Webhookのテスト

テスト環境のセットアップ

Webhookもコントローラーのテストと同じくEnvtestを利用できます。 Kubebuilderによってテストを実行するためのコードが以下のように生成されています。

api/v1/webhook_suite_test.go

/*
Copyright 2022.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package v1

import (
    "context"
    "crypto/tls"
    "fmt"
    "net"
    "path/filepath"
    "testing"
    "time"

    . "github.com/onsi/ginkgo"
    . "github.com/onsi/gomega"

    admissionv1beta1 "k8s.io/api/admission/v1beta1"
    //+kubebuilder:scaffold:imports
    "k8s.io/apimachinery/pkg/runtime"
    "k8s.io/client-go/rest"
    ctrl "sigs.k8s.io/controller-runtime"
    "sigs.k8s.io/controller-runtime/pkg/client"
    "sigs.k8s.io/controller-runtime/pkg/envtest"
    "sigs.k8s.io/controller-runtime/pkg/envtest/printer"
    logf "sigs.k8s.io/controller-runtime/pkg/log"
    "sigs.k8s.io/controller-runtime/pkg/log/zap"
)

// These tests use Ginkgo (BDD-style Go testing framework). Refer to
// http://onsi.github.io/ginkgo/ to learn more about Ginkgo.

var cfg *rest.Config
var k8sClient client.Client
var testEnv *envtest.Environment
var ctx context.Context
var cancel context.CancelFunc

func TestAPIs(t *testing.T) {
    RegisterFailHandler(Fail)

    RunSpecsWithDefaultAndCustomReporters(t,
        "Webhook Suite",
        []Reporter{printer.NewlineReporter{}})
}

var _ = BeforeSuite(func() {
    logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true)))

    ctx, cancel = context.WithCancel(context.TODO())

    By("bootstrapping test environment")
    testEnv = &envtest.Environment{
        CRDDirectoryPaths:     []string{filepath.Join("..", "..", "config", "crd", "bases")},
        ErrorIfCRDPathMissing: false,
        WebhookInstallOptions: envtest.WebhookInstallOptions{
            Paths: []string{filepath.Join("..", "..", "config", "webhook")},
        },
    }

    var err error
    // cfg is defined in this file globally.
    cfg, err = testEnv.Start()
    Expect(err).NotTo(HaveOccurred())
    Expect(cfg).NotTo(BeNil())

    scheme := runtime.NewScheme()
    err = AddToScheme(scheme)
    Expect(err).NotTo(HaveOccurred())

    err = admissionv1beta1.AddToScheme(scheme)
    Expect(err).NotTo(HaveOccurred())

    //+kubebuilder:scaffold:scheme

    k8sClient, err = client.New(cfg, client.Options{Scheme: scheme})
    Expect(err).NotTo(HaveOccurred())
    Expect(k8sClient).NotTo(BeNil())

    // start webhook server using Manager
    webhookInstallOptions := &testEnv.WebhookInstallOptions
    mgr, err := ctrl.NewManager(cfg, ctrl.Options{
        Scheme:             scheme,
        Host:               webhookInstallOptions.LocalServingHost,
        Port:               webhookInstallOptions.LocalServingPort,
        CertDir:            webhookInstallOptions.LocalServingCertDir,
        LeaderElection:     false,
        MetricsBindAddress: "0",
    })
    Expect(err).NotTo(HaveOccurred())

    err = (&MarkdownView{}).SetupWebhookWithManager(mgr)
    Expect(err).NotTo(HaveOccurred())

    //+kubebuilder:scaffold:webhook

    go func() {
        defer GinkgoRecover()
        err = mgr.Start(ctx)
        Expect(err).NotTo(HaveOccurred())
    }()

    // wait for the webhook server to get ready
    dialer := &net.Dialer{Timeout: time.Second}
    addrPort := fmt.Sprintf("%s:%d", webhookInstallOptions.LocalServingHost, webhookInstallOptions.LocalServingPort)
    Eventually(func() error {
        conn, err := tls.DialWithDialer(dialer, "tcp", addrPort, &tls.Config{InsecureSkipVerify: true})
        if err != nil {
            return err
        }
        conn.Close()
        return nil
    }).Should(Succeed())

