Skip to content

[MTC-293] Add e2e test for Role and RoleBinding migration #267

Merged
midays merged 3 commits intomigtools:mainfrom
midays:mtc_293_role_migration
Apr 16, 2026
Merged

[MTC-293] Add e2e test for Role and RoleBinding migration #267
midays merged 3 commits intomigtools:mainfrom
midays:mtc_293_role_migration

Conversation

@midays
Copy link
Copy Markdown
Contributor

@midays midays commented Apr 16, 2026

Summary by CodeRabbit

  • Tests
    • Added an E2E test validating RBAC migration for a non-admin (namespace-admin) user: creates and verifies Role, RoleBinding, and ServiceAccount on source, runs export/transform/apply, performs a two-pass apply to target, scales and validates the application, asserts Role/RoleBinding/ServiceAccount presence and attributes on target, and cleans up resources.

Signed-off-by: midays@redhat.com <midays@redhat.com>
@midays midays self-assigned this Apr 16, 2026
@midays midays added the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Apr 16, 2026
@coderabbitai
Copy link
Copy Markdown

coderabbitai Bot commented Apr 16, 2026

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 40e5dcd2-f5bd-4a8d-86d8-2e31509e8ed3

📥 Commits

Reviewing files that changed from the base of the PR and between 3778abd and c43a55f.

📒 Files selected for processing (1)
  • e2e-tests/tests/mtc_293_role_migration_test.go
🚧 Files skipped from review as they are similar to previous changes (1)
  • e2e-tests/tests/mtc_293_role_migration_test.go

📝 Walkthrough

Walkthrough

Adds a new Ginkgo/Gomega E2E test that creates Role, RoleBinding, and ServiceAccount on a source cluster as a non-admin namespace-admin, runs the crane export/transform/apply pipeline, applies manifests to a target cluster (non-admin flows), and verifies migrated RBAC resources on the target.

Changes

Cohort / File(s) Summary
RBAC Migration E2E Test
e2e-tests/tests/mtc_293_role_migration_test.go
New Ginkgo E2E spec mtc_293_role_migration_test.go that sets up namespace-admin non-admin users, creates ServiceAccount/Role/RoleBinding on source, runs crane export/transform/apply as non-admin, applies output to target in two passes, and validates migrated RBAC resources and app readiness.

Sequence Diagram(s)

sequenceDiagram
  participant TestRunner as Test Runner
  participant Source as Source Cluster
  participant Crane as Crane (export/transform/apply)
  participant Target as Target Cluster

  TestRunner->>Source: create namespace, ServiceAccount(test-sa), Role(pod-reader), RoleBinding(pod-reader-binding)
  TestRunner->>Crane: run export/transform/apply (non-admin crane runner, extraVars non_admin_user=true)
  Crane->>TestRunner: produce rendered manifests (Role_*.yaml, RoleBinding_*.yaml, ServiceAccount_*.yaml)
  TestRunner->>Target: ApplyDir (non-admin, skip ordering/dry-run)
  TestRunner->>Target: ApplyOutputToTargetNonAdmin (complete apply, fix ordering)
  TestRunner->>Target: scale deployment, wait for validation
  TestRunner->>Target: verify Role, RoleBinding, ServiceAccount exist and correct
Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Possibly related PRs

Suggested labels

kind/feature, test

Suggested reviewers

  • msajidmansoori12
  • nachandr

Poem

🐇 I hopped from source to target with glee,

Roles and bindings tucked safe under me,
Non-admin paws nudged manifests through,
Cranes carried my parcels, steady and true,
A tiny hop, a successful migrate—whee! 🎉

🚥 Pre-merge checks | ✅ 3
✅ Passed checks (3 passed)
Check name Status Explanation
Description Check ✅ Passed Check skipped - CodeRabbit’s high-level summary is enabled.
Title check ✅ Passed The title clearly and concisely summarizes the main change: adding an end-to-end test for Role and RoleBinding migration, which aligns perfectly with the changeset that introduces a new test file focused on this exact scenario.
Docstring Coverage ✅ Passed No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

✏️ Tip: You can configure your own custom pre-merge checks in the settings.

✨ Finishing Touches
🧪 Generate unit tests (beta)
  • Create PR with unit tests

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

Comment @coderabbitai help to get the list of available commands and usage tips.

