diff options
Diffstat (limited to 'spec/lib/gitlab/kubernetes/network_policy_spec.rb')
-rw-r--r-- | spec/lib/gitlab/kubernetes/network_policy_spec.rb | 238 |
1 files changed, 31 insertions, 207 deletions
diff --git a/spec/lib/gitlab/kubernetes/network_policy_spec.rb b/spec/lib/gitlab/kubernetes/network_policy_spec.rb index a8ca15f998b..5d1dd5dec59 100644 --- a/spec/lib/gitlab/kubernetes/network_policy_spec.rb +++ b/spec/lib/gitlab/kubernetes/network_policy_spec.rb @@ -8,13 +8,20 @@ RSpec.describe Gitlab::Kubernetes::NetworkPolicy do name: name, namespace: namespace, creation_timestamp: '2020-04-14T00:08:30Z', - pod_selector: pod_selector, + selector: pod_selector, policy_types: %w(Ingress Egress), ingress: ingress, egress: egress ) end + let(:resource) do + ::Kubeclient::Resource.new( + metadata: { name: name, namespace: namespace }, + spec: { podSelector: pod_selector, policyTypes: %w(Ingress), ingress: ingress, egress: nil } + ) + end + let(:name) { 'example-name' } let(:namespace) { 'example-namespace' } let(:pod_selector) { { matchLabels: { role: 'db' } } } @@ -37,6 +44,28 @@ RSpec.describe Gitlab::Kubernetes::NetworkPolicy do ] end + include_examples 'network policy common specs' do + let(:selector) { pod_selector } + let(:policy) do + described_class.new( + name: name, + namespace: namespace, + selector: selector, + ingress: ingress, + labels: labels + ) + end + + let(:spec) { { podSelector: selector, policyTypes: ["Ingress"], ingress: ingress, egress: nil } } + let(:metadata) { { name: name, namespace: namespace } } + end + + describe '#generate' do + subject { policy.generate } + + it { is_expected.to eq(resource) } + end + describe '.from_yaml' do let(:manifest) do <<~POLICY @@ -45,8 +74,6 @@ RSpec.describe Gitlab::Kubernetes::NetworkPolicy do metadata: name: example-name namespace: example-namespace - labels: - app: foo spec: podSelector: matchLabels: @@ -60,12 +87,6 @@ RSpec.describe Gitlab::Kubernetes::NetworkPolicy do project: myproject POLICY end - let(:resource) do - ::Kubeclient::Resource.new( - metadata: { name: name, namespace: namespace, labels: { app: 'foo' } }, - spec: { podSelector: pod_selector, policyTypes: %w(Ingress), ingress: ingress, egress: nil } - ) - end subject { Gitlab::Kubernetes::NetworkPolicy.from_yaml(manifest)&.generate } @@ -156,6 +177,7 @@ RSpec.describe Gitlab::Kubernetes::NetworkPolicy do spec: { podSelector: pod_selector, policyTypes: %w(Ingress), ingress: ingress, egress: nil } ) end + let(:generated_resource) do ::Kubeclient::Resource.new( metadata: { name: name, namespace: namespace, labels: { app: 'foo' } }, @@ -193,202 +215,4 @@ RSpec.describe Gitlab::Kubernetes::NetworkPolicy do it { is_expected.to be_nil } end end - - describe '#generate' do - let(:resource) do - ::Kubeclient::Resource.new( - metadata: { name: name, namespace: namespace }, - spec: { podSelector: pod_selector, policyTypes: %w(Ingress Egress), ingress: ingress, egress: egress } - ) - end - - subject { policy.generate } - - it { is_expected.to eq(resource) } - end - - describe '#as_json' do - let(:json_policy) do - { - name: name, - namespace: namespace, - creation_timestamp: '2020-04-14T00:08:30Z', - manifest: YAML.dump( - { - metadata: { name: name, namespace: namespace }, - spec: { podSelector: pod_selector, policyTypes: %w(Ingress Egress), ingress: ingress, egress: egress } - }.deep_stringify_keys - ), - is_autodevops: false, - is_enabled: true - } - end - - subject { policy.as_json } - - it { is_expected.to eq(json_policy) } - end - - describe '#autodevops?' do - subject { policy.autodevops? } - - let(:chart) { nil } - let(:policy) do - described_class.new( - name: name, - namespace: namespace, - labels: { chart: chart }, - pod_selector: pod_selector, - ingress: ingress - ) - end - - it { is_expected.to be false } - - context 'with non-autodevops chart' do - let(:chart) { 'foo' } - - it { is_expected.to be false } - end - - context 'with autodevops chart' do - let(:chart) { 'auto-deploy-app-0.6.0' } - - it { is_expected.to be true } - end - end - - describe '#enabled?' do - subject { policy.enabled? } - - let(:pod_selector) { nil } - let(:policy) do - described_class.new( - name: name, - namespace: namespace, - pod_selector: pod_selector, - ingress: ingress - ) - end - - it { is_expected.to be true } - - context 'with empty pod_selector' do - let(:pod_selector) { {} } - - it { is_expected.to be true } - end - - context 'with nil matchLabels in pod_selector' do - let(:pod_selector) { { matchLabels: nil } } - - it { is_expected.to be true } - end - - context 'with empty matchLabels in pod_selector' do - let(:pod_selector) { { matchLabels: {} } } - - it { is_expected.to be true } - end - - context 'with disabled_by label in matchLabels in pod_selector' do - let(:pod_selector) do - { matchLabels: { Gitlab::Kubernetes::NetworkPolicy::DISABLED_BY_LABEL => 'gitlab' } } - end - - it { is_expected.to be false } - end - end - - describe '#enable' do - subject { policy.enabled? } - - let(:pod_selector) { nil } - let(:policy) do - described_class.new( - name: name, - namespace: namespace, - pod_selector: pod_selector, - ingress: ingress - ) - end - - before do - policy.enable - end - - it { is_expected.to be true } - - context 'with empty pod_selector' do - let(:pod_selector) { {} } - - it { is_expected.to be true } - end - - context 'with nil matchLabels in pod_selector' do - let(:pod_selector) { { matchLabels: nil } } - - it { is_expected.to be true } - end - - context 'with empty matchLabels in pod_selector' do - let(:pod_selector) { { matchLabels: {} } } - - it { is_expected.to be true } - end - - context 'with disabled_by label in matchLabels in pod_selector' do - let(:pod_selector) do - { matchLabels: { Gitlab::Kubernetes::NetworkPolicy::DISABLED_BY_LABEL => 'gitlab' } } - end - - it { is_expected.to be true } - end - end - - describe '#disable' do - subject { policy.enabled? } - - let(:pod_selector) { nil } - let(:policy) do - described_class.new( - name: name, - namespace: namespace, - pod_selector: pod_selector, - ingress: ingress - ) - end - - before do - policy.disable - end - - it { is_expected.to be false } - - context 'with empty pod_selector' do - let(:pod_selector) { {} } - - it { is_expected.to be false } - end - - context 'with nil matchLabels in pod_selector' do - let(:pod_selector) { { matchLabels: nil } } - - it { is_expected.to be false } - end - - context 'with empty matchLabels in pod_selector' do - let(:pod_selector) { { matchLabels: {} } } - - it { is_expected.to be false } - end - - context 'with disabled_by label in matchLabels in pod_selector' do - let(:pod_selector) do - { matchLabels: { Gitlab::Kubernetes::NetworkPolicy::DISABLED_BY_LABEL => 'gitlab' } } - end - - it { is_expected.to be false } - end - end end |