Initial work K8S client class (#276)

Initial work K8S client class

SUMMARY

Initial work on K8SClient Class.

Reviewed-by: Mike Graves <mgraves@redhat.com>
Reviewed-by: Alina Buzachis <None>
Reviewed-by: None <None>

tests/unit/module_utils/test_client.py

@@ -0,0 +1,159 @@
+import os
+import base64
+import tempfile
+import yaml
+import mock
+from mock import MagicMock
+
+from ansible_collections.kubernetes.core.plugins.module_utils.k8s.client import (
+    _create_auth_spec,
+    _create_configuration,
+)
+
+TEST_HOST = "test-host"
+TEST_SSL_HOST = "https://test-host"
+TEST_CLIENT_CERT = "/dev/null"
+TEST_CLIENT_KEY = "/dev/null"
+TEST_CERTIFICATE_AUTH = "/dev/null"
+TEST_DATA = "test-data"
+TEST_BEARER_TOKEN = "Bearer %s" % base64.standard_b64encode(TEST_DATA.encode()).decode()
+TEST_KUBE_CONFIG = {
+    "current-context": "federal-context",
+    "contexts": [
+        {
+            "name": "simple_token",
+            "context": {"cluster": "default", "user": "simple_token"},
+        }
+    ],
+    "clusters": [{"name": "default", "cluster": {"server": TEST_HOST}}],
+    "users": [
+        {
+            "name": "ssl-no_file",
+            "user": {
+                "token": TEST_BEARER_TOKEN,
+                "client-certificate": TEST_CLIENT_CERT,
+                "client-key": TEST_CLIENT_KEY,
+            },
+        }
+    ],
+}
+
+_temp_files = []
+
+
+def _remove_temp_file():
+    for f in _temp_files:
+        os.remove(f)
+
+
+def _create_temp_file(content=""):
+    handler, name = tempfile.mkstemp()
+    _temp_files.append(name)
+    os.write(handler, str.encode(content))
+    os.close(handler)
+    return name
+
+
+def test_create_auth_spec_ssl_no_options():
+    module = MagicMock()
+    module.params = {}
+    actual_auth_spec = _create_auth_spec(module)
+
+    assert "proxy_headers" in actual_auth_spec
+
+
+def test_create_auth_spec_ssl_options():
+    ssl_options = {
+        "host": TEST_SSL_HOST,
+        "token": TEST_BEARER_TOKEN,
+        "client_cert": TEST_CLIENT_CERT,
+        "client_key": TEST_CLIENT_KEY,
+        "ca_cert": TEST_CERTIFICATE_AUTH,
+        "validate_certs": True,
+    }
+    expected_auth_spec = {
+        "host": TEST_SSL_HOST,
+        "cert_file": TEST_CLIENT_CERT,
+        "key_file": TEST_CLIENT_KEY,
+        "ssl_ca_cert": TEST_CERTIFICATE_AUTH,
+        "verify_ssl": True,
+        "proxy_headers": {},
+    }
+
+    module = MagicMock()
+    module.params = ssl_options
+    actual_auth_spec = _create_auth_spec(module)
+
+    assert expected_auth_spec.items() <= actual_auth_spec.items()
+
+
+def test_create_auth_spec_ssl_options_no_verify():
+    ssl_options = {
+        "host": TEST_SSL_HOST,
+        "token": TEST_BEARER_TOKEN,
+        "client_cert": TEST_CLIENT_CERT,
+        "client_key": TEST_CLIENT_KEY,
+        "validate_certs": False,
+    }
+
+    expected_auth_spec = {
+        "host": TEST_SSL_HOST,
+        "cert_file": TEST_CLIENT_CERT,
+        "key_file": TEST_CLIENT_KEY,
+        "verify_ssl": False,
+        "proxy_headers": {},
+    }
+
+    module = MagicMock()
+    module.params = ssl_options
+    actual_auth_spec = _create_auth_spec(module)
+
+    assert expected_auth_spec.items() <= actual_auth_spec.items()
+
+
+@mock.patch.dict(os.environ, {"K8S_AUTH_PROXY_HEADERS_PROXY_BASIC_AUTH": "foo:bar"})
+@mock.patch.dict(os.environ, {"K8S_AUTH_PROXY_HEADERS_USER_AGENT": "foo/1.0"})
+@mock.patch.dict(os.environ, {"K8S_AUTH_CERT_FILE": TEST_CLIENT_CERT})
+def test_create_auth_spec_ssl_proxy():
+    expected_auth_spec = {
+        "kubeconfig": "~/.kube/customconfig",
+        "verify_ssl": True,
+        "cert_file": TEST_CLIENT_CERT,
+        "proxy_headers": {"proxy_basic_auth": "foo:bar", "user_agent": "foo/1.0"},
+    }
+    module = MagicMock()
+    options = {"validate_certs": True, "kubeconfig": "~/.kube/customconfig"}
+
+    module.params = options
+    actual_auth_spec = _create_auth_spec(module)
+
+    assert expected_auth_spec.items() <= actual_auth_spec.items()
+
+
+def test_load_kube_config_from_file_path():
+    config_file = _create_temp_file(yaml.safe_dump(TEST_KUBE_CONFIG))
+    auth = {"kubeconfig": config_file, "context": "simple_token"}
+    actual_configuration = _create_configuration(auth)
+
+    expected_configuration = {
+        "host": TEST_HOST,
+        "kubeconfig": config_file,
+        "context": "simple_token",
+    }
+
+    assert expected_configuration.items() <= actual_configuration.__dict__.items()
+    _remove_temp_file()
+
+
+def test_load_kube_config_from_dict():
+    auth_spec = {"kubeconfig": TEST_KUBE_CONFIG, "context": "simple_token"}
+    actual_configuration = _create_configuration(auth_spec)
+
+    expected_configuration = {
+        "host": TEST_HOST,
+        "kubeconfig": TEST_KUBE_CONFIG,
+        "context": "simple_token",
+    }
+
+    assert expected_configuration.items() <= actual_configuration.__dict__.items()
+    _remove_temp_file()