From eccff9969b53c9bcd23346f1f6e0c81629f43315 Mon Sep 17 00:00:00 2001 From: Mustafa Abdelrahman Date: Wed, 14 Jun 2023 16:52:21 +0200 Subject: [PATCH 1/9] Add more golden file tests - patch 1 Signed-off-by: Mustafa Abdelrahman --- testdata/{simple_alb => ingress_alb}/ing.yaml | 0 .../{simple_alb => ingress_alb}/params.json | 0 .../{simple_alb => ingress_alb}/tags.json | 0 .../{simple_alb => ingress_alb}/template.cf | 0 .../{simple_nlb => ingress_nlb}/params.json | 0 .../{simple_nlb => ingress_nlb}/tags.json | 0 .../{simple_nlb => ingress_nlb}/template.cf | 0 testdata/ingress_rg_notshared_alb/expected.cf | 219 +++++++++++++ .../ing.yaml | 2 - testdata/ingress_rg_notshared_alb/rg.yaml | 18 ++ testdata/ingress_rg_shared_alb/expected.cf | 219 +++++++++++++ testdata/ingress_rg_shared_alb/ing.yaml | 16 + testdata/ingress_rg_shared_alb/rg.yaml | 18 ++ testdata/ingress_rg_shared_nlb/expected.cf | 187 +++++++++++ testdata/ingress_rg_shared_nlb/ing.yaml | 16 + testdata/ingress_rg_shared_nlb/rg.yaml | 18 ++ testdata/rg_alb/expected.cf | 219 +++++++++++++ testdata/rg_alb/rg.yaml | 16 + testdata/rg_nlb/expected.cf | 187 +++++++++++ testdata/rg_nlb/rg.yaml | 16 + worker_test.go | 299 +++++++++++++++++- 21 files changed, 1433 insertions(+), 17 deletions(-) rename testdata/{simple_alb => ingress_alb}/ing.yaml (100%) rename testdata/{simple_alb => ingress_alb}/params.json (100%) rename testdata/{simple_alb => ingress_alb}/tags.json (100%) rename testdata/{simple_alb => ingress_alb}/template.cf (100%) rename testdata/{simple_nlb => ingress_nlb}/params.json (100%) rename testdata/{simple_nlb => ingress_nlb}/tags.json (100%) rename testdata/{simple_nlb => ingress_nlb}/template.cf (100%) create mode 100644 testdata/ingress_rg_notshared_alb/expected.cf rename testdata/{simple_nlb => ingress_rg_notshared_alb}/ing.yaml (83%) create mode 100644 testdata/ingress_rg_notshared_alb/rg.yaml create mode 100644 testdata/ingress_rg_shared_alb/expected.cf create mode 100644 testdata/ingress_rg_shared_alb/ing.yaml create mode 100644 testdata/ingress_rg_shared_alb/rg.yaml create mode 100644 testdata/ingress_rg_shared_nlb/expected.cf create mode 100644 testdata/ingress_rg_shared_nlb/ing.yaml create mode 100644 testdata/ingress_rg_shared_nlb/rg.yaml create mode 100644 testdata/rg_alb/expected.cf create mode 100644 testdata/rg_alb/rg.yaml create mode 100644 testdata/rg_nlb/expected.cf create mode 100644 testdata/rg_nlb/rg.yaml diff --git a/testdata/simple_alb/ing.yaml b/testdata/ingress_alb/ing.yaml similarity index 100% rename from testdata/simple_alb/ing.yaml rename to testdata/ingress_alb/ing.yaml diff --git a/testdata/simple_alb/params.json b/testdata/ingress_alb/params.json similarity index 100% rename from testdata/simple_alb/params.json rename to testdata/ingress_alb/params.json diff --git a/testdata/simple_alb/tags.json b/testdata/ingress_alb/tags.json similarity index 100% rename from testdata/simple_alb/tags.json rename to testdata/ingress_alb/tags.json diff --git a/testdata/simple_alb/template.cf b/testdata/ingress_alb/template.cf similarity index 100% rename from testdata/simple_alb/template.cf rename to testdata/ingress_alb/template.cf diff --git a/testdata/simple_nlb/params.json b/testdata/ingress_nlb/params.json similarity index 100% rename from testdata/simple_nlb/params.json rename to testdata/ingress_nlb/params.json diff --git a/testdata/simple_nlb/tags.json b/testdata/ingress_nlb/tags.json similarity index 100% rename from testdata/simple_nlb/tags.json rename to testdata/ingress_nlb/tags.json diff --git a/testdata/simple_nlb/template.cf b/testdata/ingress_nlb/template.cf similarity index 100% rename from testdata/simple_nlb/template.cf rename to testdata/ingress_nlb/template.cf diff --git a/testdata/ingress_rg_notshared_alb/expected.cf b/testdata/ingress_rg_notshared_alb/expected.cf new file mode 100644 index 00000000..7e9378df --- /dev/null +++ b/testdata/ingress_rg_notshared_alb/expected.cf @@ -0,0 +1,219 @@ +{ + "AWSTemplateFormatVersion": "2010-09-09", + "Description": "Load Balancer for Kubernetes Ingress", + "Parameters": { + "HTTP2": { + "Type": "String", + "Default": "true", + "Description": "H2 Enabled" + }, + "IpAddressType": { + "Type": "String", + "Default": "ipv4", + "Description": "IP Address Type, 'ipv4' or 'dualstack'" + }, + "ListenerSslPolicyParameter": { + "Type": "String", + "Default": "ELBSecurityPolicy-2016-08", + "Description": "The HTTPS SSL Security Policy Name" + }, + "LoadBalancerSchemeParameter": { + "Type": "String", + "Default": "internet-facing", + "Description": "The Load Balancer scheme - 'internal' or 'internet-facing'" + }, + "LoadBalancerSecurityGroupParameter": { + "Type": "List\u003cAWS::EC2::SecurityGroup::Id\u003e", + "Description": "The security group ID for the Load Balancer" + }, + "LoadBalancerSubnetsParameter": { + "Type": "List\u003cAWS::EC2::Subnet::Id\u003e", + "Description": "The list of subnets IDs for the Load Balancer" + }, + "TargetGroupHealthCheckIntervalParameter": { + "Type": "Number", + "Default": "10", + "Description": "The healthcheck interval" + }, + "TargetGroupHealthCheckPathParameter": { + "Type": "String", + "Default": "/kube-system/healthz", + "Description": "The healthcheck path" + }, + "TargetGroupHealthCheckPortParameter": { + "Type": "Number", + "Default": "9999", + "Description": "The healthcheck port" + }, + "TargetGroupHealthCheckTimeoutParameter": { + "Type": "Number", + "Default": "5", + "Description": "The healthcheck timeout" + }, + "TargetGroupTargetPortParameter": { + "Type": "Number", + "Default": "9999", + "Description": "The target port" + }, + "TargetGroupVPCIDParameter": { + "Type": "AWS::EC2::VPC::Id", + "Description": "The VPCID for the TargetGroup" + }, + "Type": { + "Type": "String", + "Default": "application", + "Description": "Loadbalancer Type, 'application' or 'network'" + } + }, + "Resources": { + "HTTPListener": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "TG" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "LB" + }, + "Port": 80, + "Protocol": "HTTP" + } + }, + "HTTPSListener": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "Certificates": [ + { + "CertificateArn": "DUMMY" + } + ], + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "TG" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "LB" + }, + "Port": 443, + "Protocol": "HTTPS", + "SslPolicy": { + "Ref": "ListenerSslPolicyParameter" + } + } + }, + "HTTPSListenerCertificatefc48082457b770e278fc0bd3d392d127869993166f76e8df57d19a0e662820ea": { + "Type": "AWS::ElasticLoadBalancingV2::ListenerCertificate", + "Properties": { + "Certificates": [ + { + "CertificateArn": "DUMMY" + } + ], + "ListenerArn": { + "Ref": "HTTPSListener" + } + } + }, + "LB": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "IpAddressType": { + "Ref": "IpAddressType" + }, + "LoadBalancerAttributes": [ + { + "Key": "idle_timeout.timeout_seconds", + "Value": "0" + }, + { + "Key": "routing.http2.enabled", + "Value": "true" + }, + { + "Key": "access_logs.s3.enabled", + "Value": "false" + } + ], + "Scheme": { + "Ref": "LoadBalancerSchemeParameter" + }, + "SecurityGroups": { + "Ref": "LoadBalancerSecurityGroupParameter" + }, + "Subnets": { + "Ref": "LoadBalancerSubnetsParameter" + }, + "Tags": [ + { + "Key": "StackName", + "Value": { + "Ref": "AWS::StackName" + } + } + ], + "Type": { + "Ref": "Type" + } + } + }, + "TG": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "HealthCheckIntervalSeconds": { + "Ref": "TargetGroupHealthCheckIntervalParameter" + }, + "HealthCheckPath": { + "Ref": "TargetGroupHealthCheckPathParameter" + }, + "HealthCheckPort": { + "Ref": "TargetGroupHealthCheckPortParameter" + }, + "HealthCheckProtocol": "HTTP", + "HealthCheckTimeoutSeconds": { + "Ref": "TargetGroupHealthCheckTimeoutParameter" + }, + "HealthyThresholdCount": 0, + "Port": { + "Ref": "TargetGroupTargetPortParameter" + }, + "Protocol": "HTTP", + "TargetGroupAttributes": [ + { + "Key": "deregistration_delay.timeout_seconds", + "Value": "0" + } + ], + "UnhealthyThresholdCount": 0, + "VpcId": { + "Ref": "TargetGroupVPCIDParameter" + } + } + } + }, + "Outputs": { + "LoadBalancerDNSName": { + "Description": "DNS name for the LoadBalancer", + "Value": { + "Fn::GetAtt": [ + "LB", + "DNSName" + ] + } + }, + "TargetGroupARN": { + "Description": "The ARN of the TargetGroup", + "Value": { + "Ref": "TG" + } + } + } +} \ No newline at end of file diff --git a/testdata/simple_nlb/ing.yaml b/testdata/ingress_rg_notshared_alb/ing.yaml similarity index 83% rename from testdata/simple_nlb/ing.yaml rename to testdata/ingress_rg_notshared_alb/ing.yaml index 21b2e452..6b35d8ca 100644 --- a/testdata/simple_nlb/ing.yaml +++ b/testdata/ingress_rg_notshared_alb/ing.yaml @@ -2,8 +2,6 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: myingress - annotations: - zalando.org/aws-load-balancer-type: nlb spec: rules: - host: foo.bar.org diff --git a/testdata/ingress_rg_notshared_alb/rg.yaml b/testdata/ingress_rg_notshared_alb/rg.yaml new file mode 100644 index 00000000..432e0b40 --- /dev/null +++ b/testdata/ingress_rg_notshared_alb/rg.yaml @@ -0,0 +1,18 @@ +apiVersion: zalando.org/v1 +kind: RouteGroup +metadata: + name: my-route-group + annotations: + zalando.org/aws-load-balancer-shared: "false" +spec: + hosts: + - foo.bar.org + backends: + - name: my-backend + type: service + serviceName: my-service + servicePort: 80 + routes: + - pathSubtree: / + backends: + - backendName: my-backend diff --git a/testdata/ingress_rg_shared_alb/expected.cf b/testdata/ingress_rg_shared_alb/expected.cf new file mode 100644 index 00000000..7e9378df --- /dev/null +++ b/testdata/ingress_rg_shared_alb/expected.cf @@ -0,0 +1,219 @@ +{ + "AWSTemplateFormatVersion": "2010-09-09", + "Description": "Load Balancer for Kubernetes Ingress", + "Parameters": { + "HTTP2": { + "Type": "String", + "Default": "true", + "Description": "H2 Enabled" + }, + "IpAddressType": { + "Type": "String", + "Default": "ipv4", + "Description": "IP Address Type, 'ipv4' or 'dualstack'" + }, + "ListenerSslPolicyParameter": { + "Type": "String", + "Default": "ELBSecurityPolicy-2016-08", + "Description": "The HTTPS SSL Security Policy Name" + }, + "LoadBalancerSchemeParameter": { + "Type": "String", + "Default": "internet-facing", + "Description": "The Load Balancer scheme - 'internal' or 'internet-facing'" + }, + "LoadBalancerSecurityGroupParameter": { + "Type": "List\u003cAWS::EC2::SecurityGroup::Id\u003e", + "Description": "The security group ID for the Load Balancer" + }, + "LoadBalancerSubnetsParameter": { + "Type": "List\u003cAWS::EC2::Subnet::Id\u003e", + "Description": "The list of subnets IDs for the Load Balancer" + }, + "TargetGroupHealthCheckIntervalParameter": { + "Type": "Number", + "Default": "10", + "Description": "The healthcheck interval" + }, + "TargetGroupHealthCheckPathParameter": { + "Type": "String", + "Default": "/kube-system/healthz", + "Description": "The healthcheck path" + }, + "TargetGroupHealthCheckPortParameter": { + "Type": "Number", + "Default": "9999", + "Description": "The healthcheck port" + }, + "TargetGroupHealthCheckTimeoutParameter": { + "Type": "Number", + "Default": "5", + "Description": "The healthcheck timeout" + }, + "TargetGroupTargetPortParameter": { + "Type": "Number", + "Default": "9999", + "Description": "The target port" + }, + "TargetGroupVPCIDParameter": { + "Type": "AWS::EC2::VPC::Id", + "Description": "The VPCID for the TargetGroup" + }, + "Type": { + "Type": "String", + "Default": "application", + "Description": "Loadbalancer Type, 'application' or 'network'" + } + }, + "Resources": { + "HTTPListener": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "TG" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "LB" + }, + "Port": 80, + "Protocol": "HTTP" + } + }, + "HTTPSListener": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "Certificates": [ + { + "CertificateArn": "DUMMY" + } + ], + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "TG" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "LB" + }, + "Port": 443, + "Protocol": "HTTPS", + "SslPolicy": { + "Ref": "ListenerSslPolicyParameter" + } + } + }, + "HTTPSListenerCertificatefc48082457b770e278fc0bd3d392d127869993166f76e8df57d19a0e662820ea": { + "Type": "AWS::ElasticLoadBalancingV2::ListenerCertificate", + "Properties": { + "Certificates": [ + { + "CertificateArn": "DUMMY" + } + ], + "ListenerArn": { + "Ref": "HTTPSListener" + } + } + }, + "LB": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "IpAddressType": { + "Ref": "IpAddressType" + }, + "LoadBalancerAttributes": [ + { + "Key": "idle_timeout.timeout_seconds", + "Value": "0" + }, + { + "Key": "routing.http2.enabled", + "Value": "true" + }, + { + "Key": "access_logs.s3.enabled", + "Value": "false" + } + ], + "Scheme": { + "Ref": "LoadBalancerSchemeParameter" + }, + "SecurityGroups": { + "Ref": "LoadBalancerSecurityGroupParameter" + }, + "Subnets": { + "Ref": "LoadBalancerSubnetsParameter" + }, + "Tags": [ + { + "Key": "StackName", + "Value": { + "Ref": "AWS::StackName" + } + } + ], + "Type": { + "Ref": "Type" + } + } + }, + "TG": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "HealthCheckIntervalSeconds": { + "Ref": "TargetGroupHealthCheckIntervalParameter" + }, + "HealthCheckPath": { + "Ref": "TargetGroupHealthCheckPathParameter" + }, + "HealthCheckPort": { + "Ref": "TargetGroupHealthCheckPortParameter" + }, + "HealthCheckProtocol": "HTTP", + "HealthCheckTimeoutSeconds": { + "Ref": "TargetGroupHealthCheckTimeoutParameter" + }, + "HealthyThresholdCount": 0, + "Port": { + "Ref": "TargetGroupTargetPortParameter" + }, + "Protocol": "HTTP", + "TargetGroupAttributes": [ + { + "Key": "deregistration_delay.timeout_seconds", + "Value": "0" + } + ], + "UnhealthyThresholdCount": 0, + "VpcId": { + "Ref": "TargetGroupVPCIDParameter" + } + } + } + }, + "Outputs": { + "LoadBalancerDNSName": { + "Description": "DNS name for the LoadBalancer", + "Value": { + "Fn::GetAtt": [ + "LB", + "DNSName" + ] + } + }, + "TargetGroupARN": { + "Description": "The ARN of the TargetGroup", + "Value": { + "Ref": "TG" + } + } + } +} \ No newline at end of file diff --git a/testdata/ingress_rg_shared_alb/ing.yaml b/testdata/ingress_rg_shared_alb/ing.yaml new file mode 100644 index 00000000..6b35d8ca --- /dev/null +++ b/testdata/ingress_rg_shared_alb/ing.yaml @@ -0,0 +1,16 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: myingress +spec: + rules: + - host: foo.bar.org + http: + paths: + - backend: + service: + name: foo-bar-service + port: + name: main-port + path: / + pathType: ImplementationSpecific \ No newline at end of file diff --git a/testdata/ingress_rg_shared_alb/rg.yaml b/testdata/ingress_rg_shared_alb/rg.yaml new file mode 100644 index 00000000..432e0b40 --- /dev/null +++ b/testdata/ingress_rg_shared_alb/rg.yaml @@ -0,0 +1,18 @@ +apiVersion: zalando.org/v1 +kind: RouteGroup +metadata: + name: my-route-group + annotations: + zalando.org/aws-load-balancer-shared: "false" +spec: + hosts: + - foo.bar.org + backends: + - name: my-backend + type: service + serviceName: my-service + servicePort: 80 + routes: + - pathSubtree: / + backends: + - backendName: my-backend diff --git a/testdata/ingress_rg_shared_nlb/expected.cf b/testdata/ingress_rg_shared_nlb/expected.cf new file mode 100644 index 00000000..ac57a010 --- /dev/null +++ b/testdata/ingress_rg_shared_nlb/expected.cf @@ -0,0 +1,187 @@ +{ + "AWSTemplateFormatVersion": "2010-09-09", + "Description": "Load Balancer for Kubernetes Ingress", + "Parameters": { + "HTTP2": { + "Type": "String", + "Default": "true", + "Description": "H2 Enabled" + }, + "IpAddressType": { + "Type": "String", + "Default": "ipv4", + "Description": "IP Address Type, 'ipv4' or 'dualstack'" + }, + "ListenerSslPolicyParameter": { + "Type": "String", + "Default": "ELBSecurityPolicy-2016-08", + "Description": "The HTTPS SSL Security Policy Name" + }, + "LoadBalancerSchemeParameter": { + "Type": "String", + "Default": "internet-facing", + "Description": "The Load Balancer scheme - 'internal' or 'internet-facing'" + }, + "LoadBalancerSecurityGroupParameter": { + "Type": "List\u003cAWS::EC2::SecurityGroup::Id\u003e", + "Description": "The security group ID for the Load Balancer" + }, + "LoadBalancerSubnetsParameter": { + "Type": "List\u003cAWS::EC2::Subnet::Id\u003e", + "Description": "The list of subnets IDs for the Load Balancer" + }, + "TargetGroupHealthCheckIntervalParameter": { + "Type": "Number", + "Default": "10", + "Description": "The healthcheck interval" + }, + "TargetGroupHealthCheckPathParameter": { + "Type": "String", + "Default": "/kube-system/healthz", + "Description": "The healthcheck path" + }, + "TargetGroupHealthCheckPortParameter": { + "Type": "Number", + "Default": "9999", + "Description": "The healthcheck port" + }, + "TargetGroupHealthCheckTimeoutParameter": { + "Type": "Number", + "Default": "5", + "Description": "The healthcheck timeout" + }, + "TargetGroupTargetPortParameter": { + "Type": "Number", + "Default": "9999", + "Description": "The target port" + }, + "TargetGroupVPCIDParameter": { + "Type": "AWS::EC2::VPC::Id", + "Description": "The VPCID for the TargetGroup" + }, + "Type": { + "Type": "String", + "Default": "application", + "Description": "Loadbalancer Type, 'application' or 'network'" + } + }, + "Resources": { + "HTTPSListener": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "Certificates": [ + { + "CertificateArn": "DUMMY" + } + ], + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "TG" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "LB" + }, + "Port": 443, + "Protocol": "TLS", + "SslPolicy": { + "Ref": "ListenerSslPolicyParameter" + } + } + }, + "HTTPSListenerCertificatefc48082457b770e278fc0bd3d392d127869993166f76e8df57d19a0e662820ea": { + "Type": "AWS::ElasticLoadBalancingV2::ListenerCertificate", + "Properties": { + "Certificates": [ + { + "CertificateArn": "DUMMY" + } + ], + "ListenerArn": { + "Ref": "HTTPSListener" + } + } + }, + "LB": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "IpAddressType": { + "Ref": "IpAddressType" + }, + "LoadBalancerAttributes": [ + { + "Key": "access_logs.s3.enabled", + "Value": "false" + } + ], + "Scheme": { + "Ref": "LoadBalancerSchemeParameter" + }, + "Subnets": { + "Ref": "LoadBalancerSubnetsParameter" + }, + "Tags": [ + { + "Key": "StackName", + "Value": { + "Ref": "AWS::StackName" + } + } + ], + "Type": { + "Ref": "Type" + } + } + }, + "TG": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "HealthCheckIntervalSeconds": { + "Ref": "TargetGroupHealthCheckIntervalParameter" + }, + "HealthCheckPath": { + "Ref": "TargetGroupHealthCheckPathParameter" + }, + "HealthCheckPort": { + "Ref": "TargetGroupHealthCheckPortParameter" + }, + "HealthCheckProtocol": "HTTP", + "HealthyThresholdCount": 0, + "Port": { + "Ref": "TargetGroupTargetPortParameter" + }, + "Protocol": "TCP", + "TargetGroupAttributes": [ + { + "Key": "deregistration_delay.timeout_seconds", + "Value": "0" + } + ], + "UnhealthyThresholdCount": 0, + "VpcId": { + "Ref": "TargetGroupVPCIDParameter" + } + } + } + }, + "Outputs": { + "LoadBalancerDNSName": { + "Description": "DNS name for the LoadBalancer", + "Value": { + "Fn::GetAtt": [ + "LB", + "DNSName" + ] + } + }, + "TargetGroupARN": { + "Description": "The ARN of the TargetGroup", + "Value": { + "Ref": "TG" + } + } + } +} \ No newline at end of file diff --git a/testdata/ingress_rg_shared_nlb/ing.yaml b/testdata/ingress_rg_shared_nlb/ing.yaml new file mode 100644 index 00000000..6b35d8ca --- /dev/null +++ b/testdata/ingress_rg_shared_nlb/ing.yaml @@ -0,0 +1,16 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: myingress +spec: + rules: + - host: foo.bar.org + http: + paths: + - backend: + service: + name: foo-bar-service + port: + name: main-port + path: / + pathType: ImplementationSpecific \ No newline at end of file diff --git a/testdata/ingress_rg_shared_nlb/rg.yaml b/testdata/ingress_rg_shared_nlb/rg.yaml new file mode 100644 index 00000000..432e0b40 --- /dev/null +++ b/testdata/ingress_rg_shared_nlb/rg.yaml @@ -0,0 +1,18 @@ +apiVersion: zalando.org/v1 +kind: RouteGroup +metadata: + name: my-route-group + annotations: + zalando.org/aws-load-balancer-shared: "false" +spec: + hosts: + - foo.bar.org + backends: + - name: my-backend + type: service + serviceName: my-service + servicePort: 80 + routes: + - pathSubtree: / + backends: + - backendName: my-backend diff --git a/testdata/rg_alb/expected.cf b/testdata/rg_alb/expected.cf new file mode 100644 index 00000000..7e9378df --- /dev/null +++ b/testdata/rg_alb/expected.cf @@ -0,0 +1,219 @@ +{ + "AWSTemplateFormatVersion": "2010-09-09", + "Description": "Load Balancer for Kubernetes Ingress", + "Parameters": { + "HTTP2": { + "Type": "String", + "Default": "true", + "Description": "H2 Enabled" + }, + "IpAddressType": { + "Type": "String", + "Default": "ipv4", + "Description": "IP Address Type, 'ipv4' or 'dualstack'" + }, + "ListenerSslPolicyParameter": { + "Type": "String", + "Default": "ELBSecurityPolicy-2016-08", + "Description": "The HTTPS SSL Security Policy Name" + }, + "LoadBalancerSchemeParameter": { + "Type": "String", + "Default": "internet-facing", + "Description": "The Load Balancer scheme - 'internal' or 'internet-facing'" + }, + "LoadBalancerSecurityGroupParameter": { + "Type": "List\u003cAWS::EC2::SecurityGroup::Id\u003e", + "Description": "The security group ID for the Load Balancer" + }, + "LoadBalancerSubnetsParameter": { + "Type": "List\u003cAWS::EC2::Subnet::Id\u003e", + "Description": "The list of subnets IDs for the Load Balancer" + }, + "TargetGroupHealthCheckIntervalParameter": { + "Type": "Number", + "Default": "10", + "Description": "The healthcheck interval" + }, + "TargetGroupHealthCheckPathParameter": { + "Type": "String", + "Default": "/kube-system/healthz", + "Description": "The healthcheck path" + }, + "TargetGroupHealthCheckPortParameter": { + "Type": "Number", + "Default": "9999", + "Description": "The healthcheck port" + }, + "TargetGroupHealthCheckTimeoutParameter": { + "Type": "Number", + "Default": "5", + "Description": "The healthcheck timeout" + }, + "TargetGroupTargetPortParameter": { + "Type": "Number", + "Default": "9999", + "Description": "The target port" + }, + "TargetGroupVPCIDParameter": { + "Type": "AWS::EC2::VPC::Id", + "Description": "The VPCID for the TargetGroup" + }, + "Type": { + "Type": "String", + "Default": "application", + "Description": "Loadbalancer Type, 'application' or 'network'" + } + }, + "Resources": { + "HTTPListener": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "TG" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "LB" + }, + "Port": 80, + "Protocol": "HTTP" + } + }, + "HTTPSListener": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "Certificates": [ + { + "CertificateArn": "DUMMY" + } + ], + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "TG" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "LB" + }, + "Port": 443, + "Protocol": "HTTPS", + "SslPolicy": { + "Ref": "ListenerSslPolicyParameter" + } + } + }, + "HTTPSListenerCertificatefc48082457b770e278fc0bd3d392d127869993166f76e8df57d19a0e662820ea": { + "Type": "AWS::ElasticLoadBalancingV2::ListenerCertificate", + "Properties": { + "Certificates": [ + { + "CertificateArn": "DUMMY" + } + ], + "ListenerArn": { + "Ref": "HTTPSListener" + } + } + }, + "LB": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "IpAddressType": { + "Ref": "IpAddressType" + }, + "LoadBalancerAttributes": [ + { + "Key": "idle_timeout.timeout_seconds", + "Value": "0" + }, + { + "Key": "routing.http2.enabled", + "Value": "true" + }, + { + "Key": "access_logs.s3.enabled", + "Value": "false" + } + ], + "Scheme": { + "Ref": "LoadBalancerSchemeParameter" + }, + "SecurityGroups": { + "Ref": "LoadBalancerSecurityGroupParameter" + }, + "Subnets": { + "Ref": "LoadBalancerSubnetsParameter" + }, + "Tags": [ + { + "Key": "StackName", + "Value": { + "Ref": "AWS::StackName" + } + } + ], + "Type": { + "Ref": "Type" + } + } + }, + "TG": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "HealthCheckIntervalSeconds": { + "Ref": "TargetGroupHealthCheckIntervalParameter" + }, + "HealthCheckPath": { + "Ref": "TargetGroupHealthCheckPathParameter" + }, + "HealthCheckPort": { + "Ref": "TargetGroupHealthCheckPortParameter" + }, + "HealthCheckProtocol": "HTTP", + "HealthCheckTimeoutSeconds": { + "Ref": "TargetGroupHealthCheckTimeoutParameter" + }, + "HealthyThresholdCount": 0, + "Port": { + "Ref": "TargetGroupTargetPortParameter" + }, + "Protocol": "HTTP", + "TargetGroupAttributes": [ + { + "Key": "deregistration_delay.timeout_seconds", + "Value": "0" + } + ], + "UnhealthyThresholdCount": 0, + "VpcId": { + "Ref": "TargetGroupVPCIDParameter" + } + } + } + }, + "Outputs": { + "LoadBalancerDNSName": { + "Description": "DNS name for the LoadBalancer", + "Value": { + "Fn::GetAtt": [ + "LB", + "DNSName" + ] + } + }, + "TargetGroupARN": { + "Description": "The ARN of the TargetGroup", + "Value": { + "Ref": "TG" + } + } + } +} \ No newline at end of file diff --git a/testdata/rg_alb/rg.yaml b/testdata/rg_alb/rg.yaml new file mode 100644 index 00000000..ed9a90f5 --- /dev/null +++ b/testdata/rg_alb/rg.yaml @@ -0,0 +1,16 @@ +apiVersion: zalando.org/v1 +kind: RouteGroup +metadata: + name: my-route-group +spec: + hosts: + - foo.bar.org + backends: + - name: my-backend + type: service + serviceName: my-service + servicePort: 80 + routes: + - pathSubtree: / + backends: + - backendName: my-backend diff --git a/testdata/rg_nlb/expected.cf b/testdata/rg_nlb/expected.cf new file mode 100644 index 00000000..ac57a010 --- /dev/null +++ b/testdata/rg_nlb/expected.cf @@ -0,0 +1,187 @@ +{ + "AWSTemplateFormatVersion": "2010-09-09", + "Description": "Load Balancer for Kubernetes Ingress", + "Parameters": { + "HTTP2": { + "Type": "String", + "Default": "true", + "Description": "H2 Enabled" + }, + "IpAddressType": { + "Type": "String", + "Default": "ipv4", + "Description": "IP Address Type, 'ipv4' or 'dualstack'" + }, + "ListenerSslPolicyParameter": { + "Type": "String", + "Default": "ELBSecurityPolicy-2016-08", + "Description": "The HTTPS SSL Security Policy Name" + }, + "LoadBalancerSchemeParameter": { + "Type": "String", + "Default": "internet-facing", + "Description": "The Load Balancer scheme - 'internal' or 'internet-facing'" + }, + "LoadBalancerSecurityGroupParameter": { + "Type": "List\u003cAWS::EC2::SecurityGroup::Id\u003e", + "Description": "The security group ID for the Load Balancer" + }, + "LoadBalancerSubnetsParameter": { + "Type": "List\u003cAWS::EC2::Subnet::Id\u003e", + "Description": "The list of subnets IDs for the Load Balancer" + }, + "TargetGroupHealthCheckIntervalParameter": { + "Type": "Number", + "Default": "10", + "Description": "The healthcheck interval" + }, + "TargetGroupHealthCheckPathParameter": { + "Type": "String", + "Default": "/kube-system/healthz", + "Description": "The healthcheck path" + }, + "TargetGroupHealthCheckPortParameter": { + "Type": "Number", + "Default": "9999", + "Description": "The healthcheck port" + }, + "TargetGroupHealthCheckTimeoutParameter": { + "Type": "Number", + "Default": "5", + "Description": "The healthcheck timeout" + }, + "TargetGroupTargetPortParameter": { + "Type": "Number", + "Default": "9999", + "Description": "The target port" + }, + "TargetGroupVPCIDParameter": { + "Type": "AWS::EC2::VPC::Id", + "Description": "The VPCID for the TargetGroup" + }, + "Type": { + "Type": "String", + "Default": "application", + "Description": "Loadbalancer Type, 'application' or 'network'" + } + }, + "Resources": { + "HTTPSListener": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "Certificates": [ + { + "CertificateArn": "DUMMY" + } + ], + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "TG" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "LB" + }, + "Port": 443, + "Protocol": "TLS", + "SslPolicy": { + "Ref": "ListenerSslPolicyParameter" + } + } + }, + "HTTPSListenerCertificatefc48082457b770e278fc0bd3d392d127869993166f76e8df57d19a0e662820ea": { + "Type": "AWS::ElasticLoadBalancingV2::ListenerCertificate", + "Properties": { + "Certificates": [ + { + "CertificateArn": "DUMMY" + } + ], + "ListenerArn": { + "Ref": "HTTPSListener" + } + } + }, + "LB": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "IpAddressType": { + "Ref": "IpAddressType" + }, + "LoadBalancerAttributes": [ + { + "Key": "access_logs.s3.enabled", + "Value": "false" + } + ], + "Scheme": { + "Ref": "LoadBalancerSchemeParameter" + }, + "Subnets": { + "Ref": "LoadBalancerSubnetsParameter" + }, + "Tags": [ + { + "Key": "StackName", + "Value": { + "Ref": "AWS::StackName" + } + } + ], + "Type": { + "Ref": "Type" + } + } + }, + "TG": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "HealthCheckIntervalSeconds": { + "Ref": "TargetGroupHealthCheckIntervalParameter" + }, + "HealthCheckPath": { + "Ref": "TargetGroupHealthCheckPathParameter" + }, + "HealthCheckPort": { + "Ref": "TargetGroupHealthCheckPortParameter" + }, + "HealthCheckProtocol": "HTTP", + "HealthyThresholdCount": 0, + "Port": { + "Ref": "TargetGroupTargetPortParameter" + }, + "Protocol": "TCP", + "TargetGroupAttributes": [ + { + "Key": "deregistration_delay.timeout_seconds", + "Value": "0" + } + ], + "UnhealthyThresholdCount": 0, + "VpcId": { + "Ref": "TargetGroupVPCIDParameter" + } + } + } + }, + "Outputs": { + "LoadBalancerDNSName": { + "Description": "DNS name for the LoadBalancer", + "Value": { + "Fn::GetAtt": [ + "LB", + "DNSName" + ] + } + }, + "TargetGroupARN": { + "Description": "The ARN of the TargetGroup", + "Value": { + "Ref": "TG" + } + } + } +} \ No newline at end of file diff --git a/testdata/rg_nlb/rg.yaml b/testdata/rg_nlb/rg.yaml new file mode 100644 index 00000000..ed9a90f5 --- /dev/null +++ b/testdata/rg_nlb/rg.yaml @@ -0,0 +1,16 @@ +apiVersion: zalando.org/v1 +kind: RouteGroup +metadata: + name: my-route-group +spec: + hosts: + - foo.bar.org + backends: + - name: my-backend + type: service + serviceName: my-service + servicePort: 80 + routes: + - pathSubtree: / + backends: + - backendName: my-backend diff --git a/worker_test.go b/worker_test.go index d4cf4efb..22366fd7 100644 --- a/worker_test.go +++ b/worker_test.go @@ -4,6 +4,7 @@ import ( "context" "crypto/x509" "encoding/json" + "io" "net/http/httptest" "os" "reflect" @@ -41,9 +42,10 @@ func TestResourceConversion(tt *testing.T) { responsesELBv2 fake.ELBv2Outputs responsesCF fake.CFOutputs typeLB string + resourceType []string }{ { - name: "simple_alb", + name: "ingress_alb", responsesEC2: fake.EC2Outputs{DescribeInstancesPages: fake.MockDescribeInstancesPagesOutput( nil, fake.TestInstance{ @@ -93,10 +95,11 @@ func TestResourceConversion(tt *testing.T) { DescribeStacks: fake.R(nil, nil), CreateStack: fake.R(fake.MockCSOutput("42"), nil), }, - typeLB: awsAdapter.LoadBalancerTypeApplication, + typeLB: awsAdapter.LoadBalancerTypeApplication, + resourceType: []string{"ing"}, }, { - name: "simple_nlb", + name: "ingress_nlb", responsesEC2: fake.EC2Outputs{DescribeInstancesPages: fake.MockDescribeInstancesPagesOutput( nil, fake.TestInstance{ @@ -146,7 +149,273 @@ func TestResourceConversion(tt *testing.T) { DescribeStacks: fake.R(nil, nil), CreateStack: fake.R(fake.MockCSOutput("42"), nil), }, - typeLB: awsAdapter.LoadBalancerTypeNetwork, + typeLB: awsAdapter.LoadBalancerTypeNetwork, + resourceType: []string{"ing"}, + }, { + name: "rg_alb", + responsesEC2: fake.EC2Outputs{DescribeInstancesPages: fake.MockDescribeInstancesPagesOutput( + nil, + fake.TestInstance{ + Id: "i0", + Tags: fake.Tags{"aws:autoscaling:groupName": "asg1", clusterIDTagPrefix + clusterID: "owned"}, + PrivateIp: "1.2.3.3", + VpcId: vpcID, + State: running, + }, + fake.TestInstance{ + Id: "i1", + Tags: fake.Tags{"aws:autoscaling:groupName": "asg1", clusterIDTagPrefix + clusterID: "owned"}, + PrivateIp: "1.2.3.4", + VpcId: vpcID, + State: running, + }, + fake.TestInstance{ + Id: "i2", + Tags: fake.Tags{"aws:autoscaling:groupName": "asg1", clusterIDTagPrefix + clusterID: "owned"}, + PrivateIp: "1.2.3.5", + VpcId: vpcID, + State: running, + }), + DescribeSecurityGroups: fake.R(fake.MockDescribeSecurityGroupsOutput(map[string]string{"id": securityGroupID}), nil), + DescribeSubnets: fake.R(fake.MockDescribeSubnetsOutput( + fake.TestSubnet{Id: "foo1", Name: "bar1", Az: "baz1", Tags: map[string]string{"kubernetes.io/role/elb": ""}}), nil), + DescribeRouteTables: fake.R(fake.MockDescribeRouteTableOutput( + fake.TestRouteTable{SubnetID: "foo1", GatewayIds: []string{"igw-foo1"}}, + fake.TestRouteTable{SubnetID: "mismatch", GatewayIds: []string{"igw-foo2"}, Main: true}, + ), nil), + }, + responsesASG: fake.ASGOutputs{ + DescribeAutoScalingGroups: fake.R(fake.MockDescribeAutoScalingGroupOutput(map[string]fake.ASGtags{"asg1": { + clusterIDTagPrefix + clusterID: "owned", + }}), nil), + DescribeLoadBalancerTargetGroups: fake.R(&autoscaling.DescribeLoadBalancerTargetGroupsOutput{ + LoadBalancerTargetGroups: []*autoscaling.LoadBalancerTargetGroupState{}, + }, nil), + AttachLoadBalancerTargetGroups: fake.R(nil, nil), + }, + responsesELBv2: fake.ELBv2Outputs{ + DescribeTargetGroups: fake.R(nil, nil), + DescribeTags: fake.R(nil, nil), + }, + responsesCF: fake.CFOutputs{ + DescribeStackPages: fake.R(nil, nil), + DescribeStacks: fake.R(nil, nil), + CreateStack: fake.R(fake.MockCSOutput("42"), nil), + }, + typeLB: awsAdapter.LoadBalancerTypeApplication, + resourceType: []string{"rg"}, + }, { + name: "rg_nlb", + responsesEC2: fake.EC2Outputs{DescribeInstancesPages: fake.MockDescribeInstancesPagesOutput( + nil, + fake.TestInstance{ + Id: "i0", + Tags: fake.Tags{"aws:autoscaling:groupName": "asg1", clusterIDTagPrefix + clusterID: "owned"}, + PrivateIp: "1.2.3.3", + VpcId: vpcID, + State: running, + }, + fake.TestInstance{ + Id: "i1", + Tags: fake.Tags{"aws:autoscaling:groupName": "asg1", clusterIDTagPrefix + clusterID: "owned"}, + PrivateIp: "1.2.3.4", + VpcId: vpcID, + State: running, + }, + fake.TestInstance{ + Id: "i2", + Tags: fake.Tags{"aws:autoscaling:groupName": "asg1", clusterIDTagPrefix + clusterID: "owned"}, + PrivateIp: "1.2.3.5", + VpcId: vpcID, + State: running, + }), + DescribeSecurityGroups: fake.R(fake.MockDescribeSecurityGroupsOutput(map[string]string{"id": securityGroupID}), nil), + DescribeSubnets: fake.R(fake.MockDescribeSubnetsOutput( + fake.TestSubnet{Id: "foo1", Name: "bar1", Az: "baz1", Tags: map[string]string{"kubernetes.io/role/elb": ""}}), nil), + DescribeRouteTables: fake.R(fake.MockDescribeRouteTableOutput( + fake.TestRouteTable{SubnetID: "foo1", GatewayIds: []string{"igw-foo1"}}, + fake.TestRouteTable{SubnetID: "mismatch", GatewayIds: []string{"igw-foo2"}, Main: true}, + ), nil), + }, + responsesASG: fake.ASGOutputs{ + DescribeAutoScalingGroups: fake.R(fake.MockDescribeAutoScalingGroupOutput(map[string]fake.ASGtags{"asg1": { + clusterIDTagPrefix + clusterID: "owned", + }}), nil), + DescribeLoadBalancerTargetGroups: fake.R(&autoscaling.DescribeLoadBalancerTargetGroupsOutput{ + LoadBalancerTargetGroups: []*autoscaling.LoadBalancerTargetGroupState{}, + }, nil), + AttachLoadBalancerTargetGroups: fake.R(nil, nil), + }, + responsesELBv2: fake.ELBv2Outputs{ + DescribeTargetGroups: fake.R(nil, nil), + DescribeTags: fake.R(nil, nil), + }, + responsesCF: fake.CFOutputs{ + DescribeStackPages: fake.R(nil, nil), + DescribeStacks: fake.R(nil, nil), + CreateStack: fake.R(fake.MockCSOutput("42"), nil), + }, + typeLB: awsAdapter.LoadBalancerTypeNetwork, + resourceType: []string{"rg"}, + }, { + name: "ingress_rg_notshared_alb", + responsesEC2: fake.EC2Outputs{DescribeInstancesPages: fake.MockDescribeInstancesPagesOutput( + nil, + fake.TestInstance{ + Id: "i0", + Tags: fake.Tags{"aws:autoscaling:groupName": "asg1", clusterIDTagPrefix + clusterID: "owned"}, + PrivateIp: "1.2.3.3", + VpcId: vpcID, + State: running, + }, + fake.TestInstance{ + Id: "i1", + Tags: fake.Tags{"aws:autoscaling:groupName": "asg1", clusterIDTagPrefix + clusterID: "owned"}, + PrivateIp: "1.2.3.4", + VpcId: vpcID, + State: running, + }, + fake.TestInstance{ + Id: "i2", + Tags: fake.Tags{"aws:autoscaling:groupName": "asg1", clusterIDTagPrefix + clusterID: "owned"}, + PrivateIp: "1.2.3.5", + VpcId: vpcID, + State: running, + }), + DescribeSecurityGroups: fake.R(fake.MockDescribeSecurityGroupsOutput(map[string]string{"id": securityGroupID}), nil), + DescribeSubnets: fake.R(fake.MockDescribeSubnetsOutput( + fake.TestSubnet{Id: "foo1", Name: "bar1", Az: "baz1", Tags: map[string]string{"kubernetes.io/role/elb": ""}}), nil), + DescribeRouteTables: fake.R(fake.MockDescribeRouteTableOutput( + fake.TestRouteTable{SubnetID: "foo1", GatewayIds: []string{"igw-foo1"}}, + fake.TestRouteTable{SubnetID: "mismatch", GatewayIds: []string{"igw-foo2"}, Main: true}, + ), nil), + }, + responsesASG: fake.ASGOutputs{ + DescribeAutoScalingGroups: fake.R(fake.MockDescribeAutoScalingGroupOutput(map[string]fake.ASGtags{"asg1": { + clusterIDTagPrefix + clusterID: "owned", + }}), nil), + DescribeLoadBalancerTargetGroups: fake.R(&autoscaling.DescribeLoadBalancerTargetGroupsOutput{ + LoadBalancerTargetGroups: []*autoscaling.LoadBalancerTargetGroupState{}, + }, nil), + AttachLoadBalancerTargetGroups: fake.R(nil, nil), + }, + responsesELBv2: fake.ELBv2Outputs{ + DescribeTargetGroups: fake.R(nil, nil), + DescribeTags: fake.R(nil, nil), + }, + responsesCF: fake.CFOutputs{ + DescribeStackPages: fake.R(nil, nil), + DescribeStacks: fake.R(nil, nil), + CreateStack: fake.R(fake.MockCSOutput("42"), nil), + }, + typeLB: awsAdapter.LoadBalancerTypeApplication, + resourceType: []string{"rg", "ing"}, + }, { + name: "ingress_rg_shared_alb", + responsesEC2: fake.EC2Outputs{DescribeInstancesPages: fake.MockDescribeInstancesPagesOutput( + nil, + fake.TestInstance{ + Id: "i0", + Tags: