hooking up aws validation k8s test

Author: drewmalin

internal/validation/suite.go

@@ -331,12 +331,19 @@ func RunKubernetesValidation(t *testing.T, config ProviderConfig, opts Kubernete
 		}
 	}()
 
-	// Test: Create Kubernetes Cluster
+	// Map the input subnet ref IDs to their real subnets
+	subnetRefIDs := make(map[string]*v1.Subnet)
+	for _, subnet := range vpc.GetSubnets() {
+		subnetRefIDs[subnet.GetRefID()] = subnet
+	}
+
+	// Convert the input subnet ref IDs to their real subnet IDs
 	subnetIDs := []v1.CloudProviderResourceID{}
-	for _, subnet := range opts.NetworkOpts.Subnets {
-		subnetIDs = append(subnetIDs, v1.CloudProviderResourceID(subnet.RefID))
+	for _, subnet := range opts.Subnets {
+		subnetIDs = append(subnetIDs, subnetRefIDs[subnet.RefID].GetID())
 	}
 
+	// Test: Create Kubernetes Cluster
 	var clusterID v1.CloudProviderResourceID
 	t.Run("ValidateCreateKubernetesCluster", func(t *testing.T) {
 		cluster, err := v1.ValidateCreateKubernetesCluster(ctx, client, v1.CreateClusterArgs{
@@ -392,7 +399,8 @@ func RunKubernetesValidation(t *testing.T, config ProviderConfig, opts Kubernete
 
 	// Test: Get Kubernetes Cluster Credentials
 	t.Run("ValidateGetKubernetesClusterCredentials", func(t *testing.T) {
-		_, err := v1.ValidateGetKubernetesClusterCredentials(ctx, client, v1.PutClusterUserArgs{
+		t.Skip("Under development")
+		_, err := v1.ValidateSetKubernetesClusterUser(ctx, client, v1.SetClusterUserArgs{
 			ClusterID:    clusterID,
 			Username:     opts.UserOpts.Username,
 			Role:         opts.UserOpts.Role,
@@ -442,8 +450,8 @@ func RunKubernetesValidation(t *testing.T, config ProviderConfig, opts Kubernete
 			Predicate: func(nodeGroup *v1.NodeGroup) bool {
 				return nodeGroup.GetStatus() == v1.NodeGroupStatusAvailable
 			},
-			Timeout:  5 * time.Minute,
-			Interval: 5 * time.Second,
+			Timeout:  20 * time.Minute,
+			Interval: 15 * time.Second,
 		})
 		require.NoError(t, err, "WaitForKubernetesNodeGroupToBeAvailable should pass")
 	})
@@ -475,8 +483,8 @@ func RunKubernetesValidation(t *testing.T, config ProviderConfig, opts Kubernete
 					nodeGroup.GetMinNodeCount() == opts.NodeGroupOpts.MinNodeCount+1 &&
 					nodeGroup.GetMaxNodeCount() == opts.NodeGroupOpts.MaxNodeCount+1
 			},
-			Timeout:  5 * time.Minute,
-			Interval: 5 * time.Second,
+			Timeout:  20 * time.Minute,
+			Interval: 15 * time.Second,
 		})
 		require.NoError(t, err, "WaitForKubernetesNodeGroupToBeAvailable should pass")
 	})
@@ -507,8 +515,8 @@ func RunKubernetesValidation(t *testing.T, config ProviderConfig, opts Kubernete
 			Predicate: func(_ *v1.Cluster) bool {
 				return false // continue until failure
 			},
-			Timeout:  5 * time.Minute,
-			Interval: 5 * time.Second,
+			Timeout:  20 * time.Minute,
+			Interval: 15 * time.Second,
 		})
 		require.ErrorIs(t, err, v1.ErrResourceNotFound)
 		clusterDeletionSucceeded = true

v1/kubernetes.go

@@ -478,8 +478,8 @@ type CloudMaintainKubernetes interface {
 	// Get a Kubernetes cluster identified by the provided args.
 	GetCluster(ctx context.Context, args GetClusterArgs) (*Cluster, error)
 
-	// Put a user into a Kubernetes cluster.
-	PutUser(ctx context.Context, args PutClusterUserArgs) (*ClusterUser, error)
+	// Idempotently set a user into a Kubernetes cluster.
+	SetClusterUser(ctx context.Context, args SetClusterUserArgs) (*ClusterUser, error)
 
