Added unit tests for new extenders

pkg/gardener/shoot/converter.go

@@ -55,38 +55,38 @@ type PatchOpts struct {
 }
 
 func NewConverterCreate(opts CreateOpts) Converter {
-	baseExtenders := baseExtenders(opts.ConverterConfig)
+	extendersForCreate := baseExtenders(opts.ConverterConfig)
 
-	baseExtenders = append(baseExtenders,
+	extendersForCreate = append(extendersForCreate,
 		extender2.NewProviderExtenderForCreateOperation(
 			opts.Provider.AWS.EnableIMDSv2,
 			opts.MachineImage.DefaultName,
 			opts.MachineImage.DefaultVersion,
 		))
 
-	baseExtenders = append(baseExtenders,
-		extender2.NewDNSExtender(opts.DNS.SecretName, opts.DNS.DomainPrefix, opts.DNS.ProviderType),
-		extender2.NewOidcExtender(opts.Kubernetes.DefaultOperatorOidc),
+	extendersForCreate = append(extendersForCreate,
+		extender2.NewDNSExtenderForCreate(opts.DNS.SecretName, opts.DNS.DomainPrefix, opts.DNS.ProviderType),
+		extender2.NewOidcExtenderForCreate(opts.Kubernetes.DefaultOperatorOidc),
 	)
 
-	baseExtenders = append(baseExtenders,
+	extendersForCreate = append(extendersForCreate,
 		extender2.NewKubernetesExtender(opts.Kubernetes.DefaultVersion, ""))
 
 	var zero auditlogs.AuditLogData
 	if opts.AuditLogData != zero {
-		baseExtenders = append(baseExtenders,
+		extendersForCreate = append(extendersForCreate,
 			auditlogs.NewAuditlogExtender(
 				opts.AuditLog.PolicyConfigMapName,
 				opts.AuditLogData))
 	}
 
-	return newConverter(opts.ConverterConfig, baseExtenders...)
+	return newConverter(opts.ConverterConfig, extendersForCreate...)
 }
 
 func NewConverterPatch(opts PatchOpts) Converter {
-	baseExtenders := baseExtenders(opts.ConverterConfig)
+	extendersForPatch := baseExtenders(opts.ConverterConfig)
 
-	baseExtenders = append(baseExtenders,
+	extendersForPatch = append(extendersForPatch,
 		extender2.NewProviderExtenderPatchOperation(
 			opts.Provider.AWS.EnableIMDSv2,
 			opts.MachineImage.DefaultName,
@@ -95,23 +95,23 @@ func NewConverterPatch(opts PatchOpts) Converter {
 			opts.ShootImageVersion,
 			opts.Zones))
 
-	baseExtenders = append(baseExtenders,
-		extender2.NewDNSExtenderFromShoot(opts.Extensions),
-		extender2.NewOidcExtenderFromShoot(opts.Kubernetes.DefaultOperatorOidc, opts.Extensions),
+	extendersForPatch = append(extendersForPatch,
+		extender2.NewDNSExtenderForPatch(opts.Extensions),
+		extender2.NewOidcExtenderForPatch(opts.Kubernetes.DefaultOperatorOidc, opts.Extensions),
 	)
 
-	baseExtenders = append(baseExtenders,
+	extendersForPatch = append(extendersForPatch,
 		extender2.NewKubernetesExtender(opts.Kubernetes.DefaultVersion, opts.ShootK8SVersion))
 
 	var zero auditlogs.AuditLogData
 	if opts.AuditLogData != zero {
-		baseExtenders = append(baseExtenders,
+		extendersForPatch = append(extendersForPatch,
 			auditlogs.NewAuditlogExtender(
 				opts.AuditLog.PolicyConfigMapName,
 				opts.AuditLogData))
 	}
 
-	return newConverter(opts.ConverterConfig, baseExtenders...)
+	return newConverter(opts.ConverterConfig, extendersForPatch...)
 }
 
 func (c Converter) ToShoot(runtime imv1.Runtime) (gardener.Shoot, error) {

pkg/gardener/shoot/extender/dns.go

@@ -73,7 +73,7 @@ func newDNSExtensionConfig(domain, secretName, dnsProviderType string) *DNSExten
 	}
 }
 
