From 78ae94d6b4aa494ecf1e3d7863cecaa5eb509865 Mon Sep 17 00:00:00 2001 From: Evgeny Uglov Date: Fri, 24 May 2024 18:39:58 +0000 Subject: [PATCH 1/5] [KRV-17785] Auth CRD e2e --- tests/e2e/go.mod | 24 +- tests/e2e/go.sum | 71 +-- tests/e2e/steps/steps_def.go | 32 ++ tests/e2e/steps/steps_runner.go | 4 + .../csm_authorization_crds.yaml | 415 ++++++++++++++++++ .../csm_authorization_proxy_server.yaml | 12 +- tests/e2e/testfiles/values.yaml | 13 + 7 files changed, 528 insertions(+), 43 deletions(-) create mode 100644 tests/e2e/testfiles/authorization-templates/csm_authorization_crds.yaml diff --git a/tests/e2e/go.mod b/tests/e2e/go.mod index 6bdcab10c..b1c1115d7 100644 --- a/tests/e2e/go.mod +++ b/tests/e2e/go.mod @@ -4,8 +4,8 @@ go 1.22 require ( github.com/dell/csm-operator v0.0.0 - github.com/onsi/ginkgo/v2 v2.13.2 - github.com/onsi/gomega v1.29.0 + github.com/onsi/ginkgo/v2 v2.19.0 + github.com/onsi/gomega v1.33.1 k8s.io/api v0.28.4 k8s.io/apimachinery v0.28.4 k8s.io/client-go v0.28.4 @@ -33,12 +33,12 @@ require ( github.com/evanphx/json-patch/v5 v5.6.0 // indirect github.com/felixge/httpsnoop v1.0.3 // indirect github.com/fsnotify/fsnotify v1.6.0 // indirect - github.com/go-logr/logr v1.3.0 // indirect + github.com/go-logr/logr v1.4.1 // indirect github.com/go-logr/stdr v1.2.2 // indirect github.com/go-openapi/jsonpointer v0.19.6 // indirect github.com/go-openapi/jsonreference v0.20.2 // indirect github.com/go-openapi/swag v0.22.3 // indirect - github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 // indirect + github.com/go-task/slim-sprig/v3 v3.0.0 // indirect github.com/gogo/protobuf v1.3.2 // indirect github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect github.com/golang/protobuf v1.5.3 // indirect @@ -46,7 +46,7 @@ require ( github.com/google/gnostic-models v0.6.8 // indirect github.com/google/go-cmp v0.6.0 // indirect github.com/google/gofuzz v1.2.0 // indirect - github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 // indirect + github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 // indirect github.com/google/uuid v1.3.1 // indirect github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0 // indirect github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 // indirect @@ -85,16 +85,16 @@ require ( go.uber.org/atomic v1.10.0 // indirect go.uber.org/multierr v1.11.0 // indirect go.uber.org/zap v1.24.0 // indirect - golang.org/x/crypto v0.21.0 // indirect + golang.org/x/crypto v0.23.0 // indirect golang.org/x/exp v0.0.0-20221028150844-83b7d23a625f // indirect - golang.org/x/net v0.23.0 // indirect + golang.org/x/net v0.25.0 // indirect golang.org/x/oauth2 v0.11.0 // indirect - golang.org/x/sync v0.4.0 // indirect - golang.org/x/sys v0.18.0 // indirect - golang.org/x/term v0.18.0 // indirect - golang.org/x/text v0.14.0 // indirect + golang.org/x/sync v0.7.0 // indirect + golang.org/x/sys v0.20.0 // indirect + golang.org/x/term v0.20.0 // indirect + golang.org/x/text v0.15.0 // indirect golang.org/x/time v0.3.0 // indirect - golang.org/x/tools v0.14.0 // indirect + golang.org/x/tools v0.21.0 // indirect google.golang.org/appengine v1.6.7 // indirect google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d // indirect google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d // indirect diff --git a/tests/e2e/go.sum b/tests/e2e/go.sum index f218da691..4fb1fa591 100644 --- a/tests/e2e/go.sum +++ b/tests/e2e/go.sum @@ -23,9 +23,6 @@ github.com/cert-manager/cert-manager v1.12.3 h1:3gZkP7hHI2CjgX5qZ1Tm98YbHVXB2NGA github.com/cert-manager/cert-manager v1.12.3/go.mod h1:/RYHUvK9cxuU5dbRyhb7g6am9jCcZc8huF3AnADE+nA= github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44= github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= -github.com/chzyer/logex v1.1.10/go.mod h1:+Ywpsq7O8HXn0nuIou7OrIPyXbp3wmkHB+jjWRnGsAI= -github.com/chzyer/readline v0.0.0-20180603132655-2972be24d48e/go.mod h1:nSuG5e5PlCu98SY8svDHJxuZscDgtXS6KTTbou5AhLI= -github.com/chzyer/test v0.0.0-20180213035817-a1ea475d72b1/go.mod h1:Q3SI9o4m/ZMnBNeIyt5eFwwo7qiLfzFZmjNmxjkiQlU= github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4 h1:/inchEIKaYC1Akx+H+gqO04wryn5h75LSazbRlnya1k= github.com/cncf/xds/go v0.0.0-20230607035331-e9ce68804cb4/go.mod h1:eXthEFrGJvWHgFFCl3hGmgk+/aYT6PnTQLykKQRLhEs= github.com/coreos/go-semver v0.3.1 h1:yi21YpKnrx1gt5R+la8n5WgS0kCrsPp33dmEyHReZr4= @@ -55,8 +52,8 @@ github.com/fsnotify/fsnotify v1.6.0 h1:n+5WquG0fcWoWp6xPWfHdbskMCQaFnG6PfBrh1Ky4 github.com/fsnotify/fsnotify v1.6.0/go.mod h1:sl3t1tCWJFWoRz9R8WJCbQihKKwmorjAbSClcnxKAGw= github.com/go-logr/logr v1.2.0/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= -github.com/go-logr/logr v1.3.0 h1:2y3SDp0ZXuc6/cjLSZ+Q3ir+QB9T/iG5yYRXqsagWSY= -github.com/go-logr/logr v1.3.0/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= +github.com/go-logr/logr v1.4.1 h1:pKouT5E8xu9zeFC39JXRDukb6JFQPXM5p5I91188VAQ= +github.com/go-logr/logr v1.4.1/go.mod h1:9T104GzyrTigFIr8wt5mBrctHMim0Nb2HLGrmQ40KvY= github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag= github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE= github.com/go-logr/zapr v1.2.4 h1:QHVo+6stLbfJmYGkQ7uGHUCu5hnAFAj6mDe6Ea0SeOo= @@ -67,8 +64,8 @@ github.com/go-openapi/jsonreference v0.20.2 h1:3sVjiK66+uXK/6oQ8xgcRKcFgQ5KXa2Kv github.com/go-openapi/jsonreference v0.20.2/go.mod h1:Bl1zwGIM8/wsvqjsOQLJ/SH+En5Ap4rVB5KVcIDZG2k= github.com/go-openapi/swag v0.22.3 h1:yMBqmnQ0gyZvEb/+KzuWZOXgllrXT4SADYbvDaXHv/g= github.com/go-openapi/swag v0.22.3/go.mod h1:UzaqsxGiab7freDnrUUra0MwWfN/q7tE4j+VcZ0yl14= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572 h1:tfuBGBXKqDEevZMzYi5KSi8KkcZtzBcTgAUUtapy0OI= -github.com/go-task/slim-sprig v0.0.0-20230315185526-52ccab3ef572/go.mod h1:9Pwr4B2jHnOSGXyyzV8ROjYa2ojvAY6HCGYYfMoC3Ls= +github.com/go-task/slim-sprig/v3 v3.0.0 h1:sUs3vkvUymDpBKi3qH1YSqBQk9+9D/8M2mN1vB6EwHI= +github.com/go-task/slim-sprig/v3 v3.0.0/go.mod h1:W848ghGpv3Qj3dhTPRyJypKRiqCdHZiAzKg9hl15HA8= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= github.com/gogo/protobuf v1.3.2 h1:Ov1cvc58UF3b5XjBnZv7+opcTcQFZebYjWzi34vdm4Q= github.com/gogo/protobuf v1.3.2/go.mod h1:P1XiOD3dCwIKUDQYPy72D8LYyHL2YPYrpS2s69NZV8Q= @@ -95,8 +92,8 @@ github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeN github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= github.com/google/gofuzz v1.2.0 h1:xRy4A+RhZaiKjJ1bPfwQ8sedCA+YS2YcCHW6ec7JMi0= github.com/google/gofuzz v1.2.