 	// Create a new Kubernetes node group.
 	CreateNodeGroup(ctx context.Context, args CreateNodeGroupArgs) (*NodeGroup, error)
@@ -506,7 +506,7 @@ type CreateClusterArgs struct {
 	Tags              Tags
 }
 
-type PutClusterUserArgs struct {
+type SetClusterUserArgs struct {
 	ClusterID    CloudProviderResourceID
 	Username     string
 	RSAPEMBase64 string

v1/kubernetes_validation.go

@@ -53,13 +53,13 @@ func ValidateGetKubernetesCluster(ctx context.Context, client CloudMaintainKuber
 	return cluster, nil
 }
 
-// ValidateGetKubernetesClusterCredentials validates that the PutUser functionality works correctly.
-func ValidateGetKubernetesClusterCredentials(ctx context.Context, client CloudMaintainKubernetes, attrs PutClusterUserArgs) (*ClusterUser, error) {
-	putUserResponse, err := client.PutUser(ctx, attrs)
+// ValidateSetKubernetesClusterUser validates that the SetClusterUser functionality works correctly.
+func ValidateSetKubernetesClusterUser(ctx context.Context, client CloudMaintainKubernetes, attrs SetClusterUserArgs) (*ClusterUser, error) {
+	clusterUser, err := client.SetClusterUser(ctx, attrs)
 	if err != nil {
 		return nil, err
 	}
-	return putUserResponse, nil
+	return clusterUser, nil
 }
 
 // ValidateCreateKubernetesNodeGroup validates that the CreateNodeGroup functionality works correctly.

v1/notimplemented.go

@@ -147,7 +147,7 @@ func (c notImplCloudClient) GetCluster(_ context.Context, _ GetClusterArgs) (*Cl
 	return nil, ErrNotImplemented
 }
 
-func (c notImplCloudClient) PutUser(_ context.Context, _ PutClusterUserArgs) (*ClusterUser, error) {
+func (c notImplCloudClient) SetClusterUser(_ context.Context, _ SetClusterUserArgs) (*ClusterUser, error) {
 	return nil, ErrNotImplemented
 }
 

v1/providers/aws/client.go

@@ -10,6 +10,7 @@ import (
 	"github.com/aws/aws-sdk-go-v2/aws"
 	"github.com/aws/aws-sdk-go-v2/config"
 	"github.com/aws/aws-sdk-go-v2/credentials"
+	awslogging "github.com/aws/smithy-go/logging"
 )
 
 const CloudProviderID string = "aws"
@@ -73,23 +74,28 @@ func NewAWSClient(refID string, accessKeyID string, secretAccessKey string, regi
 
 	awsCredentials := credentials.NewStaticCredentialsProvider(accessKeyID, secretAccessKey, "")
 
+	awsClient := &AWSClient{
+		refID:  refID,
+		region: region,
+		logger: &v1.NoopLogger{},
+	}
+
+	for _, opt := range opts {
+		opt(awsClient)
+	}
+
 	awsConfig, err := config.LoadDefaultConfig(ctx,
 		config.WithCredentialsProvider(awsCredentials),
 		config.WithRegion(region),
+		config.WithLogger(&AWSLoggerAdapter{
+			logger: awsClient.logger,
+		}),
 	)
 	if err != nil {
 		return nil, fmt.Errorf("failed to load AWS config: %w", err)
 	}
 
-	awsClient := &AWSClient{
-		refID:     refID,
-		awsConfig: awsConfig,
-		region:    region,
-	}
-
-	for _, opt := range opts {
-		opt(awsClient)
-	}
+	awsClient.awsConfig = awsConfig
 
 	return awsClient, nil
 }
@@ -105,3 +111,17 @@ func (c *AWSClient) GetCloudProviderID() v1.CloudProviderID {
 func (c *AWSClient) GetReferenceID() string {
 	return c.refID
 }
+
+type AWSLoggerAdapter struct {
+	logger v1.Logger
+}
+
+func (l *AWSLoggerAdapter) Logf(classification awslogging.Classification, format string, v ...interface{}) {
+	ctx := context.Background()
+	switch classification {
+	case awslogging.Debug:
+		l.logger.Debug(ctx, fmt.Sprintf(format, v...))
+	case awslogging.Warn:
+		l.logger.Warn(ctx, fmt.Sprintf(format, v...))
+	}
+}

v1/providers/aws/kubernetes.go

@@ -218,7 +218,7 @@ func (c *AWSClient) installEKSAddons(ctx context.Context, eksClient *eks.Client,
 		return err
 	}
 
