[v2.9] Add more unit tests to gke-cluster-config-handler_test.go

.github/workflows/build.yaml

@@ -11,7 +11,7 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
       - name: Install Go
-        uses: actions/setup-go@v4
+        uses: actions/setup-go@v5
         with:
           go-version: 1.21.x
       - name: Build GKE operator binary

.github/workflows/lint.yaml

@@ -13,7 +13,7 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@v4
       - name: Install Go
-        uses: actions/setup-go@v4
+        uses: actions/setup-go@v5
         with:
           go-version: 1.21.x
       - name: Analysis

.github/workflows/unit.yaml

@@ -10,7 +10,7 @@ jobs:
     steps:
     - uses: actions/checkout@v4
     - name: Install Go
-      uses: actions/setup-go@v4
+      uses: actions/setup-go@v5
       with:
         go-version: 1.21.x
     - name: Run tests

.github/workflows/verify.yaml

@@ -10,7 +10,7 @@ jobs:
     steps:
     - uses: actions/checkout@v4
     - name: Install Go
-      uses: actions/setup-go@v4
+      uses: actions/setup-go@v5
       with:
         go-version: 1.21.x
     - name: Run make verify

Makefile

@@ -1,4 +1,18 @@
 TARGETS := $(shell ls scripts)
+GIT_BRANCH?=$(shell git branch --show-current)
+GIT_COMMIT?=$(shell git rev-parse HEAD)
+GIT_COMMIT_SHORT?=$(shell git rev-parse --short HEAD)
+GIT_TAG?=v0.0.0
+ifneq ($(GIT_BRANCH), main)
+GIT_TAG?=$(shell git describe --abbrev=0 --tags 2>/dev/null || echo "v0.0.0" )
+endif
+TAG?=${GIT_TAG}-${GIT_COMMIT_SHORT}
+OPERATOR_CHART?=$(shell find $(ROOT_DIR) -type f -name "rancher-gke-operator-[0-9]*.tgz" -print)
+CRD_CHART?=$(shell find $(ROOT_DIR) -type f -name "rancher-gke-operator-crd*.tgz" -print)
+CHART_VERSION?=900 # Only used in e2e to avoid downgrades from rancher
+REPO?=docker.io/rancher/gke-operator
+CLUSTER_NAME?="gke-operator-e2e"
+E2E_CONF_FILE ?= $(ROOT_DIR)/test/e2e/config/config.yaml
 
 ROOT_DIR:=$(shell dirname $(realpath $(firstword $(MAKEFILE_LIST))))
 BIN_DIR := $(abspath $(ROOT_DIR)/bin)
@@ -7,27 +21,22 @@ GO_INSTALL = ./scripts/go_install.sh
 MOCKGEN_VER := v1.6.0
 MOCKGEN_BIN := mockgen
 MOCKGEN := $(BIN_DIR)/$(MOCKGEN_BIN)-$(MOCKGEN_VER)
-MOCKGEN_PKG := github.com/golang/mock/mockgen
 
-GINKGO_VER := v2.13.2
+GINKGO_VER := v2.15.0
 GINKGO_BIN := ginkgo
 GINKGO := $(BIN_DIR)/$(GINKGO_BIN)-$(GINKGO_VER)
 
-GO_APIDIFF_VER := v0.6.0
-GO_APIDIFF_BIN := go-apidiff
-GO_APIDIFF := $(BIN_DIR)/$(GO_APIDIFF_BIN)-$(GO_APIDIFF_VER)
-GO_APIDIFF_PKG := github.com/joelanford/go-apidiff
+SETUP_ENVTEST_VER := v0.0.0-20211110210527-619e6b92dab9
+SETUP_ENVTEST_BIN := setup-envtest
+SETUP_ENVTEST := $(BIN_DIR)/$(SETUP_ENVTEST_BIN)-$(SETUP_ENVTEST_VER)
 
+ifeq ($(shell go env GOOS),darwin) # Use the darwin/amd64 binary until an arm64 version is available
+	KUBEBUILDER_ASSETS ?= $(shell $(SETUP_ENVTEST) use --use-env -p path --arch amd64 $(KUBEBUILDER_ENVTEST_KUBERNETES_VERSION))
+else
+	KUBEBUILDER_ASSETS ?= $(shell $(SETUP_ENVTEST) use --use-env -p path $(KUBEBUILDER_ENVTEST_KUBERNETES_VERSION))
+endif
 
