@@ -7,6 +7,7 @@ package policy
77
88import (
99 "encoding/json"
10+ "fmt"
1011 "os"
1112 "path"
1213 "testing"
@@ -22,7 +23,6 @@ func TestDeterminsticPolicyGeneration(t *testing.T) {
2223 require := require .New (t )
2324 platform , err := platforms .FromString (contrasttest .Flags .PlatformStr )
2425 require .NoError (err )
25- ct := contrasttest .New (t )
2626
2727 // create K8s resources
2828 runtimeHandler , err := manifest .RuntimeHandler (platform )
@@ -33,26 +33,37 @@ func TestDeterminsticPolicyGeneration(t *testing.T) {
3333 resources = kuberesource .PatchRuntimeHandlers (resources , runtimeHandler )
3434 unstructuredResources , err := kuberesource .ResourcesToUnstructured (resources )
3535 require .NoError (err )
36- buf , err := kuberesource .EncodeUnstructured (unstructuredResources )
36+ resourcesBytes , err := kuberesource .EncodeUnstructured (unstructuredResources )
3737 require .NoError (err )
3838
3939 // generate policy 5 times and check if the policy hash is the same
4040 var expectedPolicies map [manifest.HexString ]manifest.PolicyEntry
4141 for i := range 5 {
42- t .Log ("Generate run" , i )
43- require .NoError (os .WriteFile (path .Join (ct .WorkDir , "resources.yml" ), buf , 0o644 )) // reset file for each run
44- require .True (t .Run ("generate" , ct .Generate ), "contrast generate needs to succeed for subsequent tests" )
45- manifestBytes , err := os .ReadFile (ct .ManifestPath ())
46- require .NoError (err )
47-
48- // verify that policies are deterministic
49- var m manifest.Manifest
50- require .NoError (json .Unmarshal (manifestBytes , & m ))
51- if expectedPolicies != nil {
52- require .Equal (expectedPolicies , m .Policies , "expected deterministic policy generation" )
53- } else {
54- expectedPolicies = m .Policies // only set policies on the first run
55- }
42+ t .Run (fmt .Sprint (i ), func (t * testing.T ) {
43+ policies := runGenerate (t , resourcesBytes )
44+
45+ // verify that policies are deterministic
46+ if expectedPolicies != nil {
47+ require .Equal (expectedPolicies , policies , "expected deterministic policy generation" )
48+ } else {
49+ expectedPolicies = policies // only set policies on the first run
50+ }
51+ })
5652 }
5753 t .Log ("Policies are deterministic" )
5854}
55+
56+ func runGenerate (t * testing.T , resources []byte ) map [manifest.HexString ]manifest.PolicyEntry {
57+ require := require .New (t )
58+ ct := contrasttest .New (t )
59+
60+ require .NoError (os .WriteFile (path .Join (ct .WorkDir , "resources.yml" ), resources , 0o644 )) // reset file for each run
61+ require .True (t .Run ("generate" , ct .Generate ), "contrast generate needs to succeed for subsequent tests" )
62+ manifestBytes , err := os .ReadFile (ct .ManifestPath ())
63+ require .NoError (err )
64+
65+ var m manifest.Manifest
66+ require .NoError (json .Unmarshal (manifestBytes , & m ))
67+
68+ return m .Policies
69+ }
0 commit comments