def test_compile_with_helm_params(self): temp = tempfile.mkdtemp() sys.argv = [ "kapitan", "compile", "--output-path", temp, "-t", "nginx-ingress-helm-params" ] with open('inventory/targets/nginx-ingress-helm-params.yml', 'r') as fp: manifest = yaml.safe_load(fp.read()) helm_params = manifest['parameters']['kapitan']['compile'][0][ 'helm_params'] release_name = helm_params['release_name'] namespace = helm_params['namespace'] main() controller_deployment_file = os.path.join( temp, "compiled", "nginx-ingress-helm-params", "nginx-ingress", "templates", "controller-deployment.yaml") self.assertTrue(os.path.isfile(controller_deployment_file)) with open(controller_deployment_file, 'r') as fp: manifest = yaml.safe_load(fp.read()) container = manifest['spec']['template']['spec']['containers'][0] property = container['args'][4] self.assertEqual( property, '--configmap={}/{}'.format( namespace, release_name + '-nginx-ingress-my-controller'))
def test_compiled_copy_all_targets(self): sys.argv = ["kapitan", "compile"] main() file_path_hash = directory_hash(os.path.join("components", "busybox")) compile_path_hash = directory_hash( os.path.join("compiled", "busybox", "copy")) self.assertEqual(file_path_hash, compile_path_hash)
def test_compile_multiple_charts_per_target(self): temp = tempfile.mkdtemp() sys.argv = ["kapitan", "compile", "--output-path", temp, "-t", "nginx-istio"] main() self.assertTrue(os.path.isdir(os.path.join(temp, "compiled", "nginx-istio", "istio", "templates"))) self.assertTrue(os.path.isdir(os.path.join(temp, "compiled", "nginx-istio", "nginx-ingress", "templates")))
def test_validate_command_fail(self): file_name_format = "inventory/classes/component/mysql{}.yml" original_file = file_name_format.format("") copied_file = file_name_format.format("_copy") copyfile(original_file, copied_file) wrong_manifest_kind = "deployment" with open(original_file, "r") as fp: d = yaml.safe_load(fp) # change kind from service to deployment d["parameters"]["kapitan"]["validate"][0][ "kind"] = wrong_manifest_kind with open(original_file, "w") as fp: yaml.dump(d, fp, default_flow_style=False) sys.argv = ["kapitan", "validate", "--schemas-path", self.cache_dir] with self.assertRaises(SystemExit), self.assertLogs( logger="kapitan.targets", level="ERROR") as log: try: main() finally: # copy back the original file copyfile(copied_file, original_file) os.remove(copied_file) self.assertTrue(" ".join(log.output).find( "invalid '{}' manifest".format(wrong_manifest_kind)) != -1)
def test_compile_fetch(self): "Runs $ kapitan compile --fetch --output-path temp -t nginx nginx-dev monitoring-dev" temp = tempfile.mkdtemp() sys.argv = [ "kapitan", "compile", "--fetch", "--output-path", temp, "-t", "nginx", "nginx-dev", "monitoring-dev", ] main() self.assertTrue( os.path.isdir(os.path.join(temp, "components", "tests"))) self.assertTrue( os.path.isdir( os.path.join(temp, "components", "acs-engine-autoscaler"))) self.assertTrue( os.path.isdir( os.path.join(temp, "components", "kapitan-repository"))) self.assertTrue( os.path.isdir(os.path.join(temp, "components", "source"))) self.assertTrue( os.path.isdir(os.path.join(temp, "charts", "prometheus"))) rmtree(temp)
def test_compile_fetch(self): temp = tempfile.mkdtemp() DEPENDENCY_OUTPUT_CONFIG["root_dir"] = temp sys.argv = [ "kapitan", "compile", "--fetch", "--output-path", temp, "-t", "nginx", "nginx-dev", "monitoring-dev", "-p", "4", ] main() self.assertTrue( os.path.isdir(os.path.join(temp, "components", "tests"))) self.assertTrue( os.path.isdir( os.path.join(temp, "components", "acs-engine-autoscaler"))) self.assertTrue( os.path.isdir( os.path.join(temp, "components", "kapitan-repository"))) self.assertTrue( os.path.isdir(os.path.join(temp, "components", "source"))) self.assertTrue( os.path.isdir(os.path.join(temp, "charts", "prometheus")))
