kubernetes/gke/gke_test.go - build - Git at Google

 // Copyright 2017 The Go Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style
 // license that can be found in the LICENSE file.

 package gke_test

 import (
 	"context"
 	"flag"
 	"strings"
 	"testing"

 	"cloud.google.com/go/compute/metadata"
 	"golang.org/x/build/kubernetes"
 	"golang.org/x/build/kubernetes/gke"
 	"golang.org/x/oauth2"
 	"golang.org/x/oauth2/google"
 	compute "google.golang.org/api/compute/v1"
 	container "google.golang.org/api/container/v1"
 )

 // Note: The TestNewClient, TestDialPod, TestDialService, and TestGetNodes
 // tests require to be run on GCE and with Application Default Credentials
 // that have at least the container.clusters.list permission, at least one
 // GKE cluster, and possibly more.
 //
 // They're currently disabled on the Go builders; see golang.org/issue/28543.
 var flagRunGKETests = flag.Bool("run-gke-tests", false, "run gke tests that require special permissions")

 // Tests NewClient and also Dialer.
 func TestNewClient(t *testing.T) {
 	ctx := context.Background()
 	foreachCluster(t, func(cl *container.Cluster, kc *kubernetes.Client) {
 		_, err := kc.GetPods(ctx)
 		if err != nil {
 			t.Fatal(err)
 		}
 	})
 }

 func TestDialPod(t *testing.T) {
 	var passed bool
 	var candidates int
 	ctx := context.Background()
 	foreachCluster(t, func(cl *container.Cluster, kc *kubernetes.Client) {
 		if passed {
 			return
 		}
 		pods, err := kc.GetPods(ctx)
 		if err != nil {
 			t.Fatal(err)
 		}

 		for _, pod := range pods {
 			if pod.Status.Phase != "Running" {
 				continue
 			}
 			for _, container := range pod.Spec.Containers {
 				for _, port := range container.Ports {
 					if strings.ToLower(string(port.Protocol)) == "udp" || port.ContainerPort == 0 {
 						continue
 					}
 					candidates++
 					c, err := kc.DialPod(ctx, pod.Name, port.ContainerPort)
 					if err != nil {
 						t.Logf("Dial %q/%q/%d: %v", cl.Name, pod.Name, port.ContainerPort, err)
 						continue
 					}
 					c.Close()
 					t.Logf("Dialed %q/%q/%d.", cl.Name, pod.Name, port.ContainerPort)
 					passed = true
 					return
 				}
 			}
 		}
 	})
 	if candidates == 0 {
 		t.Skip("no pods to dial")
 	}
 	if !passed {
 		t.Errorf("dial failures")
 	}
 }

 func TestDialService(t *testing.T) {
 	var passed bool
 	var candidates int
 	ctx := context.Background()
 	foreachCluster(t, func(cl *container.Cluster, kc *kubernetes.Client) {
 		if passed {
 			return
 		}
 		svcs, err := kc.GetServices(ctx)
 		if err != nil {
 			t.Fatal(err)
 		}
 		for _, svc := range svcs {
 			eps, err := kc.GetServiceEndpoints(ctx, svc.Name, "")
 			if err != nil {
 				t.Fatal(err)
 			}
 			if len(eps) != 1 {
 				continue
 			}
 			candidates++
 			conn, err := kc.DialServicePort(ctx, svc.Name, "")
 			if err != nil {
 				t.Logf("%s: DialServicePort(%q) error: %v", cl.Name, svc.Name, err)
 				continue
 			}
 			conn.Close()
 			passed = true
 			t.Logf("Dialed cluster %q service %q.", cl.Name, svc.Name)
 			return
 		}

 	})
 	if candidates == 0 {
 		t.Skip("no services to dial")
 	}
 	if !passed {
 		t.Errorf("dial failures")
 	}
 }

 func foreachCluster(t *testing.T, fn func(*container.Cluster, *kubernetes.Client)) {
 	if testing.Short() {
 		t.Skip("skipping in short mode")
 	}
 	if !*flagRunGKETests {
 		t.Skip("-run-gke-tests not set")
 	}
 	ctx := context.Background()
 	ts, err := google.DefaultTokenSource(ctx, compute.CloudPlatformScope)
 	if err != nil {
 		t.Fatal(err)
 	}
 	httpClient := oauth2.NewClient(ctx, ts)
 	containerService, err := container.New(httpClient)
 	if err != nil {
 		t.Fatal(err)
 	}
 	proj, err := metadata.ProjectID()
 	if err != nil {
 		t.Fatal(err)
 	}
 	if _, err := ts.Token(); err != nil {
 		val, err := metadata.InstanceAttributeValue("service-accounts/default/token")
 		if val == "" {
 			t.Skip("skipping on GCE instance without a service account")
 		}
 		t.Skipf("default token source doesn't work; skipping test: %v", err)
 	}

 	clusters, err := containerService.Projects.Locations.Clusters.List("/project/" + proj + "/locations/-").Context(ctx).Do()
 	if err != nil {
 		t.Fatal(err)
 	}

 	if len(clusters.Clusters) == 0 {
 		t.Skip("no GKE clusters")
 	}
 	for _, cl := range clusters.Clusters {
 		kc, err := gke.NewClient(ctx, cl.Name, cl.Zone)
 		if err != nil {
 			t.Fatal(err)
 		}
 		fn(cl, kc)
 		kc.Close()
 	}
 }

 func TestGetNodes(t *testing.T) {
 	var passed bool
 	ctx := context.Background()
 	foreachCluster(t, func(cl *container.Cluster, kc *kubernetes.Client) {
 		if passed {
 			return
 		}
 		nodes, err := kc.GetNodes(ctx)
 		if err != nil {
 			t.Fatal(err)
 		}
 		t.Logf("%d nodes in cluster %s", len(nodes), cl.Name)
 		passed = true
 	})
 }
	// Copyright 2017 The Go Authors. All rights reserved.
	// Use of this source code is governed by a BSD-style
	// license that can be found in the LICENSE file.

