Merge pull request #120956 from my-git9/clusterinfout

kubeadm: increase ut converage for bootstraptoken/clusterinfo

cmd/kubeadm/app/phases/bootstraptoken/clusterinfo/clusterinfo_test.go

@@ -17,15 +17,20 @@ limitations under the License.
 package clusterinfo
 
 import (
+	"context"
 	"os"
 	"testing"
 	"text/template"
 
+	rbac "k8s.io/api/rbac/v1"
 	apierrors "k8s.io/apimachinery/pkg/api/errors"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime"
 	"k8s.io/apimachinery/pkg/runtime/schema"
+	"k8s.io/apiserver/pkg/authentication/user"
 	clientsetfake "k8s.io/client-go/kubernetes/fake"
 	core "k8s.io/client-go/testing"
+	bootstrapapi "k8s.io/cluster-bootstrap/token/api"
 )
 
 var testConfigTempl = template.Must(template.New("test").Parse(`apiVersion: v1
@@ -47,25 +52,31 @@ users:
 func TestCreateBootstrapConfigMapIfNotExists(t *testing.T) {
 	tests := []struct {
 		name      string
+		fileExist bool
 		createErr error
-		updateErr error
 		expectErr bool
 	}{
 		{
 			"successful case should have no error",
-			nil,
+			true,
 			nil,
 			false,
 		},
 		{
-			"if both create and update errors, return error",
+			"if configmap already exists, return error",
+			true,
 			apierrors.NewAlreadyExists(schema.GroupResource{Resource: "configmaps"}, "test"),
-			apierrors.NewUnauthorized("go away!"),
 			true,
 		},
 		{
 			"unexpected error should be returned",
+			true,
 			apierrors.NewUnauthorized("go away!"),
+			true,
+		},
+		{
+			"if the file does not exist, return error",
+			false,
 			nil,
 			true,
 		},
@@ -102,7 +113,11 @@ func TestCreateBootstrapConfigMapIfNotExists(t *testing.T) {
 					})
 				}
 
-				err := CreateBootstrapConfigMapIfNotExists(client, file.Name())
+				fileName := file.Name()
+				if !tc.fileExist {
+					fileName = "notexistfile"
+				}
+				err := CreateBootstrapConfigMapIfNotExists(client, fileName)
 				if tc.expectErr && err == nil {
 					t.Errorf("CreateBootstrapConfigMapIfNotExists(%s) wanted error, got nil", tc.name)
 				} else if !tc.expectErr && err != nil {
@@ -112,3 +127,71 @@ func TestCreateBootstrapConfigMapIfNotExists(t *testing.T) {
 		}
 	}
 }
+
+func TestCreateClusterInfoRBACRules(t *testing.T) {
+	tests := []struct {
+		name   string
+		client *clientsetfake.Clientset
+	}{
+		{
+			name:   "the RBAC rules already exist",
+			client: newMockClientForTest(t),
+		},
+		{
+			name:   "the RBAC rules do not exist",
+			client: clientsetfake.NewSimpleClientset(),
+		},
+	}
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			if err := CreateClusterInfoRBACRules(tt.client); err != nil {
+				t.Errorf("CreateClusterInfoRBACRules() hits unexpected error: %v", err)
+			}
+		})
+	}
+}
+
+func newMockClientForTest(t *testing.T) *clientsetfake.Clientset {
+	client := clientsetfake.NewSimpleClientset()
+
+	_, err := client.RbacV1().Roles(metav1.NamespacePublic).Create(context.TODO(), &rbac.Role{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      BootstrapSignerClusterRoleName,
+			Namespace: metav1.NamespacePublic,
+		},
+		Rules: []rbac.PolicyRule{
+			{
+				Verbs:         []string{"get"},
+				APIGroups:     []string{""},
+				Resources:     []string{"Secret"},
+				ResourceNames: []string{bootstrapapi.ConfigMapClusterInfo},
+			},
+		},
+	}, metav1.CreateOptions{})
+	if err != nil {
+		t.Fatalf("error creating role: %v", err)
+	}
+
+	_, err = client.RbacV1().RoleBindings(metav1.NamespacePublic).Create(context.TODO(), &rbac.RoleBinding{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      BootstrapSignerClusterRoleName,
+			Namespace: metav1.NamespacePublic,
+		},
+		RoleRef: rbac.RoleRef{
+			APIGroup: rbac.GroupName,
+			Kind:     "Role",
+			Name:     BootstrapSignerClusterRoleName,
+		},
+		Subjects: []rbac.Subject{
+			{
+				Kind: rbac.UserKind,
+				Name: user.Anonymous,
+			},
+		},
+	}, metav1.CreateOptions{})
+	if err != nil {
+		t.Fatalf("error creating rolebinding: %v", err)
+	}
+
+	return client
+}