Webhookのテスト
テスト環境のセットアップ
Webhookもコントローラーのテストと同じくEnvtestを利用できます。 Kubebuilderによってテストを実行するためのコードが以下のように生成されています。
/*
Copyright 2023.
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/
package v1
import (
"context"
"crypto/tls"
"fmt"
"net"
"path/filepath"
"testing"
"time"
. "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
admissionv1 "k8s.io/api/admission/v1"
//+kubebuilder:scaffold:imports
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/client-go/rest"
ctrl "sigs.k8s.io/controller-runtime"
"sigs.k8s.io/controller-runtime/pkg/client"
"sigs.k8s.io/controller-runtime/pkg/envtest"
logf "sigs.k8s.io/controller-runtime/pkg/log"
"sigs.k8s.io/controller-runtime/pkg/log/zap"
)
// These tests use Ginkgo (BDD-style Go testing framework). Refer to
// http://onsi.github.io/ginkgo/ to learn more about Ginkgo.
var cfg *rest.Config
var k8sClient client.Client
var testEnv *envtest.Environment
var ctx context.Context
var cancel context.CancelFunc
func TestAPIs(t *testing.T) {
RegisterFailHandler(Fail)
RunSpecs(t, "Webhook Suite")
}
var _ = BeforeSuite(func() {
logf.SetLogger(zap.New(zap.WriteTo(GinkgoWriter), zap.UseDevMode(true)))
ctx, cancel = context.WithCancel(context.TODO())
By("bootstrapping test environment")
testEnv = &envtest.Environment{
CRDDirectoryPaths: []string{filepath.Join("..", "..", "config", "crd", "bases")},
ErrorIfCRDPathMissing: false,
WebhookInstallOptions: envtest.WebhookInstallOptions{
Paths: []string{filepath.Join("..", "..", "config", "webhook")},
},
}
var err error
// cfg is defined in this file globally.
cfg, err = testEnv.Start()
Expect(err).NotTo(HaveOccurred())
Expect(cfg).NotTo(BeNil())
scheme := runtime.NewScheme()
err = AddToScheme(scheme)
Expect(err).NotTo(HaveOccurred())
err = admissionv1.AddToScheme(scheme)
Expect(err).NotTo(HaveOccurred())
//+kubebuilder:scaffold:scheme
k8sClient, err = client.New(cfg, client.Options{Scheme: scheme})
Expect(err).NotTo(HaveOccurred())
Expect(k8sClient).NotTo(BeNil())
// start webhook server using Manager
webhookInstallOptions := &testEnv.WebhookInstallOptions
mgr, err := ctrl.NewManager(cfg, ctrl.Options{
Scheme: scheme,
Host: webhookInstallOptions.LocalServingHost,
Port: webhookInstallOptions.LocalServingPort,
CertDir: webhookInstallOptions.LocalServingCertDir,
LeaderElection: false,
MetricsBindAddress: "0",
})
Expect(err).NotTo(HaveOccurred())
err = (&MarkdownView{}).SetupWebhookWithManager(mgr)
Expect(err).NotTo(HaveOccurred())
//+kubebuilder:scaffold:webhook
go func() {
defer GinkgoRecover()
err = mgr.Start(ctx)
Expect(err).NotTo(HaveOccurred())
}()
// wait for the webhook server to get ready
dialer := &net.Dialer{Timeout: time.Second}
addrPort := fmt.Sprintf("%s:%d", webhookInstallOptions.LocalServingHost, webhookInstallOptions.LocalServingPort)
Eventually(func() error {
conn, err := tls.DialWithDialer(dialer, "tcp", addrPort, &tls.Config{InsecureSkipVerify: true})
if err != nil {
return err
}
conn.Close()
return nil
}).Should(Succeed())
})
var _ = AfterSuite(func() {
cancel()
