plugin/kubernetes/xfr_test.go

package kubernetes

import (
	"context"
	"strings"
	"testing"

	"github.com/coredns/coredns/plugin/pkg/dnstest"
	"github.com/coredns/coredns/plugin/test"

	"github.com/miekg/dns"
)

func TestKubernetesXFR(t *testing.T) {
	k := New([]string{"cluster.local."})
	k.APIConn = &APIConnServeTest{}
	k.TransferTo = []string{"10.240.0.1:53"}
	k.Namespaces = map[string]struct{}{"testns": {}}

	ctx := context.TODO()
	w := dnstest.NewMultiRecorder(&test.ResponseWriter{})
	dnsmsg := &dns.Msg{}
	dnsmsg.SetAxfr(k.Zones[0])

	_, err := k.ServeDNS(ctx, w, dnsmsg)
	if err != nil {
		t.Error(err)
	}

	if len(w.Msgs) == 0 {
		t.Logf("%+v\n", w)
		t.Fatal("Did not get back a zone response")
	}

	if len(w.Msgs[0].Answer) == 0 {
		t.Logf("%+v\n", w)
		t.Fatal("Did not get back an answer")
	}

	// Ensure xfr starts with SOA
	if w.Msgs[0].Answer[0].Header().Rrtype != dns.TypeSOA {
		t.Error("Invalid XFR, does not start with SOA record")
	}

	// Ensure xfr starts with SOA
	// Last message is empty, so we need to go back one further
	if w.Msgs[len(w.Msgs)-2].Answer[len(w.Msgs[len(w.Msgs)-2].Answer)-1].Header().Rrtype != dns.TypeSOA {
		t.Error("Invalid XFR, does not end with SOA record")
	}

	testRRs := []dns.RR{}
	for _, tc := range dnsTestCases {
		if tc.Rcode != dns.RcodeSuccess {
			continue
		}

		for _, ans := range tc.Answer {
			// Exclude wildcard searches
			if strings.Contains(ans.Header().Name, "*") {
				continue
			}

			// Exclude TXT records
			if ans.Header().Rrtype == dns.TypeTXT {
				continue
			}
			testRRs = append(testRRs, ans)
		}
	}

	gotRRs := []dns.RR{}
	for _, resp := range w.Msgs {
		for _, ans := range resp.Answer {
			// Skip SOA records since these
			// test cases do not exist
			if ans.Header().Rrtype == dns.TypeSOA {
				continue
			}

			gotRRs = append(gotRRs, ans)
		}

	}

	diff := difference(testRRs, gotRRs)
	if len(diff) != 0 {
		t.Errorf("Got back %d records that do not exist in test cases, should be 0:", len(diff))
		for _, rec := range diff {
			t.Errorf("%+v", rec)
		}
	}

	diff = difference(gotRRs, testRRs)
	if len(diff) != 0 {
		t.Errorf("Found %d records we're missing, should be 0:", len(diff))
		for _, rec := range diff {
			t.Errorf("%+v", rec)
		}
	}
}

func TestKubernetesXFRNotAllowed(t *testing.T) {
	k := New([]string{"cluster.local."})
	k.APIConn = &APIConnServeTest{}
	k.TransferTo = []string{"1.2.3.4:53"}
	k.Namespaces = map[string]struct{}{"testns": {}}

	ctx := context.TODO()
	w := dnstest.NewMultiRecorder(&test.ResponseWriter{})
	dnsmsg := &dns.Msg{}
	dnsmsg.SetAxfr(k.Zones[0])

	_, err := k.ServeDNS(ctx, w, dnsmsg)
	if err != nil {
		t.Error(err)
	}

	if len(w.Msgs) == 0 {
		t.Logf("%+v\n", w)
		t.Fatal("Did not get back a zone response")
	}

	if len(w.Msgs[0].Answer) != 0 {
		t.Logf("%+v\n", w)
		t.Fatal("Got an answer, should not have")
	}
}