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1 h1:K6RDEckDVWvDI9JAJYCmNdQXq6neHJOYx3V6jnqNEec= -github.com/google/pprof v0.0.0-20210720184732-4bb14d4b1be1/go.mod h1:kpwsk12EmLew5upagYY7GY0pfYCcupk39gWOCRROcvE= +github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6 h1:k7nVchz72niMH6YLQNvHSdIE7iqsQxK1P41mySCvssg= +github.com/google/pprof v0.0.0-20240424215950-a892ee059fd6/go.mod h1:kf6iHlnVGwgKolg33glAes7Yg/8iWP8ukqeldJSO7jw= github.com/google/uuid v1.3.1 h1:KjJaJ9iWZ3jOFZIf1Lqf4laDRCasjl0BCmnEGxkdLb4= github.com/google/uuid v1.3.1/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/gorilla/websocket v1.4.2 h1:+/TMaTYc4QFitKJxsQ7Yye35DkWvkdLcvGKqM+x0Ufc= @@ -109,7 +106,6 @@ github.com/grpc-ecosystem/grpc-gateway v1.16.0 h1:gmcG1KaJ57LophUzW0Hy8NmPhnMZb4 github.com/grpc-ecosystem/grpc-gateway v1.16.0/go.mod h1:BDjrQk3hbvj6Nolgz8mAMFbcEtjT1g+wF4CSlocrBnw= github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0 h1:YBftPWNWd4WwGqtY2yeZL2ef8rHAxPBD8KFhJpmcqms= github.com/grpc-ecosystem/grpc-gateway/v2 v2.16.0/go.mod h1:YN5jB8ie0yfIUg6VvR9Kz84aCaG7AsGZnLjhHbUqwPg= -github.com/ianlancetaylor/demangle v0.0.0-20200824232613-28f6c0f3b639/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc= github.com/imdario/mergo v0.3.13 h1:lFzP57bqS/wsqKssCGmtLAb8A0wKjLGrve2q3PPVcBk= github.com/imdario/mergo v0.3.13/go.mod h1:4lJ1jqUDcsbIECGy0RUJAXNIhg+6ocWgb1ALK2O4oXg= github.com/inconshreveable/mousetrap v1.1.0 h1:wN+x4NVGpMsO7ErUn/mUI3vEoE6Jt13X2s0bqwp9tc8= @@ -143,10 +139,17 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/onsi/ginkgo/v2 v2.13.2 h1:Bi2gGVkfn6gQcjNjZJVO8Gf0FHzMPf2phUei9tejVMs= -github.com/onsi/ginkgo/v2 v2.13.2/go.mod h1:XStQ8QcGwLyF4HdfcZB8SFOS/MWCgDuXMSBe6zrvLgM= -github.com/onsi/gomega v1.29.0 h1:KIA/t2t5UBzoirT4H9tsML45GEbo3ouUnBHsCfD2tVg= -github.com/onsi/gomega v1.29.0/go.mod h1:9sxs+SwGrKI0+PWe4Fxa9tFQQBG5xSsSbMXOI8PPpoQ= +github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= +github.com/onsi/ginkgo/v2 v2.17.3 h1:oJcvKpIb7/8uLpDDtnQuf18xVnwKp8DTD7DQ6gTd/MU= +github.com/onsi/ginkgo/v2 v2.17.3/go.mod h1:nP2DPOQoNsQmsVyv5rDA8JkXQoCs6goXIvr/PRJ1eCc= +github.com/onsi/ginkgo/v2 v2.18.0 h1:W9Y7IWXxPUpAit9ieMOLI7PJZGaW22DTKgiVAuhDTLc= +github.com/onsi/ginkgo/v2 v2.18.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= +github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA= +github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= +github.com/onsi/gomega v1.33.0 h1:snPCflnZrpMsy94p4lXVEkHo12lmPnc3vY5XBbreexE= +github.com/onsi/gomega v1.33.0/go.mod h1:+925n5YtiFsLzzafLUHzVMBpvvRAzrydIBiSIxjX3wY= +github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= +github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0= @@ -180,7 +183,6 @@ github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSS github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= @@ -239,51 +241,60 @@ go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA= -golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs= +golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30= +golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= +golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI= +golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= golang.org/x/exp v0.0.0-20221028150844-83b7d23a625f h1:Al51T6tzvuh3oiwX11vex3QgJ2XTedFPGmbEVh8cdoc= golang.org/x/exp v0.0.0-20221028150844-83b7d23a625f/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.13.0 h1:I/DsJXRlw/8l/0c24sM9yb0T4z9liZTduXvdAWYiysY= -golang.org/x/mod v0.13.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.23.0 h1:7EYJ93RZ9vYSZAIb2x3lnuvqO5zneoD6IvWjuhfxjTs= -golang.org/x/net v0.23.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg= +golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w= +golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8= +golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= +golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= golang.org/x/oauth2 v0.11.0 h1:vPL4xzxBM4niKCW6g9whtaWVXTJf1U5e4aZxxFx/gbU= golang.org/x/oauth2 v0.11.0/go.mod h1:LdF7O/8bLR/qWK9DrpXmbHLTouvRHK0SgJl0GmDBchk= golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.4.0 h1:zxkM55ReGkDlKSM+Fu41A+zmbZuaPVbGMzvvdUPznYQ= -golang.org/x/sync v0.4.0/go.mod h1:FU7BRWz2tNW+3quACPkgCx/L+uEAv1htQ0V83Z9Rj+Y= +golang.org/x/sync v0.7.0 h1:YsImfSBoP9QPYL0xyKJPq0gcaJdG3rInoqxTWbfQu9M= +golang.org/x/sync v0.7.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20191204072324-ce4227a45e2e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4= -golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8= -golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58= +golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= +golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y= +golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q= +golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk= +golang.org/x/term v0.20.0 h1:VnkxpohqXaOBYJtBmEppKUG6mXpi+4O6purfc2+sMhw= +golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk= +golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= golang.org/x/time v0.3.0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.14.0 h1:jvNa2pY0M4r62jkRQ6RwEZZyPcymeL9XZMLBbV7U2nc= -golang.org/x/tools v0.14.0/go.mod h1:uYBEerGOWcJyEORxN+Ek8+TT266gXkNlHdJBwexUsBg= +golang.org/x/tools v0.20.0 h1:hz/CVckiOxybQvFw6h7b/q80NTr9IUQb4s1IIzW7KNY= +golang.org/x/tools v0.20.0/go.mod h1:WvitBU7JJf6A4jOdg4S1tviW9bhUxkgeCui/0JHctQg= +golang.org/x/tools v0.21.0 h1:qc0xYgIbsSDt9EyWz05J5wfa7LOVW0YTLOXrqdLAWIw= +golang.org/x/tools v0.21.0/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/tests/e2e/steps/steps_def.go b/tests/e2e/steps/steps_def.go index df06058dc..fbd70fb35 100644 --- a/tests/e2e/steps/steps_def.go +++ b/tests/e2e/steps/steps_def.go @@ -1363,3 +1363,35 @@ func (step *Step) validateApplicationMobilityNotInstalled(cr csmv1.ContainerStor fmt.Println("All AM pods removed ") return nil } + +func (step *Step) createCustomResourceDefinition(res