MCPcopy
hub / github.com/cilium/cilium / TestHandleK8sDelete

Function TestHandleK8sDelete

pkg/allocator/allocator_test.go:468–526  ·  view source on GitHub ↗

TestHandleK8sDelete tests the behavior of the allocator of handling OnDelete events when master key protection is enabled vs disabled.

(t *testing.T)

Source from the content-addressed store, hash-verified

466// TestHandleK8sDelete tests the behavior of the allocator of handling OnDelete events
467// when master key protection is enabled vs disabled.
468func TestHandleK8sDelete(t *testing.T) {
469
470 masterKeyRecreateMaxInterval = time.Millisecond
471 backend := newDummyBackend()
472
473 alloc, err := NewAllocator(hivetest.Logger(t), TestAllocatorKey(""), backend)
474 alloc.idPool = idpool.NewIDPool(1234, 1234)
475 alloc.enableMasterKeyProtection = true
476 require.NoError(t, err)
477
478 _, newlyAllocated, first, err := alloc.Allocate(context.Background(), TestAllocatorKey("foo"))
479 require.NoError(t, err)
480 require.True(t, first)
481 require.True(t, newlyAllocated)
482
483 var counter atomic.Uint32
484 backend.setUpdateMasterKeyMutator(func(ctx context.Context, id idpool.ID, key AllocatorKey) error {
485 counter.Add(1)
486 if counter.Load() <= 2 {
487 return fmt.Errorf("updateKey failed: %d", counter.Load())
488 }
489 return nil
490 })
491
492 assertBackendContains := func(t assert.TestingT, id int, key string) {
493 k, err := backend.GetByID(context.TODO(), idpool.ID(id))
494 assert.NoError(t, err)
495 assert.Equal(t, key, k.GetKey())
496 }
497
498 // 1. Simulate a delete event, where master key protection is enabled
499 // and the identity is owned locally.
500 assertBackendContains(t, 1234, "foo")
501
502 alloc.mainCache.OnDelete(1234, TestAllocatorKey("foo"))
503 // Check that the identity was retried multiple times by master key protection.
504 assert.EventuallyWithT(t, func(c *assert.CollectT) {
505 assert.Equal(c, uint32(3), counter.Load())
506 }, time.Second, time.Millisecond)
507
508 assert.Contains(t, alloc.mainCache.nextCache, idpool.ID(1234))
509 assert.Contains(t, alloc.mainCache.nextKeyCache, "foo")
510
511 // 2. Simulate a delete event, where master key protection is disabled.
512 alloc.enableMasterKeyProtection = false
513 alloc.mainCache.OnDelete(1234, TestAllocatorKey("foo"))
514 assert.NotContains(t, alloc.mainCache.nextCache, idpool.ID(1234))
515 assert.NotContains(t, alloc.mainCache.nextKeyCache, "foo")
516
517 // 3. Simulate delete event where master key protection is enabled
518 // but the identity is not owned locally.
519 alloc.enableMasterKeyProtection = true
520 alloc.mainCache.OnUpsert(4321, TestAllocatorKey("bar"))
521 assert.Contains(t, alloc.mainCache.nextCache, idpool.ID(4321))
522 assert.Contains(t, alloc.mainCache.nextKeyCache, "bar")
523 alloc.mainCache.OnDelete(idpool.ID(4321), TestAllocatorKey("bar"))
524 assert.NotContains(t, alloc.mainCache.nextCache, idpool.ID(4321))
525 assert.NotContains(t, alloc.mainCache.nextKeyCache, "bar")

Callers

nothing calls this directly

Calls 15

AllocateMethod · 0.95
NewIDPoolFunction · 0.92
IDTypeAlias · 0.92
newDummyBackendFunction · 0.85
NewAllocatorFunction · 0.85
TestAllocatorKeyTypeAlias · 0.70
LoggerMethod · 0.65
AddMethod · 0.65
GetByIDMethod · 0.65
EqualMethod · 0.65
GetKeyMethod · 0.65

Tested by

no test coverage detected

Used in the wild real call sites across dependent graphs

searching dependent graphs…