fake.Tags{"aws:autoscaling:groupName": "asg1", clusterIDTagPrefix + clusterID: "owned"}, + PrivateIp: "1.2.3.3", + VpcId: vpcID, + State: running, + }, + fake.TestInstance{ + Id: "i1", + Tags: fake.Tags{"aws:autoscaling:groupName": "asg1", clusterIDTagPrefix + clusterID: "owned"}, + PrivateIp: "1.2.3.4", + VpcId: vpcID, + State: running, + }, + fake.TestInstance{ + Id: "i2", + Tags: fake.Tags{"aws:autoscaling:groupName": "asg1", clusterIDTagPrefix + clusterID: "owned"}, + PrivateIp: "1.2.3.5", + VpcId: vpcID, + State: running, + }), + DescribeSecurityGroups: fake.R(fake.MockDescribeSecurityGroupsOutput(map[string]string{"id": securityGroupID}), nil), + DescribeSubnets: fake.R(fake.MockDescribeSubnetsOutput( + fake.TestSubnet{Id: "foo1", Name: "bar1", Az: "baz1", Tags: map[string]string{"kubernetes.io/role/elb": ""}}), nil), + DescribeRouteTables: fake.R(fake.MockDescribeRouteTableOutput( + fake.TestRouteTable{SubnetID: "foo1", GatewayIds: []string{"igw-foo1"}}, + fake.TestRouteTable{SubnetID: "mismatch", GatewayIds: []string{"igw-foo2"}, Main: true}, + ), nil), + }, + responsesASG: fake.ASGOutputs{ + DescribeAutoScalingGroups: fake.R(fake.MockDescribeAutoScalingGroupOutput(map[string]fake.ASGtags{"asg1": { + clusterIDTagPrefix + clusterID: "owned", + }}), nil), + DescribeLoadBalancerTargetGroups: fake.R(&autoscaling.DescribeLoadBalancerTargetGroupsOutput{ + LoadBalancerTargetGroups: []*autoscaling.LoadBalancerTargetGroupState{}, + }, nil), + AttachLoadBalancerTargetGroups: fake.R(nil, nil), + }, + responsesELBv2: fake.ELBv2Outputs{ + DescribeTargetGroups: fake.R(nil, nil), + DescribeTags: fake.R(nil, nil), + }, + responsesCF: fake.CFOutputs{ + DescribeStackPages: fake.R(nil, nil), + DescribeStacks: fake.R(nil, nil), + CreateStack: fake.R(fake.MockCSOutput("42"), nil), + }, + typeLB: awsAdapter.LoadBalancerTypeApplication, + resourceType: []string{"rg", "ing"}, + }, { + name: "ingress_rg_shared_nlb", + responsesEC2: fake.EC2Outputs{DescribeInstancesPages: fake.MockDescribeInstancesPagesOutput( + nil, + fake.TestInstance{ + Id: "i0", + Tags: fake.Tags{"aws:autoscaling:groupName": "asg1", clusterIDTagPrefix + clusterID: "owned"}, + PrivateIp: "1.2.3.3", + VpcId: vpcID, + State: running, + }, + fake.TestInstance{ + Id: "i1", + Tags: fake.Tags{"aws:autoscaling:groupName": "asg1", clusterIDTagPrefix + clusterID: "owned"}, + PrivateIp: "1.2.3.4", + VpcId: vpcID, + State: running, + }, + fake.TestInstance{ + Id: "i2", + Tags: fake.Tags{"aws:autoscaling:groupName": "asg1", clusterIDTagPrefix + clusterID: "owned"}, + PrivateIp: "1.2.3.5", + VpcId: vpcID, + State: running, + }), + DescribeSecurityGroups: fake.R(fake.MockDescribeSecurityGroupsOutput(map[string]string{"id": securityGroupID}), nil), + DescribeSubnets: fake.R(fake.MockDescribeSubnetsOutput( + fake.TestSubnet{Id: "foo1", Name: "bar1", Az: "baz1", Tags: map[string]string{"kubernetes.io/role/elb": ""}}), nil), + DescribeRouteTables: fake.R(fake.MockDescribeRouteTableOutput( + fake.TestRouteTable{SubnetID: "foo1", GatewayIds: []string{"igw-foo1"}}, + fake.TestRouteTable{SubnetID: "mismatch", GatewayIds: []string{"igw-foo2"}, Main: true}, + ), nil), + }, + responsesASG: fake.ASGOutputs{ + DescribeAutoScalingGroups: fake.R(fake.MockDescribeAutoScalingGroupOutput(map[string]fake.ASGtags{"asg1": { + clusterIDTagPrefix + clusterID: "owned", + }}), nil), + DescribeLoadBalancerTargetGroups: fake.R(&autoscaling.DescribeLoadBalancerTargetGroupsOutput{ + LoadBalancerTargetGroups: []*autoscaling.LoadBalancerTargetGroupState{}, + }, nil), + AttachLoadBalancerTargetGroups: fake.R(nil, nil), + }, + responsesELBv2: fake.ELBv2Outputs{ + DescribeTargetGroups: fake.R(nil, nil), + DescribeTags: fake.R(nil, nil), + }, + responsesCF: fake.CFOutputs{ + DescribeStackPages: fake.R(nil, nil), + DescribeStacks: fake.R(nil, nil), + CreateStack: fake.R(fake.MockCSOutput("42"), nil), + }, + typeLB: awsAdapter.LoadBalancerTypeNetwork, + resourceType: []string{"rg", "ing"}, }, } { tt.Run(scenario.name, func(t *testing.T) { @@ -187,20 +456,21 @@ func TestResourceConversion(tt *testing.T) { WithCustomCloudFormationClient(clientCF) a, err = a.UpdateManifest(clusterID, vpcID) - if err != nil { - t.Error(err) - } - - f, err := os.Open("./testdata/" + scenario.name + "/ing.yaml") if err != nil { t.Fatal(err) } - api, err := kubernetestest.NewAPI(kubernetestest.TestAPIOptions{}, f) - if err != nil { - t.Fatal(err) + readers := make([]io.Reader, 0) + for _, resourceType := range scenario.resourceType { + f, err := os.Open("./testdata/" + scenario.name + "/" + resourceType + ".yaml") + require.NoError(t, err) + readers = append(readers, f) + defer f.Close() } + api, err := kubernetestest.NewAPI(kubernetestest.TestAPIOptions{}, readers...) + require.NoError(t, err) + s := httptest.NewServer(api) defer s.Close() @@ -220,9 +490,8 @@ func TestResourceConversion(tt *testing.T) { scenario.typeLB, clusterLocalDomain, true) - if err != nil { - t.Fatal(err) - } + require.NoError(t, err) + log.SetLevel(log.DebugLevel) problems := doWork(&certsfake.CertificateProvider{}, 10, time.Hour, a, k, "") if len(problems.Errors()) > 0 { From 53d3091132935b0d98bbab7cc5fa4e8b54c635cd Mon Sep 17 00:00:00 2001 From: Mustafa Abdelrahman Date: Thu, 15 Jun 2023 17:22:36 +0200 Subject: [PATCH 2/9] remove `resourcesType` field which is unnecessary Signed-off-by: Mustafa Abdelrahman --- worker_test.go | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/worker_test.go b/worker_test.go index 22366fd7..d64bfcf5 100644 --- a/worker_test.go +++ b/worker_test.go @@ -42,7 +42,6 @@ func TestResourceConversion(tt *testing.T) { responsesELBv2 fake.ELBv2Outputs responsesCF fake.CFOutputs typeLB string - resourceType []string }{ { name: "ingress_alb", @@ -95,8 +94,7 @@ func TestResourceConversion(tt *testing.T) { DescribeStacks: fake.R(nil, nil), CreateStack: fake.R(fake.MockCSOutput("42"), nil), }, - typeLB: awsAdapter.LoadBalancerTypeApplication, - resourceType: []string{"ing"}, + typeLB: awsAdapter.LoadBalancerTypeApplication, }, { name: "ingress_nlb", @@ -149,8 +147,7 @@ func TestResourceConversion(tt *testing.T) { DescribeStacks: fake.R(nil, nil), CreateStack: fake.R(fake.MockCSOutput("42"), nil), }, - typeLB: awsAdapter.LoadBalancerTypeNetwork, - resourceType: []string{"ing"}, + typeLB: awsAdapter.LoadBalancerTypeNetwork, }, { name: "rg_alb", responsesEC2: fake.EC2Outputs{DescribeInstancesPages: fake.MockDescribeInstancesPagesOutput( @@ -202,8 +199,7 @@ func TestResourceConversion(tt *testing.T) { DescribeStacks: fake.R(nil, nil), CreateStack: fake.R(fake.MockCSOutput("42"), nil), }, - typeLB: awsAdapter.LoadBalancerTypeApplication, - resourceType: []string{"rg"}, + typeLB: awsAdapter.LoadBalancerTypeApplication, }, { name: "rg_nlb", responsesEC2: fake.EC2Outputs{DescribeInstancesPages: fake.MockDescribeInstancesPagesOutput( @@ -255,8 +251,7 @@ func TestResourceConversion(tt *testing.T) { DescribeStacks: fake.R(nil, nil), CreateStack: fake.R(fake.MockCSOutput("42"), nil), }, - typeLB: awsAdapter.LoadBalancerTypeNetwork, - resourceType: []string{"rg"}, + typeLB: awsAdapter.LoadBalancerTypeNetwork, }, { name: "ingress_rg_notshared_alb", responsesEC2: fake.EC2Outputs{DescribeInstancesPages: fake.MockDescribeInstancesPagesOutput( @@ -308,8 +303,7 @@ func TestResourceConversion(tt *testing.T) { DescribeStacks: fake.R(nil, nil), CreateStack: fake.R(fake.MockCSOutput("42"), nil), }, - typeLB: awsAdapter.LoadBalancerTypeApplication, - resourceType: []string{"rg", "ing"}, + typeLB: awsAdapter.LoadBalancerTypeApplication, }, { name: "ingress_rg_shared_alb", responsesEC2: fake.EC2Outputs{DescribeInstancesPages: fake.MockDescribeInstancesPagesOutput( @@ -361,8 +355,7 @@ func TestResourceConversion(tt *testing.T) { DescribeStacks: fake.R(nil, nil), CreateStack: fake.R(fake.MockCSOutput("42"), nil), }, - typeLB: awsAdapter.LoadBalancerTypeApplication, - resourceType: []string{"rg", "ing"}, + typeLB: awsAdapter.LoadBalancerTypeApplication, }, { name: "ingress_rg_shared_nlb", responsesEC2: fake.EC2Outputs{DescribeInstancesPages: fake.MockDescribeInstancesPagesOutput( @@ -414,8 +407,7 @@ func TestResourceConversion(tt *testing.T) { DescribeStacks: fake.R(nil, nil), CreateStack: fake.R(fake.MockCSOutput("42"), nil), }, - typeLB: awsAdapter.LoadBalancerTypeNetwork, - resourceType: []string{"rg", "ing"}, + typeLB: awsAdapter.LoadBalancerTypeNetwork, }, } { tt.Run(scenario.name, func(t *testing.T) { @@ -461,8 +453,16 @@ func TestResourceConversion(tt *testing.T) { } readers := make([]io.Reader, 0) - for _, resourceType := range scenario.resourceType { - f, err := os.Open("./testdata/" + scenario.name + "/" + resourceType + ".yaml") + files, err := os.ReadDir("./testdata/" + scenario.name) + require.NoError(t, err) + + // numberOfFiles := len(files) - 1 , TODO: use to compare with metrics later. + + for _, file := range files { + if file.Name() == "expected.cf" { + continue + } + f, err := os.Open("./testdata/" + scenario.name + "/" + file.Name()) require.NoError(t, err) readers = append(readers, f) defer f.Close() From 473bc79fe49536b3db17451aa1eaaf94f85899e4 Mon Sep 17 00:00:00 2001 From: Lucas Thiesen Date: Thu, 19 Oct 2023 16:25:36 +0200 Subject: [PATCH 3/9] Fix existing Golden file tests Signed-off-by: Lucas Thiesen --- testdata/ingress_alb/{ => k8s}/ing.yaml | 0 testdata/ingress_nlb/k8s/ing.yaml | 18 ++++++++++++++++++ worker_test.go | 23 ++++++++++++++--------- 3 files changed, 32 insertions(+), 9 deletions(-) rename testdata/ingress_alb/{ => k8s}/ing.yaml (100%) create mode 100644 testdata/ingress_nlb/k8s/ing.yaml diff --git a/testdata/ingress_alb/ing.yaml b/testdata/ingress_alb/k8s/ing.yaml similarity index 100% rename from testdata/ingress_alb/ing.yaml rename to testdata/ingress_alb/k8s/ing.yaml diff --git a/testdata/ingress_nlb/k8s/ing.yaml b/testdata/ingress_nlb/k8s/ing.yaml new file mode 100644 index 00000000..1f21110d --- /dev/null +++ b/testdata/ingress_nlb/k8s/ing.yaml @@ -0,0 +1,18 @@ +apiVersion: networking.k8s.io/v1 +kind: Ingress +metadata: + name: myingress + annotations: + zalando.org/aws-load-balancer-type: nlb +spec: + rules: + - host: foo.bar.org + http: + paths: + - backend: + service: + name: foo-bar-service + port: + name: main-port + path: / + pathType: ImplementationSpecific diff --git a/worker_test.go b/worker_test.go index d64bfcf5..2533d6d7 100644 --- a/worker_test.go +++ b/worker_test.go @@ -453,23 +453,26 @@ func TestResourceConversion(tt *testing.T) { } readers := make([]io.Reader, 0) - files, err := os.ReadDir("./testdata/" + scenario.name) - require.NoError(t, err) + files, err := os.ReadDir("./testdata/" + scenario.name + "/k8s/") + if err != nil { + t.Fatal(err) + } // numberOfFiles := len(files) - 1 , TODO: use to compare with metrics later. for _, file := range files { - if file.Name() == "expected.cf" { - continue - } - f, err := os.Open("./testdata/" + scenario.name + "/" + file.Name()) - require.NoError(t, err) + f, err := os.Open("./testdata/" + scenario.name + "/k8s/" + file.Name()) + if err != nil { + t.Fatal(err) + } readers = append(readers, f) defer f.Close() } api, err := kubernetestest.NewAPI(kubernetestest.TestAPIOptions{}, readers...) - require.NoError(t, err) + if err != nil { + t.Fatal(err) + } s := httptest.NewServer(api) defer s.Close() @@ -490,7 +493,9 @@ func TestResourceConversion(tt *testing.T) { scenario.typeLB, clusterLocalDomain, true) - require.NoError(t, err) + if err != nil { + t.Fatal(err) + } log.SetLevel(log.DebugLevel) problems := doWork(&certsfake.CertificateProvider{}, 10, time.Hour, a, k, "") From 9532601b2af49c7da2cf0d542557c637c8443a2f Mon Sep 17 00:00:00 2001 From: Lucas Thiesen Date: Thu, 19 Oct 2023 17:55:25 +0200 Subject: [PATCH 4/9] Fix remaining goldenfile tests Signed-off-by: Lucas Thiesen --- .../{ => k8s}/ing.yaml | 0 .../{ => k8s}/rg.yaml | 0 testdata/ingress_rg_notshared_alb/params.json | 54 +++++++++++++++++++ testdata/ingress_rg_notshared_alb/tags.json | 15 ++++++ .../{expected.cf => template.cf} | 0 .../ingress_rg_shared_alb/{ => k8s}/ing.yaml | 0 .../ingress_rg_shared_alb/{ => k8s}/rg.yaml | 0 testdata/ingress_rg_shared_alb/params.json | 54 +++++++++++++++++++ testdata/ingress_rg_shared_alb/tags.json | 15 ++++++ .../{expected.cf => template.cf} | 0 .../ingress_rg_shared_nlb/{ => k8s}/ing.yaml | 0 .../ingress_rg_shared_nlb/{ => k8s}/rg.yaml | 0 testdata/ingress_rg_shared_nlb/params.json | 54 +++++++++++++++++++ testdata/ingress_rg_shared_nlb/tags.json | 15 ++++++ .../{expected.cf => template.cf} | 0 testdata/rg_alb/{ => k8s}/rg.yaml | 0 testdata/rg_alb/params.json | 54 +++++++++++++++++++ testdata/rg_alb/tags.json | 12 +++++ testdata/rg_alb/{expected.cf => template.cf} | 0 testdata/rg_nlb/{ => k8s}/rg.yaml | 0 testdata/rg_nlb/params.json | 54 +++++++++++++++++++ testdata/rg_nlb/tags.json | 12 +++++ testdata/rg_nlb/{expected.cf => template.cf} | 0 worker_test.go | 2 - 24 files changed, 339 insertions(+), 2 deletions(-) rename testdata/ingress_rg_notshared_alb/{ => k8s}/ing.yaml (100%) rename testdata/ingress_rg_notshared_alb/{ => k8s}/rg.yaml (100%) create mode 100644 testdata/ingress_rg_notshared_alb/params.json create mode 100644 testdata/ingress_rg_notshared_alb/tags.json rename testdata/ingress_rg_notshared_alb/{expected.cf => template.cf} (100%) rename testdata/ingress_rg_shared_alb/{ => k8s}/ing.yaml (100%) rename testdata/ingress_rg_shared_alb/{ => k8s}/rg.yaml (100%) create mode 100644 testdata/ingress_rg_shared_alb/params.json create mode 100644 testdata/ingress_rg_shared_alb/tags.json rename testdata/ingress_rg_shared_alb/{expected.cf => template.cf} (100%) rename testdata/ingress_rg_shared_nlb/{ => k8s}/ing.yaml (100%) rename testdata/ingress_rg_shared_nlb/{ => k8s}/rg.yaml (100%) create mode 100644 testdata/ingress_rg_shared_nlb/params.json create mode 100644 testdata/ingress_rg_shared_nlb/tags.json rename testdata/ingress_rg_shared_nlb/{expected.cf => template.cf} (100%) rename testdata/rg_alb/{ => k8s}/rg.yaml (100%) create mode 100644 testdata/rg_alb/params.json create mode 100644 testdata/rg_alb/tags.json rename testdata/rg_alb/{expected.cf => template.cf} (100%) rename testdata/rg_nlb/{ => k8s}/rg.yaml (100%) create mode 100644 testdata/rg_nlb/params.json create mode 100644 testdata/rg_nlb/tags.json rename testdata/rg_nlb/{expected.cf => template.cf} (100%) diff --git a/testdata/ingress_rg_notshared_alb/ing.yaml b/testdata/ingress_rg_notshared_alb/k8s/ing.yaml similarity index 100% rename from testdata/ingress_rg_notshared_alb/ing.yaml rename to testdata/ingress_rg_notshared_alb/k8s/ing.yaml diff --git a/testdata/ingress_rg_notshared_alb/rg.yaml b/testdata/ingress_rg_notshared_alb/k8s/rg.yaml similarity index 100% rename from testdata/ingress_rg_notshared_alb/rg.yaml rename to testdata/ingress_rg_notshared_alb/k8s/rg.yaml diff --git a/testdata/ingress_rg_notshared_alb/params.json b/testdata/ingress_rg_notshared_alb/params.json new file mode 100644 index 00000000..c1ecf899 --- /dev/null +++ b/testdata/ingress_rg_notshared_alb/params.json @@ -0,0 +1,54 @@ +[ + { + "parameterKey": "LoadBalancerSchemeParameter", + "parameterValue": "internet-facing" + }, + { + "parameterKey": "LoadBalancerSecurityGroupParameter", + "parameterValue": "42" + }, + { + "parameterKey": "LoadBalancerSubnetsParameter", + "parameterValue": "foo1" + }, + { + "parameterKey": "TargetGroupVPCIDParameter", + "parameterValue": "1" + }, + { + "parameterKey": "TargetGroupTargetPortParameter", + "parameterValue": "0" + }, + { + "parameterKey": "ListenerSslPolicyParameter", + "parameterValue": "ELBSecurityPolicy-2016-08" + }, + { + "parameterKey": "IpAddressType", + "parameterValue": "ipv4" + }, + { + "parameterKey": "Type", + "parameterValue": "application" + }, + { + "parameterKey": "HTTP2", + "parameterValue": "true" + }, + { + "parameterKey": "TargetGroupHealthCheckPathParameter", + "parameterValue": "" + }, + { + "parameterKey": "TargetGroupHealthCheckPortParameter", + "parameterValue": "0" + }, + { + "parameterKey": "TargetGroupHealthCheckIntervalParameter", + "parameterValue": "0" + }, + { + "parameterKey": "TargetGroupHealthCheckTimeoutParameter", + "parameterValue": "0" + } +] diff --git a/testdata/ingress_rg_notshared_alb/tags.json b/testdata/ingress_rg_notshared_alb/tags.json new file mode 100644 index 00000000..04f7153a --- /dev/null +++ b/testdata/ingress_rg_notshared_alb/tags.json @@ -0,0 +1,15 @@ +[ + { + "key": "kubernetes:application", + "value": "" + },{ + "key": "kubernetes.io/cluster/aws:123:eu-central-1:kube-1", + "value": "owned" + },{ + "key": "ingress:certificate-arn/DUMMY", + "value": "0001-01-01T00:00:00Z" + },{ + "key": "ingress:owner", + "value": "/my-route-group" + } +] diff --git a/testdata/ingress_rg_notshared_alb/expected.cf b/testdata/ingress_rg_notshared_alb/template.cf similarity index 100% rename from testdata/ingress_rg_notshared_alb/expected.cf rename to testdata/ingress_rg_notshared_alb/template.cf diff --git a/testdata/ingress_rg_shared_alb/ing.yaml b/testdata/ingress_rg_shared_alb/k8s/ing.yaml similarity index 100% rename from testdata/ingress_rg_shared_alb/ing.yaml rename to testdata/ingress_rg_shared_alb/k8s/ing.yaml diff --git a/testdata/ingress_rg_shared_alb/rg.yaml b/testdata/ingress_rg_shared_alb/k8s/rg.yaml similarity index 100% rename from testdata/ingress_rg_shared_alb/rg.yaml rename to testdata/ingress_rg_shared_alb/k8s/rg.yaml diff --git a/testdata/ingress_rg_shared_alb/params.json b/testdata/ingress_rg_shared_alb/params.json new file mode 100644 index 00000000..c1ecf899 --- /dev/null +++ b/testdata/ingress_rg_shared_alb/params.json @@ -0,0 +1,54 @@ +[ + { + "parameterKey": "LoadBalancerSchemeParameter", + "parameterValue": "internet-facing" + }, + { + "parameterKey": "LoadBalancerSecurityGroupParameter", + "parameterValue": "42" + }, + { + "parameterKey": "LoadBalancerSubnetsParameter", + "parameterValue": "foo1" + }, + { + "parameterKey": "TargetGroupVPCIDParameter", + "parameterValue": "1" + }, + { + "parameterKey": "TargetGroupTargetPortParameter", + "parameterValue": "0" + }, + { + "parameterKey": "ListenerSslPolicyParameter", + "parameterValue": "ELBSecurityPolicy-2016-08" + }, + { + "parameterKey": "IpAddressType", + "parameterValue": "ipv4" + }, + { + "parameterKey": "Type", + "parameterValue": "application" + }, + { + "parameterKey": "HTTP2", + "parameterValue": "true" + }, + { + "parameterKey": "TargetGroupHealthCheckPathParameter", + "parameterValue": "" + }, + { + "parameterKey": "TargetGroupHealthCheckPortParameter", + "parameterValue": "0" + }, + { + "parameterKey": "TargetGroupHealthCheckIntervalParameter", + "parameterValue": "0" + }, + { + "parameterKey": "TargetGroupHealthCheckTimeoutParameter", + "parameterValue": "0" + } +] diff --git a/testdata/ingress_rg_shared_alb/tags.json b/testdata/ingress_rg_shared_alb/tags.json new file mode 100644 index 00000000..04f7153a --- /dev/null +++ b/testdata/ingress_rg_shared_alb/tags.json @@ -0,0 +1,15 @@ +[ + { + "key": "kubernetes:application", + "value": "" + },{ + "key": "kubernetes.io/cluster/aws:123:eu-central-1:kube-1", + "value": "owned" + },{ + "key": "ingress:certificate-arn/DUMMY", + "value": "0001-01-01T00:00:00Z" + },{ + "key": "ingress:owner", + "value": "/my-route-group" + } +] diff --git a/testdata/ingress_rg_shared_alb/expected.cf b/testdata/ingress_rg_shared_alb/template.cf similarity index 100% rename from testdata/ingress_rg_shared_alb/expected.cf rename to testdata/ingress_rg_shared_alb/template.cf diff --git a/testdata/ingress_rg_shared_nlb/ing.yaml b/testdata/ingress_rg_shared_nlb/k8s/ing.yaml similarity index 100% rename from testdata/ingress_rg_shared_nlb/ing.yaml rename to testdata/ingress_rg_shared_nlb/k8s/ing.yaml diff --git a/testdata/ingress_rg_shared_nlb/rg.yaml b/testdata/ingress_rg_shared_nlb/k8s/rg.yaml similarity index 100% rename from testdata/ingress_rg_shared_nlb/rg.yaml rename to testdata/ingress_rg_shared_nlb/k8s/rg.yaml diff --git a/testdata/ingress_rg_shared_nlb/params.json b/testdata/ingress_rg_shared_nlb/params.json new file mode 100644 index 00000000..adec04c7 --- /dev/null +++ b/testdata/ingress_rg_shared_nlb/params.json @@ -0,0 +1,54 @@ +[ + { + "parameterKey": "LoadBalancerSchemeParameter", + "parameterValue": "internet-facing" + }, + { + "parameterKey": "LoadBalancerSecurityGroupParameter", + "parameterValue": "42" + }, + { + "parameterKey": "LoadBalancerSubnetsParameter", + "parameterValue": "foo1" + }, + { + "parameterKey": "TargetGroupVPCIDParameter", + "parameterValue": "1" + }, + { + "parameterKey": "TargetGroupTargetPortParameter", + "parameterValue": "0" + }, + { + "parameterKey": "ListenerSslPolicyParameter", + "parameterValue": "ELBSecurityPolicy-2016-08" + }, + { + "parameterKey": "IpAddressType", + "parameterValue": "ipv4" + }, + { + "parameterKey": "Type", + "parameterValue": "network" + }, + { + "parameterKey": "HTTP2", + "parameterValue": "true" + }, + { + "parameterKey": "TargetGroupHealthCheckPathParameter", + "parameterValue": "" + }, + { + "parameterKey": "TargetGroupHealthCheckPortParameter", + "parameterValue": "0" + }, + { + "parameterKey": "TargetGroupHealthCheckIntervalParameter", + "parameterValue": "0" + }, + { + "parameterKey": "TargetGroupHealthCheckTimeoutParameter", + "parameterValue": "0" + } +] diff --git a/testdata/ingress_rg_shared_nlb/tags.json b/testdata/ingress_rg_shared_nlb/tags.json new file mode 100644 index 00000000..04f7153a --- /dev/null +++ b/testdata/ingress_rg_shared_nlb/tags.json @@ -0,0 +1,15 @@ +[ + { + "key": "kubernetes:application", + "value": "" + },{ + "key": "kubernetes.io/cluster/aws:123:eu-central-1:kube-1", + "value": "owned" + },{ + "key": "ingress:certificate-arn/DUMMY", + "value": "0001-01-01T00:00:00Z" + },{ + "key": "ingress:owner", + "value": "/my-route-group" + } +] diff --git a/testdata/ingress_rg_shared_nlb/expected.cf b/testdata/ingress_rg_shared_nlb/template.cf similarity index 100% rename from testdata/ingress_rg_shared_nlb/expected.cf rename to testdata/ingress_rg_shared_nlb/template.cf diff --git a/testdata/rg_alb/rg.yaml b/testdata/rg_alb/k8s/rg.yaml similarity index 100% rename from testdata/rg_alb/rg.yaml rename to testdata/rg_alb/k8s/rg.yaml diff --git a/testdata/rg_alb/params.json b/testdata/rg_alb/params.json new file mode 100644 index 00000000..c1ecf899 --- /dev/null +++ b/testdata/rg_alb/params.json @@ -0,0 +1,54 @@ +[ + { + "parameterKey": "LoadBalancerSchemeParameter", + "parameterValue": "internet-facing" + }, + { + "parameterKey": "LoadBalancerSecurityGroupParameter", + "parameterValue": "42" + }, + { + "parameterKey": "LoadBalancerSubnetsParameter", + "parameterValue": "foo1" + }, + { + "parameterKey": "TargetGroupVPCIDParameter", + "parameterValue": "1" + }, + { + "parameterKey": "TargetGroupTargetPortParameter", + "parameterValue": "0" + }, + { + "parameterKey": "ListenerSslPolicyParameter", + "parameterValue": "ELBSecurityPolicy-2016-08" + }, + { + "parameterKey": "IpAddressType", + "parameterValue": "ipv4" + }, + { + "parameterKey": "Type", + "parameterValue": "application" + }, + { + "parameterKey": "HTTP2", + "parameterValue": "true" + }, + { + "parameterKey": "TargetGroupHealthCheckPathParameter", + "parameterValue": "" + }, + { + "parameterKey": "TargetGroupHealthCheckPortParameter", + "parameterValue": "0" + }, + { + "parameterKey": "TargetGroupHealthCheckIntervalParameter", + "parameterValue": "0" + }, + { + "parameterKey": "TargetGroupHealthCheckTimeoutParameter", + "parameterValue": "0" + } +] diff --git a/testdata/rg_alb/tags.json b/testdata/rg_alb/tags.json new file mode 100644 index 00000000..d64eed43 --- /dev/null +++ b/testdata/rg_alb/tags.json @@ -0,0 +1,12 @@ +[ + { + "key": "kubernetes:application", + "value": "" + },{ + "key": "kubernetes.io/cluster/aws:123:eu-central-1:kube-1", + "value": "owned" + },{ + "key": "ingress:certificate-arn/DUMMY", + "value": "0001-01-01T00:00:00Z" + } +] diff --git a/testdata/rg_alb/expected.cf b/testdata/rg_alb/template.cf similarity index 100% rename from testdata/rg_alb/expected.cf rename to testdata/rg_alb/template.cf diff --git a/testdata/rg_nlb/rg.yaml b/testdata/rg_nlb/k8s/rg.yaml similarity index 100% rename from testdata/rg_nlb/rg.yaml rename to testdata/rg_nlb/k8s/rg.yaml diff --git a/testdata/rg_nlb/params.json b/testdata/rg_nlb/params.json new file mode 100644 index 00000000..adec04c7 --- /dev/null +++ b/testdata/rg_nlb/params.json @@ -0,0 +1,54 @@ +[ + { + "parameterKey": "LoadBalancerSchemeParameter", + "parameterValue": "internet-facing" + }, + { + "parameterKey": "LoadBalancerSecurityGroupParameter", + "parameterValue": "42" + }, + { + "parameterKey": "LoadBalancerSubnetsParameter", + "parameterValue": "foo1" + }, + { + "parameterKey": "TargetGroupVPCIDParameter", + "parameterValue": "1" + }, + { + "parameterKey": "TargetGroupTargetPortParameter", + "parameterValue": "0" + }, + { + "parameterKey": "ListenerSslPolicyParameter", + "parameterValue": "ELBSecurityPolicy-2016-08" + }, + { + "parameterKey": "IpAddressType", + "parameterValue": "ipv4" + }, + { + "parameterKey": "Type", + "parameterValue": "network" + }, + { + "parameterKey": "HTTP2", + "parameterValue": "true" + }, + { + "parameterKey": "TargetGroupHealthCheckPathParameter", + "parameterValue": "" + }, + { + "parameterKey": "TargetGroupHealthCheckPortParameter", + "parameterValue": "0" + }, + { + "parameterKey": "TargetGroupHealthCheckIntervalParameter", + "parameterValue": "0" + }, + { + "parameterKey": "TargetGroupHealthCheckTimeoutParameter", + "parameterValue": "0" + } +] diff --git a/testdata/rg_nlb/tags.json b/testdata/rg_nlb/tags.json new file mode 100644 index 00000000..d64eed43 --- /dev/null +++ b/testdata/rg_nlb/tags.json @@ -0,0 +1,12 @@ +[ + { + "key": "kubernetes:application", + "value": "" + },{ + "key": "kubernetes.io/cluster/aws:123:eu-central-1:kube-1", + "value": "owned" + },{ + "key": "ingress:certificate-arn/DUMMY", + "value": "0001-01-01T00:00:00Z" + } +] diff --git a/testdata/rg_nlb/expected.cf b/testdata/rg_nlb/template.cf similarity index 100% rename from testdata/rg_nlb/expected.cf rename to testdata/rg_nlb/template.cf diff --git a/worker_test.go b/worker_test.go index 2533d6d7..f3daa2e7 100644 --- a/worker_test.go +++ b/worker_test.go @@ -458,8 +458,6 @@ func TestResourceConversion(tt *testing.T) { t.Fatal(err) } - // numberOfFiles := len(files) - 1 , TODO: use to compare with metrics later. - for _, file := range files { f, err := os.Open("./testdata/" + scenario.name + "/k8s/" + file.Name()) if err != nil { From 9b9f78672d794b71a93f906738ed6f34b1fc8a14 Mon Sep 17 00:00:00 2001 From: Lucas Thiesen Date: Thu, 19 Oct 2023 18:11:25 +0200 Subject: [PATCH 5/9] Fix ingress sharing parameter in test fixtures Signed-off-by: Lucas Thiesen --- testdata/ingress_rg_shared_alb/k8s/rg.yaml | 2 +- testdata/ingress_rg_shared_alb/tags.json | 3 --- testdata/ingress_rg_shared_nlb/k8s/rg.yaml | 2 +- testdata/ingress_rg_shared_nlb/tags.json | 3 --- 4 files changed, 2 insertions(+), 8 deletions(-) diff --git a/testdata/ingress_rg_shared_alb/k8s/rg.yaml b/testdata/ingress_rg_shared_alb/k8s/rg.yaml index 432e0b40..01acc2e2 100644 --- a/testdata/ingress_rg_shared_alb/k8s/rg.yaml +++ b/testdata/ingress_rg_shared_alb/k8s/rg.yaml @@ -3,7 +3,7 @@ kind: RouteGroup metadata: name: my-route-group annotations: - zalando.org/aws-load-balancer-shared: "false" + zalando.org/aws-load-balancer-shared: "true" spec: hosts: - foo.bar.org diff --git a/testdata/ingress_rg_shared_alb/tags.json b/testdata/ingress_rg_shared_alb/tags.json index 04f7153a..d64eed43 100644 --- a/testdata/ingress_rg_shared_alb/tags.json +++ b/testdata/ingress_rg_shared_alb/tags.json @@ -8,8 +8,5 @@ },{ "key": "ingress:certificate-arn/DUMMY", "value": "0001-01-01T00:00:00Z" - },{ - "key": "ingress:owner", - "value": "/my-route-group" } ] diff --git a/testdata/ingress_rg_shared_nlb/k8s/rg.yaml b/testdata/ingress_rg_shared_nlb/k8s/rg.yaml index 432e0b40..01acc2e2 100644 --- a/testdata/ingress_rg_shared_nlb/k8s/rg.yaml +++ b/testdata/ingress_rg_shared_nlb/k8s/rg.yaml @@ -3,7 +3,7 @@ kind: RouteGroup metadata: name: my-route-group annotations: - zalando.org/aws-load-balancer-shared: "false" + zalando.org/aws-load-balancer-shared: "true" spec: hosts: - foo.bar.org diff --git a/testdata/ingress_rg_shared_nlb/tags.json b/testdata/ingress_rg_shared_nlb/tags.json index 04f7153a..d64eed43 100644 --- a/testdata/ingress_rg_shared_nlb/tags.json +++ b/testdata/ingress_rg_shared_nlb/tags.json @@ -8,8 +8,5 @@ },{ "key": "ingress:certificate-arn/DUMMY", "value": "0001-01-01T00:00:00Z" - },{ - "key": "ingress:owner", - "value": "/my-route-group" } ] From 4aff9d3f74b56a6230c5f6bf7e9287fd61b62820 Mon Sep 17 00:00:00 2001 From: Lucas Thiesen Date: Thu, 26 Oct 2023 12:41:29 +0200 Subject: [PATCH 6/9] Add ability to check multiple input/output to golden files tests Signed-off-by: Lucas Thiesen --- aws/fake/cf.go | 37 +-- testdata/ingress_alb/{ => input}/k8s/ing.yaml | 0 .../{params.json => output/params/ing.json} | 0 .../{tags.json => output/tags/ing.json} | 0 .../{template.cf => output/templates/ing.cf} | 0 testdata/ingress_nlb/{ => input}/k8s/ing.yaml | 0 .../{params.json => output/params/ing.json} | 0 .../{tags.json => output/tags/ing.json} | 0 .../{template.cf => output/templates/ing.cf} | 0 .../{k8s/ing.yaml => input/k8s/01-ing.yaml} | 0 .../{k8s/rg.yaml => input/k8s/02-rg.yaml} | 0 .../params/01-ing.json} | 0 .../output/params/02-rg.json} | 0 .../output/tags/01-ing.json} | 0 .../{tags.json => output/tags/02-rg.json} | 0 .../templates/01-ing.cf} | 0 .../output/templates/02-rg.cf} | 0 .../{k8s/ing.yaml => input/k8s/01-ing.yaml} | 0 .../{k8s/rg.yaml => input/k8s/02-rg.yaml} | 0 .../output/params/shared.json} | 0 .../output/tags/shared.json} | 0 .../output/templates/shared.cf} | 0 .../{k8s/ing.yaml => input/k8s/01-ing.yaml} | 0 .../{k8s/rg.yaml => input/k8s/02-rg.yaml} | 0 .../params/shared.json} | 0 .../output/tags/shared.json} | 0 .../templates/shared.cf} | 0 testdata/rg_alb/{ => input}/k8s/rg.yaml | 0 testdata/rg_alb/output/params/rg.json | 54 +++++ .../tags.json => rg_alb/output/tags/rg.json} | 0 testdata/rg_alb/output/templates/rg.cf | 219 ++++++++++++++++++ testdata/rg_nlb/{ => input}/k8s/rg.yaml | 0 .../{params.json => output/params/rg.json} | 0 testdata/rg_nlb/output/tags/rg.json | 12 + .../{template.cf => output/templates/rg.cf} | 0 worker_test.go | 109 ++++++--- 36 files changed, 379 insertions(+), 52 deletions(-) rename testdata/ingress_alb/{ => input}/k8s/ing.yaml (100%) rename testdata/ingress_alb/{params.json => output/params/ing.json} (100%) rename testdata/ingress_alb/{tags.json => output/tags/ing.json} (100%) rename testdata/ingress_alb/{template.cf => output/templates/ing.cf} (100%) rename testdata/ingress_nlb/{ => input}/k8s/ing.yaml (100%) rename testdata/ingress_nlb/{params.json => output/params/ing.json} (100%) rename testdata/ingress_nlb/{tags.json => output/tags/ing.json} (100%) rename testdata/ingress_nlb/{template.cf => output/templates/ing.cf} (100%) rename testdata/ingress_rg_notshared_alb/{k8s/ing.yaml => input/k8s/01-ing.yaml} (100%) rename testdata/ingress_rg_notshared_alb/{k8s/rg.yaml => input/k8s/02-rg.yaml} (100%) rename testdata/ingress_rg_notshared_alb/{params.json => output/params/01-ing.json} (100%) rename testdata/{ingress_rg_shared_alb/params.json => ingress_rg_notshared_alb/output/params/02-rg.json} (100%) rename testdata/{ingress_rg_shared_alb/tags.json => ingress_rg_notshared_alb/output/tags/01-ing.json} (100%) rename testdata/ingress_rg_notshared_alb/{tags.json => output/tags/02-rg.json} (100%) rename testdata/ingress_rg_notshared_alb/{template.cf => output/templates/01-ing.cf} (100%) rename testdata/{ingress_rg_shared_alb/template.cf => ingress_rg_notshared_alb/output/templates/02-rg.cf} (100%) rename testdata/ingress_rg_shared_alb/{k8s/ing.yaml => input/k8s/01-ing.yaml} (100%) rename testdata/ingress_rg_shared_alb/{k8s/rg.yaml => input/k8s/02-rg.yaml} (100%) rename testdata/{rg_alb/params.json => ingress_rg_shared_alb/output/params/shared.json} (100%) rename testdata/{ingress_rg_shared_nlb/tags.json => ingress_rg_shared_alb/output/tags/shared.json} (100%) rename testdata/{rg_alb/template.cf => ingress_rg_shared_alb/output/templates/shared.cf} (100%) rename testdata/ingress_rg_shared_nlb/{k8s/ing.yaml => input/k8s/01-ing.yaml} (100%) rename testdata/ingress_rg_shared_nlb/{k8s/rg.yaml => input/k8s/02-rg.yaml} (100%) rename testdata/ingress_rg_shared_nlb/{params.json => output/params/shared.json} (100%) rename testdata/{rg_alb/tags.json => ingress_rg_shared_nlb/output/tags/shared.json} (100%) rename testdata/ingress_rg_shared_nlb/{template.cf => output/templates/shared.cf} (100%) rename testdata/rg_alb/{ => input}/k8s/rg.yaml (100%) create mode 100644 testdata/rg_alb/output/params/rg.json rename testdata/{rg_nlb/tags.json => rg_alb/output/tags/rg.json} (100%) create mode 100644 testdata/rg_alb/output/templates/rg.cf rename testdata/rg_nlb/{ => input}/k8s/rg.yaml (100%) rename testdata/rg_nlb/{params.json => output/params/rg.json} (100%) create mode 100644 testdata/rg_nlb/output/tags/rg.json rename testdata/rg_nlb/{template.cf => output/templates/rg.cf} (100%) diff --git a/aws/fake/cf.go b/aws/fake/cf.go index 8c269def..d2d07de6 100644 --- a/aws/fake/cf.go +++ b/aws/fake/cf.go @@ -17,22 +17,28 @@ type CFOutputs struct { type CFClient struct { cloudformationiface.CloudFormationAPI - lastStackTemplate string - lastStackParams []*cloudformation.Parameter - lastStackTags []*cloudformation.Tag - Outputs CFOutputs + templateCreationHistory []string + paramCreationHistory [][]*cloudformation.Parameter + tagCreationHistory [][]*cloudformation.Tag + Outputs CFOutputs } -func (m *CFClient) GetLastStackTemplate() string { - return m.lastStackTemplate +func (m *CFClient) GetTemplateCreationHistory() []string { + return m.templateCreationHistory } -func (m *CFClient) GetLastStackParams() []*cloudformation.Parameter { - return m.lastStackParams +func (m *CFClient) GetParamCreationHistory() [][]*cloudformation.Parameter { + return m.paramCreationHistory } -func (m *CFClient) GetLastStackTags() []*cloudformation.Tag { - return m.lastStackTags +func (m *CFClient) GetTagCreationHistory() [][]*cloudformation.Tag { + return m.tagCreationHistory +} + +func (m *CFClient) CleanCreationHistory() { + m.paramCreationHistory = [][]*cloudformation.Parameter{} + m.tagCreationHistory = [][]*cloudformation.Tag{} + m.templateCreationHistory = []string{} } func (m *CFClient) DescribeStacksPages(in *cloudformation.DescribeStacksInput, fn func(*cloudformation.DescribeStacksOutput, bool) bool) (err error) { @@ -62,9 +68,9 @@ func (m *CFClient) DescribeStacks(in *cloudformation.DescribeStacksInput) (*clou } func (m *CFClient) CreateStack(params *cloudformation.CreateStackInput) (*cloudformation.CreateStackOutput, error) { - m.lastStackTags = params.Tags - m.lastStackParams = params.Parameters - m.lastStackTemplate = *params.TemplateBody + m.tagCreationHistory = append(m.tagCreationHistory, params.Tags) + m.paramCreationHistory = append(m.paramCreationHistory, params.Parameters) + m.templateCreationHistory = append(m.templateCreationHistory, *params.TemplateBody) out, ok := m.Outputs.CreateStack.response.(*cloudformation.CreateStackOutput) if !ok { @@ -80,9 +86,8 @@ func MockCSOutput(stackId string) *cloudformation.CreateStackOutput { } func (m *CFClient) UpdateStack(params *cloudformation.UpdateStackInput) (*cloudformation.UpdateStackOutput, error) { - m.lastStackTags = params.Tags - m.lastStackParams = params.Parameters - m.lastStackTemplate = *params.TemplateBody + // TODO: Update stack needs another logic to register state update, so createStack and updateStack don't + // mess with each other states. out, ok := m.Outputs.UpdateStack.response.(*cloudformation.UpdateStackOutput) if !ok { diff --git a/testdata/ingress_alb/k8s/ing.yaml b/testdata/ingress_alb/input/k8s/ing.yaml similarity index 100% rename from testdata/ingress_alb/k8s/ing.yaml rename to testdata/ingress_alb/input/k8s/ing.yaml diff --git a/testdata/ingress_alb/params.json b/testdata/ingress_alb/output/params/ing.json similarity index 100% rename from testdata/ingress_alb/params.json rename to testdata/ingress_alb/output/params/ing.json diff --git a/testdata/ingress_alb/tags.json b/testdata/ingress_alb/output/tags/ing.json similarity index 100% rename from testdata/ingress_alb/tags.json rename to testdata/ingress_alb/output/tags/ing.json diff --git a/testdata/ingress_alb/template.cf b/testdata/ingress_alb/output/templates/ing.cf similarity index 100% rename from testdata/ingress_alb/template.cf rename to testdata/ingress_alb/output/templates/ing.cf diff --git a/testdata/ingress_nlb/k8s/ing.yaml b/testdata/ingress_nlb/input/k8s/ing.yaml similarity index 100% rename from testdata/ingress_nlb/k8s/ing.yaml rename to testdata/ingress_nlb/input/k8s/ing.yaml diff --git a/testdata/ingress_nlb/params.json b/testdata/ingress_nlb/output/params/ing.json similarity index 100% rename from testdata/ingress_nlb/params.json rename to testdata/ingress_nlb/output/params/ing.json diff --git a/testdata/ingress_nlb/tags.json b/testdata/ingress_nlb/output/tags/ing.json similarity index 100% rename from testdata/ingress_nlb/tags.json rename to testdata/ingress_nlb/output/tags/ing.json diff --git a/testdata/ingress_nlb/template.cf b/testdata/ingress_nlb/output/templates/ing.cf similarity index 100% rename from testdata/ingress_nlb/template.cf rename to testdata/ingress_nlb/output/templates/ing.cf diff --git a/testdata/ingress_rg_notshared_alb/k8s/ing.yaml b/testdata/ingress_rg_notshared_alb/input/k8s/01-ing.yaml similarity index 100% rename from testdata/ingress_rg_notshared_alb/k8s/ing.yaml rename to testdata/ingress_rg_notshared_alb/input/k8s/01-ing.yaml diff --git