Resource, crdNumStr string) error { + crdNum, _ := strconv.Atoi(crdNumStr) + cmd := exec.Command("kubectl", "apply", "-f", res.Scenario.Paths[crdNum-1]) + err := cmd.Run() + if err != nil { + return fmt.Errorf("csm authorization crds install failed: %v", err) + } + + return nil +} + +func (step *Step) validateCustomResourceDefinition(res Resource, crdName string) error { + cmd := exec.Command("kubectl", "get", "crd", fmt.Sprintf("%s.csm-authorization.storage.dell.com", crdName)) + err := cmd.Run() + if err != nil { + return fmt.Errorf("failed to validate csm authorization crd [%s]: %v", crdName, err) + } + + return nil +} + +func (step *Step) deleteCustomResourceDefinition(res Resource, crdNumStr string) error { + crdNum, _ := strconv.Atoi(crdNumStr) + cmd := exec.Command("kubectl", "delete", "-f", res.Scenario.Paths[crdNum-1]) + err := cmd.Run() + if err != nil { + return fmt.Errorf("csm authorization crds uninstall failed: %v", err) + } + + return nil +} diff --git a/tests/e2e/steps/steps_runner.go b/tests/e2e/steps/steps_runner.go index a54e1cfb3..5e012a8bb 100644 --- a/tests/e2e/steps/steps_runner.go +++ b/tests/e2e/steps/steps_runner.go @@ -80,6 +80,10 @@ func StepRunnerInit(runner *Runner, ctrlClient client.Client, clientSet *kuberne runner.addStep(`^Validate connectivity client from CR \[(\d+)\] is installed$`, step.validateConnectivityClientInstalled) runner.addStep(`^Validate connectivity client from CR \[(\d+)\] is not installed$`, step.validateConnectivityClientNotInstalled) runner.addStep(`^Uninstall connectivity client from CR \[(\d+)\]`, step.uninstallConnectivityClient) + + runner.addStep(`^Install Authorization CRDs \[(\d+)\]$`, step.createCustomResourceDefinition) + runner.addStep(`^Validate \[([^"]*)\] CRD for Authorization is installed$`, step.validateCustomResourceDefinition) + runner.addStep(`^Delete Authorization CRDs \[(\d+)\]$`, step.deleteCustomResourceDefinition) } func (runner *Runner) addStep(expr string, stepFunc interface{}) { diff --git a/tests/e2e/testfiles/authorization-templates/csm_authorization_crds.yaml b/tests/e2e/testfiles/authorization-templates/csm_authorization_crds.yaml new file mode 100644 index 000000000..8c885df97 --- /dev/null +++ b/tests/e2e/testfiles/authorization-templates/csm_authorization_crds.yaml @@ -0,0 +1,415 @@ +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.14.0 + name: csmroles.csm-authorization.storage.dell.com +spec: + group: csm-authorization.storage.dell.com + names: + kind: CSMRole + listKind: CSMRoleList + plural: csmroles + singular: csmrole + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: CSMRole is the Schema for the csmroles API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: CSMRoleSpec defines the desired state of CSMRole + properties: + pool: + type: string + quota: + description: |- + INSERT ADDITIONAL SPEC FIELDS - desired state of cluster + Important: Run "make" to regenerate code after modifying this file + type: string + systemID: + type: string + systemType: + type: string + type: object + status: + description: CSMRoleStatus defines the observed state of CSMRole + properties: + conditions: + description: |- + INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + Important: Run "make" to regenerate code after modifying this file + Role.status.conditions.type are: "Available", "NotAvailable", and "UnKnown" + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.14.0 + name: csmtenants.csm-authorization.storage.dell.com +spec: + group: csm-authorization.storage.dell.com + names: + kind: CSMTenant + listKind: CSMTenantList + plural: csmtenants + singular: csmtenant + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: CSMTenant is the Schema for the csmtenants API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: CSMTenantSpec defines the desired state of CSMTenant + properties: + approveSdc: + type: boolean + revoke: + type: boolean + roles: + description: |- + INSERT ADDITIONAL SPEC FIELDS - desired state of cluster + Important: Run "make" to regenerate code after modifying this file + type: string + volumePrefix: + maxLength: 3 + minLength: 1 + type: string + required: + - approveSdc + - revoke + type: object + status: + description: CSMTenantStatus defines the observed state of CSMTenant + properties: + conditions: + description: |- + INSERT ADDITIONAL STATUS FIELD - define observed state of cluster + Important: Run "make" to regenerate code after modifying this file + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} +--- +apiVersion: apiextensions.k8s.io/v1 +kind: CustomResourceDefinition +metadata: + annotations: + controller-gen.kubebuilder.io/version: v0.14.0 + name: storages.csm-authorization.storage.dell.com +spec: + group: csm-authorization.storage.dell.com + names: + kind: Storage + listKind: StorageList + plural: storages + singular: storage + scope: Namespaced + versions: + - name: v1alpha1 + schema: + openAPIV3Schema: + description: Storage is the Schema for the storages API + properties: + apiVersion: + description: |- + APIVersion defines the versioned schema of this representation of an object. + Servers should convert recognized schemas to the latest internal value, and + may reject unrecognized values. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#resources + type: string + kind: + description: |- + Kind is a string value representing the REST resource this object represents. + Servers may infer this from the endpoint the client submits requests to. + Cannot be updated. + In CamelCase. + More info: https://git.k8s.io/community/contributors/devel/sig-architecture/api-conventions.md#types-kinds + type: string + metadata: + type: object + spec: + description: StorageSpec defines the desired state of Storage + properties: + credentialPath: + type: string + credentialStore: + type: string + endpoint: + type: string + pollInterval: + type: string + skipCertificateValidation: + type: boolean + systemID: + type: string + type: + description: |- + INSERT ADDITIONAL SPEC FIELDS - desired state of cluster + Important: Run "make" to regenerate code after modifying this file + type: string + required: + - skipCertificateValidation + type: object + status: + description: StorageStatus defines the observed state of Storage + properties: + conditions: + description: 'Storage.status.conditions.type are: "Available", "NotAvailable", + and "UnKnown"' + items: + description: "Condition contains details for one aspect of the current + state of this API Resource.