1 package integration
2
3 import (
4 "context"
5 "fmt"
6 "net"
7 "os"
8 "strings"
9 "testing"
10 "time"
11
12 "github.com/stretchr/testify/assert"
13 "github.com/stretchr/testify/require"
14 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
15
16 corev1 "k8s.io/api/core/v1"
17
18 v1cluster "edge-infra.dev/pkg/edge/apis/cluster/v1alpha1"
19 "edge-infra.dev/pkg/sds/remoteaccess/constants"
20 v1vpnconfig "edge-infra.dev/pkg/sds/remoteaccess/k8s/apis/vpnconfigs/v1"
21 s "edge-infra.dev/pkg/sds/remoteaccess/wireguard/store"
22 "edge-infra.dev/test/f2"
23 "edge-infra.dev/test/f2/x/ktest"
24 )
25
26 var f f2.Framework
27
28 var (
29 projectID = "ret-edge-b79we3ikmc7j9mihuwst2"
30 testPublicKey = "wbWuHrJEPC2Ui7XVQoWuM/8HZAG1FlLC/08L2vvEEgw="
31
32 isEnabled = true
33
34 inSubnetIPAddress = "172.16.16.12"
35
36 clusterAName = "cluster-a"
37 testClusterA = createCluster(clusterAName)
38
39 testVPNConfig = createVPNConfig(clusterAName, inSubnetIPAddress, isEnabled)
40
41 expectedStoreSecretInterfaceLines = []string{
42 "[Interface]",
43 }
44 expectedStoreSecretPeerLines = []string{
45 "",
46 "[Peer]",
47 }
48
49 vpnNamespace = &corev1.Namespace{
50 ObjectMeta: metav1.ObjectMeta{
51 Name: constants.VPNNamespace,
52 },
53 }
54 )
55
56 func TestMain(m *testing.M) {
57 f = f2.New(context.Background(),
58 f2.WithExtensions(
59 ktest.New(),
60 )).
61 Setup(func(ctx f2.Context) (f2.Context, error) {
62 k, err := ktest.FromContext(ctx)
63 if err != nil {
64 return ctx, err
65 }
66
67 if !*k.Env.UseExistingCluster {
68 k.Timeout = 5 * time.Second
69 k.Tick = 10 * time.Millisecond
70 }
71 return ctx, nil
72 }).Teardown()
73 os.Exit(f.Run(m))
74 }
75
76 func TestStoreWireguard(t *testing.T) {
77 var (
78 store *s.Store
79 subnet *net.IPNet
80 clientIP net.IP
81 relayIP net.IP
82 )
83 feature := f2.NewFeature("StoreWireguard").
84 Setup("create wireguard instances", func(ctx f2.Context, t *testing.T) f2.Context {
85 var err error
86 k := ktest.FromContextT(ctx, t)
87 require.NoError(t, k.Client.Create(ctx, vpnNamespace.DeepCopy()))
88
89 store, err = s.Get(ctx, k.Client, testVPNConfig.DeepCopy(), testClusterA)
90 require.NoError(t, err)
91
92 storeIP := net.ParseIP("172.16.16.120")
93 require.NoError(t, store.UpdateIPAddress(ctx, k.Client, constants.StoreName, clusterAName, storeIP))
94 return ctx
95 }).
96 Setup("create subnet and client IP", func(ctx f2.Context, t *testing.T) f2.Context {
97 var err error
98 _, subnet, err = net.ParseCIDR("172.16.16.0/28")
99 require.NoError(t, err)
100
101 clientIP = net.ParseIP("172.16.16.1")
102
103 relayIP = net.ParseIP("34.148.150.151")
104 return ctx
105 }).
106 Test("store secret contains expected data", func(ctx f2.Context, t *testing.T) f2.Context {
107 secretData := store.GenerateConfigurationSecretData(subnet, clientIP, relayIP, testPublicKey)
108 secretLines := strings.Split(string(secretData), "\n")
109
110
111 assert.Equal(t, expectedStoreSecretInterfaceLines, secretLines[:1])
112 assert.Equal(t, expectedStoreSecretPeerLines, secretLines[4:6])
113
114
115 expectedInterfaceLine := fmt.Sprintf("Address = %s/28", store.GetIPAddress())
116 assert.Equal(t, expectedInterfaceLine, secretLines[2])
117
118
119 expectedMTULine := fmt.Sprintf("MTU = %s", constants.MTU)
120 assert.Equal(t, expectedMTULine, secretLines[3])
121
122
123 expectedEndpointLine := fmt.Sprintf("Endpoint = %s:51820", relayIP)
124 assert.Equal(t, expectedEndpointLine, secretLines[7])
125
126
127 expectedRelayPublicKeyLine := fmt.Sprintf("PublicKey = %s", testPublicKey)
128 assert.Equal(t, expectedRelayPublicKeyLine, secretLines[8])
129
130
131 expectedStoreAllowedIPsLine := fmt.Sprintf("AllowedIPs = %s/32", clientIP)
132 assert.Equal(t, expectedStoreAllowedIPsLine, secretLines[9])
133 return ctx
134 }).Feature()
135
136 f.Test(t, feature)
137 }
138
139 func createCluster(name string) *v1cluster.Cluster {
140 return &v1cluster.Cluster{
141 ObjectMeta: metav1.ObjectMeta{Name: name},
142 Spec: v1cluster.ClusterSpec{
143 Banner: "dev0-zynstra",
144 Fleet: "store",
145 Location: "us-east1-c",
146 Name: "4c4d-30-05-22",
147 Organization: "edge-dev0-retail-gmi062",
148 ProjectID: projectID,
149 Type: "sds",
150 },
151 }
152 }
153
154 func createVPNConfig(name, ip string, enabled bool) *v1vpnconfig.VPNConfig {
155 return &v1vpnconfig.VPNConfig{
156 TypeMeta: metav1.TypeMeta{Kind: "VPNConfig", APIVersion: "remoteaccess.edge.ncr.com"},
157 ObjectMeta: metav1.ObjectMeta{Namespace: constants.VPNNamespace, Name: name, UID: "1234"},
158 Spec: v1vpnconfig.VPNConfigSpec{
159 Enabled: enabled,
160 },
161 Status: &v1vpnconfig.VPNConfigStatus{
162 IP: ip,
163 },
164 }
165 }
166
View as plain text