-$(MOCKGEN):
-	GOBIN=$(BIN_DIR) $(GO_INSTALL) $(MOCKGEN_PKG) $(MOCKGEN_BIN) $(MOCKGEN_VER)
-
-$(GINKGO):
-	GOBIN=$(BIN_DIR) $(GO_INSTALL) github.com/onsi/ginkgo/v2/ginkgo $(GINKGO_BIN) $(GINKGO_VER)
-
-$(GO_APIDIFF):
-	GOBIN=$(BIN_DIR) $(GO_INSTALL) $(GO_APIDIFF_PKG) $(GO_APIDIFF_BIN) $(GO_APIDIFF_VER)
-
+default: operator
 
 .dapper:
 	@echo Downloading dapper
@@ -36,18 +45,6 @@ $(GO_APIDIFF):
 	@./.dapper.tmp -v
 	@mv .dapper.tmp .dapper
 
-.PHONY: $(TARGETS)
-$(TARGETS): .dapper
-	./.dapper $@
-
-.PHONY: generate-go
-generate-go: $(MOCKGEN)
-	go generate ./pkg/gke/...
-
-.PHONY: test
-test: $(GINKGO)
-	$(GINKGO) -v -r --trace --race ./pkg/... ./controller/...
-
 .PHONY: generate-crd
 generate-crd: $(MOCKGEN)
 	go generate main.go
@@ -57,10 +54,38 @@ generate:
 	$(MAKE) generate-go
 	$(MAKE) generate-crd
 
+.PHONY: $(TARGETS)
+$(TARGETS): .dapper
+	./.dapper $@
+
+$(MOCKGEN):
+	GOBIN=$(BIN_DIR) $(GO_INSTALL) github.com/golang/mock/mockgen $(MOCKGEN_BIN) $(MOCKGEN_VER)
+
+$(GINKGO):
+	GOBIN=$(BIN_DIR) $(GO_INSTALL) github.com/onsi/ginkgo/v2/ginkgo $(GINKGO_BIN) $(GINKGO_VER)
+
+$(GO_APIDIFF):
+	GOBIN=$(BIN_DIR) $(GO_INSTALL) github.com/joelanford/go-apidiff $(GO_APIDIFF_BIN) $(GO_APIDIFF_VER)
+
+$(SETUP_ENVTEST): 
+	GOBIN=$(BIN_DIR) $(GO_INSTALL) sigs.k8s.io/controller-runtime/tools/setup-envtest $(SETUP_ENVTEST_BIN) $(SETUP_ENVTEST_VER)
+
 .PHONY: operator
 operator:
 	go build -o bin/gke-operator main.go
 
+.PHONY: generate-go
+generate-go: $(MOCKGEN)
+	go generate ./pkg/gke/...
+
+.PHONY: test
+test: $(SETUP_ENVTEST) $(GINKGO)
+	KUBEBUILDER_ASSETS="$(KUBEBUILDER_ASSETS)" $(GINKGO) -v -r -p --trace --race ./pkg/... ./controller/...
+
+.PHONY: clean
+clean:
+	rm -rf build bin dist
+
 ALL_VERIFY_CHECKS = generate
 
 .PHONY: verify
@@ -73,6 +98,56 @@ verify-generate: generate
 		echo "generated files are out of date, run make generate"; exit 1; \
 	fi
 
-.PHONY: clean
-clean:
-	rm -rf build bin dist
+.PHONY: operator-chart
+operator-chart:
+	mkdir -p $(BIN_DIR)
+	cp -rf $(ROOT_DIR)/charts/gke-operator $(BIN_DIR)/chart
+	sed -i -e 's/tag:.*/tag: '${TAG}'/' $(BIN_DIR)/chart/values.yaml
+	sed -i -e 's|repository:.*|repository: '${REPO}'|' $(BIN_DIR)/chart/values.yaml
+	helm package --version ${CHART_VERSION} --app-version ${GIT_TAG} -d $(BIN_DIR)/ $(BIN_DIR)/chart
+	rm -Rf $(BIN_DIR)/chart
+
+.PHONY: crd-chart
+crd-chart:
+	mkdir -p $(BIN_DIR)
+	helm package --version ${CHART_VERSION} --app-version ${GIT_TAG} -d $(BIN_DIR)/ $(ROOT_DIR)/charts/gke-operator-crd
+	rm -Rf $(BIN_DIR)/chart
+
+.PHONY: charts
+charts:
+	$(MAKE) operator-chart
+	$(MAKE) crd-chart
+
+.PHONY: setup-kind
+setup-kind:
+	CLUSTER_NAME=$(CLUSTER_NAME) $(ROOT_DIR)/scripts/setup-kind-cluster.sh
+
+.PHONY: e2e-tests
+e2e-tests: $(GINKGO) charts
+	export EXTERNAL_IP=`kubectl get nodes -o jsonpath='{.items[].status.addresses[?(@.type == "InternalIP")].address}'` && \
+	export BRIDGE_IP="172.18.0.1" && \
+	export CONFIG_PATH=$(E2E_CONF_FILE) && \
+	export OPERATOR_CHART=$(OPERATOR_CHART) && \
+	export CRD_CHART=$(CRD_CHART) && \
+	cd $(ROOT_DIR)/test && $(GINKGO) $(ONLY_DEPLOY) -r -v ./e2e
+
+.PHONY: kind-e2e-tests
+kind-e2e-tests: docker-build-e2e setup-kind
+	kind load docker-image --name $(CLUSTER_NAME) ${REPO}:${TAG}
+	$(MAKE) e2e-tests
+
+kind-deploy-operator:
+	ONLY_DEPLOY="--label-filter=\"do-nothing\"" $(MAKE) kind-e2e-tests
+
+.PHONY: docker-build
+docker-build-e2e:
+	DOCKER_BUILDKIT=1 docker build \
+		-f test/e2e/Dockerfile.e2e \
+		--build-arg "TAG=${GIT_TAG}" \
+		--build-arg "COMMIT=${GIT_COMMIT}" \
+		--build-arg "COMMITDATE=${COMMITDATE}" \
+		-t ${REPO}:${TAG} .
+
+.PHOHY: delete-local-kind-cluster
+delete-local-kind-cluster: ## Delete the local kind cluster
+	kind delete cluster --name=$(CLUSTER_NAME)