-	err = c.installEKSAddon(ctx, eksClient, eksCluster, "cert-manager")
+	err = c.installEKSAddon(ctx, eksClient, eksCluster, "cert-manager") // This requires nodes to complete!
 	if err != nil {
 		return err
 	}
@@ -729,7 +729,7 @@ func (c *AWSClient) DeleteNodeGroup(ctx context.Context, args v1.DeleteNodeGroup
 }
 
 // TODO: AWS EKS only supports IAM or OIDC authentication.
-func (c *AWSClient) PutUser(ctx context.Context, args v1.PutClusterUserArgs) (*v1.ClusterUser, error) {
+func (c *AWSClient) SetClusterUser(ctx context.Context, args v1.SetClusterUserArgs) (*v1.ClusterUser, error) {
 	err := validatePutUserArgs(args)
 	if err != nil {
 		return nil, errors.WrapAndTrace(err)
@@ -820,7 +820,7 @@ func (c *AWSClient) PutUser(ctx context.Context, args v1.PutClusterUserArgs) (*v
 	return brevClusterUser, nil
 }
 
-func validatePutUserArgs(args v1.PutClusterUserArgs) error {
+func validatePutUserArgs(args v1.SetClusterUserArgs) error {
 	errs := []error{}
 	if args.Username == "" {
 		errs = append(errs, fmt.Errorf("username is required"))

v1/providers/aws/kubernetes_test.go

@@ -141,7 +141,7 @@ func TestPutUser(t *testing.T) {
 		t.Fatalf("failed to create AWS client: %v", err)
 	}
 
-	config, err := awsClient.PutUser(context.Background(), v1.PutClusterUserArgs{
+	config, err := awsClient.SetClusterUser(context.Background(), v1.SetClusterUserArgs{
 		ClusterID:    v1.CloudProviderResourceID("cloud-sdk-test2"),
 		Username:     "test-user",
 		Role:         "cluster-admin",

v1/providers/aws/network.go

@@ -115,7 +115,7 @@ func (c *AWSClient) createCompleteVPC(ctx context.Context, awsClient *ec2.Client
 		}
 		publicSubnets = append(publicSubnets, publicSubnet)
 
-		brevSubnet, err := awsSubnetToCloudSubnet(publicSubnet, vpc)
+		brevSubnet, err := awsSubnetToCloudSubnet(publicSubnet, v1.SubnetTypePublic, vpc)
 		if err != nil {
 			return nil, nil, errors.WrapAndTrace(err)
 		}
@@ -133,7 +133,7 @@ func (c *AWSClient) createCompleteVPC(ctx context.Context, awsClient *ec2.Client
 			return nil, nil, errors.WrapAndTrace(err)
 		}
 
-		brevSubnet, err := awsSubnetToCloudSubnet(privateSubnet, vpc)
+		brevSubnet, err := awsSubnetToCloudSubnet(privateSubnet, v1.SubnetTypePrivate, vpc)
 		if err != nil {
 			return nil, nil, errors.WrapAndTrace(err)
 		}
@@ -276,7 +276,7 @@ func (c *AWSClient) createInternetGateway(ctx context.Context, awsClient *ec2.Cl
 	return internetGateway, nil
 }
 
-func awsSubnetToCloudSubnet(awsSubnet *types.Subnet, vpc *types.Vpc) (*v1.Subnet, error) {
+func awsSubnetToCloudSubnet(awsSubnet *types.Subnet, subnetType v1.SubnetType, vpc *types.Vpc) (*v1.Subnet, error) {
 	tags := make(map[string]string)
 	for _, tag := range awsSubnet.Tags {
 		tags[*tag.Key] = *tag.Value
@@ -289,7 +289,7 @@ func awsSubnetToCloudSubnet(awsSubnet *types.Subnet, vpc *types.Vpc) (*v1.Subnet
 		VPCID:     v1.CloudProviderResourceID(*vpc.VpcId),
 		Location:  *awsSubnet.AvailabilityZone,
 		CidrBlock: *awsSubnet.CidrBlock,
-		Type:      v1.SubnetTypePublic,
+		Type:      subnetType,
 		Tags:      v1.Tags(tags),
 	})
 	if err != nil {

