🧹 Add back more k8s tests (#2789)

Fixes #2157 Signed-off-by: Christian Zunker <[email protected]>
mondoohq · Dec 11, 2023 · 8489ea1 · 8489ea1
1 parent afcfb4e
commit 8489ea1
Show file tree

Hide file tree

Showing 3 changed files with 284 additions and 168 deletions.
diff --git a/providers/k8s/connection/manifest/connection_test.go b/providers/k8s/connection/manifest/connection_test.go
@@ -103,112 +103,3 @@ func TestManifestDiscovery(t *testing.T) {
 	require.NoError(t, err)
 	require.Len(t, inv.Spec.Assets, 1)
 }
-
-// type K8sObjectKindTest struct {
-// 	kind string
-// }
-
-// func TestManifestFiles(t *testing.T) {
-// 	tests := []K8sObjectKindTest{
-// 		{kind: "cronjob"},
-// 		{kind: "job"},
-// 		{kind: "deployment"},
-// 		{kind: "pod"},
-// 		{kind: "statefulset"},
-// 		{kind: "replicaset"},
-// 		{kind: "daemonset"},
-// 	}
-// 	for _, testCase := range tests {
-// 		t.Run("k8s "+testCase.kind, func(t *testing.T) {
-// 			manifestFile := "./resources/testdata/" + testCase.kind + ".yaml"
-// 			provider, err := newManifestProvider("", testCase.kind, WithManifestFile(manifestFile))
-// 			require.NoError(t, err)
-// 			require.NotNil(t, provider)
-// 			res, err := provider.Resources(testCase.kind, "mondoo", "default")
-// 			require.NoError(t, err)
-// 			assert.Equal(t, "mondoo", res.Name)
-// 			assert.Equal(t, testCase.kind, res.Kind)
-// 			assert.Equal(t, "k8s-manifest", provider.PlatformInfo().Runtime)
-// 			assert.Equal(t, 1, len(res.Resources))
-// 			podSpec, err := resources.GetPodSpec(res.Resources[0])
-// 			require.NoError(t, err)
-// 			assert.NotNil(t, podSpec)
-// 			containers, err := resources.GetContainers(res.Resources[0])
-// 			require.NoError(t, err)
-// 			assert.Equal(t, 1, len(containers))
-// 			initContainers, err := resources.GetInitContainers(res.Resources[0])
-// 			require.NoError(t, err)
-// 			assert.Equal(t, 0, len(initContainers))
-// 		})
-// 	}
-// }
-
-// func TestManifestFile_CustomResource(t *testing.T) {
-// 	manifestFile := "./resources/testdata/cr/tekton.yaml"
-// 	provider, err := newManifestProvider("", "", WithManifestFile(manifestFile))
-// 	require.NoError(t, err)
-// 	require.NotNil(t, provider)
-
-// 	name := "demo-pipeline"
-// 	namespace := "default"
-// 	kind := "pipeline.tekton.dev"
-// 	res, err := provider.Resources(kind, name, namespace)
-// 	require.NoError(t, err)
-// 	assert.Equal(t, name, res.Name)
-// 	assert.Equal(t, namespace, res.Namespace)
-// 	assert.Equal(t, kind, res.Kind)
-// 	assert.Equal(t, "k8s-manifest", provider.PlatformInfo().Runtime)