\n---\nThis struct is intended for + direct use as an array at the field path .status.conditions. For + example,\n\n\n\ttype FooStatus struct{\n\t // Represents the + observations of a foo's current state.\n\t // Known .status.conditions.type + are: \"Available\", \"Progressing\", and \"Degraded\"\n\t // + +patchMergeKey=type\n\t // +patchStrategy=merge\n\t // +listType=map\n\t + \ // +listMapKey=type\n\t Conditions []metav1.Condition `json:\"conditions,omitempty\" + patchStrategy:\"merge\" patchMergeKey:\"type\" protobuf:\"bytes,1,rep,name=conditions\"`\n\n\n\t + \ // other fields\n\t}" + properties: + lastTransitionTime: + description: |- + lastTransitionTime is the last time the condition transitioned from one status to another. + This should be when the underlying condition changed. If that is not known, then using the time when the API field changed is acceptable. + format: date-time + type: string + message: + description: |- + message is a human readable message indicating details about the transition. + This may be an empty string. + maxLength: 32768 + type: string + observedGeneration: + description: |- + observedGeneration represents the .metadata.generation that the condition was set based upon. + For instance, if .metadata.generation is currently 12, but the .status.conditions[x].observedGeneration is 9, the condition is out of date + with respect to the current state of the instance. + format: int64 + minimum: 0 + type: integer + reason: + description: |- + reason contains a programmatic identifier indicating the reason for the condition's last transition. + Producers of specific condition types may define expected values and meanings for this field, + and whether the values are considered a guaranteed API. + The value should be a CamelCase string. + This field may not be empty. + maxLength: 1024 + minLength: 1 + pattern: ^[A-Za-z]([A-Za-z0-9_,:]*[A-Za-z0-9_])?$ + type: string + status: + description: status of the condition, one of True, False, Unknown. + enum: + - "True" + - "False" + - Unknown + type: string + type: + description: |- + type of condition in CamelCase or in foo.example.com/CamelCase. + --- + Many .condition.type values are consistent across resources like Available, but because arbitrary conditions can be + useful (see .node.status.conditions), the ability to deconflict is important. + The regex it matches is (dns1123SubdomainFmt/)?(qualifiedNameFmt) + maxLength: 316 + pattern: ^([a-z0-9]([-a-z0-9]*[a-z0-9])?(\.[a-z0-9]([-a-z0-9]*[a-z0-9])?)*/)?(([A-Za-z0-9][-A-Za-z0-9_.]*)?[A-Za-z0-9])$ + type: string + required: + - lastTransitionTime + - message + - reason + - status + - type + type: object + type: array + type: object + type: object + served: true + storage: true + subresources: + status: {} diff --git a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server.yaml b/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server.yaml index 97090ff03..12b07526c 100644 --- a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server.yaml +++ b/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server.yaml @@ -75,14 +75,24 @@ spec: annotations: {} - name: redis - redis: redis:6.0.8-alpine + redis: redis:7.2.4-alpine commander: rediscommander/redis-commander:latest + redisName: redis-csm + redisCommander: redicommander + sentinel: sentinel + redisReplicas: 5 # by default, csm-authorization will deploy a local (https://kubernetes.io/docs/concepts/storage/storage-classes/#local) volume for redis # to use a different storage class for redis, specify the name of the storage class # NOTE: the storage class must NOT be a storage class provisioned by a CSI driver using this installation of CSM Authorization # Default value: None storageclass: "local-storage" + - name: vault + vaultAddress: https://10.0.0.1:8400 + vaultRole: csm-authorization + skipCertificateValidation: true + kvEnginePath: secret + --- apiVersion: v1 kind: ConfigMap diff --git a/tests/e2e/testfiles/values.yaml b/tests/e2e/testfiles/values.yaml index ca66d3313..ae50edfda 100644 --- a/tests/e2e/testfiles/values.yaml +++ b/tests/e2e/testfiles/values.yaml @@ -13,6 +13,19 @@ - "Configure authorization-proxy-server for [powerflex] for CR [1]" - "Delete custom resource [1]" +- scenario: "Install Authorization CRDs" + paths: + - "testfiles/authorization-templates/csm_authorization_crds.yaml" + modules: + - "authorizationproxyserver" + steps: + - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [1]" + - "Validate [csmroles] CRD for Authorization is installed" + - "Validate [csmtenants] CRD for Authorization is installed" + - "Validate [storages] CRD for Authorization is installed" + - "Delete Authorization CRDs [1]" + - scenario: "Install Authorization Proxy Server With Default Redis Storage Class" paths: - "testfiles/authorization-templates/csm_authorization_proxy_server_default_redis.yaml" From 6d2f211a0872d06309d837d92468a912e4154b24 Mon Sep 17 00:00:00 2001 From: Evgeny Uglov Date: Mon, 27 May 2024 17:12:29 +0000 Subject: [PATCH 2/5] [KRV-17785] Update go mod --- tests/e2e/go.mod | 4 ++-- tests/e2e/go.sum | 21 ++------------------- 2 files changed, 4 insertions(+), 21 deletions(-) diff --git a/tests/e2e/go.mod b/tests/e2e/go.mod index fdde9fa59..261134aaa 100644 --- a/tests/e2e/go.mod +++ b/tests/e2e/go.mod @@ -87,8 +87,8 @@ require ( go.uber.org/zap v1.24.0 // indirect golang.org/x/crypto v0.23.0 // indirect golang.org/x/exp v0.0.0-20221028150844-83b7d23a625f // indirect - golang.org/x/mod v0.13.0 // indirect - golang.org/x/net v0.23.0 // indirect + golang.org/x/mod v0.17.0 // indirect + golang.org/x/net v0.25.0 // indirect golang.org/x/oauth2 v0.11.0 // indirect golang.org/x/sync v0.7.0 // indirect golang.org/x/sys v0.20.0 // indirect diff --git a/tests/e2e/go.sum b/tests/e2e/go.sum index 4fb1fa591..f1bba770e 100644 --- a/tests/e2e/go.sum +++ b/tests/e2e/go.sum @@ -139,15 +139,8 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= -github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= -github.com/onsi/ginkgo/v2 v2.17.3 h1:oJcvKpIb7/8uLpDDtnQuf18xVnwKp8DTD7DQ6gTd/MU= -github.com/onsi/ginkgo/v2 v2.17.3/go.mod h1:nP2DPOQoNsQmsVyv5rDA8JkXQoCs6goXIvr/PRJ1eCc= -github.com/onsi/ginkgo/v2 v2.18.0 h1:W9Y7IWXxPUpAit9ieMOLI7PJZGaW22DTKgiVAuhDTLc= -github.com/onsi/ginkgo/v2 v2.18.