Skip to content

Commit 5a63d6c

Browse files
TiberiuGCTiberiuGC
committed
add unit tests
1 parent 5424fe8 commit 5a63d6c

File tree

6 files changed

+487
-77
lines changed

6 files changed

+487
-77
lines changed

pkg/actions/accessentry/fakes/fake_getter.go

+120
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

pkg/actions/accessentry/getter.go

+6
Original file line numberDiff line numberDiff line change
@@ -10,6 +10,12 @@ import (
1010
"github.com/weaveworks/eksctl/pkg/awsapi"
1111
)
1212

13+
//go:generate go run github.com/maxbrunsfeld/counterfeiter/v6 -generate
14+
//counterfeiter:generate -o fakes/fake_getter.go . GetterInterface
15+
type GetterInterface interface {
16+
Get(ctx context.Context, principalARN api.ARN) ([]Summary, error)
17+
}
18+
1319
type Getter struct {
1420
clusterName string
1521
eksAPI awsapi.EKS

pkg/actions/accessentry/migrator.go

+16-23
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,8 @@ type Migrator struct {
3535
eksAPI awsapi.EKS
3636
iamAPI awsapi.IAM
3737
clientSet kubernetes.Interface
38-
aeCreator Creator
38+
aeCreator CreatorInterface
39+
aeGetter GetterInterface
3940
curAuthMode ekstypes.AuthenticationMode
4041
tgAuthMode ekstypes.AuthenticationMode
4142
}
@@ -45,7 +46,8 @@ func NewMigrator(
4546
eksAPI awsapi.EKS,
4647
iamAPI awsapi.IAM,
4748
clientSet kubernetes.Interface,
48-
aeCreator Creator,
49+
aeCreator CreatorInterface,
50+
aeGetter GetterInterface,
4951
curAuthMode ekstypes.AuthenticationMode,
5052
tgAuthMode ekstypes.AuthenticationMode,
5153
) *Migrator {
@@ -55,6 +57,7 @@ func NewMigrator(
5557
iamAPI: iamAPI,
5658
clientSet: clientSet,
5759
aeCreator: aeCreator,
60+
aeGetter: aeGetter,
5861
curAuthMode: curAuthMode,
5962
tgAuthMode: tgAuthMode,
6063
}
@@ -84,21 +87,17 @@ func (m *Migrator) MigrateToAccessEntry(ctx context.Context, options MigrationOp
8487
})
8588
}
8689

87-
cmEntries, err := m.doGetIAMIdentityMappings(ctx)
88-
if err != nil {
89-
return err
90-
}
91-
92-
curAccessEntries, err := m.doGetAccessEntries(ctx)
90+
curAccessEntries, err := m.aeGetter.Get(ctx, api.ARN{})
9391
if err != nil && m.curAuthMode != ekstypes.AuthenticationModeConfigMap {
94-
return err
92+
return fmt.Errorf("fetching existing access entries: %w", err)
9593
}
9694

97-
newAccessEntries, skipAPImode, err := doFilterAccessEntries(cmEntries, curAccessEntries)
95+
cmEntries, err := m.doGetIAMIdentityMappings(ctx)
9896
if err != nil {
9997
return err
10098
}
10199

100+
newAccessEntries, skipAPImode := doFilterAccessEntries(cmEntries, curAccessEntries)
102101
if len(newAccessEntries) > 0 {
103102
aeTasks := m.aeCreator.CreateTasks(ctx, newAccessEntries)
104103
aeTasks.IsSubTask = true
@@ -162,11 +161,6 @@ func (m *Migrator) doUpdateAuthenticationMode(ctx context.Context, authMode ekst
162161
}
163162
}
164163