}, 60)

var _ = AfterSuite(func() {
    cancel()
    By("tearing down the test environment")
    err := testEnv.Stop()
    Expect(err).NotTo(HaveOccurred())
})

基本的にはコントローラーのテストコードと似ていますが、envtest.Environmentを作成する際に、Webhook用のマニフェストのパスを指定したり、 ctrl.NewManagerを呼び出す際にHost,Port,CertDirのパラメータをtestEnvのパラメータで上書きする必要があります。

Webhookのテスト

Webhookのテストコードを書いてみましょう。

api/v1/markdownview_webhook_test.go

package v1

import (
    "bytes"
    "context"
    "errors"
    "os"
    "path/filepath"

    . "github.com/onsi/ginkgo"
    . "github.com/onsi/gomega"
    apierrors "k8s.io/apimachinery/pkg/api/errors"
    "k8s.io/apimachinery/pkg/types"
    "k8s.io/apimachinery/pkg/util/yaml"
)

func mutateTest(before string, after string) {
    ctx := context.Background()

    y, err := os.ReadFile(before)
    Expect(err).NotTo(HaveOccurred())
    d := yaml.NewYAMLOrJSONDecoder(bytes.NewReader(y), 4096)
    beforeView := &MarkdownView{}
    err = d.Decode(beforeView)
    Expect(err).NotTo(HaveOccurred())

    err = k8sClient.Create(ctx, beforeView)
    Expect(err).NotTo(HaveOccurred())

    ret := &MarkdownView{}
    err = k8sClient.Get(ctx, types.NamespacedName{Name: beforeView.GetName(), Namespace: beforeView.GetNamespace()}, ret)
    Expect(err).NotTo(HaveOccurred())

    y, err = os.ReadFile(after)
    Expect(err).NotTo(HaveOccurred())
    d = yaml.NewYAMLOrJSONDecoder(bytes.NewReader(y), 4096)
    afterView := &MarkdownView{}
    err = d.Decode(afterView)
    Expect(err).NotTo(HaveOccurred())

    Expect(ret.Spec).Should(Equal(afterView.Spec))
}

func validateTest(file string, valid bool) {
    ctx := context.Background()
    y, err := os.ReadFile(file)
    Expect(err).NotTo(HaveOccurred())
    d := yaml.NewYAMLOrJSONDecoder(bytes.NewReader(y), 4096)
    view := &MarkdownView{}
    err = d.Decode(view)
    Expect(err).NotTo(HaveOccurred())

    err = k8sClient.Create(ctx, view)

    if valid {
        Expect(err).NotTo(HaveOccurred(), "MarkdownView: %v", view)
    } else {
        Expect(err).To(HaveOccurred(), "MarkdownView: %v", view)
        statusErr := &apierrors.StatusError{}
        Expect(errors.As(err, &statusErr)).To(BeTrue())
        expected := view.Annotations["message"]
        Expect(statusErr.ErrStatus.Message).To(ContainSubstring(expected))
    }
}

var _ = Describe("MarkdownView Webhook", func() {
    Context("mutating", func() {
        It("should mutate a MarkdownView", func() {
            mutateTest(filepath.Join("testdata", "mutating", "before.yaml"), filepath.Join("testdata", "mutating", "after.yaml"))
        })
    })
    Context("validating", func() {
        It("should create a valid MarkdownView", func() {
            validateTest(filepath.Join("testdata", "validating", "valid.yaml"), true)
        })
        It("should not create invalid MarkdownViews", func() {
            validateTest(filepath.Join("testdata", "validating", "empty-markdowns.yaml"), false)
            validateTest(filepath.Join("testdata", "validating", "invalid-replicas.yaml"), false)
            validateTest(filepath.Join("testdata", "validating", "without-summary.yaml"), false)
        })
    })
})

MutatingWebhookのテストでは、入力となるマニフェストファイル(before.yaml)を利用してリソースを作成し、 作成されたリソースが期待値となるマニフェストファイル(after.yaml)の内容と一致することを確認しています。

ValidatingWebhookのテストでは、Validなマニフェストファイル(valid.yaml)を利用してリソースが作成できることと、 Invalidなマニフェストファイル(empty-markdowns.yaml, invalid-replicas.yaml, without-summary.yaml)を利用してリソースの作成に失敗することをテストしています。

最後に、make testでテストに通ることを確認しましょう。

results matching ""

    No results matching ""