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA= github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= -github.com/onsi/gomega v1.33.0 h1:snPCflnZrpMsy94p4lXVEkHo12lmPnc3vY5XBbreexE= -github.com/onsi/gomega v1.33.0/go.mod h1:+925n5YtiFsLzzafLUHzVMBpvvRAzrydIBiSIxjX3wY= github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= github.com/onsi/gomega v1.33.1/go.mod h1:U4R44UsT+9eLIaYRB2a5qajjtQYn0hauxvRm16AVYg0= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= @@ -241,21 +234,19 @@ go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.22.0 h1:g1v0xeRhjcugydODzvb3mEM9SQ0HGp9s/nh3COQ/C30= -golang.org/x/crypto v0.22.0/go.mod h1:vr6Su+7cTlO45qkww3VDJlzDn0ctJvRgYbC2NvXHt+M= golang.org/x/crypto v0.23.0 h1:dIJU/v2J8Mdglj/8rJ6UUOM3Zc9zLZxVZwwxMooUSAI= golang.org/x/crypto v0.23.0/go.mod h1:CKFgDieR+mRhux2Lsu27y0fO304Db0wZe70UKqHu0v8= golang.org/x/exp v0.0.0-20221028150844-83b7d23a625f h1:Al51T6tzvuh3oiwX11vex3QgJ2XTedFPGmbEVh8cdoc= golang.org/x/exp v0.0.0-20221028150844-83b7d23a625f/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= +golang.org/x/mod v0.17.0 h1:zY54UmvipHiNd+pm+m0x9KhZ9hl1/7QNMyxXbc6ICqA= +golang.org/x/mod v0.17.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.24.0 h1:1PcaxkF854Fu3+lvBIx5SYn9wRlBzzcnHZSiaFFAb0w= -golang.org/x/net v0.24.0/go.mod h1:2Q7sJY5mzlzWjKtYUEXSlBWCdyaioyXzRB2RtU8KVE8= golang.org/x/net v0.25.0 h1:d/OCCoBEUq33pjydKrGQhw7IlUPI2Oylr+8qLx49kac= golang.org/x/net v0.25.0/go.mod h1:JkAGAh7GEvH74S6FOH42FLoXpXbE/aqXSrIQjXgsiwM= golang.org/x/oauth2 v0.11.0 h1:vPL4xzxBM4niKCW6g9whtaWVXTJf1U5e4aZxxFx/gbU= @@ -270,19 +261,13 @@ golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5h golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.19.0 h1:q5f1RH2jigJ1MoAWp2KTp3gm5zAGFUTarQZ5U386+4o= -golang.org/x/sys v0.19.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= golang.org/x/sys v0.20.0 h1:Od9JTbYCk261bKm4M/mw7AklTlFYIa0bIp9BgSm1S8Y= golang.org/x/sys v0.20.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.19.0 h1:+ThwsDv+tYfnJFhF4L8jITxu1tdTWRTZpdsWgEgjL6Q= -golang.org/x/term v0.19.0/go.mod h1:2CuTdWZ7KHSQwUzKva0cbMg6q2DMI3Mmxp+gKJbskEk= golang.org/x/term v0.20.0 h1:VnkxpohqXaOBYJtBmEppKUG6mXpi+4O6purfc2+sMhw= golang.org/x/term v0.20.0/go.mod h1:8UkIAJTvZgivsXaD6/pH6U9ecQzZ45awqEOzuCvwpFY= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/text v0.15.0 h1:h1V/4gjBv8v9cjcR6+AR5+/cIYK5N/WAgiv4xlsEtAk= golang.org/x/text v0.15.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= @@ -291,8 +276,6 @@ golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGm golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roYkvgYkIh4xh/qjgUK9TdY2XT94GE= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.20.0 h1:hz/CVckiOxybQvFw6h7b/q80NTr9IUQb4s1IIzW7KNY= -golang.org/x/tools v0.20.0/go.mod h1:WvitBU7JJf6A4jOdg4S1tviW9bhUxkgeCui/0JHctQg= golang.org/x/tools v0.21.0 h1:qc0xYgIbsSDt9EyWz05J5wfa7LOVW0YTLOXrqdLAWIw= golang.org/x/tools v0.21.0/go.mod h1:aiJjzUbINMkxbQROHiO6hDPo2LHcIPhhQsa9DLh0yGk= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= From 06d3c9dfca7c897b47f9ac19e53408c140fcc2ea Mon Sep 17 00:00:00 2001 From: Evgeny Uglov Date: Tue, 4 Jun 2024 15:50:34 +0000 Subject: [PATCH 3/5] [KRV-24554] Fix proxy e2e test --- tests/e2e/go.sum | 1 + tests/e2e/run-e2e-test.sh | 4 +- tests/e2e/steps/steps_def.go | 82 +++---------------- .../csm-authorization_v1_csmrole.yaml | 15 ++++ .../csm-authorization_v1_csmtenant.yaml | 18 ++++ .../csm-authorization_v1_storage.yaml | 12 +++ ...horization_proxy_server_default_redis.yaml | 12 ++- tests/e2e/testfiles/values.yaml | 5 +- 8 files changed, 74 insertions(+), 75 deletions(-) create mode 100644 tests/e2e/testfiles/authorization-templates/csm-authorization_v1_csmrole.yaml create mode 100644 tests/e2e/testfiles/authorization-templates/csm-authorization_v1_csmtenant.yaml create mode 100644 tests/e2e/testfiles/authorization-templates/csm-authorization_v1_storage.yaml diff --git a/tests/e2e/go.sum b/tests/e2e/go.sum index f1bba770e..e6da1ff7b 100644 --- a/tests/e2e/go.sum +++ b/tests/e2e/go.sum @@ -139,6 +139,7 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9G github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq1c1nUAm88MOHcQC9l5mIlSMApZMrHA= github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= +github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE= github.com/onsi/ginkgo/v2 v2.19.0 h1:9Cnnf7UHo57Hy3k6/m5k3dRfGTMXGvxhHFvkDTCTpvA= github.com/onsi/ginkgo/v2 v2.19.0/go.mod h1:rlwLi9PilAFJ8jCg9UE1QP6VBpd6/xj3SRC0d6TU0To= github.com/onsi/gomega v1.33.1 h1:dsYjIxxSR755MDmKVsaFQTE22ChNBcuuTWgkUDSubOk= diff --git a/tests/e2e/run-e2e-test.sh b/tests/e2e/run-e2e-test.sh index 2a74404e1..c52672079 100755 --- a/tests/e2e/run-e2e-test.sh +++ b/tests/e2e/run-e2e-test.sh @@ -36,7 +36,7 @@ fi cp $CERT_CSI . # Uncomment for authorization proxy server -#cp $KARAVICTL /usr/local/bin/ +# cp $DELLCTL /usr/local/bin/ PATH=$PATH:$(go env GOPATH)/bin @@ -54,7 +54,7 @@ ginkgo -mod=mod "${OPTS[@]}" rm -f cert-csi # Uncomment for authorization proxy server -#rm -f /usr/local/bin/karavictl +# rm -f /usr/local/bin/dellctl # Checking for test status TEST_PASS=$? diff --git a/tests/e2e/steps/steps_def.go b/tests/e2e/steps/steps_def.go index fbd70fb35..b056d418e 100644 --- a/tests/e2e/steps/steps_def.go +++ b/tests/e2e/steps/steps_def.go @@ -1007,31 +1007,14 @@ func (step *Step) configureAuthorizationProxyServer(res Resource, driver string, var err error var ( - endpoint = "" - sysID = "" - user = "" - password = "" storageType = "" - pool = "" driverNamespace = "" proxyHost = "" ) - //by default, use set defined in env file - endpointvar := "END_POINT" - systemIdvar := "SYSTEM_ID" - uservar := "STORAGE_USER" - passvar := "STORAGE_PASSWORD" - poolvar := "STORAGE_POOL" - // if tests are running multiple scenarios that require