Add integration tests
This commit is contained in:
Joe Betz
@@ -53,8 +53,13 @@ type AuditEvent struct {
|
||||
// not reference these maps after calling the Check functions.
|
||||
AdmissionWebhookMutationAnnotations map[string]string
|
||||
AdmissionWebhookPatchAnnotations map[string]string
|
||||
|
||||
// Only populated when a filter is provided to testEventFromInternalFiltered
|
||||
CustomAuditAnnotations map[string]string
|
||||
}
|
||||
|
||||
type AuditAnnotationsFilter func(key, val string) bool
|
||||
|
||||
// MissingEventsReport provides an analysis if any events are missing
|
||||
type MissingEventsReport struct {
|
||||
FirstEventChecked *auditinternal.Event
|
||||
@@ -78,6 +83,13 @@ func (m *MissingEventsReport) String() string {
|
||||
|
||||
// CheckAuditLines searches the audit log for the expected audit lines.
|
||||
func CheckAuditLines(stream io.Reader, expected []AuditEvent, version schema.GroupVersion) (missingReport *MissingEventsReport, err error) {
|
||||
return CheckAuditLinesFiltered(stream, expected, version, nil)
|
||||
}
|
||||
|
||||
// CheckAuditLinesFiltered searches the audit log for the expected audit lines, customAnnotationsFilter
|
||||
// controls which audit annotations are added to AuditEvent.CustomAuditAnnotations.
|
||||
// If the customAnnotationsFilter is nil, AuditEvent.CustomAuditAnnotations will be empty.
|
||||
func CheckAuditLinesFiltered(stream io.Reader, expected []AuditEvent, version schema.GroupVersion, customAnnotationsFilter AuditAnnotationsFilter) (missingReport *MissingEventsReport, err error) {
|
||||
expectations := newAuditEventTracker(expected)
|
||||
|
||||
scanner := bufio.NewScanner(stream)
|
||||
@@ -100,7 +112,7 @@ func CheckAuditLines(stream io.Reader, expected []AuditEvent, version schema.Gro
|
||||
}
|
||||
missingReport.LastEventChecked = e
|
||||
|
||||
event, err := testEventFromInternal(e)
|
||||
event, err := testEventFromInternalFiltered(e, customAnnotationsFilter)
|
||||
if err != nil {
|
||||
return missingReport, err
|
||||
}
|
||||
@@ -162,6 +174,13 @@ func CheckForDuplicates(el auditinternal.EventList) (auditinternal.EventList, er
|
||||
|
||||
// testEventFromInternal takes an internal audit event and returns a test event
|
||||
func testEventFromInternal(e *auditinternal.Event) (AuditEvent, error) {
|
||||
return testEventFromInternalFiltered(e, nil)
|
||||
}
|
||||
|
||||
// testEventFromInternalFiltered takes an internal audit event and returns a test event, customAnnotationsFilter
|
||||
// controls which audit annotations are added to AuditEvent.CustomAuditAnnotations.
|
||||
// If the customAnnotationsFilter is nil, AuditEvent.CustomAuditAnnotations will be empty.
|
||||
func testEventFromInternalFiltered(e *auditinternal.Event, customAnnotationsFilter AuditAnnotationsFilter) (AuditEvent, error) {
|
||||
event := AuditEvent{
|
||||
Level: e.Level,
|
||||
Stage: e.Stage,
|
||||
@@ -199,6 +218,11 @@ func testEventFromInternal(e *auditinternal.Event) (AuditEvent, error) {
|
||||
event.AdmissionWebhookMutationAnnotations = map[string]string{}
|
||||
}
|
||||
event.AdmissionWebhookMutationAnnotations[k] = v
|
||||
} else if customAnnotationsFilter != nil && customAnnotationsFilter(k, v) {
|
||||
if event.CustomAuditAnnotations == nil {
|
||||
event.CustomAuditAnnotations = map[string]string{}
|
||||
}
|
||||
event.CustomAuditAnnotations[k] = v
|
||||
}
|
||||
}
|
||||
return event, nil
|
||||
|
||||
Reference in New Issue
Block a user