Add gatekeeper testing #384
Conversation
openshift-ci-robot
added
the
needs-ok-to-test
|
Hi @marzianor9. Thanks for your PR. I'm waiting for a openshift-kni member to verify that this patch is reasonable to test. If it is, they should reply with Once the patch is verified, the new status will be reflected by the I understand the commands that are listed here. Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
openshift-ci-robot
added
the
do-not-merge/work-in-progress
openshift-ci-robot
removed
the
do-not-merge/work-in-progress
functests/gatekeeper/gatekeeper.go
Outdated
|
|
||
| // create the dynamic client | ||
| client, err := dynamicInterface.New("", gvrList...) | ||
| if err != nil { |
There was a problem hiding this comment.
lets put this in a BeforeAll and use Expect so we failed the test
There was a problem hiding this comment.
i can't create a variable that will be used in execute.BeforeAll, i will need to make it global, should i do it?
functests/gatekeeper/gatekeeper.go
Outdated
| log.Fatalf("Unable to create the dynamic client: %v", err) | ||
| } | ||
|
|
||
| DescribeTable("should be able to add metadata info(labels/annotations)", |
There was a problem hiding this comment.
I think the should is not part of a DescribeTable can you rephrase this please
functests/gatekeeper/gatekeeper.go
Outdated
| return entries | ||
| } | ||
|
|
||
| func assignMetadataDefinition(amInfo *assignMetadataInfo) *unstructured.Unstructured { |
There was a problem hiding this comment.
why you use an unstructured.Unstructured object when you always use the AssignMetadata kind?
can't you just use the API struct from the gatekeeper project?
There was a problem hiding this comment.
we created the dynamic client because gatekeeper didn't have the API struct we needed in the repo, and we were not sure if they want to add them.
functests/gatekeeper/gatekeeper.go
Outdated
| func(amInfo assignMetadataInfo, object TestObject) { | ||
| amObject := assignMetadataDefinition(&amInfo) | ||
|
|
||
| amObject, err := client.Resource("assignmetadata").Create(context.Background(), amObject, metav1.CreateOptions{}) |
There was a problem hiding this comment.
for this reasource why we don't add the schema into a client just like all the other tests?
There was a problem hiding this comment.
i didn't want to use 2 clients in the same test suite, and the dynamic client allows for more generic tests.
There was a problem hiding this comment.
and i was unable to add the schema for this object to the client
functests/gatekeeper/gatekeeper.go
Outdated
| }() | ||
|
|
||
| By("Creating test-pod-b") | ||
| testPodB := GetTestPod(TestingNamespace) |
There was a problem hiding this comment.
I think we already have a create pod function no?
There was a problem hiding this comment.
i needed a customized pod for the tests, also i needed it to be unstructured so that tests can be generic.
functests/gatekeeper/gatekeeper.go
Outdated
| Expect(value).To(Equal("0")) | ||
|
|
||
| By("Updating assignMetadata to mutation-version: 1") | ||
| err = unstructured.SetNestedField(am.Object, "1", "spec", "parameters", "assign", "value") |
There was a problem hiding this comment.
you know the object type you are working with here so lets use the object and not the unstructured
There was a problem hiding this comment.
the gatekeeper repo does not support this.
functests/gatekeeper/gatekeeper.go
Outdated
| Expect(err).ToNot(HaveOccurred()) | ||
| Expect(ok).To(BeFalse()) | ||
|
|
||
| By("Deleting test-pod-after-delete") |
There was a problem hiding this comment.
this is not part of the test should be in the afterEach clean
functests/gatekeeper/gatekeeper.go
Outdated
|
|
||
| It("should be able to match by any match category", func() { | ||
| By("Creating the test namespaces") | ||
| includedNamepsace := &unstructured.Unstructured{ |
There was a problem hiding this comment.
this is a namespace object just use the namespace schema
There was a problem hiding this comment.
do we want to use 2 clients?
openshift-ci-robot
added
the
needs-rebase
marzianor9
changed the title
functests/gatekeeper/gatekeeper.go
Outdated
| defer func() { | ||
| err := client.Resource("assignmetadata").Delete(context.Background(), amDefinition.GetName(), metav1.DeleteOptions{}) | ||
| Expect(err).ToNot(HaveOccurred()) | ||
| }() |
There was a problem hiding this comment.
We have quite a lot of these defers, so maybe we can do:
func deleteResource(resource string, name string) func() {
return func() {
err := client.Resource(resource).Delete(context.Background(), name, metav1.DeleteOptions{})
Expect(err).ToNot(HaveOccurred())
}
}
and then use it like:
defer deleteResource("assignmetadata", amDefinition.GetName())()()
With 19 defer statements we should save more then 50 lines of code.
functests/gatekeeper/gatekeeper.go
Outdated
| defer func() { | ||
| err := client.Resource("assignmetadata").Delete(context.Background(), namespaceSelected.GetName(), metav1.DeleteOptions{}) | ||
| Expect(err).NotTo(HaveOccurred()) | ||
| }() |
There was a problem hiding this comment.
It should be more readable if we defined the Assigns in one place and then created them in a loop. Something like:
allScopeSelected = {...}
namespaceScopeIncluded = {...}
namespaceScopeIncluded= {...}
...
mutations = { allScopeSelected, namespaceScopeIncluded, namespaceScopeIncluded}
for mutation ;= range mutatinos {
client.Resource("assignmetadata").Create(context.Background(), namespaceSelected, metav1.CreateOptions{})
defer func(){}
}
openshift-ci-robot
removed
the
needs-rebase
| Expect(err).ToNot(HaveOccurred()) | ||
| namespaces.WaitForDeletion(client, namespace, time.Minute) | ||
| } | ||
| } |
There was a problem hiding this comment.
If you care about test time, then maybe move the WaitForDeletion after all namespaces are deleted:
for _, namespace := range namespacesUsed {
if namespaces.Exists(namespace, client) {
err := client.Namespaces().Delete(context.Background(), namespace, metav1.DeleteOptions{})
Expect(err).ToNot(HaveOccurred())
}
}
for _, namespace := range namespacesUsed {
namespaces.WaitForDeletion(client, namespace, time.Minute)
}
There was a problem hiding this comment.
the namespaces i delete are used only on the last test, all other times we only delete the pods from the TestingNamespace.
There was a problem hiding this comment.
If time is not of essence we can skip this
|
/lgtm |
openshift-ci-robot
added
lgtm
functests/gatekeeper/gatekeeper.go
Outdated
| } | ||
|
|
||
| for _, namespace := range namespacesUsed { | ||
| if namespaces.Exists(namespace, client) { |
There was a problem hiding this comment.
We can skip if namespaces.Exists(namespace, client), this is done in WaitForDeletion
|
/lgtm |
openshift-ci-robot
added
lgtm
|
/lgtm |
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: fedepaol, marzianor9 The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci-robot
added
the
approved
No description provided.