Refactor cluster application tests to centralize helm CA cert verification

e5c408e4 · Chris Baumbauer · 0d5be948 · e5c408e4 · e5c408e4 · e5c408e4
Commit e5c408e4 authored Nov 06, 2018 by Chris Baumbauer
6 changed files
--- a/spec/models/clusters/applications/ingress_spec.rb
+++ b/spec/models/clusters/applications/ingress_spec.rb
@@ -5,6 +5,7 @@ describe Clusters::Applications::Ingress do

  include_examples 'cluster application core specs', :clusters_applications_ingress
  include_examples 'cluster application status specs', :clusters_applications_ingress
+  include_examples 'cluster application helm specs', :clusters_applications_knative

  before do
    allow(ClusterWaitForIngressIpAddressWorker).to receive(:perform_in)
@@ -121,28 +122,5 @@ describe Clusters::Applications::Ingress do
      expect(values).to include('stats')
      expect(values).to include('podAnnotations')
    end
-
-    context 'when the helm application does not have a ca_cert' do
-      before do
-        application.cluster.application_helm.ca_cert = nil
-      end
-
-      it 'should not include cert files' do
-        expect(subject[:'ca.pem']).not_to be_present
-        expect(subject[:'cert.pem']).not_to be_present
-        expect(subject[:'key.pem']).not_to be_present
-      end
-    end
-
-    it 'should include cert files' do
-      expect(subject[:'ca.pem']).to be_present
-      expect(subject[:'ca.pem']).to eq(application.cluster.application_helm.ca_cert)
-
-      expect(subject[:'cert.pem']).to be_present
-      expect(subject[:'key.pem']).to be_present
-
-      cert = OpenSSL::X509::Certificate.new(subject[:'cert.pem'])
-      expect(cert.not_after).to be < 60.minutes.from_now
-    end
  end
 end
--- a/spec/models/clusters/applications/jupyter_spec.rb
+++ b/spec/models/clusters/applications/jupyter_spec.rb
@@ -2,6 +2,7 @@ require 'rails_helper'

 describe Clusters::Applications::Jupyter do
  include_examples 'cluster application core specs', :clusters_applications_jupyter
+  include_examples 'cluster application helm specs', :clusters_applications_knative

  it { is_expected.to belong_to(:oauth_application) }

@@ -79,29 +80,6 @@ describe Clusters::Applications::Jupyter do

    subject { application.files }

-    it 'should include cert files' do
-      expect(subject[:'ca.pem']).to be_present
-      expect(subject[:'ca.pem']).to eq(application.cluster.application_helm.ca_cert)
-
-      expect(subject[:'cert.pem']).to be_present
-      expect(subject[:'key.pem']).to be_present
-
-      cert = OpenSSL::X509::Certificate.new(subject[:'cert.pem'])
-      expect(cert.not_after).to be < 60.minutes.from_now
-    end
-
-    context 'when the helm application does not have a ca_cert' do
-      before do
-        application.cluster.application_helm.ca_cert = nil
-      end
-
-      it 'should not include cert files' do
-        expect(subject[:'ca.pem']).not_to be_present
-        expect(subject[:'cert.pem']).not_to be_present
-        expect(subject[:'key.pem']).not_to be_present
-      end
-    end
-
    it 'should include valid values' do
      expect(values).to include('ingress')
      expect(values).to include('hub')

--- a/spec/models/clusters/applications/knative_spec.rb
+++ b/spec/models/clusters/applications/knative_spec.rb
@@ -5,6 +5,7 @@ describe Clusters::Applications::Knative do

  include_examples 'cluster application core specs', :clusters_applications_knative
  include_examples 'cluster application status specs', :clusters_applications_knative
+  include_examples 'cluster application helm specs', :clusters_applications_knative

  describe '.installed' do
    subject { described_class.installed }
@@ -68,23 +69,5 @@ describe Clusters::Applications::Knative do
    it 'should include knative specific keys in the values.yaml file' do
      expect(values).to include('domain')
    end
-
-    context 'when the helm application does not have a ca_cert' do
-      before do
-        application.cluster.application_helm.ca_cert = nil
-      end
-
-      it 'should not include cert files when there is no ca_cert entry' do
-        expect(subject).not_to include(:'ca.pem', :'cert.pem', :'key.pem')
-      end
-    end
-
-    it 'should include cert files when there is a ca_cert entry' do
-      expect(subject).to include(:'ca.pem', :'cert.pem', :'key.pem')
-      expect(subject[:'ca.pem']).to eq(application.cluster.application_helm.ca_cert)
-
-      cert = OpenSSL::X509::Certificate.new(subject[:'cert.pem'])
-      expect(cert.not_after).to be < 60.minutes.from_now
-    end
  end
 end
--- a/spec/models/clusters/applications/prometheus_spec.rb
+++ b/spec/models/clusters/applications/prometheus_spec.rb
@@ -5,6 +5,7 @@ describe Clusters::Applications::Prometheus do