@midays midays changed the title Add e2e test for Role and RoleBinding migration [MTC-293] [MTC-293] Add e2e test for Role and RoleBinding migration Apr 16, 2026
@github-actions
Copy link
Copy Markdown

github-actions Bot commented Apr 16, 2026

Test Coverage Report

Total: 33.0%

Per-package coverage

  • github.com/konveyor/crane — 0.0%
  • github.com/konveyor/crane/cmd/apply — 33.3%
  • github.com/konveyor/crane/cmd/convert — 0.0%
  • github.com/konveyor/crane/cmd/export — 93.1%
  • github.com/konveyor/crane/cmd/plugin-manager — 0.0%
  • github.com/konveyor/crane/cmd/plugin-manager/add — 0.0%
  • github.com/konveyor/crane/cmd/plugin-manager/list — 0.0%
  • github.com/konveyor/crane/cmd/plugin-manager/remove — 0.0%
  • github.com/konveyor/crane/cmd/runfn — 0.0%
  • github.com/konveyor/crane/cmd/skopeo-sync-gen — 0.0%
  • github.com/konveyor/crane/cmd/transfer-pvc — 9.2%
  • github.com/konveyor/crane/cmd/transform — 0.0%
  • github.com/konveyor/crane/cmd/transform/listplugins — 0.0%
  • github.com/konveyor/crane/cmd/transform/optionals — 0.0%
  • github.com/konveyor/crane/cmd/tunnel-api — 0.0%
  • github.com/konveyor/crane/cmd/version — 0.0%
  • github.com/konveyor/crane/internal/apply — 52.9%
  • github.com/konveyor/crane/internal/file — 89.2%
  • github.com/konveyor/crane/internal/flags — 0.0%
  • github.com/konveyor/crane/internal/plugin — 32.9%
  • github.com/konveyor/crane/internal/transform — 74.0%
Full function-level details
github.com/konveyor/crane/cmd/apply/apply.go:39:			Complete				100.0%
github.com/konveyor/crane/cmd/apply/apply.go:43:			Validate				100.0%
github.com/konveyor/crane/cmd/apply/apply.go:63:			Run					0.0%
github.com/konveyor/crane/cmd/apply/apply.go:67:			NewApplyCommand				0.0%
github.com/konveyor/crane/cmd/apply/apply.go:99:			addFlagsForOptions			0.0%
github.com/konveyor/crane/cmd/apply/apply.go:113:			run					0.0%
github.com/konveyor/crane/cmd/convert/convert.go:30:			NewConvertOptions			0.0%
github.com/konveyor/crane/cmd/convert/convert.go:63:			addFlagsForConvertOptions		0.0%
github.com/konveyor/crane/cmd/convert/convert.go:74:			Complete				0.0%
github.com/konveyor/crane/cmd/convert/convert.go:83:			Run					0.0%
github.com/konveyor/crane/cmd/convert/convert.go:87:			run					0.0%
github.com/konveyor/crane/cmd/convert/convert.go:112:			getClientFromContext			0.0%
github.com/konveyor/crane/cmd/convert/convert.go:134:			getRestConfigFromContext		0.0%
github.com/konveyor/crane/cmd/export/cluster.go:29:			NewClusterScopeHandler			100.0%
github.com/konveyor/crane/cmd/export/cluster.go:35:			isClusterScopedResource			100.0%
github.com/konveyor/crane/cmd/export/cluster.go:44:			filterRbacResources			100.0%
github.com/konveyor/crane/cmd/export/cluster.go:102:			NewClusterScopedRbacHandler		100.0%
github.com/konveyor/crane/cmd/export/cluster.go:113:			exportedSANamespaces			100.0%
github.com/konveyor/crane/cmd/export/cluster.go:126:			groupMatchesExportedSANamespaces	100.0%
github.com/konveyor/crane/cmd/export/cluster.go:143:			parseServiceAccountUserSubject		100.0%
github.com/konveyor/crane/cmd/export/cluster.go:154:			prepareForFiltering			100.0%
github.com/konveyor/crane/cmd/export/cluster.go:187:			filteredResourcesOfKind			100.0%
github.com/konveyor/crane/cmd/export/cluster.go:213:			accept					100.0%
github.com/konveyor/crane/cmd/export/cluster.go:223:			acceptClusterRoleBinding		100.0%
github.com/konveyor/crane/cmd/export/cluster.go:260:			acceptClusterRole			100.0%
github.com/konveyor/crane/cmd/export/cluster.go:284:			acceptSecurityContextConstraints	100.0%
github.com/konveyor/crane/cmd/export/cluster.go:336:			anyServiceAccountInNamespace		100.0%
github.com/konveyor/crane/cmd/export/crd.go:17:				normalizeGroupSet			85.7%
github.com/konveyor/crane/cmd/export/crd.go:29:				shouldSkipCRDGroup			100.0%
github.com/konveyor/crane/cmd/export/crd.go:50:				crdFailureAPIResourceName		100.0%
github.com/konveyor/crane/cmd/export/crd.go:58:				collectRelatedCRDs			89.7%
github.com/konveyor/crane/cmd/export/discover.go:39:			hasClusterScopedManifests		100.0%
github.com/konveyor/crane/cmd/export/discover.go:57:			prepareClusterResourceDir		100.0%
github.com/konveyor/crane/cmd/export/discover.go:73:			prepareFailuresDir			100.0%
github.com/konveyor/crane/cmd/export/discover.go:85:			writeResources				85.7%