a/testdata/ingress_rg_notshared_alb/k8s/rg.yaml b/testdata/ingress_rg_notshared_alb/input/k8s/02-rg.yaml similarity index 100% rename from testdata/ingress_rg_notshared_alb/k8s/rg.yaml rename to testdata/ingress_rg_notshared_alb/input/k8s/02-rg.yaml diff --git a/testdata/ingress_rg_notshared_alb/params.json b/testdata/ingress_rg_notshared_alb/output/params/01-ing.json similarity index 100% rename from testdata/ingress_rg_notshared_alb/params.json rename to testdata/ingress_rg_notshared_alb/output/params/01-ing.json diff --git a/testdata/ingress_rg_shared_alb/params.json b/testdata/ingress_rg_notshared_alb/output/params/02-rg.json similarity index 100% rename from testdata/ingress_rg_shared_alb/params.json rename to testdata/ingress_rg_notshared_alb/output/params/02-rg.json diff --git a/testdata/ingress_rg_shared_alb/tags.json b/testdata/ingress_rg_notshared_alb/output/tags/01-ing.json similarity index 100% rename from testdata/ingress_rg_shared_alb/tags.json rename to testdata/ingress_rg_notshared_alb/output/tags/01-ing.json diff --git a/testdata/ingress_rg_notshared_alb/tags.json b/testdata/ingress_rg_notshared_alb/output/tags/02-rg.json similarity index 100% rename from testdata/ingress_rg_notshared_alb/tags.json rename to testdata/ingress_rg_notshared_alb/output/tags/02-rg.json diff --git a/testdata/ingress_rg_notshared_alb/template.cf b/testdata/ingress_rg_notshared_alb/output/templates/01-ing.cf similarity index 100% rename from testdata/ingress_rg_notshared_alb/template.cf rename to testdata/ingress_rg_notshared_alb/output/templates/01-ing.cf diff --git a/testdata/ingress_rg_shared_alb/template.cf b/testdata/ingress_rg_notshared_alb/output/templates/02-rg.cf similarity index 100% rename from testdata/ingress_rg_shared_alb/template.cf rename to testdata/ingress_rg_notshared_alb/output/templates/02-rg.cf diff --git a/testdata/ingress_rg_shared_alb/k8s/ing.yaml b/testdata/ingress_rg_shared_alb/input/k8s/01-ing.yaml similarity index 100% rename from testdata/ingress_rg_shared_alb/k8s/ing.yaml rename to testdata/ingress_rg_shared_alb/input/k8s/01-ing.yaml diff --git a/testdata/ingress_rg_shared_alb/k8s/rg.yaml b/testdata/ingress_rg_shared_alb/input/k8s/02-rg.yaml similarity index 100% rename from testdata/ingress_rg_shared_alb/k8s/rg.yaml rename to testdata/ingress_rg_shared_alb/input/k8s/02-rg.yaml diff --git a/testdata/rg_alb/params.json b/testdata/ingress_rg_shared_alb/output/params/shared.json similarity index 100% rename from testdata/rg_alb/params.json rename to testdata/ingress_rg_shared_alb/output/params/shared.json diff --git a/testdata/ingress_rg_shared_nlb/tags.json b/testdata/ingress_rg_shared_alb/output/tags/shared.json similarity index 100% rename from testdata/ingress_rg_shared_nlb/tags.json rename to testdata/ingress_rg_shared_alb/output/tags/shared.json diff --git a/testdata/rg_alb/template.cf b/testdata/ingress_rg_shared_alb/output/templates/shared.cf similarity index 100% rename from testdata/rg_alb/template.cf rename to testdata/ingress_rg_shared_alb/output/templates/shared.cf diff --git a/testdata/ingress_rg_shared_nlb/k8s/ing.yaml b/testdata/ingress_rg_shared_nlb/input/k8s/01-ing.yaml similarity index 100% rename from testdata/ingress_rg_shared_nlb/k8s/ing.yaml rename to testdata/ingress_rg_shared_nlb/input/k8s/01-ing.yaml diff --git a/testdata/ingress_rg_shared_nlb/k8s/rg.yaml b/testdata/ingress_rg_shared_nlb/input/k8s/02-rg.yaml similarity index 100% rename from testdata/ingress_rg_shared_nlb/k8s/rg.yaml rename to testdata/ingress_rg_shared_nlb/input/k8s/02-rg.yaml diff --git a/testdata/ingress_rg_shared_nlb/params.json b/testdata/ingress_rg_shared_nlb/output/params/shared.json similarity index 100% rename from testdata/ingress_rg_shared_nlb/params.json rename to testdata/ingress_rg_shared_nlb/output/params/shared.json diff --git a/testdata/rg_alb/tags.json b/testdata/ingress_rg_shared_nlb/output/tags/shared.json similarity index 100% rename from testdata/rg_alb/tags.json rename to testdata/ingress_rg_shared_nlb/output/tags/shared.json diff --git a/testdata/ingress_rg_shared_nlb/template.cf b/testdata/ingress_rg_shared_nlb/output/templates/shared.cf similarity index 100% rename from testdata/ingress_rg_shared_nlb/template.cf rename to testdata/ingress_rg_shared_nlb/output/templates/shared.cf diff --git a/testdata/rg_alb/k8s/rg.yaml b/testdata/rg_alb/input/k8s/rg.yaml similarity index 100% rename from testdata/rg_alb/k8s/rg.yaml rename to testdata/rg_alb/input/k8s/rg.yaml diff --git a/testdata/rg_alb/output/params/rg.json b/testdata/rg_alb/output/params/rg.json new file mode 100644 index 00000000..c1ecf899 --- /dev/null +++ b/testdata/rg_alb/output/params/rg.json @@ -0,0 +1,54 @@ +[ + { + "parameterKey": "LoadBalancerSchemeParameter", + "parameterValue": "internet-facing" + }, + { + "parameterKey": "LoadBalancerSecurityGroupParameter", + "parameterValue": "42" + }, + { + "parameterKey": "LoadBalancerSubnetsParameter", + "parameterValue": "foo1" + }, + { + "parameterKey": "TargetGroupVPCIDParameter", + "parameterValue": "1" + }, + { + "parameterKey": "TargetGroupTargetPortParameter", + "parameterValue": "0" + }, + { + "parameterKey": "ListenerSslPolicyParameter", + "parameterValue": "ELBSecurityPolicy-2016-08" + }, + { + "parameterKey": "IpAddressType", + "parameterValue": "ipv4" + }, + { + "parameterKey": "Type", + "parameterValue": "application" + }, + { + "parameterKey": "HTTP2", + "parameterValue": "true" + }, + { + "parameterKey": "TargetGroupHealthCheckPathParameter", + "parameterValue": "" + }, + { + "parameterKey": "TargetGroupHealthCheckPortParameter", + "parameterValue": "0" + }, + { + "parameterKey": "TargetGroupHealthCheckIntervalParameter", + "parameterValue": "0" + }, + { + "parameterKey": "TargetGroupHealthCheckTimeoutParameter", + "parameterValue": "0" + } +] diff --git a/testdata/rg_nlb/tags.json b/testdata/rg_alb/output/tags/rg.json similarity index 100% rename from testdata/rg_nlb/tags.json rename to testdata/rg_alb/output/tags/rg.json diff --git a/testdata/rg_alb/output/templates/rg.cf b/testdata/rg_alb/output/templates/rg.cf new file mode 100644 index 00000000..7e9378df --- /dev/null +++ b/testdata/rg_alb/output/templates/rg.cf @@ -0,0 +1,219 @@ +{ + "AWSTemplateFormatVersion": "2010-09-09", + "Description": "Load Balancer for Kubernetes Ingress", + "Parameters": { + "HTTP2": { + "Type": "String", + "Default": "true", + "Description": "H2 Enabled" + }, + "IpAddressType": { + "Type": "String", + "Default": "ipv4", + "Description": "IP Address Type, 'ipv4' or 'dualstack'" + }, + "ListenerSslPolicyParameter": { + "Type": "String", + "Default": "ELBSecurityPolicy-2016-08", + "Description": "The HTTPS SSL Security Policy Name" + }, + "LoadBalancerSchemeParameter": { + "Type": "String", + "Default": "internet-facing", + "Description": "The Load Balancer scheme - 'internal' or 'internet-facing'" + }, + "LoadBalancerSecurityGroupParameter": { + "Type": "List\u003cAWS::EC2::SecurityGroup::Id\u003e", + "Description": "The security group ID for the Load Balancer" + }, + "LoadBalancerSubnetsParameter": { + "Type": "List\u003cAWS::EC2::Subnet::Id\u003e", + "Description": "The list of subnets IDs for the Load Balancer" + }, + "TargetGroupHealthCheckIntervalParameter": { + "Type": "Number", + "Default": "10", + "Description": "The healthcheck interval" + }, + "TargetGroupHealthCheckPathParameter": { + "Type": "String", + "Default": "/kube-system/healthz", + "Description": "The healthcheck path" + }, + "TargetGroupHealthCheckPortParameter": { + "Type": "Number", + "Default": "9999", + "Description": "The healthcheck port" + }, + "TargetGroupHealthCheckTimeoutParameter": { + "Type": "Number", + "Default": "5", + "Description": "The healthcheck timeout" + }, + "TargetGroupTargetPortParameter": { + "Type": "Number", + "Default": "9999", + "Description": "The target port" + }, + "TargetGroupVPCIDParameter": { + "Type": "AWS::EC2::VPC::Id", + "Description": "The VPCID for the TargetGroup" + }, + "Type": { + "Type": "String", + "Default": "application", + "Description": "Loadbalancer Type, 'application' or 'network'" + } + }, + "Resources": { + "HTTPListener": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "TG" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "LB" + }, + "Port": 80, + "Protocol": "HTTP" + } + }, + "HTTPSListener": { + "Type": "AWS::ElasticLoadBalancingV2::Listener", + "Properties": { + "Certificates": [ + { + "CertificateArn": "DUMMY" + } + ], + "DefaultActions": [ + { + "TargetGroupArn": { + "Ref": "TG" + }, + "Type": "forward" + } + ], + "LoadBalancerArn": { + "Ref": "LB" + }, + "Port": 443, + "Protocol": "HTTPS", + "SslPolicy": { + "Ref": "ListenerSslPolicyParameter" + } + } + }, + "HTTPSListenerCertificatefc48082457b770e278fc0bd3d392d127869993166f76e8df57d19a0e662820ea": { + "Type": "AWS::ElasticLoadBalancingV2::ListenerCertificate", + "Properties": { + "Certificates": [ + { + "CertificateArn": "DUMMY" + } + ], + "ListenerArn": { + "Ref": "HTTPSListener" + } + } + }, + "LB": { + "Type": "AWS::ElasticLoadBalancingV2::LoadBalancer", + "Properties": { + "IpAddressType": { + "Ref": "IpAddressType" + }, + "LoadBalancerAttributes": [ + { + "Key": "idle_timeout.timeout_seconds", + "Value": "0" + }, + { + "Key": "routing.http2.enabled", + "Value": "true" + }, + { + "Key": "access_logs.s3.enabled", + "Value": "false" + } + ], + "Scheme": { + "Ref": "LoadBalancerSchemeParameter" + }, + "SecurityGroups": { + "Ref": "LoadBalancerSecurityGroupParameter" + }, + "Subnets": { + "Ref": "LoadBalancerSubnetsParameter" + }, + "Tags": [ + { + "Key": "StackName", + "Value": { + "Ref": "AWS::StackName" + } + } + ], + "Type": { + "Ref": "Type" + } + } + }, + "TG": { + "Type": "AWS::ElasticLoadBalancingV2::TargetGroup", + "Properties": { + "HealthCheckIntervalSeconds": { + "Ref": "TargetGroupHealthCheckIntervalParameter" + }, + "HealthCheckPath": { + "Ref": "TargetGroupHealthCheckPathParameter" + }, + "HealthCheckPort": { + "Ref": "TargetGroupHealthCheckPortParameter" + }, + "HealthCheckProtocol": "HTTP", + "HealthCheckTimeoutSeconds": { + "Ref": "TargetGroupHealthCheckTimeoutParameter" + }, + "HealthyThresholdCount": 0, + "Port": { + "Ref": "TargetGroupTargetPortParameter" + }, + "Protocol": "HTTP", + "TargetGroupAttributes": [ + { + "Key": "deregistration_delay.timeout_seconds", + "Value": "0" + } + ], + "UnhealthyThresholdCount": 0, + "VpcId": { + "Ref": "TargetGroupVPCIDParameter" + } + } + } + }, + "Outputs": { + "LoadBalancerDNSName": { + "Description": "DNS name for the LoadBalancer", + "Value": { + "Fn::GetAtt": [ + "LB", + "DNSName" + ] + } + }, + "TargetGroupARN": { + "Description": "The ARN of the TargetGroup", + "Value": { + "Ref": "TG" + } + } + } +} \ No newline at end of file diff --git a/testdata/rg_nlb/k8s/rg.yaml b/testdata/rg_nlb/input/k8s/rg.yaml similarity index 100% rename from testdata/rg_nlb/k8s/rg.yaml rename to testdata/rg_nlb/input/k8s/rg.yaml diff --git a/testdata/rg_nlb/params.json b/testdata/rg_nlb/output/params/rg.json similarity index 100% rename from testdata/rg_nlb/params.json rename to testdata/rg_nlb/output/params/rg.json diff --git a/testdata/rg_nlb/output/tags/rg.json b/testdata/rg_nlb/output/tags/rg.json new file mode 100644 index 00000000..d64eed43 --- /dev/null +++ b/testdata/rg_nlb/output/tags/rg.json @@ -0,0 +1,12 @@ +[ + { + "key": "kubernetes:application", + "value": "" + },{ + "key": "kubernetes.io/cluster/aws:123:eu-central-1:kube-1", + "value": "owned" + },{ + "key": "ingress:certificate-arn/DUMMY", + "value": "0001-01-01T00:00:00Z" + } +] diff --git a/testdata/rg_nlb/template.cf b/testdata/rg_nlb/output/templates/rg.cf similarity index 100% rename from testdata/rg_nlb/template.cf rename to testdata/rg_nlb/output/templates/rg.cf diff --git a/worker_test.go b/worker_test.go index f3daa2e7..6673cc00 100644 --- a/worker_test.go +++ b/worker_test.go @@ -28,7 +28,7 @@ import ( certsfake "github.com/zalando-incubator/kube-ingress-aws-controller/certs/fake" ) -func TestResourceConversion(tt *testing.T) { +func TestResourceConversionOneToOne(tt *testing.T) { clusterIDTagPrefix := "kubernetes.io/cluster/" clusterID := "aws:123:eu-central-1:kube-1" vpcID := "1" @@ -412,7 +412,7 @@ func TestResourceConversion(tt *testing.T) { } { tt.Run(scenario.name, func(t *testing.T) { readFile := func(fileName string) []byte { - b, err := os.ReadFile("./testdata/" + scenario.name + "/" + fileName) + b, err := os.ReadFile("./testdata/" + scenario.name + "/output/" + fileName) if err != nil { t.Fatal(err) } @@ -420,20 +420,46 @@ func TestResourceConversion(tt *testing.T) { return