/
rhapi_endpoint.go
139 lines (115 loc) · 4.73 KB
/
rhapi_endpoint.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
package cloudingress
import (
"context"
"net"
"reflect"
"strings"
"time"
"github.com/onsi/ginkgo/v2"
. "github.com/onsi/gomega"
cloudingressv1alpha1 "github.com/openshift/cloud-ingress-operator/api/v1alpha1"
corev1 "k8s.io/api/core/v1"
viper "github.com/openshift/osde2e/pkg/common/concurrentviper"
"github.com/openshift/osde2e/pkg/common/config"
"github.com/openshift/osde2e/pkg/common/helper"
"github.com/openshift/osde2e/pkg/common/label"
"github.com/openshift/osde2e/pkg/common/providers/rosaprovider"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/apimachinery/pkg/runtime"
"k8s.io/apimachinery/pkg/runtime/schema"
"k8s.io/apimachinery/pkg/util/wait"
)
// tests
var _ = ginkgo.Describe("[Suite: operators] "+TestPrefix, label.Operators, func() {
ginkgo.BeforeEach(func() {
if viper.GetBool(rosaprovider.STS) {
ginkgo.Skip("STS does not support CIO")
}
if viper.GetBool(config.Hypershift) {
ginkgo.Skip("Cloud Ingress Operator is not supported on HyperShift")
}
})
h := helper.New()
testHostnameResolves(h)
testCIDRBlockUpdates(h)
})
// testHostnameResolves Confirms hostname on the cluster resolves
func testHostnameResolves(h *helper.H) {
var err error
hostnameResolvePollDuration := 15 * time.Minute
ginkgo.Context("rh-api-test", func() {
ginkgo.It("hostname should resolve", func(ctx context.Context) {
wait.PollImmediate(30*time.Second, hostnameResolvePollDuration, func() (bool, error) {
getOpts := metav1.GetOptions{}
apiserver, err := h.Cfg().ConfigV1().APIServers().Get(ctx, "cluster", getOpts)
if err != nil {
return false, err
}
if len(apiserver.Spec.ServingCerts.NamedCertificates) < 1 {
return false, nil
}
for _, namedCert := range apiserver.Spec.ServingCerts.NamedCertificates {
for _, name := range namedCert.Names {
if strings.HasPrefix("rh-api", name) {
_, err := net.LookupHost(name)
if err != nil {
return false, err
}
}
}
}
return true, nil
})
Expect(err).NotTo(HaveOccurred())
}, (hostnameResolvePollDuration + 1*time.Minute).Seconds())
})
}
// testCIDRBlockUpdates compares the CIRDBlock on the related apischeme and the service
// after an update to make sure changes to the apischem
func testCIDRBlockUpdates(h *helper.H) {
ginkgo.Context("rh-api-test", func() {
ginkgo.It("cidr block changes should updated the service", func(ctx context.Context) {
// Create APISScheme Object
var APISchemeInstance cloudingressv1alpha1.APIScheme
// Get the APIScheme
APISchemeRawData, err := h.Dynamic().Resource(schema.GroupVersionResource{
Group: "cloudingress.managed.openshift.io", Version: "v1alpha1", Resource: "apischemes",
}).Namespace(OperatorNamespace).Get(ctx, apiSchemeResourceName, metav1.GetOptions{})
Expect(err).NotTo(HaveOccurred())
// structure the APIScheme unstructured data into a APIScheme object
err = runtime.DefaultUnstructuredConverter.FromUnstructured(APISchemeRawData.Object, &APISchemeInstance)
Expect(err).NotTo(HaveOccurred())
// Extract the CIDRblock into its own var for ease of use and readability
CIDRBlock := APISchemeInstance.Spec.ManagementAPIServerIngress.AllowedCIDRBlocks
// remove last IP from the CIDRBlock:
CIDRBlock[len(CIDRBlock)-1] = "" // Erase last element (write zero value)
CIDRBlock = CIDRBlock[:len(CIDRBlock)-1] // Truncate slice
// Put the new CIRDBlock ranges into the APIScheme
APISchemeInstance.Spec.ManagementAPIServerIngress.AllowedCIDRBlocks = CIDRBlock
// Unstructure the Data in order to be usable for the update of the CR
APISchemeRawData.Object, err = runtime.DefaultUnstructuredConverter.ToUnstructured(&APISchemeInstance)
Expect(err).NotTo(HaveOccurred())
// //Update the APIScheme
APISchemeRawData, err = h.Dynamic().Resource(schema.GroupVersionResource{
Group: "cloudingress.managed.openshift.io", Version: "v1alpha1", Resource: "apischemes",
}).Namespace(OperatorNamespace).Update(ctx, APISchemeRawData, metav1.UpdateOptions{})
Expect(err).NotTo(HaveOccurred())
// Create a service Object
var rhAPIService *corev1.Service
// wait 30 secs for apiserver to reconcile
time.Sleep(30 * time.Second)
// Extract the LoadBalancerSourceRanges from the service
rhAPIService, err = h.Kube().
CoreV1().
Services("openshift-kube-apiserver").
Get(ctx, apiSchemeResourceName, metav1.GetOptions{})
Expect(err).NotTo(HaveOccurred())
// Make sure both the New CIDRBlock and the Service LoadBalancerSourceRanges are equal
// If they are then the APIScheme update also updated the service.
res := reflect.DeepEqual(CIDRBlock, rhAPIService.Spec.LoadBalancerSourceRanges)
Expect(res).Should(BeTrue())
})
})
}
// utils
// common setup and utils are in cloudingress.go