github.com/konveyor/crane/cmd/export/discover.go:133:			writeErrors				83.3%
github.com/konveyor/crane/cmd/export/discover.go:174:			getFilePath				100.0%
github.com/konveyor/crane/cmd/export/discover.go:185:			discoverPreferredResources		100.0%
github.com/konveyor/crane/cmd/export/discover.go:214:			resourceToExtract			100.0%
github.com/konveyor/crane/cmd/export/discover.go:283:			isAdmittedResource			100.0%
github.com/konveyor/crane/cmd/export/discover.go:292:			getObjects				100.0%
github.com/konveyor/crane/cmd/export/discover.go:326:			iterateItemsByGet			93.8%
github.com/konveyor/crane/cmd/export/discover.go:352:			iterateItemsInList			92.3%
github.com/konveyor/crane/cmd/export/export.go:52:			Complete				90.0%
github.com/konveyor/crane/cmd/export/export.go:91:			Validate				100.0%
github.com/konveyor/crane/cmd/export/export.go:106:			validateExportNamespace			87.5%
github.com/konveyor/crane/cmd/export/export.go:122:			Run					0.0%
github.com/konveyor/crane/cmd/export/export.go:225:			NewExportCommand			50.0%
github.com/konveyor/crane/cmd/plugin-manager/add/add.go:42:		Complete				0.0%
github.com/konveyor/crane/cmd/plugin-manager/add/add.go:47:		Validate				0.0%
github.com/konveyor/crane/cmd/plugin-manager/add/add.go:90:		Run					0.0%
github.com/konveyor/crane/cmd/plugin-manager/add/add.go:94:		NewAddCommand				0.0%
github.com/konveyor/crane/cmd/plugin-manager/add/add.go:126:		addFlagsForOptions			0.0%
github.com/konveyor/crane/cmd/plugin-manager/add/add.go:131:		run					0.0%
github.com/konveyor/crane/cmd/plugin-manager/add/add.go:195:		downloadBinary				0.0%
github.com/konveyor/crane/cmd/plugin-manager/list/list.go:46:		Complete				0.0%
github.com/konveyor/crane/cmd/plugin-manager/list/list.go:51:		Validate				0.0%
github.com/konveyor/crane/cmd/plugin-manager/list/list.go:56:		Run					0.0%
github.com/konveyor/crane/cmd/plugin-manager/list/list.go:60:		NewListCommand				0.0%
github.com/konveyor/crane/cmd/plugin-manager/list/list.go:90:		addFlagsForOptions			0.0%
github.com/konveyor/crane/cmd/plugin-manager/list/list.go:98:		run					0.0%
github.com/konveyor/crane/cmd/plugin-manager/list/list.go:167:		printInstalledInformation		0.0%
github.com/konveyor/crane/cmd/plugin-manager/list/list.go:177:		groupInformationForPlugins		0.0%
github.com/konveyor/crane/cmd/plugin-manager/list/list.go:196:		printInformation			0.0%
github.com/konveyor/crane/cmd/plugin-manager/list/list.go:208:		printParamsInformation			0.0%
github.com/konveyor/crane/cmd/plugin-manager/list/list.go:222:		getOptionalFields			0.0%
github.com/konveyor/crane/cmd/plugin-manager/list/list.go:247:		printTable				0.0%
github.com/konveyor/crane/cmd/plugin-manager/plugin-manager.go:33:	Complete				0.0%
github.com/konveyor/crane/cmd/plugin-manager/plugin-manager.go:38:	Validate				0.0%
github.com/konveyor/crane/cmd/plugin-manager/plugin-manager.go:43:	Run					0.0%
github.com/konveyor/crane/cmd/plugin-manager/plugin-manager.go:47:	NewPluginManagerCommand			0.0%
github.com/konveyor/crane/cmd/plugin-manager/plugin-manager.go:78:	addFlagsForOptions			0.0%
github.com/konveyor/crane/cmd/plugin-manager/plugin-manager.go:86:	run					0.0%
github.com/konveyor/crane/cmd/plugin-manager/remove/remove.go:33:	Complete				0.0%
github.com/konveyor/crane/cmd/plugin-manager/remove/remove.go:38:	Validate				0.0%
github.com/konveyor/crane/cmd/plugin-manager/remove/remove.go:43:	Run					0.0%
github.com/konveyor/crane/cmd/plugin-manager/remove/remove.go:47:	NewRemoveCommand			0.0%
github.com/konveyor/crane/cmd/plugin-manager/remove/remove.go:77:	run					0.0%
github.com/konveyor/crane/cmd/runfn/runfn.go:33:			NewFnRunCommand				0.0%
github.com/konveyor/crane/cmd/runfn/runfn.go:49:			addFlagsForOptions			0.0%
github.com/konveyor/crane/cmd/runfn/runfn.go:59:			runE					0.0%
github.com/konveyor/crane/cmd/runfn/runfn.go:70:			preRunE					0.0%
github.com/konveyor/crane/cmd/runfn/runfn.go:112:			getFunctionImage			0.0%
github.com/konveyor/crane/cmd/runfn/runfn.go:124:			getContainerFunctions			0.0%
github.com/konveyor/crane/cmd/runfn/runfn.go:151:			getFunctionAnnotation			0.0%
github.com/konveyor/crane/cmd/runfn/runfn.go:170:			getFunctionConfig			0.0%
github.com/konveyor/crane/cmd/runfn/util.go:14:				WriteOutput				0.0%
github.com/konveyor/crane/cmd/runfn/util.go:31:				GetDestinationDir			0.0%
