POLICY - apiVersion: cilium.io/v2 - kind: CiliumNetworkPolicy - description: example-description - metadata: - name: example-name - namespace: example-namespace - resourceVersion: 101 - annotations: - app.gitlab.com/alert: "true" - spec: - endpointSelector: - matchLabels: - role: db - ingress: - - fromEndpoints: - - matchLabels: - project: myproject - egress: - - ports: - - port: 5978 - POLICY - end - - subject { Gitlab::Kubernetes::CiliumNetworkPolicy.from_yaml(manifest)&.generate } - - it { is_expected.to eq(resource) } - - context 'with nil manifest' do - let(:manifest) { nil } - - it { is_expected.to be_nil } - end - - context 'with invalid manifest' do - let(:manifest) { "\tfoo: bar" } - - it { is_expected.to be_nil } - end - - context 'with manifest without metadata' do - let(:manifest) do - <<~POLICY - apiVersion: cilium.io/v2 - kind: CiliumNetworkPolicy - spec: - endpointSelector: - matchLabels: - role: db - ingress: - - fromEndpoints: - matchLabels: - project: myproject - POLICY - end - - it { is_expected.to be_nil } - end - - context 'with manifest without spec' do - let(:manifest) do - <<~POLICY - apiVersion: cilium.io/v2 - kind: CiliumNetworkPolicy - metadata: - name: example-name - namespace: example-namespace - POLICY - end - - it { is_expected.to be_nil } - end - - context 'with disallowed class' do - let(:manifest) do - <<~POLICY - apiVersion: cilium.io/v2 - kind: CiliumNetworkPolicy - metadata: - name: example-name - namespace: example-namespace - creationTimestamp: 2020-04-14T00:08:30Z - spec: - endpointSelector: - matchLabels: - role: db - ingress: - - fromEndpoints: - matchLabels: - project: myproject - POLICY - end - - it { is_expected.to be_nil } - end - end - - describe '.from_resource' do - let(:resource) do - ::Kubeclient::Resource.new( - description: description, - metadata: { - name: name, namespace: namespace, creationTimestamp: '2020-04-14T00:08:30Z', - labels: { app: 'foo' }, resourceVersion: resource_version, annotations: annotations - }, - spec: { endpointSelector: endpoint_selector, ingress: ingress, egress: nil, labels: nil } - ) - end - - let(:generated_resource) do - ::Kubeclient::Resource.new( - apiVersion: Gitlab::Kubernetes::CiliumNetworkPolicy::API_VERSION, - kind: Gitlab::Kubernetes::CiliumNetworkPolicy::KIND, - description: description, - metadata: { name: name, namespace: namespace, resourceVersion: resource_version, labels: { app: 'foo' }, annotations: annotations }, - spec: { endpointSelector: endpoint_selector, ingress: ingress } - ) - end - - subject { Gitlab::Kubernetes::CiliumNetworkPolicy.from_resource(resource)&.generate } - - it { is_expected.to eq(generated_resource) } - - context 'with nil resource' do - let(:resource) { nil } - - it { is_expected.to be_nil } - end - - context 'with resource without metadata' do - let(:resource) do - ::Kubeclient::Resource.new( - spec: { endpointSelector: endpoint_selector, ingress: ingress, egress: nil, labels: nil } - ) - end - - it { is_expected.to be_nil } - end - - context 'with resource without spec' do - let(:resource) do - ::Kubeclient::Resource.new( - metadata: { name: name, namespace: namespace, uid: '128cf288-7de4-11ea-aceb-42010a800089', resourceVersion: resource_version } - ) - end - - it { is_expected.to be_nil } - end - - context 'with environment_ids' do - subject { Gitlab::Kubernetes::CiliumNetworkPolicy.from_resource(resource, [1, 2, 3]) } - - it 'includes environment_ids in as_json result' do - expect(subject.as_json).to include(environment_ids: [1, 2, 3]) - end - end - end - - describe '#resource' do - subject { policy.resource } - - let(:resource) do - { - apiVersion: Gitlab::Kubernetes::CiliumNetworkPolicy::API_VERSION, - kind: Gitlab::Kubernetes::CiliumNetworkPolicy::KIND, - metadata: { name: name, namespace: namespace, resourceVersion: resource_version, annotations: annotations }, - spec: { endpointSelector: endpoint_selector, ingress: ingress, egress: egress }, - description: description - } - end - - it { is_expected.to eq(resource) } - - context 'with labels' do - let(:labels) { { app: 'foo' } } - - before do - resource[:metadata][:labels] = { app: 'foo' } - end - - it { is_expected.to eq(resource) } - end - - context 'without resource_version' do - let(:resource_version) { nil } - - before do - resource[:metadata].delete(:resourceVersion) - end - - it { is_expected.to eq(resource) } - end - - context 'with nil egress' do - let(:egress) { nil } - - before do - resource[:spec].delete(:egress) - end - - it { is_expected.to eq(resource) } - end - - context 'without annotations' do - let(:annotations) { nil } - - before do - resource[:metadata].delete(:annotations) - end - - it { is_expected.to eq(resource) } - end - end -end |