[Skip-CIi] Add tests

This commit is contained in:
erik 2022-09-27 15:45:13 +02:00
parent de88a5d807
commit 6708fae81c
2 changed files with 136 additions and 15 deletions

View file

@ -10,6 +10,7 @@
:cljs [cljs.reader :as edn]) :cljs [cljs.reader :as edn])
[dda.c4k-common.yaml :as yaml] [dda.c4k-common.yaml :as yaml]
[dda.c4k-common.common :as cm] [dda.c4k-common.common :as cm]
[dda.c4k-common.base64 :as b64]
[dda.c4k-common.predicate :as pred])) [dda.c4k-common.predicate :as pred]))
(defn domain-list? (defn domain-list?
@ -135,9 +136,11 @@
(defn-spec generate-website-build-secret pred/map-or-seq? (defn-spec generate-website-build-secret pred/map-or-seq?
[auth auth?] [auth auth?]
(let [{:keys [fqdn token url]} config] (let [{:keys [fqdn
token
url]} auth]
(-> (->
(yaml/load-as-edn "website/website-build-secrets.yaml") (yaml/load-as-edn "website/website-build-secret.yaml")
(replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn fqdn)) (replace-all-matching-subvalues-in-string-start "NAME" (unique-name-from-fqdn fqdn))
(cm/replace-all-matching-values-by-new-value "TOKEN" (b64/encode token)) (cm/replace-all-matching-values-by-new-value "TOKEN" (b64/encode token))
(cm/replace-all-matching-values-by-new-value "URL" (b64/encode url))))) (cm/replace-all-matching-values-by-new-value "URL" (b64/encode url)))))