By("tearing down the test environment")
err := testEnv.Stop()
Expect(err).NotTo(HaveOccurred())
})
基本的にはコントローラーのテストコードと似ていますが、envtest.Environmentを作成する際に、Webhook用のマニフェストのパスを指定したり、
ctrl.NewManagerを呼び出す際にHost,Port,CertDirのパラメータをtestEnvのパラメータで上書きする必要があります。
Webhookのテスト
Webhookのテストコードを書いてみましょう。
package v1
import (
"bytes"
"context"
"errors"
"os"
"path/filepath"
. "github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
apierrors "k8s.io/apimachinery/pkg/api/errors"
"k8s.io/apimachinery/pkg/types"
"k8s.io/apimachinery/pkg/util/yaml"
)
func mutateTest(before string, after string) {
ctx := context.Background()
y, err := os.ReadFile(before)
Expect(err).NotTo(HaveOccurred())
d := yaml.NewYAMLOrJSONDecoder(bytes.NewReader(y), 4096)
beforeView := &MarkdownView{}
err = d.Decode(beforeView)
Expect(err).NotTo(HaveOccurred())
err = k8sClient.Create(ctx, beforeView)
Expect(err).NotTo(HaveOccurred())
ret := &MarkdownView{}
err = k8sClient.Get(ctx, types.NamespacedName{Name: beforeView.GetName(), Namespace: beforeView.GetNamespace()}, ret)
Expect(err).NotTo(HaveOccurred())
y, err = os.ReadFile(after)
Expect(err).NotTo(HaveOccurred())
d = yaml.NewYAMLOrJSONDecoder(bytes.NewReader(y), 4096)
afterView := &MarkdownView{}
err = d.Decode(afterView)
Expect(err).NotTo(HaveOccurred())
Expect(ret.Spec).Should(Equal(afterView.Spec))
}
func validateTest(file string, valid bool) {
ctx := context.Background()
y, err := os.ReadFile(file)
Expect(err).NotTo(HaveOccurred())
d := yaml.NewYAMLOrJSONDecoder(bytes.NewReader(y), 4096)
view := &MarkdownView{}
err = d.Decode(view)
Expect(err).NotTo(HaveOccurred())
err = k8sClient.Create(ctx, view)
if valid {
Expect(err).NotTo(HaveOccurred(), "MarkdownView: %v", view)
} else {
Expect(err).To(HaveOccurred(), "MarkdownView: %v", view)
statusErr := &apierrors.StatusError{}
Expect(errors.As(err, &statusErr)).To(BeTrue())
expected := view.Annotations["message"]
Expect(statusErr.ErrStatus.Message).To(ContainSubstring(expected))
}
}
var _ = Describe("MarkdownView Webhook", func() {
Context("mutating", func() {
It("should mutate a MarkdownView", func() {
mutateTest(filepath.Join("testdata", "mutating", "before.yaml"), filepath.Join("testdata", "mutating", "after.yaml"))
})
})
Context("validating", func() {
It("should create a valid MarkdownView", func() {
validateTest(filepath.Join("testdata", "validating", "valid.yaml"), true)
})
It("should not create invalid MarkdownViews", func() {
validateTest(filepath.Join("testdata", "validating", "empty-markdowns.yaml"), false)
validateTest(filepath.Join("testdata", "validating", "invalid-replicas.yaml"), false)
validateTest(filepath.Join("testdata", "validating", "without-summary.yaml"), false)
})
})
})
MutatingWebhookのテストでは、入力となるマニフェストファイル(before.yaml)を利用してリソースを作成し、 作成されたリソースが期待値となるマニフェストファイル(after.yaml)の内容と一致することを確認しています。
ValidatingWebhookのテストでは、Validなマニフェストファイル(valid.yaml)を利用してリソースが作成できることと、 Invalidなマニフェストファイル(empty-markdowns.yaml, invalid-replicas.yaml, without-summary.yaml)を利用してリソースの作成に失敗することをテストしています。
最後に、make testでテストに通ることを確認しましょう。