varnitgoyal95/deployment-portal-fe
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

INFRA-1757 | Ashvin | Add test for change request detection algorithm

Browse Source
This commit is contained in:
Ashvin Sharma
2023-03-31 16:07:00 +05:30
parent a400311b7f
commit d6ba508bf4
2 changed files with 233 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

265
__tests__/helper/ChangeRequest.ts
View File

@@ -1,31 +1,49 @@
import { getBreachedValues } from "../../src/helper/ChangeRequest";
import _ from "lodash";
describe("Change request test", () => {
const limitObject = {
deployment: {
securityGroup: {
rules: {
ingressCidr: { approvalFrom: ["Security"], values: ["0.0.0.0/0"] }
}
}
}
};
it("blocking 0.0.0.0/0", () => {
const manifestObject = {
describe("Create CR", () => {
const limitObject = {
deployment: {
id: 5,
loadBalancers: [],
cluster: "nonprod.np.navi-tech.in",
securityGroup: [
{
ids: [],
name: "sgname",
rules: [
{ description: "", fromPort: 443, ingressCidr: ["1.1.1.1/1", "0.0.0.0/0"] }
loadBalancers: {
approvalFrom: [],
forEach: {
object: [
'{"accessPolicies": ["officeIp"]}',
'{"accessPolicies": ["internetFacing"]}'
]
}
]
},
securityGroup: {
rules: {
ingressCidr: { approvalFrom: ["Security"], values: ["0.0.0.0/0"] }
}
},
elasticSearch: {
approvalFrom: [],
environments: ["qa", "dev"],
instance: {
cpu: {
approvalFrom: [],
upperBound: 2
},
memory: {
approvalFrom: [],
upperBound: 4096
},
diskSpace: {
approvalFrom: [],
upperBound: 30000
}
}
}
}
};
const sampleManifestObject = {
deployment: {
id: 5,
cluster: "nonprod.np.navi-tech.in"
}
};
@@ -33,27 +51,196 @@ describe("Change request test", () => {
deployment: {
id: 5,
loadBalancers: [],
cluster: "nonprod.np.navi-tech.in",
securityGroup: [{ ids: [], name: "sgname", rules: [
{ description: "", fromPort: 443, ingressCidr: ["1.1.1.1/1"] }
] }]
cluster: "nonprod.np.navi-tech.in"
}
};
const values = getBreachedValues(
limitObject,
manifestObject,
preManifestObject,
true
);
it("when 0.0.0.0/0 is whitelisted in ingress", () => {
const manifestObject = _.cloneDeep(sampleManifestObject);
manifestObject.deployment["securityGroup"] = [
{
ids: [],
name: "sgname",
rules: [
{
description: "",
fromPort: 443,
ingressCidr: ["1.1.1.1/1", "0.0.0.0/0"]
}
]
}
];
const expected = [{
op: "replace",
path: "/deployment/securityGroup/0/rules/0/ingressCidr",
limitPath: "/deployment/securityGroup/rules/ingressCidr",
value: ["1.1.1.1/1", "0.0.0.0/0"]
}];
preManifestObject.deployment["securityGroup"] = [
{
ids: [],
name: "sgname",
rules: [
{ description: "", fromPort: 443, ingressCidr: ["1.1.1.1/1"] }
]
}
];
expect(values).toStrictEqual(expected);
const values = getBreachedValues(
limitObject,
manifestObject,
preManifestObject,
true
);
const expected = [
{
op: "replace",
path: "/deployment/securityGroup/0/rules/0/ingressCidr",
limitPath: "/deployment/securityGroup/rules/ingressCidr",
value: ["1.1.1.1/1", "0.0.0.0/0"]
}
];
expect(values).toStrictEqual(expected);
expect(
manifestObject.deployment["securityGroup"][0]["rules"][0]["ingressCidr"]
).toStrictEqual(
preManifestObject.deployment["securityGroup"][0]["rules"][0][
"ingressCidr"
]
);
});
it("when internet policy is officeIp", () => {
const manifestObject = _.cloneDeep(sampleManifestObject);
const lb = {
id: 8,
endpoint: "testonethree.np.navi-tech.in",
extraSecurityGroups: [],
accessPolicies: ["officeIp"],
stickiness: false,
isDeployed: false,
idleTimeout: 60,
name: "alb3",
type: "alb"
};
manifestObject.deployment["loadBalancers"] = [lb];
const actual = getBreachedValues(
limitObject,
manifestObject,
preManifestObject,
true
);
const expected = [
{
op: "replace",
path: "/deployment/loadBalancers/0",
limitPath: "/deployment/loadBalancers",
value: lb
}
];
expect(actual).toStrictEqual(expected);
expect(manifestObject.deployment["loadBalancers"]).toStrictEqual(preManifestObject.deployment["loadBalancers"])
});
it("when internet policy is internetFacing", () => {
const manifestObject = _.cloneDeep(sampleManifestObject);
const lb = {
id: 8,
endpoint: "testonethree.np.navi-tech.in",
extraSecurityGroups: [],
accessPolicies: ["internetFacing"],
stickiness: false,
isDeployed: false,
idleTimeout: 60,
name: "alb3",
type: "alb"
};
manifestObject.deployment["loadBalancers"] = [lb];
const actual = getBreachedValues(
limitObject,
manifestObject,
preManifestObject,
false
);
const expected = [
{
op: "replace",
path: "/deployment/loadBalancers/0",
limitPath: "/deployment/loadBalancers",
value: lb
}
];
expect(actual).toStrictEqual(expected);
});
it("when elasticSearch is created in one of the blacklisted env with over the limit values", () => {
const environment = "qa";
const manifest = {
environment: environment,
deployment: {
elasticSearch: {
kibana: null,
enabled: true,
instance: {
cpu: "2",
memory: "4Gi",
password: "${elastic}",
diskSpace: "40Gi",
instanceName: "instanename"
}
}
}
};
const preManifest = {
environment: environment,
deployment: {}
};
const actual = getBreachedValues(
limitObject,
manifest,
preManifest,
false
);
const expected = [
{
op: "add",
path: "/deployment/elasticSearch",
limitPath: "/deployment/elasticSearch",
value: {
kibana: null,
enabled: true,
instance: {
cpu: "2",
memory: "4Gi",
password: "${elastic}",
diskSpace: "40Gi",
instanceName: "instanename"
}
}
},
{
op: "add",
path: "/deployment/elasticSearch/instance/cpu",
limitPath: "/deployment/elasticSearch/instance/cpu",
value: "2"
},
{
op: "add",
path: "/deployment/elasticSearch/instance/memory",
limitPath: "/deployment/elasticSearch/instance/memory",
value: "4Gi"
},
{
op: "add",
path: "/deployment/elasticSearch/instance/diskSpace",
limitPath: "/deployment/elasticSearch/instance/diskSpace",
value: "40Gi"
}
];
expect(actual).toStrictEqual(expected);
});
});
});