-func NewDNSExtenderFromShoot(extensions []gardener.Extension) func(runtime imv1.Runtime, shoot *gardener.Shoot) error {
+func NewDNSExtenderForPatch(extensions []gardener.Extension) func(runtime imv1.Runtime, shoot *gardener.Shoot) error {
 
 	return func(runtime imv1.Runtime, shoot *gardener.Shoot) error {
 		dnsExtension := func() *gardener.Extension {
@@ -93,7 +93,7 @@ func NewDNSExtenderFromShoot(extensions []gardener.Extension) func(runtime imv1.
 	}
 }
 
-func NewDNSExtender(secretName, domainPrefix, dnsProviderType string) func(runtime imv1.Runtime, shoot *gardener.Shoot) error {
+func NewDNSExtenderForCreate(secretName, domainPrefix, dnsProviderType string) func(runtime imv1.Runtime, shoot *gardener.Shoot) error {
 	return func(runtime imv1.Runtime, shoot *gardener.Shoot) error {
 		domain := fmt.Sprintf("%s.%s", runtime.Spec.Shoot.Name, domainPrefix)
 		isPrimary := true

pkg/gardener/shoot/extender/dns_test.go

@@ -2,6 +2,7 @@ package extender
 
 import (
 	"encoding/json"
+	"k8s.io/utils/ptr"
 	"testing"
 
 	gardener "github.com/gardener/gardener/pkg/apis/core/v1beta1"
@@ -13,7 +14,7 @@ import (
 )
 
 func TestDNSExtender(t *testing.T) {
-	t.Run("Create DNS config", func(t *testing.T) {
+	t.Run("Create DNS config for create scenario", func(t *testing.T) {
 		// given
 		secretName := "my-secret"
 		domainPrefix := "dev.mydomain.com"
@@ -25,7 +26,7 @@ func TestDNSExtender(t *testing.T) {
 				},
 			},
 		}
-		extender := NewDNSExtender(secretName, domainPrefix, dnsProviderType)
+		extender := NewDNSExtenderForCreate(secretName, domainPrefix, dnsProviderType)
 		shoot := fixEmptyGardenerShoot("test", "dev")
 
 		// when
@@ -43,6 +44,39 @@ func TestDNSExtender(t *testing.T) {
 		assert.Equal(t, secretName, shoot.Spec.Resources[0].Name)
 		assert.Equal(t, secretName, shoot.Spec.Resources[0].ResourceRef.Name)
 	})
+
+	t.Run("Create DNS config for patch scenario", func(t *testing.T) {
+		// given
+		runtimeShoot := imv1.Runtime{
+			Spec: imv1.RuntimeSpec{
+				Shoot: imv1.RuntimeShoot{
+					Name: "myshoot",
+				},
+			},
+		}
+
+		shoot := fixEmptyGardenerShoot("test", "dev")
+		emptyDnsExtension := gardener.Extension{
+			Type:           "shoot-dns-service",
+			ProviderConfig: &runtime.RawExtension{},
+			Disabled:       ptr.To(false),
+		}
+
+		shoot.Spec.Extensions = []gardener.Extension{
+			emptyDnsExtension,
+		}
+
+		extender := NewDNSExtenderForPatch(shoot.Spec.Extensions)
+
+		// when
+		err := extender(runtimeShoot, &shoot)
+
+		// then
+		require.NoError(t, err)
+		assert.Empty(t, shoot.Spec.DNS)
+		assert.Empty(t, shoot.Spec.Extensions[0].ProviderConfig)
+		assert.Equal(t, emptyDnsExtension, shoot.Spec.Extensions[0])
+	})
 }
 
 func assertExtensionConfig(t *testing.T, rawExtension *runtime.RawExtension) {

pkg/gardener/shoot/extender/oidc.go

@@ -15,7 +15,7 @@ func shouldDefaultOidcConfig(config gardener.OIDCConfig) bool {
 	return config.ClientID == nil && config.IssuerURL == nil
 }
 
