|
| 1 | +/* |
| 2 | +Copyright 2025 The Kubernetes Authors. |
| 3 | +
|
| 4 | +Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | +you may not use this file except in compliance with the License. |
| 6 | +You may obtain a copy of the License at |
| 7 | +
|
| 8 | + http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | +
|
| 10 | +Unless required by applicable law or agreed to in writing, software |
| 11 | +distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | +See the License for the specific language governing permissions and |
| 14 | +limitations under the License. |
| 15 | +*/ |
| 16 | + |
| 17 | +package auth_test |
| 18 | + |
| 19 | +import ( |
| 20 | + "regexp" |
| 21 | + "testing" |
| 22 | + "unicode/utf8" |
| 23 | + |
| 24 | + "github.com/kubernetes-sigs/headlamp/backend/pkg/auth" |
| 25 | +) |
| 26 | + |
| 27 | +// FuzzSanitizeClusterName tests the SanitizeClusterName function with various inputs |
| 28 | +// to ensure it handles edge cases, special characters, and maintains its invariants. |
| 29 | +func FuzzSanitizeClusterName(f *testing.F) { |
| 30 | + // Seed corpus with known interesting test cases |
| 31 | + f.Add("my-cluster") |
| 32 | + f.Add("my_cluster") |
| 33 | + f.Add("cluster123") |
| 34 | + f.Add("my-cluster@#$%") |
| 35 | + f.Add("") |
| 36 | + f.Add("very-long-cluster-name-that-exceeds-fifty-characters-limit") |
| 37 | + f.Add("special!@#$%^&*()chars") |
| 38 | + f.Add("unicode-日本語-cluster") |
| 39 | + f.Add("spaces in name") |
| 40 | + f.Add("trailing-dash-") |
| 41 | + f.Add("-leading-dash") |
| 42 | + f.Add("___underscores___") |
| 43 | + f.Add("UPPERCASE") |
| 44 | + f.Add("MixedCase123") |
| 45 | + |
| 46 | + validCharsRegex := regexp.MustCompile(`^[a-zA-Z0-9\-_]*$`) |
| 47 | + |
| 48 | + f.Fuzz(func(t *testing.T, input string) { |
| 49 | + result := auth.SanitizeClusterName(input) |
| 50 | + |
| 51 | + // Invariant 1: Result should never be longer than 50 characters |
| 52 | + if len(result) > 50 { |
| 53 | + t.Errorf("SanitizeClusterName(%q) returned result with length %d, expected <= 50", input, len(result)) |
| 54 | + } |
| 55 | + |
| 56 | + // Invariant 2: Result should only contain alphanumeric characters, hyphens, and underscores |
| 57 | + if !validCharsRegex.MatchString(result) { |
| 58 | + t.Errorf("SanitizeClusterName(%q) = %q contains invalid characters", input, result) |
| 59 | + } |
| 60 | + |
| 61 | + // Invariant 3: Result should be a valid UTF-8 string |
| 62 | + if !utf8.ValidString(result) { |
| 63 | + t.Errorf("SanitizeClusterName(%q) = %q is not valid UTF-8", input, result) |
| 64 | + } |
| 65 | + |
| 66 | + // Invariant 4: If input is empty, result should be empty |
| 67 | + if input == "" && result != "" { |
| 68 | + t.Errorf("SanitizeClusterName(%q) = %q, expected empty string", input, result) |
| 69 | + } |
| 70 | + |
| 71 | + // Invariant 5: Result should be idempotent - sanitizing the result again should give the same result |
| 72 | + result2 := auth.SanitizeClusterName(result) |
| 73 | + if result != result2 { |
| 74 | + t.Errorf("SanitizeClusterName is not idempotent: first=%q, second=%q", result, result2) |
| 75 | + } |
| 76 | + |
| 77 | + // Invariant 6: Result length should never exceed input length (sanitization only removes characters) |
| 78 | + if len(input) > 0 && len(result) > len(input) { |
| 79 | + t.Errorf("SanitizeClusterName(%q) returned result longer than input: input_len=%d, result_len=%d", |
| 80 | + input, len(input), len(result)) |
| 81 | + } |
| 82 | + }) |
| 83 | +} |
0 commit comments