ROSANetwork: tests

Author: mzazrivec

exp/controllers/rosanetwork_controller_test.go

@@ -0,0 +1,381 @@
+/*
+Copyright The Kubernetes Authors.
+Licensed under the Apache License, Version 2.0 (the "License");
+you may not use this file except in compliance with the License.
+You may obtain a copy of the License at
+    http://www.apache.org/licenses/LICENSE-2.0
+Unless required by applicable law or agreed to in writing, software
+distributed under the License is distributed on an "AS IS" BASIS,
+WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+See the License for the specific language governing permissions and
+limitations under the License.
+*/
+
+package controllers
+
+import (
+	"context"
+	"fmt"
+	"testing"
+	"time"
+
+	awsSdk "github.com/aws/aws-sdk-go-v2/aws"
+	"github.com/aws/aws-sdk-go-v2/service/cloudformation"
+	cloudformationtypes "github.com/aws/aws-sdk-go-v2/service/cloudformation/types"
+	"github.com/aws/aws-sdk-go-v2/service/ec2"
+	ec2Types "github.com/aws/aws-sdk-go-v2/service/ec2/types"
+	stsv2 "github.com/aws/aws-sdk-go-v2/service/sts"
+	"github.com/aws/smithy-go"
+	. "github.com/onsi/gomega"
+	rosaAWSClient "github.com/openshift/rosa/pkg/aws"
+	rosaMocks "github.com/openshift/rosa/pkg/aws/mocks"
+	"github.com/sirupsen/logrus"
+	gomock "go.uber.org/mock/gomock"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+	"k8s.io/apimachinery/pkg/types"
+	ctrl "sigs.k8s.io/controller-runtime"
+
+	infrav1 "sigs.k8s.io/cluster-api-provider-aws/v2/api/v1beta2"
+	expinfrav1 "sigs.k8s.io/cluster-api-provider-aws/v2/exp/api/v1beta2"
+	clusterv1 "sigs.k8s.io/cluster-api/api/v1beta1"
+	"sigs.k8s.io/cluster-api/util/conditions"
+)
+
+func TestROSANetworkReconciler_Reconcile(t *testing.T) {
+	g := NewWithT(t)
+	ns, err := testEnv.CreateNamespace(ctx, "test-namespace")
+	g.Expect(err).ToNot(HaveOccurred())
+
+	mockCtrl := gomock.NewController(t)
+	ctx := context.TODO()
+
+	identity := &infrav1.AWSClusterControllerIdentity{
+		ObjectMeta: metav1.ObjectMeta{
+			Name: "default",
+		},
+		Spec: infrav1.AWSClusterControllerIdentitySpec{
+			AWSClusterIdentitySpec: infrav1.AWSClusterIdentitySpec{
+				AllowedNamespaces: &infrav1.AllowedNamespaces{},
+			},
+		},
+	}
+	identity.SetGroupVersionKind(infrav1.GroupVersion.WithKind("AWSClusterControllerIdentity"))
+
+	rosaNetwork := &expinfrav1.ROSANetwork{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      "test-rosa-network",
+			Namespace: ns.Name},
+		Spec: expinfrav1.ROSANetworkSpec{
+			StackName:             "test-rosa-network",
+			CIDRBlock:             "10.0.0.0/8",
+			AvailabilityZoneCount: 1,
+			Region:                "test-region",
+			IdentityRef: &infrav1.AWSIdentityReference{
+				Name: identity.Name,
+				Kind: infrav1.ControllerIdentityKind,
+			},
+		},
+	}
+
+	t.Run("Empty result when ROSANetwork object not found", func(t *testing.T) {
+		_, _, _, reconciler := createMocks(mockCtrl)
+
+		req := ctrl.Request{}
+		req.NamespacedName = types.NamespacedName{Name: rosaNetwork.Name, Namespace: rosaNetwork.Namespace}
+		reqReconcile, errReconcile := reconciler.Reconcile(ctx, req)
+
+		g.Expect(reqReconcile.Requeue).To(BeFalse())
+		g.Expect(reqReconcile.RequeueAfter).To(Equal(time.Duration(0)))
+		g.Expect(errReconcile).ToNot(HaveOccurred())
+	})
+
+	t.Run("Error result when CF stack GET returns error", func(t *testing.T) {
+		_, mockCFClient, mockSTSClient, reconciler := createMocks(mockCtrl)
+
+		createObject(g, rosaNetwork, ns.Name)
+		createObject(g, identity, ns.Name)
+
+		describeStacksOutput := &cloudformation.DescribeStacksOutput{}
+		clientErr := fmt.Errorf("test-error")
+
+		mockCFClient.EXPECT().DescribeStacks(gomock.Any(), gomock.Any(), gomock.Any()).