// difference shows what we're missing when comparing two RR slices
func difference(testRRs []dns.RR, gotRRs []dns.RR) []dns.RR {
	expectedRRs := map[string]struct{}{}
	for _, rr := range testRRs {
		expectedRRs[rr.String()] = struct{}{}
	}

	foundRRs := []dns.RR{}
	for _, rr := range gotRRs {
		if _, ok := expectedRRs[rr.String()]; !ok {
			foundRRs = append(foundRRs, rr)
		}
	}
	return foundRRs
}
support for zone transfer for kubernetes (#1259) * plugin/kubernetes: axfr Hook up dynamic SOA serial by setting ResourceEventHandlerFuncs in dnsController. Add prototype of returns msg.Services via the Transfer function. Leave expanding this to RRs out of scope for a bit. * plugin/kubernetes: axfr Respond to AXFR queries * Fixing race condition * Fixing instantiation of dnstest writer * Updates from review 2018-02-08 10:11:04 -06:00			`package kubernetes`

			`import (`
all: fix plugin import ordering (#1717) Got a bit messed up with stb lib "context" usage. 2018-04-22 08:34:35 +01:00			`"context"`
support for zone transfer for kubernetes (#1259) * plugin/kubernetes: axfr Hook up dynamic SOA serial by setting ResourceEventHandlerFuncs in dnsController. Add prototype of returns msg.Services via the Transfer function. Leave expanding this to RRs out of scope for a bit. * plugin/kubernetes: axfr Respond to AXFR queries * Fixing race condition * Fixing instantiation of dnstest writer * Updates from review 2018-02-08 10:11:04 -06:00			`"strings"`
			`"testing"`

			`"github.com/coredns/coredns/plugin/pkg/dnstest"`
			`"github.com/coredns/coredns/plugin/test"`

			`"github.com/miekg/dns"`
			`)`

			`func TestKubernetesXFR(t *testing.T) {`
			`k := New([]string{"cluster.local."})`
			`k.APIConn = &APIConnServeTest{}`
plugin/kubernetes: Validate transfers are allowed (#2292) * check allowed transfers * add tests for parsing, and comment about refactor 2018-11-13 18:25:30 -05:00			`k.TransferTo = []string{"10.240.0.1:53"}`
cleanup by fmt and remove redundant type declarations (#2563) 2019-02-17 03:32:28 -05:00			`k.Namespaces = map[string]struct{}{"testns": {}}`
support for zone transfer for kubernetes (#1259) * plugin/kubernetes: axfr Hook up dynamic SOA serial by setting ResourceEventHandlerFuncs in dnsController. Add prototype of returns msg.Services via the Transfer function. Leave expanding this to RRs out of scope for a bit. * plugin/kubernetes: axfr Respond to AXFR queries * Fixing race condition * Fixing instantiation of dnstest writer * Updates from review 2018-02-08 10:11:04 -06:00
			`ctx := context.TODO()`
			`w := dnstest.NewMultiRecorder(&test.ResponseWriter{})`
			`dnsmsg := &dns.Msg{}`
			`dnsmsg.SetAxfr(k.Zones[0])`

			`_, err := k.ServeDNS(ctx, w, dnsmsg)`
			`if err != nil {`
			`t.Error(err)`
			`}`

			`if len(w.Msgs) == 0 {`
			`t.Logf("%+v\n", w)`
plugin/kubernetes: Validate transfers are allowed (#2292) * check allowed transfers * add tests for parsing, and comment about refactor 2018-11-13 18:25:30 -05:00			`t.Fatal("Did not get back a zone response")`
			`}`

			`if len(w.Msgs[0].Answer) == 0 {`
			`t.Logf("%+v\n", w)`
			`t.Fatal("Did not get back an answer")`
support for zone transfer for kubernetes (#1259) * plugin/kubernetes: axfr Hook up dynamic SOA serial by setting ResourceEventHandlerFuncs in dnsController. Add prototype of returns msg.Services via the Transfer function. Leave expanding this to RRs out of scope for a bit. * plugin/kubernetes: axfr Respond to AXFR queries * Fixing race condition * Fixing instantiation of dnstest writer * Updates from review 2018-02-08 10:11:04 -06:00			`}`

			`// Ensure xfr starts with SOA`
			`if w.Msgs[0].Answer[0].Header().Rrtype != dns.TypeSOA {`
			`t.Error("Invalid XFR, does not start with SOA record")`
			`}`