def test_cli_secret_write_reveal_gpg(self): """ run $ kapitan secrets --write and $ kapitan secrets --reveal with [email protected] recipient """ test_secret_content = "I am a secret!" test_secret_file = tempfile.mktemp() with open(test_secret_file, "w") as fp: fp.write(test_secret_content) sys.argv = [ "kapitan", "secrets", "--write", "gpg:test_secret", "-f", test_secret_file, "--secrets-path", SECRETS_PATH, "--recipients", "*****@*****.**" ] main() test_tag_content = "revealing: ?{gpg:test_secret}" test_tag_file = tempfile.mktemp() with open(test_tag_file, "w") as fp: fp.write(test_tag_content) sys.argv = [ "kapitan", "secrets", "--reveal", "-f", test_tag_file, "--secrets-path", SECRETS_PATH ] # set stdout as string stdout = io.StringIO() with contextlib.redirect_stdout(stdout): main() self.assertEqual("revealing: {}".format(test_secret_content), stdout.getvalue()) os.remove(test_tag_file)
def test_compile_fetch_classes_that_doesnot_exist_yet(self): """ runs $ kapitan compile --fetch --search-paths temp_dir --output-path temp_dir --inventory-path temp_dir/inventory -t nginx The `test-objects` class of target `nginx` does not exist initially, it is fetched and then compiled """ os.chdir(os.path.join(os.getcwd(), "..", "environment_three")) temp_dir = tempfile.mkdtemp() copy_tree(".", temp_dir) # copying the test environment to search path sys.argv = [ "kapitan", "compile", "--fetch", "--search-path", temp_dir, "--output-path", temp_dir, "--inventory-path", os.path.join(temp_dir, "inventory"), "-t", "nginx", ] main() self.assertTrue(os.path.exists(os.path.join(temp_dir, "compiled", "nginx"))) rmtree(temp_dir)
def test_compile(self): sys.argv = ["kapitan", "compile"] main() compiled_dir_hash = directory_hash(os.getcwd() + "/compiled") test_compiled_dir_hash = directory_hash( os.getcwd() + "/../../tests/test_terraform_compiled") self.assertEqual(compiled_dir_hash, test_compiled_dir_hash)
def test_compile_with_helm_values_files(self): temp = tempfile.mkdtemp() sys.argv = [ "kapitan", "compile", "--output-path", temp, "-t", "monitoring-dev", "monitoring-prd" ] main() dev_server_deployment_file = os.path.join(temp, "compiled", "monitoring-dev", "prometheus", "templates", "server-deployment.yaml") prd_server_deployment_file = os.path.join(temp, "compiled", "monitoring-prd", "prometheus", "templates", "server-deployment.yaml") self.assertTrue(os.path.isfile(dev_server_deployment_file)) with open(dev_server_deployment_file, "r") as fp: manifest = yaml.safe_load(fp.read()) name = manifest["metadata"]["name"] self.assertEqual(name, "prometheus-dev-server") self.assertTrue(os.path.isfile(prd_server_deployment_file)) with open(prd_server_deployment_file, "r") as fp: manifest = yaml.safe_load(fp.read()) name = manifest["metadata"]["name"] self.assertEqual(name, "prometheus-prd-server")
def test_compile_with_helm_params(self): temp = tempfile.mkdtemp() sys.argv = [ "kapitan", "compile", "--output-path", temp, "-t", "nginx-ingress-helm-params" ] with open("inventory/targets/nginx-ingress-helm-params.yml", "r") as fp: manifest = yaml.safe_load(fp.read()) helm_params = manifest["parameters"]["kapitan"]["compile"][0][ "helm_params"] release_name = helm_params["name"] namespace = helm_params["namespace"] main() controller_deployment_file = os.path.join( temp, "compiled", "nginx-ingress-helm-params", "nginx-ingress", "templates", "controller-deployment.yaml", ) self.assertTrue(os.path.isfile(controller_deployment_file)) with open(controller_deployment_file, "r") as fp: manifest = yaml.safe_load(fp.read()) container = manifest["spec"]["template"]["spec"]["containers"][0] property = container["args"][4] self.assertEqual( property, "--configmap={}/{}".format( namespace, release_name + "-nginx-ingress-my-controller"))