github.com/konveyor/crane/cmd/runfn/util.go:58:				ValidateFunctionImageURL		0.0%
github.com/konveyor/crane/cmd/runfn/util.go:80:				checkIfDirExists			0.0%
github.com/konveyor/crane/cmd/skopeo-sync-gen/skopeo-sync-gen.go:61:	Complete				0.0%
github.com/konveyor/crane/cmd/skopeo-sync-gen/skopeo-sync-gen.go:65:	Validate				0.0%
github.com/konveyor/crane/cmd/skopeo-sync-gen/skopeo-sync-gen.go:69:	NewSkopeoSyncGenCommand			0.0%
github.com/konveyor/crane/cmd/skopeo-sync-gen/skopeo-sync-gen.go:103:	shouldAddImageStream			0.0%
github.com/konveyor/crane/cmd/skopeo-sync-gen/skopeo-sync-gen.go:114:	Run					0.0%
github.com/konveyor/crane/cmd/transfer-pvc/progress.go:37:		NewRsyncLogStream			0.0%
github.com/konveyor/crane/cmd/transfer-pvc/progress.go:50:		Init					0.0%
github.com/konveyor/crane/cmd/transfer-pvc/progress.go:138:		writeProgressToFile			0.0%
github.com/konveyor/crane/cmd/transfer-pvc/progress.go:148:		Close					0.0%
github.com/konveyor/crane/cmd/transfer-pvc/progress.go:154:		Streams					0.0%
github.com/konveyor/crane/cmd/transfer-pvc/progress.go:190:		addDataSize				0.0%
github.com/konveyor/crane/cmd/transfer-pvc/progress.go:215:		String					100.0%
github.com/konveyor/crane/cmd/transfer-pvc/progress.go:219:		MarshalJSON				0.0%
github.com/konveyor/crane/cmd/transfer-pvc/progress.go:223:		AsString				0.0%
github.com/konveyor/crane/cmd/transfer-pvc/progress.go:271:		NewProgress				100.0%
github.com/konveyor/crane/cmd/transfer-pvc/progress.go:291:		Completed				0.0%
github.com/konveyor/crane/cmd/transfer-pvc/progress.go:296:		Status					38.5%
github.com/konveyor/crane/cmd/transfer-pvc/progress.go:321:		Merge					0.0%
github.com/konveyor/crane/cmd/transfer-pvc/progress.go:376:		newDataSize				72.7%
github.com/konveyor/crane/cmd/transfer-pvc/progress.go:399:		parseRsyncLogs				76.1%
github.com/konveyor/crane/cmd/transfer-pvc/progress.go:479:		waitForPodRunning			0.0%
github.com/konveyor/crane/cmd/transfer-pvc/progress.go:513:		getFinalPodStatus			0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:89:		Validate				0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:117:		Validate				0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:133:		NewTransferPVCCommand			0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:169:		addFlagsToTransferPVCCommand		0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:189:		Complete				0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:220:		Validate				0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:246:		Run					0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:250:		getClientFromContext			0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:271:		getRestConfigFromContext		0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:278:		run					0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:485:		getValidatedResourceName		0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:495:		getNodeNameForPVC			0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:515:		getIDsForNamespace			0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:541:		getRsyncClientPodSecurityContext	0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:553:		getRsyncServerPodSecurityContext	0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:565:		garbageCollect				0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:602:		deleteResourcesIteratively		0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:628:		deleteResourcesForGVK			0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:649:		followClientLogs			0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:678:		waitForEndpoint				0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:690:		createEndpoint				0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:735:		getRouteHostName			0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:752:		buildDestinationPVC			0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:773:		ApplyTo					0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:793:		ApplyTo					0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:805:		ApplyTo					0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:821:		String					0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:825:		Set					0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:835:		Type					0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:841:		parseSourceDestinationMapping		100.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:863:		String					0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:867:		Set					0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:876:		Type					0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:880:		String					0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:884:		Set					0.0%