165-
func (m *Migrator) doGetAccessEntries(ctx context.Context) ([]Summary, error) {
166-
aeGetter := NewGetter(m.clusterName, m.eksAPI)
167-
return aeGetter.Get(ctx, api.ARN{})
168-
}
169-
170164
func (m *Migrator) doGetIAMIdentityMappings(ctx context.Context) ([]iam.Identity, error) {
171165
acm, err := authconfigmap.NewFromClientSet(m.clientSet)
172166
if err != nil {
@@ -197,7 +191,7 @@ func (m *Migrator) doGetIAMIdentityMappings(ctx context.Context) ([]iam.Identity
197191
getRoleOutput, err := m.iamAPI.GetRole(ctx, &awsiam.GetRoleInput{RoleName: &cmeName})
198192
if err != nil {
199193
if errors.As(err, &noSuchEntity) {
200-
return nil, fmt.Errorf("role %s does not exists, either delete the iamidentitymapping using \"eksctl delete iamidentitymapping --cluster %s --arn %s\" or create the role in AWS", cmeName, m.clusterName, cme.ARN())
194+
return nil, fmt.Errorf("role %q does not exists, either delete the iamidentitymapping using \"eksctl delete iamidentitymapping --cluster %s --arn %s\" or create the role in AWS", cmeName, m.clusterName, cme.ARN())
201195
}
202196
return nil, err
203197
}
@@ -218,7 +212,7 @@ func (m *Migrator) doGetIAMIdentityMappings(ctx context.Context) ([]iam.Identity
218212
getUserOutput, err := m.iamAPI.GetUser(ctx, &awsiam.GetUserInput{UserName: &cmeName})
219213
if err != nil {
220214
if errors.As(err, &noSuchEntity) {
221-
return nil, fmt.Errorf("user \"%s\" does not exists, either delete the iamidentitymapping using \"eksctl delete iamidentitymapping --cluster %s --arn %s\" or create the user in AWS", cmeName, m.clusterName, cme.ARN())
215+
return nil, fmt.Errorf("user %q does not exists, either delete the iamidentitymapping using \"eksctl delete iamidentitymapping --cluster %s --arn %s\" or create the user in AWS", cmeName, m.clusterName, cme.ARN())
222216
}
223217
return nil, err
224218
}
@@ -231,7 +225,7 @@ func (m *Migrator) doGetIAMIdentityMappings(ctx context.Context) ([]iam.Identity
231225
return cmEntries, nil
232226
}
233227

234-
func doFilterAccessEntries(cmEntries []iam.Identity, accessEntries []Summary) ([]api.AccessEntry, bool, error) {
228+
func doFilterAccessEntries(cmEntries []iam.Identity, accessEntries []Summary) ([]api.AccessEntry, bool) {
235229

236230
skipAPImode := false
237231
var toDoEntries []api.AccessEntry
@@ -268,7 +262,7 @@ func doFilterAccessEntries(cmEntries []iam.Identity, accessEntries []Summary) ([
268262
skipAPImode = true
269263
}
270264
case iam.ResourceTypeAccount:
271-
logger.Warning("found account iamidentitymapping \"%s\", can not create access entry", cme.Account())
265+
logger.Warning("found account iamidentitymapping %q, cannot create access entry, skipping", cme.Account())
272266
skipAPImode = true
273267
}
274268
} else {
@@ -277,7 +271,7 @@ func doFilterAccessEntries(cmEntries []iam.Identity, accessEntries []Summary) ([
277271
}
278272
}
279273

280-
return toDoEntries, skipAPImode, nil
274+
return toDoEntries, skipAPImode
281275
}
282276

283277
func doBuildNodeRoleAccessEntry(cme iam.Identity) *api.AccessEntry {
@@ -295,7 +289,7 @@ func doBuildNodeRoleAccessEntry(cme iam.Identity) *api.AccessEntry {
295289
Type: "EC2_LINUX",
296290
}
297291
}
298-
// For windows Nodes
292+
// For Windows Nodes
299293
return &api.AccessEntry{
300294
PrincipalARN: api.MustParseARN(cme.ARN()),
301295
Type: "EC2_WINDOWS",
@@ -327,7 +321,7 @@ func doBuildAccessEntry(cme iam.Identity) *api.AccessEntry {
327321
}
328322

329323
if containsSys { // Check if any GroupName start with "system:"" in name
330-
logger.Warning("at least one group name associated with %s starts with \"system:\", can not create access entry, skipping", cme.ARN())
324+
logger.Warning("at least one group name associated with %q starts with \"system:\", can not create access entry, skipping", cme.ARN())
331325
return nil
332326
}
333327

@@ -343,5 +337,4 @@ func doBuildAccessEntry(cme iam.Identity) *api.AccessEntry {
343337
func doDeleteAWSAuthConfigMap(ctx context.Context, clientset kubernetes.Interface, namespace, name string) error {
344338
logger.Info("deleting %q ConfigMap as it is no longer needed in API mode", name)
345339
return clientset.CoreV1().ConfigMaps(namespace).Delete(ctx, name, metav1.DeleteOptions{})
346-
347340
}

0 commit comments

Comments
 (0)