-// 	assert.Equal(t, 1, len(res.Resources))
-// }
-
-// func TestManifestFileProvider(t *testing.T) {
-// 	t.Run("k8s manifest provider with file", func(t *testing.T) {
-// 		manifestFile := "./resources/testdata/pod.yaml"
-// 		provider, err := NewManifestProvider("", "", WithManifestFile(manifestFile))
-// 		require.NoError(t, err)
-// 		require.NotNil(t, provider)
-// 		assert.Equal(t, "k8s-manifest", provider.PlatformInfo().Name)
-// 		assert.Equal(t, "k8s-manifest", provider.PlatformInfo().Runtime)
-// 		assert.Equal(t, providers.Kind_KIND_CODE, provider.PlatformInfo().Kind)
-// 		assert.Contains(t, provider.PlatformInfo().Family, "k8s")
-// 	})
-// }
-
-// func TestManifestContentProvider(t *testing.T) {
-// 	t.Run("k8s manifest provider with content", func(t *testing.T) {
-// 		manifestFile := "./resources/testdata/pod.yaml"
-// 		data, err := os.ReadFile(manifestFile)
-// 		require.NoError(t, err)
-
-// 		provider, err := newManifestProvider("", "", WithManifestContent(data))
-// 		require.NoError(t, err)
-// 		require.NotNil(t, provider)
-// 		name, err := provider.Name()
-// 		require.NoError(t, err)
-// 		assert.Equal(t, "K8s Manifest", name)
-// 		assert.Equal(t, "k8s-manifest", provider.PlatformInfo().Name)
-// 		assert.Equal(t, "k8s-manifest", provider.PlatformInfo().Runtime)
-// 		assert.Equal(t, providers.Kind_KIND_CODE, provider.PlatformInfo().Kind)
-// 		assert.Contains(t, provider.PlatformInfo().Family, "k8s")
-// 	})
-// }
-
-// func TestLoadManifestDirRecursively(t *testing.T) {
-// 	manifests, err := loadManifestFile("./resources/testdata/")
-// 	require.NoError(t, err)
-
-// 	manifestsAsString := string(manifests[:])
-// 	// This is content from files of the root dir
-// 	assert.Contains(t, manifestsAsString, "mondoo")
-// 	assert.Contains(t, manifestsAsString, "RollingUpdate")
-
-// 	// Files containing this should be skipped
-// 	assert.NotContains(t, manifestsAsString, "AdmissionReview")
-// 	assert.NotContains(t, manifestsAsString, "README")
-// 	assert.NotContains(t, manifestsAsString, "operators.coreos.com")
-
-// 	// This is from files in subdirs whicch should be included
-// 	assert.Contains(t, manifestsAsString, "hello-1")
-// 	assert.Contains(t, manifestsAsString, "hello-2")
-// 	assert.Contains(t, manifestsAsString, "MondooAuditConfig")
-// }
diff --git a/providers/k8s/provider/provider_test.go b/providers/k8s/provider/provider_test.go
@@ -19,6 +19,10 @@ func newTestService(t *testing.T, path string) (*Service, *plugin.ConnectRes) {
 		lastConnectionID: 0,
 	}
 