github.com/konveyor/crane/cmd/transfer-pvc/transfer-pvc.go:894:		Type					0.0%
github.com/konveyor/crane/cmd/transform/listplugins/listplugins.go:31:	Complete				0.0%
github.com/konveyor/crane/cmd/transform/listplugins/listplugins.go:36:	Validate				0.0%
github.com/konveyor/crane/cmd/transform/listplugins/listplugins.go:41:	Run					0.0%
github.com/konveyor/crane/cmd/transform/listplugins/listplugins.go:45:	NewListPluginsCommand			0.0%
github.com/konveyor/crane/cmd/transform/listplugins/listplugins.go:77:	run					0.0%
github.com/konveyor/crane/cmd/transform/optionals/optionals.go:31:	Complete				0.0%
github.com/konveyor/crane/cmd/transform/optionals/optionals.go:36:	Validate				0.0%
github.com/konveyor/crane/cmd/transform/optionals/optionals.go:41:	Run					0.0%
github.com/konveyor/crane/cmd/transform/optionals/optionals.go:45:	NewOptionalsCommand			0.0%
github.com/konveyor/crane/cmd/transform/optionals/optionals.go:77:	run					0.0%
github.com/konveyor/crane/cmd/transform/transform.go:50:		Complete				0.0%
github.com/konveyor/crane/cmd/transform/transform.go:54:		Validate				0.0%
github.com/konveyor/crane/cmd/transform/transform.go:74:		Run					0.0%
github.com/konveyor/crane/cmd/transform/transform.go:78:		NewTransformCommand			0.0%
github.com/konveyor/crane/cmd/transform/transform.go:112:		addFlagsForOptions			0.0%
github.com/konveyor/crane/cmd/transform/transform.go:136:		run					0.0%
github.com/konveyor/crane/cmd/transform/transform.go:203:		getPluginPrioritiesMap			0.0%
github.com/konveyor/crane/cmd/transform/transform.go:215:		optionalFlagsToLower			0.0%
github.com/konveyor/crane/cmd/tunnel-api/tunnel-api.go:35:		NewTunnelAPIOptions			0.0%
github.com/konveyor/crane/cmd/tunnel-api/tunnel-api.go:65:		addFlagsForTunnelAPIOptions		0.0%
github.com/konveyor/crane/cmd/tunnel-api/tunnel-api.go:77:		Complete				0.0%
github.com/konveyor/crane/cmd/tunnel-api/tunnel-api.go:100:		Validate				0.0%
github.com/konveyor/crane/cmd/tunnel-api/tunnel-api.go:116:		Run					0.0%
github.com/konveyor/crane/cmd/tunnel-api/tunnel-api.go:120:		getClientFromContext			0.0%
github.com/konveyor/crane/cmd/tunnel-api/tunnel-api.go:129:		getRestConfigFromContext		0.0%
github.com/konveyor/crane/cmd/tunnel-api/tunnel-api.go:136:		run					0.0%
github.com/konveyor/crane/cmd/version/version.go:20:			Complete				0.0%
github.com/konveyor/crane/cmd/version/version.go:25:			Validate				0.0%
github.com/konveyor/crane/cmd/version/version.go:30:			Run					0.0%
github.com/konveyor/crane/cmd/version/version.go:34:			NewVersionCommand			0.0%
github.com/konveyor/crane/cmd/version/version.go:60:			run					0.0%
github.com/konveyor/crane/internal/apply/kustomize.go:28:		ApplySingleStage			0.0%
github.com/konveyor/crane/internal/apply/kustomize.go:69:		ApplyMultiStage				0.0%
github.com/konveyor/crane/internal/apply/kustomize.go:109:		ApplyFinalStage				66.7%
github.com/konveyor/crane/internal/apply/kustomize.go:155:		runKustomizeBuild			87.5%
github.com/konveyor/crane/internal/apply/kustomize.go:172:		ValidateKubectlAvailable		75.0%
github.com/konveyor/crane/internal/apply/kustomize.go:182:		splitMultiDocYAMLToFiles		88.4%
github.com/konveyor/crane/internal/file/file_helper.go:22:		ReadFiles				100.0%
github.com/konveyor/crane/internal/file/file_helper.go:32:		readFiles				84.0%
github.com/konveyor/crane/internal/file/file_helper.go:83:		GetWhiteOutFilePath			100.0%
github.com/konveyor/crane/internal/file/file_helper.go:87:		GetTransformPath			100.0%
github.com/konveyor/crane/internal/file/file_helper.go:91:		GetIgnoredPatchesPath			0.0%
github.com/konveyor/crane/internal/file/file_helper.go:95:		updateTransformDirPath			100.0%
github.com/konveyor/crane/internal/file/file_helper.go:99:		updateIgnoredPatchesDirPath		0.0%
github.com/konveyor/crane/internal/file/file_helper.go:106:		updatePath				100.0%
