kubeflow
/
manifests
mirror of https://github.com/kubeflow/manifests.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
manifests/tests/istio-base_test.go

251 lines
5.3 KiB
Go
Raw Blame History

package tests_test
import (
"sigs.k8s.io/kustomize/v3/k8sdeps/kunstruct"
"sigs.k8s.io/kustomize/v3/k8sdeps/transformer"
"sigs.k8s.io/kustomize/v3/pkg/fs"
"sigs.k8s.io/kustomize/v3/pkg/loader"
"sigs.k8s.io/kustomize/v3/pkg/plugins"
"sigs.k8s.io/kustomize/v3/pkg/resmap"
"sigs.k8s.io/kustomize/v3/pkg/resource"
"sigs.k8s.io/kustomize/v3/pkg/target"
"sigs.k8s.io/kustomize/v3/pkg/validators"
"testing"
)
func writeIstioBase(th *KustTestHarness) {
th.writeF("/manifests/istio/istio/base/kf-istio-resources.yaml", `
apiVersion: networking.istio.io/v1alpha3
kind: Gateway
metadata:
name: kubeflow-gateway
spec:
selector:
istio: $(gatewaySelector)
servers:
- port:
number: 80
name: http
protocol: HTTP
hosts:
- "*"
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: grafana-vs
spec:
hosts:
- "*"
gateways:
- "kubeflow-gateway"
http:
- match:
- uri:
prefix: "/istio/grafana/"
method:
exact: "GET"
rewrite:
uri: "/"
route:
- destination:
host: "grafana.istio-system.svc.cluster.local"
port:
number: 3000
---
apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
name: google-api-entry
spec:
hosts:
- www.googleapis.com
ports:
- number: 443
name: https
protocol: HTTPS
resolution: DNS
location: MESH_EXTERNAL
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: google-api-vs
spec:
hosts:
- www.googleapis.com
tls:
- match:
- port: 443
sni_hosts:
- www.googleapis.com
route:
- destination:
host: www.googleapis.com
port:
number: 443
weight: 100
---
apiVersion: networking.istio.io/v1alpha3
kind: ServiceEntry
metadata:
name: google-storage-api-entry
spec:
hosts:
- storage.googleapis.com
ports:
- number: 443
name: https
protocol: HTTPS
resolution: DNS
location: MESH_EXTERNAL
---
apiVersion: networking.istio.io/v1alpha3
kind: VirtualService
metadata:
name: google-storage-api-vs
spec:
hosts:
- storage.googleapis.com
tls:
- match:
- port: 443
sni_hosts:
- storage.googleapis.com
route:
- destination:
host: storage.googleapis.com
port:
number: 443
weight: 100
---
apiVersion: rbac.istio.io/v1alpha1
kind: ClusterRbacConfig
metadata:
name: default
spec:
mode: $(clusterRbacConfig)
`)
th.writeF("/manifests/istio/istio/base/cluster-roles.yaml", `
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kubeflow-istio-admin
labels:
rbac.authorization.kubeflow.org/aggregate-to-kubeflow-admin: "true"
aggregationRule:
clusterRoleSelectors:
- matchLabels:
rbac.authorization.kubeflow.org/aggregate-to-kubeflow-istio-admin: "true"
rules: []
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kubeflow-istio-edit
labels:
rbac.authorization.kubeflow.org/aggregate-to-kubeflow-edit: "true"
rbac.authorization.kubeflow.org/aggregate-to-kubeflow-istio-admin: "true"
rules:
- apiGroups: ["istio.io"]
resources: ["*"]
verbs:
- get
- list
- watch
- create
- delete
- deletecollection
- patch
- update
---
apiVersion: rbac.authorization.k8s.io/v1
kind: ClusterRole
metadata:
name: kubeflow-istio-view
labels:
rbac.authorization.kubeflow.org/aggregate-to-kubeflow-view: "true"
rules:
- apiGroups: ["istio.io"]
resources: ["*"]
verbs:
- get
- list
- watch
`)
th.writeF("/manifests/istio/istio/base/params.yaml", `
varReference:
- path: spec/mode
kind: ClusterRbacConfig
- path: spec/selector
kind: Gateway`)
th.writeF("/manifests/istio/istio/base/params.env", `
clusterRbacConfig=ON
gatewaySelector=ingressgateway`)
th.writeK("/manifests/istio/istio/base", `
apiVersion: kustomize.config.k8s.io/v1beta1
kind: Kustomization
resources:
- kf-istio-resources.yaml
- cluster-roles.yaml
namespace: kubeflow
configMapGenerator:
- name: istio-parameters
env: params.env
vars:
- name: clusterRbacConfig
objref:
kind: ConfigMap
name: istio-parameters
apiVersion: v1
fieldref:
fieldpath: data.clusterRbacConfig
- name: gatewaySelector
objref:
kind: ConfigMap
name: istio-parameters
apiVersion: v1
fieldref:
fieldpath: data.gatewaySelector
configurations:
- params.yaml
`)
}
func TestIstioBase(t *testing.T) {
th := NewKustTestHarness(t, "/manifests/istio/istio/base")
writeIstioBase(th)
m, err := th.makeKustTarget().MakeCustomizedResMap()
if err != nil {
t.Fatalf("Err: %v", err)
}
expected, err := m.AsYaml()
if err != nil {
t.Fatalf("Err: %v", err)
}
targetPath := "../istio/istio/base"
fsys := fs.MakeRealFS()
lrc := loader.RestrictionRootOnly
_loader, loaderErr := loader.NewLoader(lrc, validators.MakeFakeValidator(), targetPath, fsys)
if loaderErr != nil {
t.Fatalf("could not load kustomize loader: %v", loaderErr)
}
rf := resmap.NewFactory(resource.NewFactory(kunstruct.NewKunstructuredFactoryImpl()), transformer.NewFactoryImpl())
pc := plugins.DefaultPluginConfig()
kt, err := target.NewKustTarget(_loader, rf, transformer.NewFactoryImpl(), plugins.NewLoader(pc, rf))
if err != nil {
th.t.Fatalf("Unexpected construction error %v", err)
}
actual, err := kt.MakeCustomizedResMap()
if err != nil {
t.Fatalf("Err: %v", err)
}
th.assertActualEqualsExpected(actual, string(expected))
}
Reference in New Issue View Git Blame Copy Permalink