+			DoAndReturn(func(_ context.Context, _ *cloudformation.DescribeStacksInput, _ ...func(*cloudformation.Options)) (*cloudformation.DescribeStacksOutput, error) {
+				return describeStacksOutput, clientErr
+			}).Times(1)
+
+		getCallerIdentityResult := &stsv2.GetCallerIdentityOutput{Account: awsSdk.String("foo"), Arn: awsSdk.String("arn:aws:iam::123456789012:rosa/foo")}
+		mockSTSClient.EXPECT().GetCallerIdentity(gomock.Any(), gomock.Any()).Return(getCallerIdentityResult, nil).AnyTimes()
+
+		req := ctrl.Request{}
+		req.NamespacedName = types.NamespacedName{Name: rosaNetwork.Name, Namespace: rosaNetwork.Namespace}
+		reqReconcile, errReconcile := reconciler.Reconcile(ctx, req)
+
+		g.Expect(reqReconcile.Requeue).To(BeFalse())
+		g.Expect(reqReconcile.RequeueAfter).To(Equal(time.Duration(0)))
+		g.Expect(errReconcile).To(MatchError(ContainSubstring("error fetching CF stack details:")))
+	})
+
+	t.Run("Initial CF stack creation fails", func(t *testing.T) {
+		_, mockCFClient, mockSTSClient, reconciler := createMocks(mockCtrl)
+
+		describeStacksOutput := &cloudformation.DescribeStacksOutput{}
+		validationErr := &smithy.GenericAPIError{
+			Code:    "ValidationError",
+			Message: "ValidationError",
+			Fault:   smithy.FaultServer,
+		}
+
+		mockCFClient.EXPECT().DescribeStacks(gomock.Any(), gomock.Any(), gomock.Any()).
+			DoAndReturn(func(_ context.Context, _ *cloudformation.DescribeStacksInput, _ ...func(*cloudformation.Options)) (*cloudformation.DescribeStacksOutput, error) {
+				return describeStacksOutput, validationErr
+			}).AnyTimes()
+
+		createStackOutput := &cloudformation.CreateStackOutput{}
+		createStackErr := fmt.Errorf("test-error")
+
+		mockCFClient.EXPECT().CreateStack(gomock.Any(), gomock.Any(), gomock.Any()).
+			DoAndReturn(func(_ context.Context, _ *cloudformation.CreateStackInput, _ ...func(*cloudformation.Options)) (*cloudformation.CreateStackOutput, error) {
+				return createStackOutput, createStackErr
+			}).Times(1)
+
+		getCallerIdentityResult := &stsv2.GetCallerIdentityOutput{Account: awsSdk.String("foo"), Arn: awsSdk.String("arn:aws:iam::123456789012:rosa/foo")}
+		mockSTSClient.EXPECT().GetCallerIdentity(gomock.Any(), gomock.Any()).Return(getCallerIdentityResult, nil).AnyTimes()
+
+		req := ctrl.Request{}
+		req.NamespacedName = types.NamespacedName{Name: rosaNetwork.Name, Namespace: rosaNetwork.Namespace}
+		reqReconcile, errReconcile := reconciler.Reconcile(ctx, req)
+
+		g.Expect(reqReconcile.Requeue).To(BeFalse())
+		g.Expect(reqReconcile.RequeueAfter).To(Equal(time.Duration(0)))
+		g.Expect(errReconcile).To(MatchError(ContainSubstring("failed to start CF stack creation:")))
+
+		updatedROSANetwork := &expinfrav1.ROSANetwork{}
+		err = reconciler.Client.Get(ctx, req.NamespacedName, updatedROSANetwork)
+		g.Expect(err).ToNot(HaveOccurred())
+		cnd := conditions.Get(updatedROSANetwork, expinfrav1.ROSANetworkReadyCondition)
+		g.Expect(cnd).ToNot(BeNil())
+		g.Expect(cnd.Reason).To(Equal(expinfrav1.ROSANetworkFailedReason))
+		g.Expect(cnd.Severity).To(Equal(clusterv1.ConditionSeverityError))
+		g.Expect(cnd.Message).To(Equal("test-error"))
+	})
+
+	t.Run("Initial CF stack creation succeeds", func(t *testing.T) {
+		_, mockCFClient, mockSTSClient, reconciler := createMocks(mockCtrl)
+
+		describeStacksOutput := &cloudformation.DescribeStacksOutput{}
+		validationErr := &smithy.GenericAPIError{
+			Code:    "ValidationError",
+			Message: "ValidationError",
+			Fault:   smithy.FaultServer,
+		}
+
+		mockCFClient.EXPECT().DescribeStacks(gomock.Any(), gomock.Any(), gomock.Any()).