differently configured auth servers, we will not be able to use one set of vars // this section is for powerflex, other drivers can add their sections as required. if driver == "powerflex" { - endpointvar = "PFLEX_ENDPOINT" - systemIdvar = "PFLEX_SYSTEMID" - uservar = "PFLEX_USER" - passvar = "PFLEX_PASS" - poolvar = "PFLEX_POOL" os.Setenv("STORAGE_TYPE", "powerflex") os.Setenv("DRIVER_NAMESPACE", "test-vxflexos") } @@ -1041,21 +1024,6 @@ func (step *Step) configureAuthorizationProxyServer(res Resource, driver string, os.Setenv("DRIVER_NAMESPACE", "isilon") } // get env variables - if os.Getenv(endpointvar) != "" { - endpoint = os.Getenv(endpointvar) - } - if os.Getenv(systemIdvar) != "" { - sysID = os.Getenv(systemIdvar) - } - if os.Getenv(uservar) != "" { - user = os.Getenv(uservar) - } - if os.Getenv(passvar) != "" { - password = os.Getenv(passvar) - } - if os.Getenv(poolvar) != "" { - pool = os.Getenv(poolvar) - } if os.Getenv("STORAGE_TYPE") != "" { storageType = os.Getenv("STORAGE_TYPE") } @@ -1090,16 +1058,8 @@ func (step *Step) configureAuthorizationProxyServer(res Resource, driver string, } fmt.Println("=== Creating Storage ===\n ") - cmd := exec.Command("karavictl", - "--admin-token", "/tmp/adminToken.yaml", - "storage", "create", - "--type", storageType, - "--endpoint", fmt.Sprintf("https://%s", endpoint), - "--system-id", sysID, - "--user", user, - "--password", password, - "--array-insecure", - "--insecure", "--addr", fmt.Sprintf("%s:%s", proxyHost, port), + cmd := exec.Command("kubectl", "apply", + "-f", "testfiles/authorization-templates/csm-authorization_v1_storage.yaml", ) fmt.Println("=== Storage === \n", cmd.String()) b, err = cmd.CombinedOutput() @@ -1110,10 +1070,8 @@ func (step *Step) configureAuthorizationProxyServer(res Resource, driver string, // Create Tenant fmt.Println("=== Creating Tenant ===\n ") - cmd = exec.Command("karavictl", - "--admin-token", "/tmp/adminToken.yaml", - "tenant", "create", - "-n", tenantName, "--insecure", "--addr", fmt.Sprintf("%s:%s", proxyHost, port), + cmd = exec.Command("kubectl", "apply", + "-f", "testfiles/authorization-templates/csm-authorization_v1_csmtenant.yaml", ) b, err = cmd.CombinedOutput() fmt.Println("=== Tenant === \n", cmd.String()) @@ -1127,12 +1085,8 @@ func (step *Step) configureAuthorizationProxyServer(res Resource, driver string, if storageType == "powerscale" { quotaLimit = "0" } - cmd = exec.Command("karavictl", - "--admin-token", "/tmp/adminToken.yaml", - "role", "create", - fmt.Sprintf("--role=%s=%s=%s=%s=%s", - roleName, storageType, sysID, pool, quotaLimit), - "--insecure", "--addr", fmt.Sprintf("%s:%s", proxyHost, port), + cmd = exec.Command("kubectl", "apply", + "-f", "testfiles/authorization-templates/csm-authorization_v1_csmrole.yaml", ) fmt.Println("=== Role === \n", cmd.String()) @@ -1144,29 +1098,15 @@ func (step *Step) configureAuthorizationProxyServer(res Resource, driver string, // role creation take few seconds time.Sleep(5 * time.Second) - // Bind role - cmd = exec.Command("karavictl", - "--admin-token", "/tmp/adminToken.yaml", - "rolebinding", "create", - "--tenant", tenantName, - "--role", roleName, - "--insecure", "--addr", fmt.Sprintf("%s:%s", proxyHost, port), - ) - fmt.Println("=== Binding Role ===\n", cmd.String()) - b, err = cmd.CombinedOutput() - - if err != nil { - return fmt.Errorf("failed to create rolebinding %s: %v\nErrMessage:\n%s", roleName, err, string(b)) - } - // Generate token fmt.Println("=== Generating token ===\n ") - cmd = exec.Command("karavictl", - "--admin-token", "/tmp/adminToken.yaml", + cmd = exec.Command("dellctl", "generate", "token", - "--tenant", tenantName, - "--insecure", "--addr", fmt.Sprintf("%s:%s", proxyHost, port), + "--admin-token", "/tmp/adminToken.yaml", "--access-token-expiration", fmt.Sprint(10*time.Minute), + "--refresh-token-expiration", "48h", + "--tenant", "csmtenant-sample", + "--insecure", "--addr", fmt.Sprintf("%s:%s", proxyHost, port), ) fmt.Println("=== Token ===\n", cmd.String()) b, err = cmd.CombinedOutput() diff --git a/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_csmrole.yaml b/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_csmrole.yaml new file mode 100644 index 000000000..c5092e519 --- /dev/null +++ b/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_csmrole.yaml @@ -0,0 +1,15 @@ +apiVersion: csm-authorization.storage.dell.com/v1alpha1 +kind: CSMRole +metadata: + labels: + app.kubernetes.io/name: role + app.kubernetes.io/instance: role-sample + app.kubernetes.io/part-of: csm-authorization + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/created-by: csm-authorization + name: csmrole-sample +spec: + quota: 0GB + systemID: PIE-IsilonS-24241-Cluster + systemType: powerscale + pool: /ifs/data/csi diff --git a/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_csmtenant.yaml b/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_csmtenant.yaml new file mode 100644 index 000000000..195e885ac --- /dev/null +++ b/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_csmtenant.yaml @@ -0,0 +1,18 @@ +apiVersion: csm-authorization.storage.dell.com/v1alpha1 +kind: CSMTenant +metadata: + labels: + app.kubernetes.io/name: csmtenant + app.kubernetes.io/instance: csmtenant-sample + app.kubernetes.io/part-of: csm-authorization + app.kubernetes.io/managed-by: kustomize + app.kubernetes.io/created-by: csm-authorization + name: csmtenant-sample +spec: + # TODO(user): Add fields here + roles: csmrole-sample + approveSdc: false + revoke: false + # This prefix is added for each new volume provisioned by the tenant. + # It should not exceed 3 characters. Example: tn1 + volumePrefix: tn1 diff --git a/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_storage.yaml b/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_storage.yaml new file mode 100644 index 000000000..06bcaa128 --- /dev/null +++ b/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_storage.yaml @@ -0,0 +1,12 @@ +apiVersion: csm-authorization.storage.dell.com/v1alpha1 +kind: Storage +metadata: + name: powerscale +spec: + type: powerscale + endpoint: https://10.230.24.241:8080 + systemID: PIE-IsilonS-24241-Cluster + credentialStore: vault + credentialPath: storage/powerscale + skipCertificateValidation: true + pollInterval: 30s diff --git a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_default_redis.yaml b/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_default_redis.yaml index 737b18c4c..4be42b2cf 100644 --- a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_default_redis.yaml +++ b/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_default_redis.yaml @@ -75,14 +75,24 @@ spec: annotations: {} - name: redis - redis: redis:6.0.8-alpine + redis: redis:7.2.4-alpine commander: rediscommander/redis-commander:latest + redisName: redis-csm + redisCommander: redicommander + sentinel: sentinel + redisReplicas: 5 # by default, csm-authorization will deploy a local (https://kubernetes.io/docs/concepts/storage/storage-classes/#local) volume for redis # to use a different storage class for redis, specify the name of the storage class # NOTE: the storage class must NOT be a storage class provisioned by a CSI driver using this installation of CSM Authorization # Default value: None storageclass: "" + - name: vault + vaultAddress: https://10.0.0.1:8400 + vaultRole: csm-authorization + skipCertificateValidation: true + kvEnginePath: secret + --- apiVersion: v1 kind: ConfigMap diff --git a/tests/e2e/testfiles/values.yaml b/tests/e2e/testfiles/values.yaml index ae50edfda..dde67c2ba 100644 --- a/tests/e2e/testfiles/values.yaml +++ b/tests/e2e/testfiles/values.yaml @@ -2,16 +2,19 @@ - scenario: "Install Authorization Proxy Server" paths: - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" + - "testfiles/authorization-templates/csm_authorization_crds.yaml" modules: - "authorizationproxyserver" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [2]" - "Create [authorization-proxy-server] prerequisites from CR [1]" - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" - "Configure authorization-proxy-server for [powerscale] for CR [1]" - - "Configure authorization-proxy-server for [powerflex] for CR [1]" + # - "Configure authorization-proxy-server for [powerflex] for CR [1]" - "Delete custom resource [1]" + - "Delete Authorization CRDs [2]" - scenario: "Install Authorization CRDs" paths: From d8bcb3ae45033d3e73c7e0e217376c55d2264794 Mon Sep 17 00:00:00 2001 From: Evgeny Uglov Date: Mon, 10 Jun 2024 21:41:00 +0000 Subject: [PATCH 4/5] [KRV-24554] Add auth CRDs step to the scenarios --- tests/e2e/steps/steps_def.go | 2 +- .../csm_authorization_proxy_server.yaml | 19 +++++ ...csm_authorization_proxy_server_alt_ns.yaml | 31 +++++++- ...horization_proxy_server_default_redis.yaml | 19 +++++ .../csm_authorization_proxy_server_ocp.yaml | 31 +++++++- tests/e2e/testfiles/values.yaml | 70 ++++++++++++++----- 6 files changed, 153 insertions(+), 19 deletions(-) diff --git a/tests/e2e/steps/steps_def.go b/tests/e2e/steps/steps_def.go index b056d418e..796f59ea2 100644 --- a/tests/e2e/steps/steps_def.go +++ b/tests/e2e/steps/steps_def.go @@ -1039,7 +1039,7 @@ func (step *Step) configureAuthorizationProxyServer(res Resource, driver string, } fmt.Printf("=== Generating Admin Token ===\n") - adminTkn := exec.Command("karavictl", + adminTkn := exec.Command("dellctl", "admin", "token", "--name", "Admin", "--jwt-signing-secret", "secret", diff --git a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server.yaml b/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server.yaml index db8835322..bf350f2f1 100644 --- a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server.yaml +++ b/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server.yaml @@ -42,11 +42,18 @@ spec: # enable: Enable/Disable csm-authorization proxy server enabled: true proxyService: dellemc/csm-authorization-proxy:v2.0.0-alpha + proxyServiceReplicas: 1 tenantService: dellemc/csm-authorization-tenant:v2.0.0-alpha + tenantServiceReplicas: 1 roleService: dellemc/csm-authorization-role:v2.0.0-alpha + roleServiceReplicas: 1 storageService: dellemc/csm-authorization-storage:v2.0.0-alpha + storageServiceReplicas: 1 opa: openpolicyagent/opa opaKubeMgmt: openpolicyagent/kube-mgmt:0.11 + authorizationController: dellemc/csm-authorization-controller:v2.0.0-alpha + authorizationControllerReplicas: 1 + leaderElection: true # certificate: base64-encoded certificate for cert/private-key pair -- add certificate here to use custom certificates # for self-signed certs, leave empty string @@ -92,6 +99,18 @@ spec: vaultRole: csm-authorization skipCertificateValidation: true kvEnginePath: secret + # certificate: base64-encoded certificate for cert/private-key pair -- add cert here to use custom certificates + # for self-signed certs, leave empty string + # Allowed values: string + certificate: "" + # privateKey: base64-encoded private key for cert/private-key pair -- add private key here to use custom certificates + # for self-signed certs, leave empty string + # Allowed values: string + privateKey: "" + # certificateAuthority: base64-encoded certificate authority for validating vault server certificate -- add certificate authority here to use custom certificates + # for self-signed certs, leave empty string + # Allowed values: string + certificateAuthority: "" --- apiVersion: v1 diff --git a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_alt_ns.yaml b/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_alt_ns.yaml index 73757a80b..b8f5a2a3e 100644 --- a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_alt_ns.yaml +++ b/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_alt_ns.yaml @@ -42,11 +42,18 @@ spec: # enable: Enable/Disable csm-authorization proxy server enabled: true proxyService: dellemc/csm-authorization-proxy:v2.0.0-alpha + proxyServiceReplicas: 1 tenantService: dellemc/csm-authorization-tenant:v2.0.0-alpha + tenantServiceReplicas: 1 roleService: dellemc/csm-authorization-role:v2.0.0-alpha + roleServiceReplicas: 1 storageService: dellemc/csm-authorization-storage:v2.0.0-alpha + storageServiceReplicas: 1 opa: openpolicyagent/opa opaKubeMgmt: openpolicyagent/kube-mgmt:0.11 + authorizationController: dellemc/csm-authorization-controller:v2.0.0-alpha + authorizationControllerReplicas: 1 + leaderElection: true # certificate: base64-encoded certificate for cert/private-key pair -- add