-func NewOidcExtenderFromShoot(oidcProvider config.OidcProvider, extensions []gardener.Extension) func(runtime imv1.Runtime, shoot *gardener.Shoot) error {
+func NewOidcExtenderForPatch(oidcProvider config.OidcProvider, extensions []gardener.Extension) func(runtime imv1.Runtime, shoot *gardener.Shoot) error {
 	return func(runtime imv1.Runtime, shoot *gardener.Shoot) error {
 		oidcExtension := func() *gardener.Extension {
 			for _, extension := range extensions {
@@ -47,7 +47,7 @@ func NewOidcExtenderFromShoot(oidcProvider config.OidcProvider, extensions []gar
 	}
 }
 
-func NewOidcExtender(oidcProvider config.OidcProvider) func(runtime imv1.Runtime, shoot *gardener.Shoot) error {
+func NewOidcExtenderForCreate(oidcProvider config.OidcProvider) func(runtime imv1.Runtime, shoot *gardener.Shoot) error {
 	return func(runtime imv1.Runtime, shoot *gardener.Shoot) error {
 		setOIDCExtension(shoot)
 

pkg/gardener/shoot/extender/oidc_test.go

@@ -1,6 +1,8 @@
 package extender
 
 import (
+	"k8s.io/apimachinery/pkg/runtime"
+	"k8s.io/utils/ptr"
 	"testing"
 
 	gardener "github.com/gardener/gardener/pkg/apis/core/v1beta1"
@@ -12,72 +14,105 @@ import (
 )
 