+			DoAndReturn(func(_ context.Context, _ *cloudformation.DescribeStacksInput, _ ...func(*cloudformation.Options)) (*cloudformation.DescribeStacksOutput, error) {
+				return describeStacksOutput, validationErr
+			}).AnyTimes()
+
+		createStackOutput := &cloudformation.CreateStackOutput{}
+
+		mockCFClient.EXPECT().CreateStack(gomock.Any(), gomock.Any(), gomock.Any()).
+			DoAndReturn(func(_ context.Context, _ *cloudformation.CreateStackInput, _ ...func(*cloudformation.Options)) (*cloudformation.CreateStackOutput, error) {
+				return createStackOutput, nil
+			}).Times(1)
+
+		getCallerIdentityResult := &stsv2.GetCallerIdentityOutput{Account: awsSdk.String("foo"), Arn: awsSdk.String("arn:aws:iam::123456789012:rosa/foo")}
+		mockSTSClient.EXPECT().GetCallerIdentity(gomock.Any(), gomock.Any()).Return(getCallerIdentityResult, nil).AnyTimes()
+
+		req := ctrl.Request{}
+		req.NamespacedName = types.NamespacedName{Name: rosaNetwork.Name, Namespace: rosaNetwork.Namespace}
+		reqReconcile, errReconcile := reconciler.Reconcile(ctx, req)
+
+		g.Expect(reqReconcile.Requeue).To(BeFalse())
+		g.Expect(reqReconcile.RequeueAfter).To(Equal(time.Duration(0)))
+		g.Expect(errReconcile).ToNot(HaveOccurred())
+
+		updatedROSANetwork := &expinfrav1.ROSANetwork{}
+		err = reconciler.Client.Get(ctx, req.NamespacedName, updatedROSANetwork)
+		g.Expect(err).ToNot(HaveOccurred())
+		cnd := conditions.Get(updatedROSANetwork, expinfrav1.ROSANetworkReadyCondition)
+		g.Expect(cnd).ToNot(BeNil())
+		g.Expect(cnd.Reason).To(Equal(expinfrav1.ROSANetworkCreatingReason))
+		g.Expect(cnd.Severity).To(Equal(clusterv1.ConditionSeverityInfo))
+	})
+
+	cleanupObject(g, rosaNetwork)
+	cleanupObject(g, identity)
+}
+
+func TestROSANetworkReconciler_updateROSANetworkResources(t *testing.T) {
+	g := NewWithT(t)
+	mockCtrl := gomock.NewController(t)
+	ctx := context.TODO()
+
+	rosaNetwork := &expinfrav1.ROSANetwork{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      "test-rosa-network",
+			Namespace: "test-namespace",
+		},
+		Spec:   expinfrav1.ROSANetworkSpec{},
+		Status: expinfrav1.ROSANetworkStatus{},
+	}
+
+	t.Run("Handle cloudformation client error", func(t *testing.T) {
+		_, mockCFClient, _, reconciler := createMocks(mockCtrl)
+
+		describeStackResourcesOutput := &cloudformation.DescribeStackResourcesOutput{}
+		clientErr := fmt.Errorf("test-error")
+
+		mockCFClient.EXPECT().DescribeStackResources(gomock.Any(), gomock.Any(), gomock.Any()).