github.com/konveyor/crane/internal/file/file_helper.go:113:		GetOutputFilePath			100.0%
github.com/konveyor/crane/internal/file/file_helper.go:123:		GetStageDir				100.0%
github.com/konveyor/crane/internal/file/file_helper.go:129:		GetResourcesDir				100.0%
github.com/konveyor/crane/internal/file/file_helper.go:135:		GetPatchesDir				100.0%
github.com/konveyor/crane/internal/file/file_helper.go:141:		GetReportsDir				100.0%
github.com/konveyor/crane/internal/file/file_helper.go:147:		GetWhiteoutsDir				100.0%
github.com/konveyor/crane/internal/file/file_helper.go:153:		GetKustomizationPath			100.0%
github.com/konveyor/crane/internal/file/file_helper.go:159:		GetMetadataPath				100.0%
github.com/konveyor/crane/internal/file/file_helper.go:165:		GetResourceTypeFilePath			100.0%
github.com/konveyor/crane/internal/file/file_helper.go:171:		GetPatchFilePath			100.0%
github.com/konveyor/crane/internal/file/file_helper.go:177:		GetWhiteoutReportPath			100.0%
github.com/konveyor/crane/internal/file/file_helper.go:183:		GetIgnoredPatchReportPath		100.0%
github.com/konveyor/crane/internal/flags/global_flags.go:14:		ApplyFlags				0.0%
github.com/konveyor/crane/internal/flags/global_flags.go:21:		GetLogger				0.0%
github.com/konveyor/crane/internal/flags/global_flags.go:29:		initConfig				0.0%
github.com/konveyor/crane/internal/plugin/plugin_helper.go:21:		GetPlugins				0.0%
github.com/konveyor/crane/internal/plugin/plugin_helper.go:38:		getBinaryPlugins			0.0%
github.com/konveyor/crane/internal/plugin/plugin_helper.go:63:		IsExecAny				0.0%
github.com/konveyor/crane/internal/plugin/plugin_helper.go:67:		GetFilteredPlugins			0.0%
github.com/konveyor/crane/internal/plugin/plugin_helper.go:106:		isPluginInList				0.0%
github.com/konveyor/crane/internal/plugin/plugin_manager_helper.go:24:	BuildManifestMap			0.0%
github.com/konveyor/crane/internal/plugin/plugin_manager_helper.go:68:	GetYamlFromUrl				75.0%
github.com/konveyor/crane/internal/plugin/plugin_manager_helper.go:82:	YamlToManifest				72.7%
github.com/konveyor/crane/internal/plugin/plugin_manager_helper.go:104:	FilterPluginForOsArch			100.0%
github.com/konveyor/crane/internal/plugin/plugin_manager_helper.go:122:	GetDefaultSource			0.0%
github.com/konveyor/crane/internal/plugin/plugin_manager_helper.go:131:	LocateBinaryInPluginDir			0.0%
github.com/konveyor/crane/internal/plugin/plugin_manager_helper.go:143:	IsUrl					100.0%
github.com/konveyor/crane/internal/plugin/plugin_manager_helper.go:149:	getData					80.0%
github.com/konveyor/crane/internal/transform/orchestrator.go:36:	RunSingleStage				0.0%
github.com/konveyor/crane/internal/transform/orchestrator.go:110:	RunMultiStage				63.0%
github.com/konveyor/crane/internal/transform/orchestrator.go:173:	executeStage				66.7%
github.com/konveyor/crane/internal/transform/orchestrator.go:238:	loadStageOutput				29.0%
github.com/konveyor/crane/internal/transform/orchestrator.go:304:	filterPluginsByStage			85.7%
github.com/konveyor/crane/internal/transform/stages.go:22:		DiscoverStages				90.5%
github.com/konveyor/crane/internal/transform/stages.go:84:		FilterStages				94.1%
github.com/konveyor/crane/internal/transform/stages.go:153:		GetFirstStage				100.0%
github.com/konveyor/crane/internal/transform/stages.go:163:		GetLastStage				66.7%
github.com/konveyor/crane/internal/transform/stages.go:173:		GetPreviousStage			100.0%
github.com/konveyor/crane/internal/transform/stages.go:183:		GetNextStage				100.0%
github.com/konveyor/crane/internal/transform/stages.go:193:		ValidateStageName			100.0%
github.com/konveyor/crane/internal/transform/stages.go:202:		GenerateStageName			100.0%
github.com/konveyor/crane/internal/transform/writer.go:24:		NewKustomizeWriter			100.0%
github.com/konveyor/crane/internal/transform/writer.go:32:		WriteStage				75.0%
github.com/konveyor/crane/internal/transform/writer.go:152:		parseTypeKey				50.0%
github.com/konveyor/crane/internal/transform/writer.go:174:		capitalizeFirst				66.7%
github.com/konveyor/crane/internal/transform/writer.go:188:		filterValidRemoveOps			76.2%
github.com/konveyor/crane/internal/transform/writer.go:232:		pathExists				93.5%
github.com/konveyor/crane/internal/transform/writer.go:310:		checkStageDirectory			23.1%
github.com/konveyor/crane/main.go:21:					main					0.0%
total:									(statements)				33.0%