  include_examples 'cluster application core specs', :clusters_applications_prometheus
  include_examples 'cluster application status specs', :clusters_applications_prometheus
+  include_examples 'cluster application helm specs', :clusters_applications_knative

  describe '.installed' do
    subject { described_class.installed }
@@ -187,29 +188,6 @@ describe Clusters::Applications::Prometheus do

    subject { application.files }

-    it 'should include cert files' do
-      expect(subject[:'ca.pem']).to be_present
-      expect(subject[:'ca.pem']).to eq(application.cluster.application_helm.ca_cert)
-
-      expect(subject[:'cert.pem']).to be_present
-      expect(subject[:'key.pem']).to be_present
-
-      cert = OpenSSL::X509::Certificate.new(subject[:'cert.pem'])
-      expect(cert.not_after).to be < 60.minutes.from_now
-    end
-
-    context 'when the helm application does not have a ca_cert' do
-      before do
-        application.cluster.application_helm.ca_cert = nil
-      end
-
-      it 'should not include cert files' do
-        expect(subject[:'ca.pem']).not_to be_present
-        expect(subject[:'cert.pem']).not_to be_present
-        expect(subject[:'key.pem']).not_to be_present
-      end
-    end
-
    it 'should include prometheus valid values' do
      expect(values).to include('alertmanager')
      expect(values).to include('kubeStateMetrics')

--- a/spec/models/clusters/applications/runner_spec.rb
+++ b/spec/models/clusters/applications/runner_spec.rb
@@ -5,6 +5,7 @@ describe Clusters::Applications::Runner do

  include_examples 'cluster application core specs', :clusters_applications_runner
  include_examples 'cluster application status specs', :clusters_applications_runner
+  include_examples 'cluster application helm specs', :clusters_applications_knative

  it { is_expected.to belong_to(:runner) }

@@ -74,29 +75,6 @@ describe Clusters::Applications::Runner do

    subject { application.files }

-    it 'should include cert files' do
-      expect(subject[:'ca.pem']).to be_present
-      expect(subject[:'ca.pem']).to eq(application.cluster.application_helm.ca_cert)
-
-      expect(subject[:'cert.pem']).to be_present
-      expect(subject[:'key.pem']).to be_present
-
-      cert = OpenSSL::X509::Certificate.new(subject[:'cert.pem'])
-      expect(cert.not_after).to be < 60.minutes.from_now
-    end
-
-    context 'when the helm application does not have a ca_cert' do
-      before do
-        application.cluster.application_helm.ca_cert = nil
-      end
-
-      it 'should not include cert files' do
-        expect(subject[:'ca.pem']).not_to be_present
-        expect(subject[:'cert.pem']).not_to be_present
-        expect(subject[:'key.pem']).not_to be_present
-      end
-    end
-
    it 'should include runner valid values' do
      expect(values).to include('concurrent')
      expect(values).to include('checkInterval')

--- a/spec/support/shared_examples/models/cluster_application_helm_cert_examples.rb
+++ b/spec/support/shared_examples/models/cluster_application_helm_cert_examples.rb
+shared_examples 'cluster application helm specs' do |application_name|
+  let(:application) { create(application_name) }
+
+  describe '#files' do
+    subject { application.files }
+
+    context 'when the helm application does not have a ca_cert' do
+      before do
+        application.cluster.application_helm.ca_cert = nil
+      end
+
+      it 'should not include cert files when there is no ca_cert entry' do
+        expect(subject).not_to include(:'ca.pem', :'cert.pem', :'key.pem')
+      end
+    end
+
+    it 'should include cert files when there is a ca_cert entry' do
+      expect(subject).to include(:'ca.pem', :'cert.pem', :'key.pem')
+      expect(subject[:'ca.pem']).to eq(application.cluster.application_helm.ca_cert)
+
+      cert = OpenSSL::X509::Certificate.new(subject[:'cert.pem'])
+      expect(cert.not_after).to be < 60.minutes.from_now
+    end
+  end
+end