def test_compile_helm_input(self): """compile targets with helm inputs in parallel""" temp_main = tempfile.mkdtemp() sys.argv = [ "kapitan", "compile", "--output-path", temp_main, "-t", "nginx-ingress", "nginx-ingress-helm-params", "acs-engine-autoscaler", ] with contextlib.redirect_stdout(io.StringIO()): main() main_hash = directory_hash(temp_main + "/compiled") temp_bin = tempfile.mkdtemp() subprocess.run( [ "../../" + BINARY_PATH, "compile", "--output-path", temp_bin, "-t", "nginx-ingress", "nginx-ingress-helm-params", "acs-engine-autoscaler", ], stdout=subprocess.DEVNULL, ) bin_hash = directory_hash(temp_bin + "/compiled") self.assertEqual(bin_hash, main_hash)
def test_compile(self): sys.argv[1] = "compile" main() compiled_dir_hash = get_directory_hash(os.getcwd() + '/compiled') test_compiled_dir_hash = get_directory_hash( os.getcwd() + '/../../tests/test_kubernetes_compiled') self.assertEqual(compiled_dir_hash, test_compiled_dir_hash)
def test_cli_secret_write_plain_ref(self): """ run $ kapitan refs --write plain:test_secret and $ kapitan refs --reveal -f sometest_file """ test_secret_content = "secret_value!" test_secret_file = tempfile.mktemp() with open(test_secret_file, "w") as fp: fp.write(test_secret_content) sys.argv = [ "kapitan", "refs", "--write", "plain:test_secret", "-f", test_secret_file, "--refs-path", REFS_PATH ] main() test_tag_content = "revealing: ?{plain:test_secret}" test_tag_file = tempfile.mktemp() with open(test_tag_file, "w") as fp: fp.write(test_tag_content) sys.argv = [ "kapitan", "refs", "--reveal", "-f", test_tag_file, "--refs-path", REFS_PATH ] # set stdout as string stdout = io.StringIO() with contextlib.redirect_stdout(stdout): main() self.assertEqual("revealing: {}".format(test_secret_content), stdout.getvalue()) os.remove(test_tag_file)
def test_validate_command_pass(self): sys.argv = ["kapitan", "validate", "--schemas-path", self.cache_dir] try: main() except SystemExit: self.fail( "Kubernetes manifest validation error raised unexpectedly")
def test_compile(self): sys.argv = ["kapitan", "compile"] main() compiled_dir_hash = directory_hash(os.getcwd() + '/compiled') test_compiled_dir_hash = directory_hash( os.getcwd() + '/../../tests/test_docker_compiled') self.assertEqual(compiled_dir_hash, test_compiled_dir_hash)
def test_cli_secret_write_reveal_awskms(self): """ run $ kapitan secrets --write awskms:test_secret and $ kapitan secrets --reveal using mock KMS key """ test_secret_content = "mock" test_secret_file = tempfile.mktemp() with open(test_secret_file, "w") as fp: fp.write(test_secret_content) sys.argv = ["kapitan", "secrets", "--write", "awskms:test_secret", "-f", test_secret_file, "--secrets-path", SECRETS_PATH, "--key", "mock"] main() test_tag_content = "revealing: ?{awskms:test_secret}" test_tag_file = tempfile.mktemp() with open(test_tag_file, "w") as fp: fp.write(test_tag_content) sys.argv = ["kapitan", "secrets", "--reveal", "-f", test_tag_file, "--secrets-path", SECRETS_PATH] # set stdout as string stdout = io.StringIO() with contextlib.redirect_stdout(stdout): main() self.assertEqual("revealing: {}".format(test_secret_content), stdout.getvalue()) os.remove(test_tag_file)
