summaryrefslogtreecommitdiff
path: root/spec/lib/gitlab/kubernetes/network_policy_spec.rb
diff options
context:
space:
mode:
Diffstat (limited to 'spec/lib/gitlab/kubernetes/network_policy_spec.rb')
-rw-r--r--spec/lib/gitlab/kubernetes/network_policy_spec.rb238
1 files changed, 31 insertions, 207 deletions
diff --git a/spec/lib/gitlab/kubernetes/network_policy_spec.rb b/spec/lib/gitlab/kubernetes/network_policy_spec.rb
index a8ca15f998b..5d1dd5dec59 100644
--- a/spec/lib/gitlab/kubernetes/network_policy_spec.rb
+++ b/spec/lib/gitlab/kubernetes/network_policy_spec.rb
@@ -8,13 +8,20 @@ RSpec.describe Gitlab::Kubernetes::NetworkPolicy do
name: name,
namespace: namespace,
creation_timestamp: '2020-04-14T00:08:30Z',
- pod_selector: pod_selector,
+ selector: pod_selector,
policy_types: %w(Ingress Egress),
ingress: ingress,
egress: egress
)
end
+ let(:resource) do
+ ::Kubeclient::Resource.new(
+ metadata: { name: name, namespace: namespace },
+ spec: { podSelector: pod_selector, policyTypes: %w(Ingress), ingress: ingress, egress: nil }
+ )
+ end
+
let(:name) { 'example-name' }
let(:namespace) { 'example-namespace' }
let(:pod_selector) { { matchLabels: { role: 'db' } } }
@@ -37,6 +44,28 @@ RSpec.describe Gitlab::Kubernetes::NetworkPolicy do
]
end
+ include_examples 'network policy common specs' do
+ let(:selector) { pod_selector }
+ let(:policy) do
+ described_class.new(
+ name: name,
+ namespace: namespace,
+ selector: selector,
+ ingress: ingress,
+ labels: labels
+ )
+ end
+
+ let(:spec) { { podSelector: selector, policyTypes: ["Ingress"], ingress: ingress, egress: nil } }
+ let(:metadata) { { name: name, namespace: namespace } }
+ end
+
+ describe '#generate' do
+ subject { policy.generate }
+
+ it { is_expected.to eq(resource) }
+ end
+
describe '.from_yaml' do
let(:manifest) do
<<~POLICY
@@ -45,8 +74,6 @@ RSpec.describe Gitlab::Kubernetes::NetworkPolicy do
metadata:
name: example-name
namespace: example-namespace
- labels:
- app: foo
spec:
podSelector:
matchLabels:
@@ -60,12 +87,6 @@ RSpec.describe Gitlab::Kubernetes::NetworkPolicy do
project: myproject
POLICY
end
- let(:resource) do
- ::Kubeclient::Resource.new(
- metadata: { name: name, namespace: namespace, labels: { app: 'foo' } },
- spec: { podSelector: pod_selector, policyTypes: %w(Ingress), ingress: ingress, egress: nil }
- )
- end
subject { Gitlab::Kubernetes::NetworkPolicy.from_yaml(manifest)&.generate }
@@ -156,6 +177,7 @@ RSpec.describe Gitlab::Kubernetes::NetworkPolicy do
spec: { podSelector: pod_selector, policyTypes: %w(Ingress), ingress: ingress, egress: nil }
)
end
+
let(:generated_resource) do
::Kubeclient::Resource.new(
metadata: { name: name, namespace: namespace, labels: { app: 'foo' } },
@@ -193,202 +215,4 @@ RSpec.describe Gitlab::Kubernetes::NetworkPolicy do
it { is_expected.to be_nil }
end
end
-
- describe '#generate' do
- let(:resource) do
- ::Kubeclient::Resource.new(
- metadata: { name: name, namespace: namespace },
- spec: { podSelector: pod_selector, policyTypes: %w(Ingress Egress), ingress: ingress, egress: egress }
- )
- end
-
- subject { policy.generate }
-
- it { is_expected.to eq(resource) }
- end
-
- describe '#as_json' do
- let(:json_policy) do
- {
- name: name,
- namespace: namespace,
- creation_timestamp: '2020-04-14T00:08:30Z',
- manifest: YAML.dump(
- {
- metadata: { name: name, namespace: namespace },
- spec: { podSelector: pod_selector, policyTypes: %w(Ingress Egress), ingress: ingress, egress: egress }