View file

@ -20,27 +20,145 @@
:fqdn "test.de"}))))) :fqdn "test.de"})))))
(deftest should-generate-ingress (deftest should-generate-ingress
(is (= {:hosts-c1 "test.de", (is (= {:apiVersion "networking.k8s.io/v1",
:hosts-c2 "test.com", :kind "Ingress",
:host-c1 "test.de", :metadata
:host-c2 "test.com"} {:name "test-de-ingress",
(th/map-diff (cut/generate-ingress {:fqdn "test.de" :namespace "default",
}) :annotations
(cut/generate-ingress {:fqdn "test.com" {:ingress.kubernetes.io/ssl-redirect "true",
}))))) :traefik.ingress.kubernetes.io/router.middlewares "default-redirect-https@kubernetescrd"}},
:spec
{:tls [{:hosts ["test.de"], :secretName "test-de-cert"}],
:rules
[{:host "test.de",
:http {:paths [{:pathType "Prefix", :path "/", :backend {:service {:name "test-de-service", :port {:number 80}}}}]}}]}}
(cut/generate-ingress {:fqdn "test.de"}))))
(deftest should-generate-nginx-configmap (deftest should-generate-nginx-configmap
(is (= {:website.conf-c1 "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n listen 443 ssl;\n ssl_certificate /etc/certs/tls.crt;\n ssl_certificate_key /etc/certs/tls.key;\n server_name test.de;\n # security headers\n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';\n add_header Content-Security-Policy \"default-src 'self'; font-src *;img-src * data:; script-src *; style-src *\";\n add_header X-XSS-Protection \"1; mode=block\";\n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # maybe need to add:\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n # root /usr/share/nginx/html/; # testing purposes\n index index.html;\n try_files $uri /index.html;\n}", (is (= {:website.conf-c1 "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n listen 443 ssl;\n ssl_certificate /etc/certs/tls.crt;\n ssl_certificate_key /etc/certs/tls.key;\n server_name test.de;\n # security headers\n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';\n add_header Content-Security-Policy \"default-src 'self'; font-src *;img-src * data:; script-src *; style-src *\";\n add_header X-XSS-Protection \"1; mode=block\";\n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # maybe need to add:\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n # root /usr/share/nginx/html/; # testing purposes\n index index.html;\n location / { \n try_files $uri $uri/ /index.html =404; \n }\n}",
:website.conf-c2 "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n listen 443 ssl;\n ssl_certificate /etc/certs/tls.crt;\n ssl_certificate_key /etc/certs/tls.key;\n server_name test.com;\n # security headers\n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';\n add_header Content-Security-Policy \"default-src 'self'; font-src *;img-src * data:; script-src *; style-src *\";\n add_header X-XSS-Protection \"1; mode=block\";\n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # maybe need to add:\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n # root /usr/share/nginx/html/; # testing purposes\n index index.html;\n try_files $uri /index.html;\n}"} :website.conf-c2 "server {\n listen 80 default_server;\n listen [::]:80 default_server;\n listen 443 ssl;\n ssl_certificate /etc/certs/tls.crt;\n ssl_certificate_key /etc/certs/tls.key;\n server_name test.com;\n # security headers\n add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains; preload';\n add_header Content-Security-Policy \"default-src 'self'; font-src *;img-src * data:; script-src *; style-src *\";\n add_header X-XSS-Protection \"1; mode=block\";\n add_header X-Frame-Options \"SAMEORIGIN\";\n add_header X-Content-Type-Options nosniff;\n add_header Referrer-Policy \"strict-origin\";\n # maybe need to add:\n # add_header Permissions-Policy \"permissions here\";\n root /var/www/html/website/;\n # root /usr/share/nginx/html/; # testing purposes\n index index.html;\n location / { \n try_files $uri $uri/ /index.html =404; \n }\n}",
:name-c1 "test-de-configmap",
:name-c2 "test-com-configmap"}
(th/map-diff (cut/generate-nginx-configmap {:fqdn "test.de" (th/map-diff (cut/generate-nginx-configmap {:fqdn "test.de"
}) })
(cut/generate-nginx-configmap {:fqdn "test.com" (cut/generate-nginx-configmap {:fqdn "test.com"
}))))) })))))
(deftest should-generate-nginx-deployment
(is (= {:apiVersion "apps/v1",
:kind "Deployment",
:metadata {:name "test-de-deployment"},
:spec
{:replicas 1,
:selector {:matchLabels {:app "test-de-nginx"}},
:template
{:metadata {:labels {:app "test-de-nginx"}},
:spec
{:containers
[{:name "test-de-nginx",
:image "nginx:latest",
:imagePullPolicy "Always",
:ports [{:containerPort 80}],
:volumeMounts
[{:mountPath "/etc/nginx", :readOnly true, :name "nginx-config-volume"}
{:mountPath "/var/log/nginx", :name "log"}
{:mountPath "/var/www/html/website", :name "website-content-volume"}
{:mountPath "/etc/certs", :name "website-cert", :readOnly true}]}],
:volumes
[{:name "nginx-config-volume",
:configMap
{:name "test-de-configmap",
:items
[{:key "nginx.conf", :path "nginx.conf"}
{:key "website.conf", :path "conf.d/website.conf"}
{:key "mime.types", :path "mime.types"}]}}
{:name "log", :emptyDir {}}
{:name "website-content-volume", :persistentVolumeClaim {:claimName "test-de-content-pvc"}}
{:name "website-cert",
:secret
{:secretName "test-de-cert", :items [{:key "tls.crt", :path "tls.crt"} {:key "tls.key", :path "tls.key"}]}}]}}}}
(cut/generate-nginx-deployment {:fqdn "test.de"}))))
(deftest should-generate-nginx-service ;todo
(is (= {:name-c1 "test-de-service",
:name-c2 "test-com-service",
:app-c1 "test-de-nginx",
:app-c2 "test-com-nginx"
}
(th/map-diff (cut/generate-nginx-service {:fqdn "test.de"})
(cut/generate-nginx-service {:fqdn "test.com"})))))
(deftest should-generate-website-build-cron ;todo
(is (= {:apiVersion "batch/v1beta1",
:kind "CronJob",
:metadata {:name "test-de-build-cron", :labels {:app.kubernetes.part-of "website"}},
:spec
{:schedule "10 23 * * *",
:successfulJobsHistoryLimit 1,
:failedJobsHistoryLimit 1,
:jobTemplate
{:spec
{:template
{:spec
{:containers
[{:image "domaindrivenarchitecture/c4k-website-build",
:name "test-de-build-app",
:imagePullPolicy "IfNotPresent",
:command ["/entrypoint.sh"],
:envFrom [{:secretRef {:name "test-de-secret"}}],
:volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}]}],
:volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-de-content-pvc"}}],
:restartPolicy "OnFailure"}}}}}}
(cut/generate-website-build-cron {:fqdn "test.de"}))))
(deftest should-generate-website-build-deployment
(is (= {:apiVersion "apps/v1",
:kind "Deployment",
:metadata {:name "test-de-build-deployment"},
:spec
{:replicas 0,
:selector {:matchLabels {:app "test-de-builder"}},
:strategy {:type "Recreate"},
:template
{:metadata
{:labels {:app "test-de-builder", :app.kubernetes.io/name "test-de-builder", :app.kubernetes.io/part-of "website"}},
:spec
{:containers
[{:image "domaindrivenarchitecture/c4k-website-build",
:name "test-de-build-app",
:imagePullPolicy "IfNotPresent",
:command ["/entrypoint.sh"],
:envFrom [{:secretRef {:name "test-de-secret"}}],
:volumeMounts [{:name "content-volume", :mountPath "/var/www/html/website"}]}],
:volumes [{:name "content-volume", :persistentVolumeClaim {:claimName "test-de-content-pvc"}}]}}}}
(cut/generate-website-build-deployment {:fqdn "test.de"}))))
(deftest should-generate-website-build-secret
(is (= {:name-c1 "test-de-secret",
:name-c2 "test-com-secret",
:AUTHTOKEN-c1 (b64/encode "token1"),
:AUTHTOKEN-c2 (b64/encode "token2"),
:REPOZIPURL-c1 (b64/encode "test.de/user/repo.git"),
:REPOZIPURL-c2 (b64/encode "test.com/user/repo.git")}
(th/map-diff (cut/generate-website-build-secret {:fqdn "test.de"
:token "token1"
:url "test.de/user/repo.git"})
(cut/generate-website-build-secret {:fqdn "test.com"
:token "token2"
:url "test.com/user/repo.git"})))))
(deftest should-generate-website-content-volume (deftest should-generate-website-content-volume
(is (= {:storage-c1 "2Gi", (is (= {:storage-c1 "2Gi",
:storage-c2 "10Gi"} :storage-c2 "10Gi",
(th/map-diff (cut/generate-website-content-volume {:volume-total-storage-size 10 :name-c1 "test-de-content-volume",
:name-c2 "test-com-content-volume",
:app-c1 "test-de-nginx",
:app-c2 "test-com-nginx"}
(th/map-diff (cut/generate-website-content-volume {:fqdn "test.de"
:volume-total-storage-size 10
:number-of-websites 5}) :number-of-websites 5})
(cut/generate-website-content-volume {:volume-total-storage-size 50 (cut/generate-website-content-volume {:fqdn "test.com"
:volume-total-storage-size 50
:number-of-websites 5}))))) :number-of-websites 5})))))