Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Test configure_apiserver while addressing issue with authorization_modes #25

Merged
merged 1 commit into from
Jun 28, 2024
Merged

Test configure_apiserver while addressing issue with authorization_modes #25

merged 1 commit into from
Jun 28, 2024

Conversation

addyess
Copy link
Member

@addyess addyess commented Jun 28, 2024
edited
Loading

Overview

Addresses LP#2071488 by not assigning the output of list.remove back to the list. python's list.remove() always returns None

Details

  • ensures that this method that is changed is covered by SOME unit tests
  • makes the code more testable
  • fixes the issue by not assigning None to the list i meant to remove an item from

addyess
addyess commented Jun 28, 2024
View reviewed changes
charms/kubernetes_snaps.py
@@ -135,7 +135,7 @@ def configure_apiserver(
"Authorization mode includes 'Webhook' but no webhook config file is present."
"'Webhook' must be removed from authorization mode."
)
authorization_modes = authorization_modes.remove("Webhook")
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is the original thrust of the bug. Python's list.remove returns None. causing the following stack track:

  File "/var/lib/juju/agents/unit-kubernetes-control-plane-0/charm/./src/charm.py", line 541, in reconcile
    self.configure_apiserver()
  File "/var/lib/juju/agents/unit-kubernetes-control-plane-0/charm/./src/charm.py", line 141, in configure_apiserver
    kubernetes_snaps.configure_apiserver(
  File "/var/lib/juju/agents/unit-kubernetes-control-plane-0/charm/venv/charms/kubernetes_snaps.py", line 145, in configure_apiserver
    api_opts["authorization-mode"] = ",".join(authorization_modes)
TypeError: can only join an iterable

addyess
addyess commented Jun 28, 2024
View reviewed changes
charms/kubernetes_snaps.py
Comment on lines -166 to 173
audit_root = "/root/cdk/audit"
audit_log_path = audit_root + "/audit.log"
audit_policy_path = audit_root + "/audit-policy.yaml"
audit_webhook_conf_path = audit_root + "/audit-webhook-config.yaml"
os.makedirs(audit_root, exist_ok=True)
audit_root = Path("/root/cdk/audit")
audit_log_path = audit_root / "audit.log"
audit_policy_path = audit_root / "audit-policy.yaml"
audit_webhook_conf_path = audit_root / "audit-webhook-config.yaml"
audit_root.mkdir(exist_ok=True)

api_opts["audit-log-path"] = audit_log_path
api_opts["audit-log-path"] = str(audit_log_path)
api_opts["audit-log-maxage"] = "30"
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

These make the method more testable

addyess
addyess commented Jun 28, 2024
View reviewed changes
charms/kubernetes_snaps.py
Comment on lines -178 to 188
with open(audit_policy_path, "w") as f:
with audit_policy_path.open("w") as f:
f.write(audit_policy)
api_opts["audit-policy-file"] = audit_policy_path
api_opts["audit-policy-file"] = str(audit_policy_path)
else:
remove_if_exists(audit_policy_path)

if audit_webhook_conf:
with open(audit_webhook_conf_path, "w") as f:
with audit_webhook_conf_path.open("w") as f:
f.write(audit_webhook_conf)
api_opts["audit-webhook-config-file"] = audit_webhook_conf_path
api_opts["audit-webhook-config-file"] = str(audit_webhook_conf_path)
else:
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

again -- more test-ability -- only need to mock out Path

eaudetcobello
eaudetcobello approved these changes Jun 28, 2024
View reviewed changes
tests/unit/test_kubernetes_snaps.py

@mock.patch("charms.kubernetes_snaps.configure_kubernetes_service")
@mock.patch("charms.kubernetes_snaps.Path")
def test_configure_apiserver(mock_path, configure_kubernetes_service, external_cloud):
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nice! Useful test.

@addyess addyess merged commit ba0a524 into main Jun 28, 2024
6 checks passed
@addyess addyess deleted the bug/lp2071488/authorization-mode-cant-join-None branch June 28, 2024 17:29
addyess added a commit that referenced this pull request Jun 28, 2024
@addyess
Test configure_apiserver while addressing issue with authorization_mo…
6d16bdc 
…des (#25)
addyess added a commit that referenced this pull request Jun 28, 2024
@addyess
Test configure_apiserver while addressing issue with authorization_mo…
f195a00 
…des (#25)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eaudetcobello eaudetcobello eaudetcobello approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@addyess @eaudetcobello