+			DoAndReturn(func(_ context.Context, _ *cloudformation.DescribeStackResourcesInput, _ ...func(*cloudformation.Options)) (*cloudformation.DescribeStackResourcesOutput, error) {
+				return describeStackResourcesOutput, clientErr
+			}).Times(1)
+
+		err := reconciler.updateROSANetworkResources(ctx, rosaNetwork)
+		g.Expect(err).To(HaveOccurred())
+		g.Expect(len(rosaNetwork.Status.Resources)).To(Equal(0))
+	})
+
+	t.Run("Update ROSANetwork.Status.Resources", func(t *testing.T) {
+		_, mockCFClient, _, reconciler := createMocks(mockCtrl)
+
+		logicalResourceID := "logical-resource-id"
+		resourceStatus := cloudformationtypes.ResourceStatusCreateComplete
+		resourceType := "resource-type"
+		resourceStatusReason := "resource-status-reason"
+		physicalResourceID := "physical-resource-id"
+
+		describeStackResourcesOutput := &cloudformation.DescribeStackResourcesOutput{
+			StackResources: []cloudformationtypes.StackResource{
+				{
+					LogicalResourceId:    &logicalResourceID,
+					ResourceStatus:       resourceStatus,
+					ResourceType:         &resourceType,
+					ResourceStatusReason: &resourceStatusReason,
+					PhysicalResourceId:   &physicalResourceID,
+				},
+			},
+		}
+
+		mockCFClient.EXPECT().DescribeStackResources(gomock.Any(), gomock.Any(), gomock.Any()).
+			DoAndReturn(func(_ context.Context, _ *cloudformation.DescribeStackResourcesInput, _ ...func(*cloudformation.Options)) (*cloudformation.DescribeStackResourcesOutput, error) {
+				return describeStackResourcesOutput, nil
+			}).Times(1)
+
+		err := reconciler.updateROSANetworkResources(ctx, rosaNetwork)
+		g.Expect(err).ToNot(HaveOccurred())
+		g.Expect(rosaNetwork.Status.Resources[0].LogicalID).To(Equal(logicalResourceID))
+		g.Expect(rosaNetwork.Status.Resources[0].Status).To(Equal(string(resourceStatus)))
+		g.Expect(rosaNetwork.Status.Resources[0].ResourceType).To(Equal(resourceType))
+		g.Expect(rosaNetwork.Status.Resources[0].Reason).To(Equal(resourceStatusReason))
+		g.Expect(rosaNetwork.Status.Resources[0].PhysicalID).To(Equal(physicalResourceID))
+	})
+}
+
+func TestROSANetworkReconciler_parseSubnets(t *testing.T) {
+	g := NewWithT(t)
+	mockCtrl := gomock.NewController(t)
+
+	subnet1Id := "subnet1-physical-id"
+	subnet2Id := "subnet2-physical-id"
+
+	rosaNetwork := &expinfrav1.ROSANetwork{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      "test-rosa-network",
+			Namespace: "test-namespace",
+		},
+		Spec: expinfrav1.ROSANetworkSpec{},
+		Status: expinfrav1.ROSANetworkStatus{
+			Resources: []expinfrav1.CFResource{
+				{
+					ResourceType: "AWS::EC2::Subnet",
+					LogicalID:    "SubnetPrivate",
+					PhysicalID:   subnet1Id,
+					Status:       "subnet1-status",
+					Reason:       "subnet1-reason",
+				},
+				{
+					ResourceType: "AWS::EC2::Subnet",
+					LogicalID:    "SubnetPublic",
+					PhysicalID:   subnet2Id,
+					Status:       "subnet2-status",
+					Reason:       "subnet2-reason",
+				},
+				{
+					ResourceType: "bogus-type",
+					LogicalID:    "bogus-logical-id",
+					PhysicalID:   "bugus-physical-id",
+					Status:       "bogus-status",
+					Reason:       "bogus-reason",
+				},
+			},
+		},
+	}
+
+	t.Run("Handle EC2 client error", func(t *testing.T) {
+		mockEC2Client, _, _, reconciler := createMocks(mockCtrl)
+
+		describeSubnetsOutput := &ec2.DescribeSubnetsOutput{}
+
+		mockEC2Client.EXPECT().DescribeSubnets(gomock.Any(), gomock.Any(), gomock.Any()).