def test_cli_secret_write_base64_ref(self): """ run $ kapitan secrets --write ref:test_secret --base64 and $ kapitan secrets --reveal -f sometest_file """ test_secret_content = "secret_value!" test_secret_content_b64 = base64.b64encode(test_secret_content.encode()) test_secret_file = tempfile.mktemp() with open(test_secret_file, "w") as fp: fp.write(test_secret_content) sys.argv = ["kapitan", "secrets", "--write", "ref:test_secret", "--base64", "-f", test_secret_file, "--secrets-path", SECRETS_PATH] main() test_tag_content = "revealing: ?{ref:test_secret}" test_tag_file = tempfile.mktemp() with open(test_tag_file, "w") as fp: fp.write(test_tag_content) sys.argv = ["kapitan", "secrets", "--reveal", "-f", test_tag_file, "--secrets-path", SECRETS_PATH] # set stdout as string stdout = io.StringIO() with contextlib.redirect_stdout(stdout): main() self.assertEqual("revealing: {}".format(test_secret_content_b64.decode()), stdout.getvalue()) os.remove(test_tag_file)
def test_compile_not_enough_args(self): with self.assertRaises(SystemExit) as cm: # Ignoring stdout for "kapitan --help" with contextlib.redirect_stdout(io.StringIO()): sys.argv = ["kapitan"] main() self.assertEqual(cm.exception.code, 1)
def test_init(self): with tempfile.TemporaryDirectory() as tmp_dir: sys.argv = ["kapitan", "init", "--directory", tmp_dir] main() template_dir = os.path.join(os.getcwd(), "kapitan", "inputs", "templates") diff_files = [] for root, dirs, files in os.walk(tmp_dir): diff_files += files for root, dirs, files in os.walk(template_dir): for f in files: if f in diff_files: diff_files.remove(f) self.assertEqual(len(diff_files), 0) # check that generated directory compiles prevdir = os.getcwd() os.chdir(tmp_dir) sys.argv = ["kapitan", "compile"] main() os.chdir(prevdir) reset_cache()
def test_compile_multiple_targets(self): temp = tempfile.mkdtemp() sys.argv = [ "kapitan", "compile", "--output-path", temp, "-t", "acs-engine-autoscaler", "nginx-ingress", "-p", "2", ] main() self.assertTrue( os.path.isfile( os.path.join( temp, "compiled", "acs-engine-autoscaler", "acs-engine-autoscaler", "templates", "secrets.yaml", ))) self.assertTrue( os.path.isfile( os.path.join(temp, "compiled", "nginx-ingress", "nginx-ingress", "templates", "clusterrolebinding.yaml")))
def test_cli_secret_base64_write_reveal_gpg(self): """ run $ kapitan secrets --write --base64 and $ kapitan secrets --reveal with [email protected] recipient """ test_secret_content = "I am another secret!" test_secret_file = tempfile.mktemp() with open(test_secret_file, "w") as fp: fp.write(test_secret_content) sys.argv = [ "kapitan", "secrets", "--write", "gpg:test_secretb64", "-f", test_secret_file, "--base64", "--secrets-path", SECRETS_PATH, "--recipients", "*****@*****.**" ] main() test_tag_content = "?{gpg:test_secretb64}" test_tag_file = tempfile.mktemp() with open(test_tag_file, "w") as fp: fp.write(test_tag_content) sys.argv = [ "kapitan", "secrets", "--reveal", "-f", test_tag_file, "--secrets-path", SECRETS_PATH ] # set stdout as string stdout = io.StringIO() with contextlib.redirect_stdout(stdout): main() stdout_base64 = base64.b64decode(stdout.getvalue()).decode() self.assertEqual(test_secret_content, stdout_base64) os.remove(test_tag_file)
def test_compile(self): sys.argv = ["kapitan", "compile", "-c"] main() os.remove('./compiled/.kapitan_cache') compiled_dir_hash = directory_hash(os.getcwd() + '/compiled') test_compiled_dir_hash = directory_hash( os.getcwd() + '/../../tests/test_kubernetes_compiled') self.assertEqual(compiled_dir_hash, test_compiled_dir_hash)
def test_compile(self): sys.argv = ["kapitan", "compile", "-c"] main() # Compile again to verify caching works as expected main() os.remove("./compiled/.kapitan_cache") compiled_dir_hash = directory_hash(os.getcwd() + "/compiled") test_compiled_dir_hash = directory_hash(os.getcwd() + "/../../tests/test_kubernetes_compiled") self.assertEqual(compiled_dir_hash, test_compiled_dir_hash)