			`// Ensure xfr starts with SOA`
			`// Last message is empty, so we need to go back one further`
			`if w.Msgs[len(w.Msgs)-2].Answer[len(w.Msgs[len(w.Msgs)-2].Answer)-1].Header().Rrtype != dns.TypeSOA {`
			`t.Error("Invalid XFR, does not end with SOA record")`
			`}`

			`testRRs := []dns.RR{}`
			`for _, tc := range dnsTestCases {`
			`if tc.Rcode != dns.RcodeSuccess {`
			`continue`
			`}`

			`for _, ans := range tc.Answer {`
			`// Exclude wildcard searches`
			`if strings.Contains(ans.Header().Name, "*") {`
			`continue`
			`}`

			`// Exclude TXT records`
			`if ans.Header().Rrtype == dns.TypeTXT {`
			`continue`
			`}`
			`testRRs = append(testRRs, ans)`
			`}`
			`}`

			`gotRRs := []dns.RR{}`
			`for _, resp := range w.Msgs {`
			`for _, ans := range resp.Answer {`
			`// Skip SOA records since these`
			`// test cases do not exist`
			`if ans.Header().Rrtype == dns.TypeSOA {`
			`continue`
			`}`

			`gotRRs = append(gotRRs, ans)`
			`}`

			`}`

			`diff := difference(testRRs, gotRRs)`
			`if len(diff) != 0 {`
			`t.Errorf("Got back %d records that do not exist in test cases, should be 0:", len(diff))`
			`for _, rec := range diff {`
			`t.Errorf("%+v", rec)`
			`}`
			`}`

			`diff = difference(gotRRs, testRRs)`
			`if len(diff) != 0 {`
plugin/kubernetes: allow trimming down of cached items. (#2128) * Convert to runtime.Object to smaller structs This adds conversion for all the objects we want to keep in the cache. It keeps the minimum for CoreDNS to function and throws away the rest. The conversion: api.Endpoints -> object.Endpoints api.Pod -> object.Pod api.Serivce -> object.Service We needed to copy some client-go stuff to insert a conversion function into NewIndexInformers. Some unrelated cleanups in the watch functionality as that needed to be touched because of the above translation of objects. Signed-off-by: Miek Gieben <miek@miek.nl> * Reduce test line-count Signed-off-by: Miek Gieben <miek@miek.nl> * ....and fix test Signed-off-by: Miek Gieben <miek@miek.nl> * Drop use of append Signed-off-by: Miek Gieben <miek@miek.nl> * cosmetic changes Signed-off-by: Miek Gieben <miek@miek.nl> * that was a typo Signed-off-by: Miek Gieben <miek@miek.nl> * re-introduce append here We can't really use len() here because we don't know the number before hand. Signed-off-by: Miek Gieben <miek@miek.nl> * comment in better place Signed-off-by: Miek Gieben <miek@miek.nl> * Make the timestamp a bool; thats where it is used for Signed-off-by: Miek Gieben <miek@miek.nl> * Set incoming object to nil Explicataliy discard the converted object; we did a deep copy it's not needed anymore. Signed-off-by: Miek Gieben <miek@miek.nl> * Per Chris's comment Signed-off-by: Miek Gieben <miek@miek.nl> 2018-10-09 21:56:09 +01:00			`t.Errorf("Found %d records we're missing, should be 0:", len(diff))`
support for zone transfer for kubernetes (#1259) * plugin/kubernetes: axfr Hook up dynamic SOA serial by setting ResourceEventHandlerFuncs in dnsController. Add prototype of returns msg.Services via the Transfer function. Leave expanding this to RRs out of scope for a bit. * plugin/kubernetes: axfr Respond to AXFR queries * Fixing race condition * Fixing instantiation of dnstest writer * Updates from review 2018-02-08 10:11:04 -06:00			`for _, rec := range diff {`
			`t.Errorf("%+v", rec)`
			`}`
			`}`
			`}`

