1
16
17 package v1beta1_test
18
19 import (
20 "testing"
21
22 "github.com/google/go-cmp/cmp"
23
24 v1beta1 "k8s.io/api/admissionregistration/v1beta1"
25 apiequality "k8s.io/apimachinery/pkg/api/equality"
26 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
27 "k8s.io/apimachinery/pkg/runtime"
28 "k8s.io/kubernetes/pkg/api/legacyscheme"
29 _ "k8s.io/kubernetes/pkg/apis/admissionregistration/install"
30 utilpointer "k8s.io/utils/pointer"
31 )
32
33 func TestDefaultAdmissionWebhook(t *testing.T) {
34 ignore := v1beta1.Ignore
35 exact := v1beta1.Exact
36 never := v1beta1.NeverReinvocationPolicy
37 thirty := int32(30)
38 allScopes := v1beta1.AllScopes
39 unknown := v1beta1.SideEffectClassUnknown
40
41 tests := []struct {
42 name string
43 original runtime.Object
44 expected runtime.Object
45 }{
46 {
47 name: "ValidatingWebhookConfiguration",
48 original: &v1beta1.ValidatingWebhookConfiguration{
49 Webhooks: []v1beta1.ValidatingWebhook{{}},
50 },
51 expected: &v1beta1.ValidatingWebhookConfiguration{
52 Webhooks: []v1beta1.ValidatingWebhook{{
53 FailurePolicy: &ignore,
54 MatchPolicy: &exact,
55 TimeoutSeconds: &thirty,
56 NamespaceSelector: &metav1.LabelSelector{},
57 ObjectSelector: &metav1.LabelSelector{},
58 SideEffects: &unknown,
59 AdmissionReviewVersions: []string{"v1beta1"},
60 }},
61 },
62 },
63 {
64 name: "MutatingWebhookConfiguration",
65 original: &v1beta1.MutatingWebhookConfiguration{
66 Webhooks: []v1beta1.MutatingWebhook{{}},
67 },
68 expected: &v1beta1.MutatingWebhookConfiguration{
69 Webhooks: []v1beta1.MutatingWebhook{{
70 FailurePolicy: &ignore,
71 MatchPolicy: &exact,
72 ReinvocationPolicy: &never,
73 TimeoutSeconds: &thirty,
74 NamespaceSelector: &metav1.LabelSelector{},
75 ObjectSelector: &metav1.LabelSelector{},
76 SideEffects: &unknown,
77 AdmissionReviewVersions: []string{"v1beta1"},
78 }},
79 },
80 },
81 {
82 name: "scope=*",
83 original: &v1beta1.MutatingWebhookConfiguration{
84 Webhooks: []v1beta1.MutatingWebhook{{
85 Rules: []v1beta1.RuleWithOperations{{}},
86 }},
87 },
88 expected: &v1beta1.MutatingWebhookConfiguration{
89 Webhooks: []v1beta1.MutatingWebhook{{
90 Rules: []v1beta1.RuleWithOperations{{Rule: v1beta1.Rule{
91 Scope: &allScopes,
92 }}},
93 FailurePolicy: &ignore,
94 MatchPolicy: &exact,
95 ReinvocationPolicy: &never,
96 TimeoutSeconds: &thirty,
97 NamespaceSelector: &metav1.LabelSelector{},
98 ObjectSelector: &metav1.LabelSelector{},
99 SideEffects: &unknown,
100 AdmissionReviewVersions: []string{"v1beta1"},
101 }},
102 },
103 },
104 {
105 name: "port=443",
106 original: &v1beta1.MutatingWebhookConfiguration{
107 Webhooks: []v1beta1.MutatingWebhook{{
108 ClientConfig: v1beta1.WebhookClientConfig{
109 Service: &v1beta1.ServiceReference{},
110 },
111 }},
112 },
113 expected: &v1beta1.MutatingWebhookConfiguration{
114 Webhooks: []v1beta1.MutatingWebhook{{
115 ClientConfig: v1beta1.WebhookClientConfig{
116 Service: &v1beta1.ServiceReference{
117 Port: utilpointer.Int32(443),
118 },
119 },
120 FailurePolicy: &ignore,