controller/external.go

@@ -0,0 +1,82 @@
+package controller
+
+import (
+	"context"
+	"fmt"
+	"strings"
+
+	gkev1 "github.com/rancher/gke-operator/pkg/apis/gke.cattle.io/v1"
+	"github.com/rancher/gke-operator/pkg/gke"
+	wranglerv1 "github.com/rancher/wrangler/v2/pkg/generated/controllers/core/v1"
+	"golang.org/x/oauth2"
+	gkeapi "google.golang.org/api/container/v1"
+	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
+)
+
+func parseCredential(ref string) (namespace string, name string) {
+	parts := strings.SplitN(ref, ":", 2)
+	if len(parts) == 1 {
+		return "", parts[0]
+	}
+	return parts[0], parts[1]
+}
+
+func GetSecret(_ context.Context, secretsClient wranglerv1.SecretClient, configSpec *gkev1.GKEClusterConfigSpec) (string, error) {
+	ns, id := parseCredential(configSpec.GoogleCredentialSecret)
+	secret, err := secretsClient.Get(ns, id, metav1.GetOptions{})
+	if err != nil {
+		return "", err
+	}
+	dataBytes, ok := secret.Data["googlecredentialConfig-authEncodedJson"]
+	if !ok {
+		return "", fmt.Errorf("could not read malformed cloud credential secret %s from namespace %s", id, ns)
+	}
+	return string(dataBytes), nil
+}
+
+func GetCluster(ctx context.Context, secretsClient wranglerv1.SecretClient, configSpec *gkev1.GKEClusterConfigSpec) (*gkeapi.Cluster, error) {
+	cred, err := GetSecret(ctx, secretsClient, configSpec)
+	if err != nil {
+		return nil, err
+	}
+	gkeClient, err := gke.GetGKEClusterClient(ctx, cred)
+	if err != nil {
+		return nil, err
+	}
+	return gke.GetCluster(ctx, gkeClient, configSpec)
+}
+
+func GetTokenSource(ctx context.Context, secretsClient wranglerv1.SecretClient, configSpec *gkev1.GKEClusterConfigSpec) (oauth2.TokenSource, error) {
+	cred, err := GetSecret(ctx, secretsClient, configSpec)
+	if err != nil {
+		return nil, fmt.Errorf("error getting secret: %w", err)
+	}
+	ts, err := gke.GetTokenSource(ctx, cred)
+	if err != nil {
+		return nil, fmt.Errorf("error getting oauth2 token: %w", err)
+	}
+	return ts, nil
+}
+
+// BuildUpstreamClusterState creates an GKEClusterConfigSpec (spec for the GKE cluster state) from the existing
+// cluster configuration.
+func BuildUpstreamClusterState(ctx context.Context, secretsCache wranglerv1.SecretCache, secretClient wranglerv1.SecretClient, configSpec *gkev1.GKEClusterConfigSpec) (*gkev1.GKEClusterConfigSpec, error) {
+	cred, err := GetSecret(ctx, secretClient, configSpec)
+	if err != nil {
+		return nil, err
+	}
+	gkeClient, err := gke.GetGKEClusterClient(ctx, cred)
+	if err != nil {
+		return nil, err
+	}
+	gkeCluster, err := gke.GetCluster(ctx, gkeClient, configSpec)
+	if err != nil {
+		return nil, err
+	}
+
+	h := Handler{
+		secretsCache: secretsCache,
+		secrets:      secretClient,
+	}
+	return h.buildUpstreamClusterState(gkeCluster)
+}