plugin/kubernetes: Validate transfers are allowed (#2292) * check allowed transfers * add tests for parsing, and comment about refactor 2018-11-13 18:25:30 -05:00			`func TestKubernetesXFRNotAllowed(t *testing.T) {`
			`k := New([]string{"cluster.local."})`
			`k.APIConn = &APIConnServeTest{}`
			`k.TransferTo = []string{"1.2.3.4:53"}`
cleanup by fmt and remove redundant type declarations (#2563) 2019-02-17 03:32:28 -05:00			`k.Namespaces = map[string]struct{}{"testns": {}}`
plugin/kubernetes: Validate transfers are allowed (#2292) * check allowed transfers * add tests for parsing, and comment about refactor 2018-11-13 18:25:30 -05:00
			`ctx := context.TODO()`
			`w := dnstest.NewMultiRecorder(&test.ResponseWriter{})`
			`dnsmsg := &dns.Msg{}`
			`dnsmsg.SetAxfr(k.Zones[0])`

			`_, err := k.ServeDNS(ctx, w, dnsmsg)`
			`if err != nil {`
			`t.Error(err)`
			`}`

			`if len(w.Msgs) == 0 {`
			`t.Logf("%+v\n", w)`
			`t.Fatal("Did not get back a zone response")`
			`}`

			`if len(w.Msgs[0].Answer) != 0 {`
			`t.Logf("%+v\n", w)`
			`t.Fatal("Got an answer, should not have")`
			`}`
			`}`

support for zone transfer for kubernetes (#1259) * plugin/kubernetes: axfr Hook up dynamic SOA serial by setting ResourceEventHandlerFuncs in dnsController. Add prototype of returns msg.Services via the Transfer function. Leave expanding this to RRs out of scope for a bit. * plugin/kubernetes: axfr Respond to AXFR queries * Fixing race condition * Fixing instantiation of dnstest writer * Updates from review 2018-02-08 10:11:04 -06:00			`// difference shows what we're missing when comparing two RR slices`
			`func difference(testRRs []dns.RR, gotRRs []dns.RR) []dns.RR {`
map bool -> map struct{} (#2386) This clear out the remaining map[x]bool usage and moves the bool to an empty struct. Two note worthy other changes: * EnableChaos in the server is now also exported to make it show up in the documentation. * The auto plugin is left as is, because there the boolean is explicitaly set to false to signal 'to-be-deleted' and the key is left as-is. Signed-off-by: Miek Gieben <miek@miek.nl> 2018-12-10 10:17:15 +00:00			`expectedRRs := map[string]struct{}{}`
support for zone transfer for kubernetes (#1259) * plugin/kubernetes: axfr Hook up dynamic SOA serial by setting ResourceEventHandlerFuncs in dnsController. Add prototype of returns msg.Services via the Transfer function. Leave expanding this to RRs out of scope for a bit. * plugin/kubernetes: axfr Respond to AXFR queries * Fixing race condition * Fixing instantiation of dnstest writer * Updates from review 2018-02-08 10:11:04 -06:00			`for _, rr := range testRRs {`
map bool -> map struct{} (#2386) This clear out the remaining map[x]bool usage and moves the bool to an empty struct. Two note worthy other changes: * EnableChaos in the server is now also exported to make it show up in the documentation. * The auto plugin is left as is, because there the boolean is explicitaly set to false to signal 'to-be-deleted' and the key is left as-is. Signed-off-by: Miek Gieben <miek@miek.nl> 2018-12-10 10:17:15 +00:00			`expectedRRs[rr.String()] = struct{}{}`
support for zone transfer for kubernetes (#1259) * plugin/kubernetes: axfr Hook up dynamic SOA serial by setting ResourceEventHandlerFuncs in dnsController. Add prototype of returns msg.Services via the Transfer function. Leave expanding this to RRs out of scope for a bit. * plugin/kubernetes: axfr Respond to AXFR queries * Fixing race condition * Fixing instantiation of dnstest writer * Updates from review 2018-02-08 10:11:04 -06:00			`}`

			`foundRRs := []dns.RR{}`
			`for _, rr := range gotRRs {`
			`if _, ok := expectedRRs[rr.String()]; !ok {`
			`foundRRs = append(foundRRs, rr)`
			`}`
			`}`
			`return foundRRs`
			`}`