fix: shadow mode and test coverage

config/tests/base/kustomization.yaml

@@ -1,12 +1,20 @@
 apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 
+helmCharts:
+- repo: oci://registry-1.docker.io/bitnamicharts
+  name: redis
+  version: 20.5.0
+  releaseName: redis
+  valuesInline:
+    auth:
+      enabled: false
+
 images:
 - name: ghcr.io/doodlescheduling/ratelimit-controller
   newTag: latest
   newName: ratelimit-controller
 
 resources: 
 - ../../default
-- ratelimithub.yaml
 - verify-pod.yaml

config/tests/base/verify-pod.yaml

@@ -13,7 +13,7 @@ spec:
     args:
     - -v
     - --fail
-    - http://ratelimit-ui-test
+    - http://ratelimit-ratelimit:8080/healthcheck
     resources: {}
     securityContext:
       allowPrivilegeEscalation: false
@@ -22,4 +22,4 @@ spec:
       runAsNonRoot: true
       runAsUser: 1000
     terminationMessagePath: /dev/termination-log
-    terminationMessagePolicy: File
+    terminationMessagePolicy: File

config/tests/cases/default/kustomization.yaml

@@ -2,7 +2,8 @@ apiVersion: kustomize.config.k8s.io/v1beta1
 kind: Kustomization
 namespace: ratelimit-system
 
+
 resources: 
 - ../../base
-- ratelimitdefinition.yaml
-- ratelimitspecification.yaml
+- ratelimitservice.yaml
+- ratelimitrules.yaml

config/tests/cases/default/ratelimitrules.yaml

@@ -0,0 +1,29 @@
+apiVersion: ratelimit.infra.doodle.com/v1beta1
+kind: RateLimitRule
+metadata: 
+  name: catchall-rule
+spec:
+  domain: apis.example.com
+  unit: hour
+  requestsPerUnit: 100
+  shadowMode: true
+  descriptors:
+  - key: generic_key
+  - key: authorization
+---
+apiVersion: ratelimit.infra.doodle.com/v1beta1
+kind: RateLimitRule
+metadata: 
+  name: service-2
+spec:
+  domain: apis.example.com
+  unit: hour
+  requestsPerUnit: 100
+  shadowMode: true
+  replaces:
+  - name: catchall-rule
+  descriptors:
+  - key: generic_key
+    value: name=service-2
+  - key: generic_key
+  - key: authorization

config/tests/cases/default/ratelimitservice.yaml

@@ -0,0 +1,35 @@
+apiVersion: ratelimit.infra.doodle.com/v1beta1
+kind: RateLimitService
+metadata: 
+  name: ratelimit
+spec:
+  ruleSelector: {}
+  deploymentTemplate:
+    spec:
+      template:
+        spec:
+          containers:
+          - name: ratelimit
+            env:
+            - name: LOG_LEVEL
+              value: debug
+            - name: REDIS_PIPELINE_WINDOW
+              value: 150us
+            - name: LIMIT_RESPONSE_HEADERS_ENABLED
+              value: "true"
+            - name: USE_STATSD
+              value: "true"
+            - name: STATSD_HOST
+              value: localhost
+            - name: STATSD_PORT
+              value: "9125"
+            - name: LOG_FORMAT
+              value: json
+            - name: REDIS_SOCKET_TYPE
+              value: tcp
+            - name: REDIS_URL
+              value: redis-master:6379
+            - name: REDIS_TYPE
+              value: single
+            - name: REDIS_TLS
+              value: "false"

internal/controllers/ratelimitservice_controller.go

@@ -256,6 +256,8 @@ func (r *RateLimitServiceReconciler) rulesToDescriptorSet(service infrav1beta1.R
 			}
 		}
 
+		lastDescriptor.DetailedMetric = rule.Spec.DetailedMetric
+		lastDescriptor.ShadowMode = rule.Spec.ShadowMode
 		lastDescriptor.RateLimit = &YamlRateLimit{
 			RequestsPerUnit: rule.Spec.RequestsPerUnit,
 			Unit:            rule.Spec.Unit,
@@ -304,17 +306,22 @@ func (r *RateLimitServiceReconciler) reconcile(ctx context.Context, service infr
 	}
 
 	var (
-		gid          int64 = 10000
-		uid          int64 = 10000
-		runAsNonRoot bool  = true
-		replicas     int32 = 1
+		gid             int64 = 10000
+		uid             int64 = 10000
+		runAsNonRoot    bool  = true
+		replicas        int32 = 1
+		controllerOwner       = true
+		labels                = map[string]string{
+			"app.kubernetes.io/instance":   "ratelimit",
+			"app.kubernetes.io/name":       "ratelimit",
+			"ratelimit-controller/service": service.Name,
+		}
 	)
 
-	controllerOwner := true
-
 	cmTemplate := &corev1.ConfigMap{
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      fmt.Sprintf("ratelimit-%s", service.Name),
+			Labels:    labels,
 			Namespace: service.Namespace,
 			OwnerReferences: []metav1.OwnerReference{
 				{
@@ -420,11 +427,7 @@ func (r *RateLimitServiceReconciler) reconcile(ctx context.Context, service infr
 	}
 
 	template.Spec.Selector = &metav1.LabelSelector{
-		MatchLabels: map[string]string{
-			"app.kubernetes.io/instance":   "ratelimit",
-			"app.kubernetes.io/name":       "ratelimit",
-			"ratelimit-controller/service": service.Name,
-		},
+		MatchLabels: labels,
 	}
 
 	if template.Spec.Replicas == nil {
@@ -531,6 +534,7 @@ func (r *RateLimitServiceReconciler) reconcile(ctx context.Context, service infr
 		ObjectMeta: metav1.ObjectMeta{
 			Name:      fmt.Sprintf("ratelimit-%s", service.Name),
 			Namespace: service.Namespace,
+			Labels:    labels,
 			OwnerReferences: []metav1.OwnerReference{
 				{
 					Name:       service.Name,
@@ -554,11 +558,7 @@ func (r *RateLimitServiceReconciler) reconcile(ctx context.Context, service infr
 					TargetPort: intstr.IntOrString{StrVal: "grpc", Type: intstr.String},
 				},
 			},
-			Selector: map[string]string{
-				"app.kubernetes.io/instance":   "ratelimit",
-				"app.kubernetes.io/name":       "ratelimit",
-				"ratelimit-controller/service": service.Name,
-			},
+			Selector: labels,
 		},
 	}
 
@@ -602,7 +602,7 @@ func (r *RateLimitServiceReconciler) reconcile(ctx context.Context, service infr
 		}
 
 	} else {
-		if !isOwner(&service, &cm) {
+		if !isOwner(&service, &deployment) {
 			return service, ctrl.Result{}, fmt.Errorf("can not take ownership of existing deployment: %s", deployment.Name)
 		}