- }.deep_stringify_keys
- ),
- is_autodevops: false,
- is_enabled: true
- }
- end
-
- subject { policy.as_json }
-
- it { is_expected.to eq(json_policy) }
- end
-
- describe '#autodevops?' do
- subject { policy.autodevops? }
-
- let(:chart) { nil }
- let(:policy) do
- described_class.new(
- name: name,
- namespace: namespace,
- labels: { chart: chart },
- pod_selector: pod_selector,
- ingress: ingress
- )
- end
-
- it { is_expected.to be false }
-
- context 'with non-autodevops chart' do
- let(:chart) { 'foo' }
-
- it { is_expected.to be false }
- end
-
- context 'with autodevops chart' do
- let(:chart) { 'auto-deploy-app-0.6.0' }
-
- it { is_expected.to be true }
- end
- end
-
- describe '#enabled?' do
- subject { policy.enabled? }
-
- let(:pod_selector) { nil }
- let(:policy) do
- described_class.new(
- name: name,
- namespace: namespace,
- pod_selector: pod_selector,
- ingress: ingress
- )
- end
-
- it { is_expected.to be true }
-
- context 'with empty pod_selector' do
- let(:pod_selector) { {} }
-
- it { is_expected.to be true }
- end
-
- context 'with nil matchLabels in pod_selector' do
- let(:pod_selector) { { matchLabels: nil } }
-
- it { is_expected.to be true }
- end
-
- context 'with empty matchLabels in pod_selector' do
- let(:pod_selector) { { matchLabels: {} } }
-
- it { is_expected.to be true }
- end
-
- context 'with disabled_by label in matchLabels in pod_selector' do
- let(:pod_selector) do
- { matchLabels: { Gitlab::Kubernetes::NetworkPolicy::DISABLED_BY_LABEL => 'gitlab' } }
- end
-
- it { is_expected.to be false }
- end
- end
-
- describe '#enable' do
- subject { policy.enabled? }
-
- let(:pod_selector) { nil }
- let(:policy) do
- described_class.new(
- name: name,
- namespace: namespace,
- pod_selector: pod_selector,
- ingress: ingress
- )
- end
-
- before do
- policy.enable
- end
-
- it { is_expected.to be true }
-
- context 'with empty pod_selector' do
- let(:pod_selector) { {} }
-
- it { is_expected.to be true }
- end
-
- context 'with nil matchLabels in pod_selector' do
- let(:pod_selector) { { matchLabels: nil } }
-
- it { is_expected.to be true }
- end
-
- context 'with empty matchLabels in pod_selector' do
- let(:pod_selector) { { matchLabels: {} } }
-
- it { is_expected.to be true }
- end
-
- context 'with disabled_by label in matchLabels in pod_selector' do
- let(:pod_selector) do
- { matchLabels: { Gitlab::Kubernetes::NetworkPolicy::DISABLED_BY_LABEL => 'gitlab' } }
- end
-
- it { is_expected.to be true }
- end
- end
-
- describe '#disable' do
- subject { policy.enabled? }
-
- let(:pod_selector) { nil }
- let(:policy) do
- described_class.new(
- name: name,
- namespace: namespace,
- pod_selector: pod_selector,
- ingress: ingress
- )
- end
-
- before do
- policy.disable
- end
-
- it { is_expected.to be false }
-
- context 'with empty pod_selector' do
- let(:pod_selector) { {} }
-
- it { is_expected.to be false }
- end
-
- context 'with nil matchLabels in pod_selector' do
- let(:pod_selector) { { matchLabels: nil } }
-
- it { is_expected.to be false }
- end
-
- context 'with empty matchLabels in pod_selector' do
- let(:pod_selector) { { matchLabels: {} } }
-
- it { is_expected.to be false }
- end
-
- context 'with disabled_by label in matchLabels in pod_selector' do
- let(:pod_selector) do
- { matchLabels: { Gitlab::Kubernetes::NetworkPolicy::DISABLED_BY_LABEL => 'gitlab' } }
- end
-
- it { is_expected.to be false }
- end
- end
end
View Lorry Controller Status