	package gke_test

	import (
	"context"
	"flag"
	"strings"
	"testing"

	"cloud.google.com/go/compute/metadata"
	"golang.org/x/build/kubernetes"
	"golang.org/x/build/kubernetes/gke"
	"golang.org/x/oauth2"
	"golang.org/x/oauth2/google"
	compute "google.golang.org/api/compute/v1"
	container "google.golang.org/api/container/v1"
	)

	// Note: The TestNewClient, TestDialPod, TestDialService, and TestGetNodes
	// tests require to be run on GCE and with Application Default Credentials
	// that have at least the container.clusters.list permission, at least one
	// GKE cluster, and possibly more.
	//
	// They're currently disabled on the Go builders; see golang.org/issue/28543.
	var flagRunGKETests = flag.Bool("run-gke-tests", false, "run gke tests that require special permissions")

	// Tests NewClient and also Dialer.
	func TestNewClient(t *testing.T) {
	ctx := context.Background()
	foreachCluster(t, func(cl container.Cluster, kc kubernetes.Client) {
	_, err := kc.GetPods(ctx)
	if err != nil {
	t.Fatal(err)
	}
	})
	}

	func TestDialPod(t *testing.T) {
	var passed bool
	var candidates int
	ctx := context.Background()
	foreachCluster(t, func(cl container.Cluster, kc kubernetes.Client) {
	if passed {
	return
	}
	pods, err := kc.GetPods(ctx)
	if err != nil {
	t.Fatal(err)
	}

	for _, pod := range pods {
	if pod.Status.Phase != "Running" {
	continue
	}
	for _, container := range pod.Spec.Containers {
	for _, port := range container.Ports {
	if strings.ToLower(string(port.Protocol)) == "udp" \|\| port.ContainerPort == 0 {
	continue
	}
	candidates++
	c, err := kc.DialPod(ctx, pod.Name, port.ContainerPort)
	if err != nil {
	t.Logf("Dial %q/%q/%d: %v", cl.Name, pod.Name, port.ContainerPort, err)
	continue
	}
	c.Close()
	t.Logf("Dialed %q/%q/%d.", cl.Name, pod.Name, port.ContainerPort)
	passed = true
	return
	}
	}
	}
	})
	if candidates == 0 {
	t.Skip("no pods to dial")
	}
	if !passed {
	t.Errorf("dial failures")
	}
	}

	func TestDialService(t *testing.T) {
	var passed bool
	var candidates int
	ctx := context.Background()
	foreachCluster(t, func(cl container.Cluster, kc kubernetes.Client) {
	if passed {
	return
	}
	svcs, err := kc.GetServices(ctx)
	if err != nil {
	t.Fatal(err)
	}
	for _, svc := range svcs {
	eps, err := kc.GetServiceEndpoints(ctx, svc.Name, "")
	if err != nil {
	t.Fatal(err)
	}
	if len(eps) != 1 {
	continue
	}
	candidates++
	conn, err := kc.DialServicePort(ctx, svc.Name, "")
	if err != nil {
	t.Logf("%s: DialServicePort(%q) error: %v", cl.Name, svc.Name, err)
	continue
	}
	conn.Close()
	passed = true
	t.Logf("Dialed cluster %q service %q.", cl.Name, svc.Name)
	return
	}

	})
	if candidates == 0 {
	t.Skip("no services to dial")
	}
	if !passed {
	t.Errorf("dial failures")
	}
	}

	func foreachCluster(t testing.T, fn func(container.Cluster, *kubernetes.Client)) {
	if testing.Short() {
	t.Skip("skipping in short mode")
	}
	if !*flagRunGKETests {
	t.Skip("-run-gke-tests not set")
	}
	ctx := context.Background()
	ts, err := google.DefaultTokenSource(ctx, compute.CloudPlatformScope)
	if err != nil {
	t.Fatal(err)
	}
	httpClient := oauth2.NewClient(ctx, ts)
	containerService, err := container.New(httpClient)
	if err != nil {
	t.Fatal(err)
	}
	proj, err := metadata.ProjectID()
	if err != nil {
	t.Fatal(err)
	}
	if _, err := ts.Token(); err != nil {
	val, err := metadata.InstanceAttributeValue("service-accounts/default/token")
	if val == "" {
	t.Skip("skipping on GCE instance without a service account")
	}
	t.Skipf("default token source doesn't work; skipping test: %v", err)
	}

	clusters, err := containerService.Projects.Locations.Clusters.List("/project/" + proj + "/locations/-").Context(ctx).Do()
	if err != nil {
	t.Fatal(err)
	}

	if len(clusters.Clusters) == 0 {
	t.Skip("no GKE clusters")
	}
	for _, cl := range clusters.Clusters {
	kc, err := gke.NewClient(ctx, cl.Name, cl.Zone)
	if err != nil {
	t.Fatal(err)
	}
	fn(cl, kc)
	kc.Close()
	}
	}

	func TestGetNodes(t *testing.T) {
	var passed bool
	ctx := context.Background()
	foreachCluster(t, func(cl container.Cluster, kc kubernetes.Client) {
	if passed {
	return
	}
	nodes, err := kc.GetNodes(ctx)
	if err != nil {
	t.Fatal(err)
	}
	t.Logf("%d nodes in cluster %s", len(nodes), cl.Name)
	passed = true
	})
	}