forked from openshift/origin
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathtemplateservicebroker_bind.go
124 lines (103 loc) · 4.43 KB
/
templateservicebroker_bind.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
package templates
import (
"context"
"fmt"
"time"
g "github.com/onsi/ginkgo"
o "github.com/onsi/gomega"
"github.com/pborman/uuid"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/util/wait"
"k8s.io/apiserver/pkg/authentication/user"
kapi "k8s.io/kubernetes/pkg/apis/core"
"k8s.io/kubernetes/test/e2e/framework"
authorizationapi "github.com/openshift/origin/pkg/authorization/apis/authorization"
"github.com/openshift/origin/pkg/cmd/server/bootstrappolicy"
"github.com/openshift/origin/pkg/templateservicebroker/openservicebroker/api"
"github.com/openshift/origin/pkg/templateservicebroker/openservicebroker/client"
exutil "github.com/openshift/origin/test/extended/util"
)
var _ = g.Describe("[Conformance][templates] templateservicebroker bind test", func() {
defer g.GinkgoRecover()
var (
cli = exutil.NewCLI("templates", exutil.KubeConfigPath())
instanceID = "aadda50d-d92c-402d-bd29-5ed2095aad2c"
bindingID = uuid.NewRandom().String()
serviceID = "d261a5c9-db37-40b5-ac0f-5709e0e3aac4"
fixture = exutil.FixturePath("testdata", "templates", "templateservicebroker_bind.yaml")
clusterrolebinding *authorizationapi.ClusterRoleBinding
brokercli client.Client
cliUser user.Info
)
g.Context("", func() {
g.BeforeEach(func() {
framework.SkipIfProviderIs("gce")
var err error
brokercli, err = TSBClient(cli)
o.Expect(err).NotTo(o.HaveOccurred())
cliUser = &user.DefaultInfo{Name: cli.Username(), Groups: []string{"system:authenticated"}}
// enable unauthenticated access to the service broker
clusterrolebinding, err = cli.AdminAuthorizationClient().Authorization().ClusterRoleBindings().Create(&authorizationapi.ClusterRoleBinding{
ObjectMeta: metav1.ObjectMeta{
Name: cli.Namespace() + "templateservicebroker-client",
},
RoleRef: kapi.ObjectReference{
Name: bootstrappolicy.TemplateServiceBrokerClientRoleName,
},
Subjects: []kapi.ObjectReference{
{
Kind: authorizationapi.GroupKind,
Name: bootstrappolicy.UnauthenticatedGroup,
},
},
})
o.Expect(err).NotTo(o.HaveOccurred())
err = cli.AsAdmin().Run("new-app").Args(fixture, "-p", "NAMESPACE="+cli.Namespace()).Execute()
o.Expect(err).NotTo(o.HaveOccurred())
// wait for templateinstance controller to do its thing
err = wait.Poll(time.Second, time.Minute, func() (bool, error) {
templateinstance, err := cli.InternalTemplateClient().Template().TemplateInstances(cli.Namespace()).Get(instanceID, metav1.GetOptions{})
if err != nil {
return false, err
}
for _, c := range templateinstance.Status.Conditions {
if c.Reason == "Failed" && c.Status == kapi.ConditionTrue {
return false, fmt.Errorf("failed condition: %s", c.Message)
}
if c.Reason == "Created" && c.Status == kapi.ConditionTrue {
return true, nil
}
}
return false, nil
})
o.Expect(err).NotTo(o.HaveOccurred())
})
g.AfterEach(func() {
if g.CurrentGinkgoTestDescription().Failed {
ns := cli.Namespace()
cli.SetNamespace("openshift-template-service-broker")
exutil.DumpPodStates(cli.AsAdmin())
exutil.DumpPodLogsStartingWith("", cli.AsAdmin())
cli.SetNamespace(ns)
}
err := cli.AdminAuthorizationClient().Authorization().ClusterRoleBindings().Delete(clusterrolebinding.Name, nil)
o.Expect(err).NotTo(o.HaveOccurred())
err = cli.AdminInternalTemplateClient().Template().BrokerTemplateInstances().Delete(instanceID, &metav1.DeleteOptions{})
o.Expect(err).NotTo(o.HaveOccurred())
})
g.It("should pass bind tests", func() {
svc, err := cli.KubeClient().Core().Services(cli.Namespace()).Get("service", metav1.GetOptions{})
o.Expect(err).NotTo(o.HaveOccurred())
bind, err := brokercli.Bind(context.Background(), cliUser, instanceID, bindingID, &api.BindRequest{
ServiceID: serviceID,
PlanID: uuid.NewRandom().String(),
})
o.Expect(err).NotTo(o.HaveOccurred())
o.Expect(bind.Credentials).To(o.HaveKeyWithValue("configmap-username", "configmap-username"))
o.Expect(bind.Credentials).To(o.HaveKeyWithValue("secret-username", "secret-username"))
o.Expect(bind.Credentials).To(o.HaveKeyWithValue("secret-password", "c2VjcmV0LXBhc3N3b3Jk"))
o.Expect(bind.Credentials).To(o.HaveKeyWithValue("service-uri", "http://"+svc.Spec.ClusterIP+":1234"))
o.Expect(bind.Credentials).To(o.HaveKeyWithValue("route-uri", "http://host/path"))
})
})
})