 func TestOidcExtender(t *testing.T) {
-	const migratorLabel = "operator.kyma-project.io/created-by-migrator"
+	defaultOidc := config.OidcProvider{
+		ClientID:       "client-id",
+		GroupsClaim:    "groups",
+		IssuerURL:      "https://my.cool.tokens.com",
+		SigningAlgs:    []string{"RS256"},
+		UsernameClaim:  "sub",
+		UsernamePrefix: "-",
+	}
+
+	t.Run("OIDC should be added in create scenario", func(t *testing.T) {
+		// given
+		shoot := fixEmptyGardenerShoot("test", "kcp-system")
+		runtimeShoot := imv1.Runtime{
+			ObjectMeta: metav1.ObjectMeta{},
+			Spec: imv1.RuntimeSpec{
+				Shoot: imv1.RuntimeShoot{
+					Kubernetes: imv1.Kubernetes{
+						KubeAPIServer: imv1.APIServer{
+							OidcConfig: gardener.OIDCConfig{
+								ClientID:      &defaultOidc.ClientID,
+								GroupsClaim:   &defaultOidc.GroupsClaim,
+								IssuerURL:     &defaultOidc.IssuerURL,
+								SigningAlgs:   defaultOidc.SigningAlgs,
+								UsernameClaim: &defaultOidc.UsernameClaim,
+							},
+						},
+					},
+				},
+			},
+		}
+
+		// when
+		extender := NewOidcExtenderForCreate(defaultOidc)
+		err := extender(runtimeShoot, &shoot)
+
+		// then
+		require.NoError(t, err)
+
+		assert.Equal(t, runtimeShoot.Spec.Shoot.Kubernetes.KubeAPIServer.OidcConfig, *shoot.Spec.Kubernetes.KubeAPIServer.OIDCConfig)
+		assert.Equal(t, false, *shoot.Spec.Extensions[0].Disabled)
+		assert.Equal(t, "shoot-oidc-service", shoot.Spec.Extensions[0].Type)
+	})
+
+	emptyOidcExtension := gardener.Extension{
+		Type:           "shoot-oidc-service",
+		ProviderConfig: &runtime.RawExtension{},
+		Disabled:       ptr.To(false),
+	}
+
 	for _, testCase := range []struct {
-		name                         string
-		migratorLabel                map[string]string
-		expectedOidcExtensionEnabled bool
+		name              string
+		expectedExtension *gardener.Extension
 	}{
 		{
-			name:                         "label created-by-migrator=true should not configure OIDC",
-			migratorLabel:                map[string]string{migratorLabel: "true"},
-			expectedOidcExtensionEnabled: false,
+			name:              "OIDC extension should be added",
+			expectedExtension: &emptyOidcExtension,
 		},
 		{
-			name:                         "label created-by-migrator=false should configure OIDC",
-			migratorLabel:                map[string]string{migratorLabel: "false"},
-			expectedOidcExtensionEnabled: true,
+			name: "OIDC extension should not be added",
 		},
 	} {
-		t.Run(testCase.name, func(t *testing.T) {
-			// given
-			defaultOidc := config.OidcProvider{
-				ClientID:       "client-id",
-				GroupsClaim:    "groups",
-				IssuerURL:      "https://my.cool.tokens.com",
-				SigningAlgs:    []string{"RS256"},
-				UsernameClaim:  "sub",
-				UsernamePrefix: "-",
-			}
-
-			shoot := fixEmptyGardenerShoot("test", "kcp-system")
-			runtimeShoot := imv1.Runtime{
-				ObjectMeta: metav1.ObjectMeta{
-					Labels: map[string]string{
-						migratorLabel: testCase.migratorLabel[migratorLabel],
-					},
-				},
-				Spec: imv1.RuntimeSpec{
-					Shoot: imv1.RuntimeShoot{
-						Kubernetes: imv1.Kubernetes{
-							KubeAPIServer: imv1.APIServer{
-								OidcConfig: gardener.OIDCConfig{
-									ClientID:      &defaultOidc.ClientID,
-									GroupsClaim:   &defaultOidc.GroupsClaim,
-									IssuerURL:     &defaultOidc.IssuerURL,
-									SigningAlgs:   defaultOidc.SigningAlgs,
-									UsernameClaim: &defaultOidc.UsernameClaim,
-								},
+		runtimeShoot := imv1.Runtime{
+			Spec: imv1.RuntimeSpec{
+				Shoot: imv1.RuntimeShoot{
+					Kubernetes: imv1.Kubernetes{
+						KubeAPIServer: imv1.APIServer{
+							OidcConfig: gardener.OIDCConfig{
+								ClientID:      &defaultOidc.ClientID,
+								GroupsClaim:   &defaultOidc.GroupsClaim,
+								IssuerURL:     &defaultOidc.IssuerURL,
+								SigningAlgs:   defaultOidc.SigningAlgs,
+								UsernameClaim: &defaultOidc.UsernameClaim,
 							},
 						},
 					},
 				},
+			},
+		}
+
+		shoot := fixEmptyGardenerShoot("test", "kcp-system")
+
+		if testCase.expectedExtension != nil {
+			shoot.Spec.Extensions = []gardener.Extension{
+				*testCase.expectedExtension,
 			}
 
-			// when
-			extender := NewOidcExtender(defaultOidc)
+			extender := NewOidcExtenderForPatch(defaultOidc, shoot.Spec.Extensions)
 			err := extender(runtimeShoot, &shoot)
 
-			// then
 			require.NoError(t, err)
-
 			assert.Equal(t, runtimeShoot.Spec.Shoot.Kubernetes.KubeAPIServer.OidcConfig, *shoot.Spec.Kubernetes.KubeAPIServer.OIDCConfig)
-			if testCase.expectedOidcExtensionEnabled {
-				assert.Equal(t, testCase.expectedOidcExtensionEnabled, !*shoot.Spec.Extensions[0].Disabled)
+
+			if testCase.expectedExtension != nil {
+				assert.Equal(t, emptyOidcExtension, shoot.Spec.Extensions[0])
 				assert.Equal(t, "shoot-oidc-service", shoot.Spec.Extensions[0].Type)
 			} else {
 				assert.Equal(t, 0, len(shoot.Spec.Extensions))
 			}
-		})
+		}
 	}
+
 }