b } - template := string(readFile("template.cf")) + var templates []string + templateFiles, err := os.ReadDir("./testdata/" + scenario.name + "/output/templates/") + if err != nil { + t.Fatal(err) + } - var tags []*cf.Tag - err := json.Unmarshal(readFile("tags.json"), &tags) + for _, file := range templateFiles { + templates = append(templates, string(readFile("templates/"+file.Name()))) + } + + paramFiles, err := os.ReadDir("./testdata/" + scenario.name + "/output/params/") if err != nil { t.Fatal(err) } - var params []*cf.Parameter - err = json.Unmarshal(readFile("params.json"), ¶ms) + var params [][]*cf.Parameter + for _, file := range paramFiles { + var content []*cf.Parameter + err := json.Unmarshal(readFile("params/"+file.Name()), &content) + if err != nil { + t.Fatal(err) + } + params = append(params, content) + } + + tagFiles, err := os.ReadDir("./testdata/" + scenario.name + "/output/tags/") if err != nil { t.Fatal(err) } + var tags [][]*cf.Tag + for _, file := range tagFiles { + var content []*cf.Tag + err := json.Unmarshal(readFile("tags/"+file.Name()), &content) + if err != nil { + t.Fatal(err) + } + tags = append(tags, content) + } + clientEC2 := &fake.EC2Client{Outputs: scenario.responsesEC2} clientASG := &fake.ASGClient{Outputs: scenario.responsesASG} clientELBv2 := &fake.ELBv2Client{Outputs: scenario.responsesELBv2} @@ -453,16 +479,16 @@ func TestResourceConversion(tt *testing.T) { } readers := make([]io.Reader, 0) - files, err := os.ReadDir("./testdata/" + scenario.name + "/k8s/") + files, err := os.ReadDir("./testdata/" + scenario.name + "/input/k8s/") if err != nil { t.Fatal(err) } for _, file := range files { - f, err := os.Open("./testdata/" + scenario.name + "/k8s/" + file.Name()) - if err != nil { - t.Fatal(err) - } + f, err := os.Open("./testdata/" + scenario.name + "/input/k8s/" + file.Name()) + if err != nil { + t.Fatal(err) + } readers = append(readers, f) defer f.Close() } @@ -501,30 +527,41 @@ func TestResourceConversion(tt *testing.T) { t.Error(problems.Errors()) } - // When a stack is created using cloud formation API the stack information is sent in a split way. - // There is a template with the description of the stack, but this template references parameters - // and tags that are not defined in this template. These parameters and tags are sent as different - // fields in the request. - // That is why when we validate the content of the template we also need to check the parameters - // and tags and this is why this check is split in three parts, we check the template, - // the parameters and tags generated by the ingress controller and not only the template. - assert.Equal( - t, - template, - clientCF.GetLastStackTemplate(), - ) - - assert.ElementsMatch( - t, - tags, - clientCF.GetLastStackTags(), - ) - - assert.ElementsMatch( - t, - params, - clientCF.GetLastStackParams(), - ) + assert.Equal(t, len(clientCF.GetTagCreationHistory()), len(tags)) + assert.Equal(t, len(clientCF.GetParamCreationHistory()), len(params)) + assert.Equal(t, len(clientCF.GetTemplateCreationHistory()), len(templates)) + + // This loop is necessary because assert.ElementsMatch only do set-style comparison + // for the first level of the array. So for nested arrays it would not behave like expected. + // The order is important when loading the files, because of this its necessary to use numbers + // before the file name to make them in the order you want. + for i := range templates { + // When a stack is created using cloud formation API the stack information is sent in a split way. + // There is a template with the description of the stack, but this template references parameters + // and tags that are not defined in this template. These parameters and tags are sent as different + // fields in the request. + // That is why when we validate the content of the template we also need to check the parameters + // and tags and this is why this check is split in three parts, we check the template, + // the parameters and tags generated by the ingress controller and not only the template. + assert.Equal( + t, + templates[i], + clientCF.GetTemplateCreationHistory()[i], + ) + + assert.ElementsMatch( + t, + tags[i], + clientCF.GetTagCreationHistory()[i], + ) + + assert.ElementsMatch( + t, + params[i], + clientCF.GetParamCreationHistory()[i], + ) + } + clientCF.CleanCreationHistory() }) } } From 5618b110bd5b24a024cc2df6fc86997d85f1459f Mon Sep 17 00:00:00 2001 From: Lucas Thiesen Date: Mon, 30 Oct 2023 19:21:59 +0100 Subject: [PATCH 7/9] Sync annotation and improve naming in golden file tests Signed-off-by: Lucas Thiesen --- .../input/k8s/01-ing.yaml | 4 +++- .../input/k8s/02-rg.yaml | 0 .../output/params/01-ing.json | 0 .../output/params/02-rg.json | 0 .../output/tags/01-ing.json | 0 .../output/tags/02-rg.json | 0 .../output/templates/01-ing.cf | 0 .../output/templates/02-rg.cf | 0 testdata/ingress_rg_shared_alb/input/k8s/01-ing.yaml | 4 +++- testdata/ingress_rg_shared_nlb/input/k8s/01-ing.yaml | 4 +++- worker_test.go | 2 +- 11 files changed, 10 insertions(+), 4 deletions(-) rename testdata/{ingress_rg_notshared_alb => ing_shared_rg_notshared_alb}/input/k8s/01-ing.yaml (71%) rename testdata/{ingress_rg_notshared_alb => ing_shared_rg_notshared_alb}/input/k8s/02-rg.yaml (100%) rename testdata/{ingress_rg_notshared_alb => ing_shared_rg_notshared_alb}/output/params/01-ing.json (100%) rename testdata/{ingress_rg_notshared_alb => ing_shared_rg_notshared_alb}/output/params/02-rg.json (100%) rename testdata/{ingress_rg_notshared_alb => ing_shared_rg_notshared_alb}/output/tags/01-ing.json (100%) rename testdata/{ingress_rg_notshared_alb => ing_shared_rg_notshared_alb}/output/tags/02-rg.json (100%) rename testdata/{ingress_rg_notshared_alb => ing_shared_rg_notshared_alb}/output/templates/01-ing.cf (100%) rename testdata/{ingress_rg_notshared_alb => ing_shared_rg_notshared_alb}/output/templates/02-rg.cf (100%) diff --git a/testdata/ingress_rg_notshared_alb/input/k8s/01-ing.yaml b/testdata/ing_shared_rg_notshared_alb/input/k8s/01-ing.yaml similarity index 71% rename from testdata/ingress_rg_notshared_alb/input/k8s/01-ing.yaml rename to testdata/ing_shared_rg_notshared_alb/input/k8s/01-ing.yaml index 6b35d8ca..ddd37ec1 100644 --- a/testdata/ingress_rg_notshared_alb/input/k8s/01-ing.yaml +++ b/testdata/ing_shared_rg_notshared_alb/input/k8s/01-ing.yaml @@ -2,6 +2,8 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: myingress + annotations: + zalando.org/aws-load-balancer-shared: "true" spec: rules: - host: foo.bar.org @@ -13,4 +15,4 @@ spec: port: name: main-port path: / - pathType: ImplementationSpecific \ No newline at end of file + pathType: ImplementationSpecific diff --git a/testdata/ingress_rg_notshared_alb/input/k8s/02-rg.yaml b/testdata/ing_shared_rg_notshared_alb/input/k8s/02-rg.yaml similarity index 100% rename from testdata/ingress_rg_notshared_alb/input/k8s/02-rg.yaml rename to testdata/ing_shared_rg_notshared_alb/input/k8s/02-rg.yaml diff --git a/testdata/ingress_rg_notshared_alb/output/params/01-ing.json b/testdata/ing_shared_rg_notshared_alb/output/params/01-ing.json similarity index 100% rename from testdata/ingress_rg_notshared_alb/output/params/01-ing.json rename to testdata/ing_shared_rg_notshared_alb/output/params/01-ing.json diff --git a/testdata/ingress_rg_notshared_alb/output/params/02-rg.json b/testdata/ing_shared_rg_notshared_alb/output/params/02-rg.json similarity index 100% rename from testdata/ingress_rg_notshared_alb/output/params/02-rg.json rename to testdata/ing_shared_rg_notshared_alb/output/params/02-rg.json diff --git a/testdata/ingress_rg_notshared_alb/output/tags/01-ing.json b/testdata/ing_shared_rg_notshared_alb/output/tags/01-ing.json similarity index 100% rename from testdata/ingress_rg_notshared_alb/output/tags/01-ing.json rename to testdata/ing_shared_rg_notshared_alb/output/tags/01-ing.json diff --git a/testdata/ingress_rg_notshared_alb/output/tags/02-rg.json b/testdata/ing_shared_rg_notshared_alb/output/tags/02-rg.json similarity index 100% rename from testdata/ingress_rg_notshared_alb/output/tags/02-rg.json rename to testdata/ing_shared_rg_notshared_alb/output/tags/02-rg.json diff --git a/testdata/ingress_rg_notshared_alb/output/templates/01-ing.cf b/testdata/ing_shared_rg_notshared_alb/output/templates/01-ing.cf similarity index 100% rename from testdata/ingress_rg_notshared_alb/output/templates/01-ing.cf rename to testdata/ing_shared_rg_notshared_alb/output/templates/01-ing.cf diff --git a/testdata/ingress_rg_notshared_alb/output/templates/02-rg.cf b/testdata/ing_shared_rg_notshared_alb/output/templates/02-rg.cf similarity index 100% rename from testdata/ingress_rg_notshared_alb/output/templates/02-rg.cf rename to testdata/ing_shared_rg_notshared_alb/output/templates/02-rg.cf diff --git a/testdata/ingress_rg_shared_alb/input/k8s/01-ing.yaml b/testdata/ingress_rg_shared_alb/input/k8s/01-ing.yaml index 6b35d8ca..ddd37ec1 100644 --- a/testdata/ingress_rg_shared_alb/input/k8s/01-ing.yaml +++ b/testdata/ingress_rg_shared_alb/input/k8s/01-ing.yaml @@ -2,6 +2,8 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: myingress + annotations: + zalando.org/aws-load-balancer-shared: "true" spec: rules: - host: foo.bar.org @@ -13,4 +15,4 @@ spec: port: name: main-port path: / - pathType: ImplementationSpecific \ No newline at end of file + pathType: ImplementationSpecific diff --git a/testdata/ingress_rg_shared_nlb/input/k8s/01-ing.yaml b/testdata/ingress_rg_shared_nlb/input/k8s/01-ing.yaml index 6b35d8ca..ddd37ec1 100644 --- a/testdata/ingress_rg_shared_nlb/input/k8s/01-ing.yaml +++ b/testdata/ingress_rg_shared_nlb/input/k8s/01-ing.yaml @@ -2,6 +2,8 @@ apiVersion: networking.k8s.io/v1 kind: Ingress metadata: name: myingress + annotations: + zalando.org/aws-load-balancer-shared: "true" spec: rules: - host: foo.bar.org @@ -13,4 +15,4 @@ spec: port: name: main-port path: / - pathType: ImplementationSpecific \ No newline at end of file + pathType: ImplementationSpecific diff --git a/worker_test.go b/worker_test.go index 6673cc00..91e9ebb5 100644 --- a/worker_test.go +++ b/worker_test.go @@ -253,7 +253,7 @@ func TestResourceConversionOneToOne(tt *testing.T) { }, typeLB: awsAdapter.LoadBalancerTypeNetwork, }, { - name: "ingress_rg_notshared_alb", + name: "ing_shared_rg_notshared_alb", responsesEC2: fake.EC2Outputs{DescribeInstancesPages: fake.MockDescribeInstancesPagesOutput( nil, fake.TestInstance{ From 0e3448691827a2a04053b99d3121d322e01f7283 Mon Sep 17 00:00:00 2001 From: Lucas Thiesen Date: Tue, 31 Oct 2023 11:41:21 +0100 Subject: [PATCH 8/9] Add issue link to TODO comment in CF mocks Signed-off-by: Lucas Thiesen --- aws/fake/cf.go | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/aws/fake/cf.go b/aws/fake/cf.go index d2d07de6..5c893b15 100644 --- a/aws/fake/cf.go +++ b/aws/fake/cf.go @@ -86,8 +86,9 @@ func MockCSOutput(stackId string) *cloudformation.CreateStackOutput { } func (m *CFClient) UpdateStack(params *cloudformation.UpdateStackInput) (*cloudformation.UpdateStackOutput, error) { - // TODO: Update stack needs another logic to register state update, so createStack and updateStack don't - // mess with each other states. + // TODO: https://github.com/zalando-incubator/kube-ingress-aws-controller/issues/653 + // Update stack needs to use different variable to register change history, + // so createStack and updateStack mocks don't mess with each other states. out, ok := m.Outputs.UpdateStack.response.(*cloudformation.UpdateStackOutput) if !ok { From 90db2010305f5368099f05cdfd3fe2027e59e69b Mon Sep 17 00:00:00 2001 From: Lucas Thiesen Date: Tue, 31 Oct 2023 13:19:24 +0100 Subject: [PATCH 9/9] Fix identation Signed-off-by: Lucas Thiesen --- aws/fake/cf.go | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/aws/fake/cf.go b/aws/fake/cf.go index 5c893b15..48ed5793 100644 --- a/aws/fake/cf.go +++ b/aws/fake/cf.go @@ -87,8 +87,8 @@ func MockCSOutput(stackId string) *cloudformation.CreateStackOutput { func (m *CFClient) UpdateStack(params *cloudformation.UpdateStackInput) (*cloudformation.UpdateStackOutput, error) { // TODO: https://github.com/zalando-incubator/kube-ingress-aws-controller/issues/653 - // Update stack needs to use different variable to register change history, - // so createStack and updateStack mocks don't mess with each other states. + // Update stack needs to use different variable to register change history, + // so createStack and updateStack mocks don't mess with each other states. out, ok := m.Outputs.UpdateStack.response.(*cloudformation.UpdateStackOutput) if !ok {