Posted by CI

Copy link
Copy Markdown

@coderabbitai coderabbitai Bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🧹 Nitpick comments (2)
e2e-tests/tests/mtc_293_role_migration_test.go (2)

159-190: Use non-admin context for target RBAC verification.

Lines 159-190 read target RBAC objects via scenario.KubectlTgt (admin). For a non-admin migration E2E, use kubectlTgtNonAdmin to keep apply and verification under the same identity.

Suggested patch
-		roleOut, err := scenario.KubectlTgt.Run(
+		roleOut, err := kubectlTgtNonAdmin.Run(
 			"get", "role", "pod-reader",
 			"-n", namespace,
 			"-o", "jsonpath={.rules[0].verbs}",
 		)
@@
-		rbRoleRef, err := scenario.KubectlTgt.Run(
+		rbRoleRef, err := kubectlTgtNonAdmin.Run(
 			"get", "rolebinding", "pod-reader-binding",
 			"-n", namespace,
 			"-o", "jsonpath={.roleRef.name}",
 		)
@@
-		rbSubject, err := scenario.KubectlTgt.Run(
+		rbSubject, err := kubectlTgtNonAdmin.Run(
 			"get", "rolebinding", "pod-reader-binding",
 			"-n", namespace,
 			"-o", "jsonpath={.subjects[0].name}",
 		)
@@
-		_, err = scenario.KubectlTgt.Run("get", "serviceaccount", "test-sa", "-n", namespace)
+		_, err = kubectlTgtNonAdmin.Run("get", "serviceaccount", "test-sa", "-n", namespace)
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In `@e2e-tests/tests/mtc_293_role_migration_test.go` around lines 159 - 190, The
test is using the admin client scenario.KubectlTgt to read target RBAC objects;
switch the verification calls to the non-admin client (kubectlTgtNonAdmin) so
reads are performed under the same non-admin identity used for
apply/verification. Replace occurrences of scenario.KubectlTgt.Run(...) for
getting the role, rolebinding and serviceaccount (the calls that fetch "role
pod-reader", "rolebinding pod-reader-binding" and "serviceaccount test-sa") with
kubectlTgtNonAdmin.Run(...), keeping the same args and Expect checks (rbRoleRef,
rbSubject assertions) so behavior is unchanged except the client used.

