Added new tests to check cluster and tls correctness

sesispla · sesispla · commit 1571aa435e8c · 2017-06-27T20:26:15.000+02:00
diff --git a/tests/KubernetesClientConfigurationTests.cs b/tests/KubernetesClientConfigurationTests.cs
@@ -36,7 +36,22 @@ public class KubernetesClientConfigurationTests
         /// <summary>
         /// Sample configuration file with incorrect cluster/server structure on purpose
         /// </summary>
-        private static readonly string kubeConfigNoCluster = "assets/kubeconfig.no-cluster.yml";        
+        private static readonly string kubeConfigNoCluster = "assets/kubeconfig.no-cluster.yml";
+
+        /// <summary>
+        /// Sample configuration file with incorrect match in cluster name
+        /// </summary>
+        private static readonly string kubeConfigClusterMissmatch = "assets/kubeconfig.cluster-missmatch.yml";
+
+        /// <summary>
+        /// Sample configuration file with incorrect TLS configuration in cluster section
+        /// </summary>
+        private static readonly string kubeConfigTlsNoSkipError = "assets/kubeconfig.tls-no-skip-error.yml";
+
+                /// <summary>
+        /// Sample configuration file with incorrect TLS configuration in cluster section
+        /// </summary>
+        private static readonly string kubeConfigTlsSkip = "assets/kubeconfig.tls-skip.yml";
 
         /// <summary>
         /// The configuration file is not present. An KubeConfigException should be thrown
@@ -175,6 +190,39 @@ public void ClusterNotFound()
         {
             var fi = new FileInfo(kubeConfigNoCluster);
             Assert.Throws<k8s.Exceptions.KubeConfigException>(() => new KubernetesClientConfiguration(fi)); 
+        }  
+        
+        /// <summary>
+        /// Checks that a KubeConfigException is thrown when the cluster defined in clusters and contexts do not match
+        /// </summary>
+        [Fact]
+        public void ClusterNameMissmatch()
+        {
+            var fi = new FileInfo(kubeConfigClusterMissmatch);
+            Assert.Throws<k8s.Exceptions.KubeConfigException>(() => new KubernetesClientConfiguration(fi)); 
+        }
+
+        /// <summary>
+        /// Checks that a KubeConfigException is thrown when no certificate-authority-data is set and user do not require tls skip 
+        /// </summary>
+        [Fact]
+        public void CheckClusterTlsCorrectness()
+        {
+            var fi = new FileInfo(kubeConfigTlsNoSkipError);
+            Assert.Throws<k8s.Exceptions.KubeConfigException>(() => new KubernetesClientConfiguration(fi)); 
+        }
+
+        /// <summary>
+        /// Checks that a KubeConfigException is thrown when no certificate-authority-data is set and user do not require tls skip 
+        /// </summary>
+        [Fact]
+        public void CheckClusterTlsSkipCorrectness()
+        {
+            var fi = new FileInfo(kubeConfigTlsSkip);
+            var cfg = new KubernetesClientConfiguration(fi);            
+            Assert.NotNull(cfg.Host);
+            Assert.Null(cfg.SslCaCert);
+            Assert.True(cfg.SkipTlsVerify);
         }        
 
         // /// <summary>
diff --git a/tests/assets/kubeconfig.cluster-missmatch.yml b/tests/assets/kubeconfig.cluster-missmatch.yml
@@ -0,0 +1,22 @@
+# Sample file based on https://kubernetes.io/docs/tasks/access-application-cluster/authenticate-across-clusters-kubeconfig/
+# WARNING: File includes minor fixes
+---
+current-context: federal-context
+apiVersion: v1
+clusters:
+- cluster:
+    certificate-authority-data: path/to/my/cafile
+    server: https://horse.org:4443
+  name: bad-name-cluster
+contexts:
+- context:
+    cluster: horse-cluster
+    namespace: chisel-ns
+    user: green-user
+  name: federal-context
+kind: Config
+users:
+- name: green-user
+  user:
+    password: secret
+    username: admin
diff --git a/tests/assets/kubeconfig.tls-no-skip-error.yml b/tests/assets/kubeconfig.tls-no-skip-error.yml
@@ -0,0 +1,25 @@
+# Sample file based on https://kubernetes.io/docs/tasks/access-application-cluster/authenticate-across-clusters-kubeconfig/
+# WARNING: File includes minor fixes
+---
+current-context: federal-context
+apiVersion: v1
+clusters:
+- cluster:
+    server: http://cow.org:8080
+  name: cow-cluster
+- cluster:
+    # certificate-authority-data: path/to/my/cafile
+    server: https://horse.org:4443
+  name: horse-cluster
+contexts:
+- context:
+    cluster: horse-cluster
+    namespace: chisel-ns
+    user: green-user
+  name: federal-context
+kind: Config
+users:
+- name: green-user
+  user:
+    client-certificate-data: path/to/my/client/cert
+    client-key-data: path/to/my/client/key
diff --git a/tests/assets/kubeconfig.tls-skip.yml b/tests/assets/kubeconfig.tls-skip.yml
@@ -0,0 +1,22 @@
+# Sample file based on https://kubernetes.io/docs/tasks/access-application-cluster/authenticate-across-clusters-kubeconfig/
+# WARNING: File includes minor fixes
+---
+current-context: federal-context
+apiVersion: v1
+clusters:
+- cluster:
+    insecure-skip-tls-verify: true
+    server: https://horse.org:443
+  name: horse-cluster
+contexts:
+- context:
+    cluster: horse-cluster
+    namespace: chisel-ns
+    user: green-user
+  name: federal-context
+kind: Config
+users:
+- name: green-user
+  user:
+    password: secret
+    username: admin