def test_cli_ref_reveal_recursive_dir(self): """ run $ kapitan refs --reveal -f /some/dir where /some/dir has manifests in nested dirs: /some/dir/1.yml /some/dir/another/2.yml /some/dir/another/dir/3.yml """ # create 3 refs for ref_count in range(1, 4): ref_content = "I am ref{}!".format(ref_count) ref_file = tempfile.mktemp() with open(ref_file, "w") as fp: fp.write(ref_content) sys.argv = [ "kapitan", "refs", "--write", "base64:test_ref_{}".format(ref_count), "-f", ref_file, "--refs-path", REFS_PATH ] main() # create nested dir structure with unrevealed manifests unrevealed_dir = tempfile.mkdtemp() ref_content = """---\nref_value_{}: {}\n""" some_dir = os.path.join(unrevealed_dir, "some/dir") some_dir_other = os.path.join(unrevealed_dir, "some/dir/another") some_dir_another = os.path.join(unrevealed_dir, "some/dir/another/dir") os.makedirs(some_dir) os.makedirs(some_dir_other) os.makedirs(some_dir_another) # write manifests in nested dirs expected_output = "" for dir_path in enumerate((some_dir, some_dir_other, some_dir_another), 1): count, path = dir_path manifest_path = os.path.join(path, "{}.yml".format(count)) with open(manifest_path, "w") as f: ref = "?{{base64:test_ref_{}}}".format(count) f.write(ref_content.format(count, ref)) # set expected revealed output expected_ref_rev = "I am ref{}!".format(count) expected_output += ref_content.format(count, expected_ref_rev) sys.argv = [ "kapitan", "refs", "--reveal", "-f", some_dir, "--refs-path", REFS_PATH ] # set stdout as string stdout = io.StringIO() with contextlib.redirect_stdout(stdout): main() self.assertEqual(expected_output, stdout.getvalue())
def test_compile_target_with_label(self): shutil.rmtree("compiled") sys.argv = ["kapitan", "compile", "-l", "type=kadet"] main() self.assertTrue( os.path.exists("compiled/minikube-nginx-kadet") and not os.path.exists("compiled/minikube-nginx-jsonnet")) # Reset compiled dir sys.argv = ["kapitan", "compile"] main()
def test_compile_subcharts(self): temp = tempfile.mkdtemp() sys.argv = ["kapitan", "compile", "--output-path", temp, "-t", "istio"] main() self.assertTrue( os.path.isdir( os.path.join(temp, "compiled", "istio", "istio", "charts"))) self.assertTrue( os.path.isdir( os.path.join(temp, "compiled", "istio", "istio", "templates")))
def test_compile_specific_target(self): shutil.rmtree("compiled") sys.argv = ["kapitan", "compile", "-t", "minikube-mysql"] main() self.assertTrue( os.path.exists("compiled/minikube-mysql") and not os.path.exists("compiled/minikube-es")) # Reset compiled dir sys.argv = ["kapitan", "compile"] main()
def test_compile_with_helm_values(self): temp = tempfile.mkdtemp() sys.argv = ["kapitan", "compile", "--output-path", temp, "-t", "nginx-ingress"] main() controller_deployment_file = \ os.path.join(temp, "compiled", "nginx-ingress", "nginx-ingress", "templates", "controller-deployment.yaml") self.assertTrue(os.path.isfile(controller_deployment_file)) with open(controller_deployment_file, 'r') as fp: manifest = yaml.safe_load(fp.read()) name = manifest['metadata']['name'] self.assertEqual(name, '-nginx-ingress-my-controller')
def test_cli_secret_validate_targets(self): """ run $ kapitan secrets --validate-targets expect 0 (success) exit status code """ with self.assertRaises(SystemExit) as cm: sys.argv = ["kapitan", "secrets", "--validate-targets", "--secrets-path", "examples/kubernetes/secrets/targets/", "--inventory-path", "examples/kubernetes/inventory/"] main() self.assertEqual(cm.exception.code, 0)