v1/providers/aws/network_test.go

@@ -46,13 +46,13 @@ func TestCreateVPC(t *testing.T) {
 }
 
 func TestDeleteVPC(t *testing.T) {
-	awsClient, err := NewAWSClient("test", accessKeyID, secretAccessKey, "us-east-1")
+	awsClient, err := NewAWSClient("test", accessKeyID, secretAccessKey, "us-east-1", WithLogger(&validation.ValidationLogger{}))
 	if err != nil {
 		t.Fatalf("failed to create AWS client: %v", err)
 	}
 
 	err = awsClient.DeleteVPC(context.Background(), v1.DeleteVPCArgs{
-		ID: v1.CloudProviderResourceID("vpc-058c6bf7024c272dc"),
+		ID: v1.CloudProviderResourceID("vpc-0971c0a1800608e7b"),
 	})
 	if err != nil {
 		t.Fatalf("failed to delete VPC: %v", err)

v1/providers/aws/validation_kubernetes_test.go

@@ -0,0 +1,67 @@
+package v1
+
+import (
+	"fmt"
+	"os"
+	"testing"
+	"time"
+
+	"github.com/brevdev/cloud/internal/validation"
+	v1 "github.com/brevdev/cloud/v1"
+)
+
+func TestAWSKubernetesValidation(t *testing.T) {
+	testUserPrivateKeyPEMBase64 := os.Getenv("TEST_USER_PRIVATE_KEY_PEM_BASE64")
+
+	if accessKeyID == "" || secretAccessKey == "" {
+		t.Fatalf("AWS_ACCESS_KEY_ID and AWS_SECRET_ACCESS_KEY must be set")
+	}
+
+	config := validation.ProviderConfig{
+		Location:   "us-east-1",
+		Credential: NewAWSCredential(fmt.Sprintf("validation-%s", t.Name()), accessKeyID, secretAccessKey),
+	}
+
+	// Use the test name as the name of the cluster and node group
+	name := fmt.Sprintf("cloud-sdk-%s-%s", t.Name(), time.Now().UTC().Format("20060102150405"))
+
+	// Network CIDR
+	networkCidr := "10.0.0.0/16"
+
+	// Network subnets
+	pubSubnet1 := validation.KubernetesValidationSubnetOpts{Name: "pub-subnet-1", RefID: "pub-subnet-1", CidrBlock: "10.0.0.0/19", SubnetType: v1.SubnetTypePublic}
+	prvSubnet1 := validation.KubernetesValidationSubnetOpts{Name: "prv-subnet-1", RefID: "prv-subnet-1", CidrBlock: "10.0.32.0/19", SubnetType: v1.SubnetTypePrivate}
+	pubSubnet2 := validation.KubernetesValidationSubnetOpts{Name: "pub-subnet-2", RefID: "pub-subnet-2", CidrBlock: "10.0.64.0/19", SubnetType: v1.SubnetTypePublic}
+	prvSubnet2 := validation.KubernetesValidationSubnetOpts{Name: "prv-subnet-2", RefID: "prv-subnet-2", CidrBlock: "10.0.96.0/19", SubnetType: v1.SubnetTypePrivate}
+
+	validation.RunKubernetesValidation(t, config, validation.KubernetesValidationOpts{
+		Name:              name,
+		RefID:             name,
+		KubernetesVersion: "1.31",
+		// Associate the VPC with the private subnets
+		Subnets: []validation.KubernetesValidationSubnetOpts{prvSubnet1, prvSubnet2},
+		NetworkOpts: &validation.KubernetesValidationNetworkOpts{
+			Name:      name,
+			RefID:     name,
+			CidrBlock: networkCidr,
+			// Build the network with all subnets
+			Subnets: []validation.KubernetesValidationSubnetOpts{pubSubnet1, prvSubnet1, pubSubnet2, prvSubnet2},
+		},
+		NodeGroupOpts: &validation.KubernetesValidationNodeGroupOpts{
+			Name:         name,
+			RefID:        name,
+			InstanceType: "t3.medium",
+			DiskSizeGiB:  20,
+			MinNodeCount: 1,
+			MaxNodeCount: 1,
+		},
+		UserOpts: &validation.KubernetesValidationUserOpts{
+			Username:     "test-user",
+			Role:         "cluster-admin",
+			RSAPEMBase64: testUserPrivateKeyPEMBase64,
+		},
+		Tags: map[string]string{
+			"test": "TestKubernetesValidation",
+		},
+	})
+}