121 MatchPolicy: &exact,
122 ReinvocationPolicy: &never,
123 TimeoutSeconds: &thirty,
124 NamespaceSelector: &metav1.LabelSelector{},
125 ObjectSelector: &metav1.LabelSelector{},
126 SideEffects: &unknown,
127 AdmissionReviewVersions: []string{"v1beta1"},
128 }},
129 },
130 },
131 }
132
133 for _, test := range tests {
134 t.Run(test.name, func(t *testing.T) {
135 original := test.original
136 expected := test.expected
137 legacyscheme.Scheme.Default(original)
138 if !apiequality.Semantic.DeepEqual(original, expected) {
139 t.Error(cmp.Diff(expected, original))
140 }
141 })
142 }
143 }
144
145 func TestDefaultAdmissionPolicy(t *testing.T) {
146 fail := v1beta1.Fail
147 equivalent := v1beta1.Equivalent
148 allScopes := v1beta1.AllScopes
149
150 tests := []struct {
151 name string
152 original runtime.Object
153 expected runtime.Object
154 }{
155 {
156 name: "ValidatingAdmissionPolicy",
157 original: &v1beta1.ValidatingAdmissionPolicy{
158 Spec: v1beta1.ValidatingAdmissionPolicySpec{
159 MatchConstraints: &v1beta1.MatchResources{},
160 },
161 },
162 expected: &v1beta1.ValidatingAdmissionPolicy{
163 Spec: v1beta1.ValidatingAdmissionPolicySpec{
164 MatchConstraints: &v1beta1.MatchResources{
165 MatchPolicy: &equivalent,
166 NamespaceSelector: &metav1.LabelSelector{},
167 ObjectSelector: &metav1.LabelSelector{},
168 },
169 FailurePolicy: &fail,
170 },
171 },
172 },
173 {
174 name: "ValidatingAdmissionPolicyBinding",
175 original: &v1beta1.ValidatingAdmissionPolicyBinding{
176 Spec: v1beta1.ValidatingAdmissionPolicyBindingSpec{
177 MatchResources: &v1beta1.MatchResources{},
178 },
179 },
180 expected: &v1beta1.ValidatingAdmissionPolicyBinding{
181 Spec: v1beta1.ValidatingAdmissionPolicyBindingSpec{
182 MatchResources: &v1beta1.MatchResources{
183 MatchPolicy: &equivalent,
184 NamespaceSelector: &metav1.LabelSelector{},
185 ObjectSelector: &metav1.LabelSelector{},
186 },
187 },
188 },
189 },
190 {
191 name: "scope=*",
192 original: &v1beta1.ValidatingAdmissionPolicy{
193 Spec: v1beta1.ValidatingAdmissionPolicySpec{
194 MatchConstraints: &v1beta1.MatchResources{
195 ResourceRules: []v1beta1.NamedRuleWithOperations{{}},
196 },
197 },
198 },
199 expected: &v1beta1.ValidatingAdmissionPolicy{
200 Spec: v1beta1.ValidatingAdmissionPolicySpec{
201 MatchConstraints: &v1beta1.MatchResources{
202 MatchPolicy: &equivalent,
203 NamespaceSelector: &metav1.LabelSelector{},
204 ObjectSelector: &metav1.LabelSelector{},
205 ResourceRules: []v1beta1.NamedRuleWithOperations{
206 {
207 RuleWithOperations: v1beta1.RuleWithOperations{
208 Rule: v1beta1.Rule{
209 Scope: &allScopes,
210 },
211 },
212 },
213 },
214 },
215 FailurePolicy: &fail,
216 },
217 },
218 },
219 }
220
221 for _, test := range tests {
222 t.Run(test.name, func(t *testing.T) {
223 original := test.original
224 expected := test.expected
225 legacyscheme.Scheme.Default(original)
226 if !apiequality.Semantic.DeepEqual(original, expected) {
227 t.Error(cmp.Diff(expected, original))
228 }
229 })
230 }
231 }
232
View as plain text