+	callbacks := &providerCallbacks{
+		runtime: srv.runtimes[0],
+	}
+
 	resp, err := srv.Connect(&plugin.ConnectReq{
 		Asset: &inventory.Asset{
 			Connections: []*inventory.Config{
@@ -30,7 +34,7 @@ func newTestService(t *testing.T, path string) (*Service, *plugin.ConnectRes) {
 				},
 			},
 		},
-	}, nil)
+	}, callbacks)
 	if err != nil {
 		panic(err)
 	}
@@ -139,61 +143,76 @@ func TestK8sServiceAccountNoAutomount(t *testing.T) {
 	assert.False(t, dataResp.Data.RawData().Value.(bool))
 }
 
-// TODO: this doesn't work now because a shared resource is created from the OS provider. The test
-// panic in this case.
-// func TestIngress(t *testing.T) {
-// 	srv, connRes := newTestService(t, "../connection/shared/resources/testdata/ingress.yaml")
-
-// 	dataResp, err := srv.GetData(&plugin.DataReq{
-// 		Connection: connRes.Id,
-// 		Resource:   "k8s",
-// 	})
-// 	require.NoError(t, err)
-// 	resourceId := string(dataResp.Data.Value)
-
-// 	dataResp, err = srv.GetData(&plugin.DataReq{
-// 		Connection: connRes.Id,
-// 		Resource:   "k8s",
-// 		ResourceId: resourceId,
-// 		Field:      "ingresses",
-// 	})
-// 	require.NoError(t, err)
-
-// 	assert.Equal(t, 3, len(dataResp.Data.Array))
-
-// 	t.Run("without-tls", func(t *testing.T) {
-// 		tlsResp, err := srv.GetData(&plugin.DataReq{
-// 			Connection: connRes.Id,
-// 			Resource:   "k8s.ingress",
-// 			ResourceId: string(dataResp.Data.Array[0].Value),
-// 			Field:      "tls",
-// 		})
-// 		require.NoError(t, err)
-
-// 		assert.Empty(t, tlsResp.Data.RawData().Value)
-// 	})
-
-// 	t.Run("with-tls", func(t *testing.T) {
-// 		tlsResp, err := srv.GetData(&plugin.DataReq{
-// 			Connection: connRes.Id,
-// 			Resource:   "k8s.ingress",
-// 			ResourceId: string(dataResp.Data.Array[1].Value),
-// 			Field:      "tls",
-// 		})
-// 		require.NoError(t, err)
-
-// 		assert.Empty(t, tlsResp.Data.RawData().Value)
-// 	})
-
-// 	t.Run("missing-tls-secret", func(t *testing.T) {
-// 		tlsResp, err := srv.GetData(&plugin.DataReq{
-// 			Connection: connRes.Id,
-// 			Resource:   "k8s.ingress",
-// 			ResourceId: string(dataResp.Data.Array[1].Value),
-// 			Field:      "tls",
-// 		})
-// 		require.NoError(t, err)
-
-// 		assert.Empty(t, tlsResp.Data.RawData().Value)
-// 	})
-// }
+func TestIngress(t *testing.T) {
+	srv, connRes := newTestService(t, "../connection/shared/resources/testdata/ingress.yaml")
+
+	dataResp, err := srv.GetData(&plugin.DataReq{
+		Connection: connRes.Id,
+		Resource:   "k8s",
+	})
+	require.NoError(t, err)
+	resourceId := string(dataResp.Data.Value)
+
+	dataResp, err = srv.GetData(&plugin.DataReq{
+		Connection: connRes.Id,
+		Resource:   "k8s",
+		ResourceId: resourceId,
+		Field:      "ingresses",
+	})
+	require.NoError(t, err)
+
+	assert.Equal(t, 3, len(dataResp.Data.Array))
+
+	t.Run("without-tls", func(t *testing.T) {
+		tlsResp, err := srv.GetData(&plugin.DataReq{
+			Connection: connRes.Id,
+			Resource:   "k8s.ingress",
+			ResourceId: string(dataResp.Data.Array[0].Value),
+			Field:      "tls",
+		})
+		require.NoError(t, err)
+
+		assert.Empty(t, tlsResp.Data.RawData().Value)
+	})
+
+	t.Run("with-tls", func(t *testing.T) {
+		tlsResp, err := srv.GetData(&plugin.DataReq{
+			Connection: connRes.Id,
+			Resource:   "k8s.ingress",
+			ResourceId: string(dataResp.Data.Array[1].Value),
+			Field:      "tls",
+		})
+		require.NoError(t, err)
+
+		assert.Empty(t, tlsResp.Data.RawData().Value)
+	})
+
+	t.Run("missing-tls-secret", func(t *testing.T) {
+		tlsResp, err := srv.GetData(&plugin.DataReq{
+			Connection: connRes.Id,
+			Resource:   "k8s.ingress",
+			ResourceId: string(dataResp.Data.Array[1].Value),
+			Field:      "tls",
+		})
+		require.NoError(t, err)
+
+		assert.Empty(t, tlsResp.Data.RawData().Value)
+	})
+}
+
+type providerCallbacks struct {
+	runtime *plugin.Runtime
+}
+
+func (p *providerCallbacks) GetRecording(req *plugin.DataReq) (*plugin.ResourceData, error) {
+	res := plugin.ResourceData{}
+	return &res, nil
+}
+
+func (p *providerCallbacks) GetData(req *plugin.DataReq) (*plugin.DataRes, error) {
+	return &plugin.DataRes{}, nil
+}
+
+func (p *providerCallbacks) Collect(req *plugin.DataRes) error {
+	return nil
+}