141-144: Avoid swallowing first-pass apply failures.

Line 143 ignores the error completely. Keep the workaround, but capture/log and assert the expected ordering-related failure so unrelated errors are not masked.

Suggested patch
 		By("Apply rendered manifests to target (first pass)")
 		log.Printf("First apply pass — skipping dry-run, ordering failure for RoleBinding expected\n")
-		_ = kubectlTgtNonAdmin.ApplyDir(paths.OutputDir)
+		firstPassErr := kubectlTgtNonAdmin.ApplyDir(paths.OutputDir)
+		if firstPassErr != nil {
+			log.Printf("First pass apply returned expected/known error: %v\n", firstPassErr)
+		}
🤖 Prompt for AI Agents
Verify each finding against the current code and only fix it if needed.

In `@e2e-tests/tests/mtc_293_role_migration_test.go` around lines 141 - 144, The
call to kubectlTgtNonAdmin.ApplyDir(paths.OutputDir) currently discards errors;
change it to capture the returned error (err :=
kubectlTgtNonAdmin.ApplyDir(paths.OutputDir)), log the error (e.g., t.Logf or
log.Printf) and add an assertion that the error is non-nil and contains the
expected ordering-related failure message (use your test assertion helper/Expect
to check substring), so the workaround remains but unrelated failures are
surfaced; reference the existing ApplyDir call and paths.OutputDir in the
change.
🤖 Prompt for all review comments with AI agents
Verify each finding against the current code and only fix it if needed.

Nitpick comments:
In `@e2e-tests/tests/mtc_293_role_migration_test.go`:
- Around line 159-190: The test is using the admin client scenario.KubectlTgt to
read target RBAC objects; switch the verification calls to the non-admin client
(kubectlTgtNonAdmin) so reads are performed under the same non-admin identity
used for apply/verification. Replace occurrences of scenario.KubectlTgt.Run(...)
for getting the role, rolebinding and serviceaccount (the calls that fetch "role
pod-reader", "rolebinding pod-reader-binding" and "serviceaccount test-sa") with
kubectlTgtNonAdmin.Run(...), keeping the same args and Expect checks (rbRoleRef,
rbSubject assertions) so behavior is unchanged except the client used.
- Around line 141-144: The call to kubectlTgtNonAdmin.ApplyDir(paths.OutputDir)
currently discards errors; change it to capture the returned error (err :=
kubectlTgtNonAdmin.ApplyDir(paths.OutputDir)), log the error (e.g., t.Logf or
log.Printf) and add an assertion that the error is non-nil and contains the
expected ordering-related failure message (use your test assertion helper/Expect
to check substring), so the workaround remains but unrelated failures are
surfaced; reference the existing ApplyDir call and paths.OutputDir in the
change.

ℹ️ Review info
⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 8c9daf74-87ad-44e9-b4e4-bd1dc81d7bdd

📥 Commits

Reviewing files that changed from the base of the PR and between cfa9358 and 3778abd.

📒 Files selected for processing (1)
  • e2e-tests/tests/mtc_293_role_migration_test.go

Signed-off-by: midays@redhat.com <midays@redhat.com>
@midays midays removed the do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. label Apr 16, 2026
Comment thread e2e-tests/tests/mtc_293_role_migration_test.go Outdated
Signed-off-by: midays@redhat.com <midays@redhat.com>
@midays midays requested a review from msajidmansoori12 April 16, 2026 08:18
@msajidmansoori12
Copy link
Copy Markdown
Contributor

lgtm , thanks !

@midays midays merged commit 2c9c5ed into migtools:main Apr 16, 2026
4 checks passed
@github-project-automation github-project-automation Bot moved this from Todo to Done in Crane Development Apr 16, 2026
@midays midays deleted the mtc_293_role_migration branch April 16, 2026 11:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

Status: Done

Development

Successfully merging this pull request may close these issues.

2 participants