+			DoAndReturn(func(_ context.Context, _ *ec2.DescribeSubnetsInput, _ ...func(*ec2.Options)) (*ec2.DescribeSubnetsOutput, error) {
+				return describeSubnetsOutput, fmt.Errorf("test-error")
+			}).Times(1)
+
+		err := reconciler.parseSubnets(rosaNetwork)
+		g.Expect(err).To(HaveOccurred())
+		g.Expect(len(rosaNetwork.Status.Subnets)).To(Equal(0))
+	})
+
+	t.Run("Update ROSANetwork.Status.Subnets", func(t *testing.T) {
+		mockEC2Client, _, _, reconciler := createMocks(mockCtrl)
+
+		az := "az01"
+
+		describeSubnetsOutput := &ec2.DescribeSubnetsOutput{
+			Subnets: []ec2Types.Subnet{
+				{
+					AvailabilityZone: &az,
+				},
+			},
+		}
+
+		mockEC2Client.EXPECT().DescribeSubnets(gomock.Any(), gomock.Any(), gomock.Any()).
+			DoAndReturn(func(_ context.Context, _ *ec2.DescribeSubnetsInput, _ ...func(*ec2.Options)) (*ec2.DescribeSubnetsOutput, error) {
+				return describeSubnetsOutput, nil
+			}).Times(2)
+
+		err := reconciler.parseSubnets(rosaNetwork)
+		g.Expect(err).ToNot(HaveOccurred())
+		g.Expect(rosaNetwork.Status.Subnets[0].AvailabilityZone).To(Equal(az))
+		g.Expect(rosaNetwork.Status.Subnets[0].PrivateSubnet).To(Equal(subnet1Id))
+		g.Expect(rosaNetwork.Status.Subnets[0].PublicSubnet).To(Equal(subnet2Id))
+	})
+}
+
+func createMocks(mockCtrl *gomock.Controller) (*rosaMocks.MockEc2ApiClient, *rosaMocks.MockCloudFormationApiClient, *rosaMocks.MockStsApiClient, *ROSANetworkReconciler) {
+	mockEC2Client := rosaMocks.NewMockEc2ApiClient(mockCtrl)
+	mockCFClient := rosaMocks.NewMockCloudFormationApiClient(mockCtrl)
+	mockSTSClient := rosaMocks.NewMockStsApiClient(mockCtrl)
+	awsClient := rosaAWSClient.New(
+		awsSdk.Config{},
+		rosaAWSClient.NewLoggerWrapper(logrus.New(), nil),
+		rosaMocks.NewMockIamApiClient(mockCtrl),
+		mockEC2Client,
+		rosaMocks.NewMockOrganizationsApiClient(mockCtrl),
+		rosaMocks.NewMockS3ApiClient(mockCtrl),
+		rosaMocks.NewMockSecretsManagerApiClient(mockCtrl),
+		mockSTSClient,
+		mockCFClient,
+		rosaMocks.NewMockServiceQuotasApiClient(mockCtrl),
+		rosaMocks.NewMockServiceQuotasApiClient(mockCtrl),
+		&rosaAWSClient.AccessKey{},
+		false,
+	)
+
+	reconciler := &ROSANetworkReconciler{
+		Client:    testEnv.Client,
+		awsClient: awsClient,
+	}
+
+	return mockEC2Client, mockCFClient, mockSTSClient, reconciler
+}

go.mod

@@ -49,6 +49,7 @@ require (
 	github.com/spf13/cobra v1.9.1
 	github.com/spf13/pflag v1.0.6
 	github.com/zgalor/weberr v0.8.2
+	go.uber.org/mock v0.5.2
 	golang.org/x/crypto v0.36.0
 	golang.org/x/net v0.38.0
 	golang.org/x/text v0.23.0
@@ -77,7 +78,6 @@ require (
 	github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 // indirect
 	github.com/mgutz/ansi v0.0.0-20200706080929-d51e80ef957d // indirect
 	github.com/robfig/cron/v3 v3.0.1 // indirect
-	go.uber.org/mock v0.5.2 // indirect
 )
 
 require (