certificate here to use custom certificates # for self-signed certs, leave empty string @@ -75,14 +82,36 @@ spec: annotations: {} - name: redis - redis: redis:6.0.8-alpine + redis: redis:7.2.4-alpine commander: rediscommander/redis-commander:latest # by default, csm-authorization will deploy a local (https://kubernetes.io/docs/concepts/storage/storage-classes/#local) volume for redis # to use a different storage class for redis, specify the name of the storage class # NOTE: the storage class must NOT be a storage class provisioned by a CSI driver using this installation of CSM Authorization # Default value: None + redisName: redis-csm + redisCommander: redicommander + sentinel: sentinel + redisReplicas: 5 storageclass: "" + - name: vault + vaultAddress: https://10.247.100.22:8400 + vaultRole: csm-authorization + skipCertificateValidation: true + kvEnginePath: secret + # certificate: base64-encoded certificate for cert/private-key pair -- add cert here to use custom certificates + # for self-signed certs, leave empty string + # Allowed values: string + certificate: "" + # privateKey: base64-encoded private key for cert/private-key pair -- add private key here to use custom certificates + # for self-signed certs, leave empty string + # Allowed values: string + privateKey: "" + # certificateAuthority: base64-encoded certificate authority for validating vault server certificate -- add certificate authority here to use custom certificates + # for self-signed certs, leave empty string + # Allowed values: string + certificateAuthority: "" + --- apiVersion: v1 kind: ConfigMap diff --git a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_default_redis.yaml b/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_default_redis.yaml index 3554342de..dff237760 100644 --- a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_default_redis.yaml +++ b/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_default_redis.yaml @@ -42,11 +42,18 @@ spec: # enable: Enable/Disable csm-authorization proxy server enabled: true proxyService: dellemc/csm-authorization-proxy:v2.0.0-alpha + proxyServiceReplicas: 1 tenantService: dellemc/csm-authorization-tenant:v2.0.0-alpha + tenantServiceReplicas: 1 roleService: dellemc/csm-authorization-role:v2.0.0-alpha + roleServiceReplicas: 1 storageService: dellemc/csm-authorization-storage:v2.0.0-alpha + storageServiceReplicas: 1 opa: openpolicyagent/opa opaKubeMgmt: openpolicyagent/kube-mgmt:0.11 + authorizationController: dellemc/csm-authorization-controller:v2.0.0-alpha + authorizationControllerReplicas: 1 + leaderElection: true # certificate: base64-encoded certificate for cert/private-key pair -- add certificate here to use custom certificates # for self-signed certs, leave empty string @@ -92,6 +99,18 @@ spec: vaultRole: csm-authorization skipCertificateValidation: true kvEnginePath: secret + # certificate: base64-encoded certificate for cert/private-key pair -- add cert here to use custom certificates + # for self-signed certs, leave empty string + # Allowed values: string + certificate: "" + # privateKey: base64-encoded private key for cert/private-key pair -- add private key here to use custom certificates + # for self-signed certs, leave empty string + # Allowed values: string + privateKey: "" + # certificateAuthority: base64-encoded certificate authority for validating vault server certificate -- add certificate authority here to use custom certificates + # for self-signed certs, leave empty string + # Allowed values: string + certificateAuthority: "" --- apiVersion: v1 diff --git a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_ocp.yaml b/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_ocp.yaml index e2a37e8cd..35fbda147 100644 --- a/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_ocp.yaml +++ b/tests/e2e/testfiles/authorization-templates/csm_authorization_proxy_server_ocp.yaml @@ -42,11 +42,18 @@ spec: # enable: Enable/Disable csm-authorization proxy server enabled: true proxyService: dellemc/csm-authorization-proxy:v2.0.0-alpha + proxyServiceReplicas: 1 tenantService: dellemc/csm-authorization-tenant:v2.0.0-alpha + tenantServiceReplicas: 1 roleService: dellemc/csm-authorization-role:v2.0.0-alpha + roleServiceReplicas: 1 storageService: dellemc/csm-authorization-storage:v2.0.0-alpha + storageServiceReplicas: 1 opa: openpolicyagent/opa opaKubeMgmt: openpolicyagent/kube-mgmt:0.11 + authorizationController: dellemc/csm-authorization-controller:v2.0.0-alpha + authorizationControllerReplicas: 1 + leaderElection: true # certificate: base64-encoded certificate for cert/private-key pair -- add certificate here to use custom certificates # for self-signed certs, leave empty string @@ -75,14 +82,36 @@ spec: annotations: {} - name: redis - redis: redis:6.0.8-alpine + redis: redis:7.2.4-alpine commander: rediscommander/redis-commander:latest # by default, csm-authorization will deploy a local (https://kubernetes.io/docs/concepts/storage/storage-classes/#local) volume for redis # to use a different storage class for redis, specify the name of the storage class # NOTE: the storage class must NOT be a storage class provisioned by a CSI driver using this installation of CSM Authorization # Default value: None + redisName: redis-csm + redisCommander: redicommander + sentinel: sentinel + redisReplicas: 5 storageclass: "local-storage" + - name: vault + vaultAddress: https://10.0.0.1:8400 + vaultRole: csm-authorization + skipCertificateValidation: true + kvEnginePath: secret + # certificate: base64-encoded certificate for cert/private-key pair -- add cert here to use custom certificates + # for self-signed certs, leave empty string + # Allowed values: string + certificate: "" + # privateKey: base64-encoded private key for cert/private-key pair -- add private key here to use custom certificates + # for self-signed certs, leave empty string + # Allowed values: string + privateKey: "" + # certificateAuthority: base64-encoded certificate authority for validating vault server certificate -- add certificate authority here to use custom certificates + # for self-signed certs, leave empty string + # Allowed values: string + certificateAuthority: "" + --- apiVersion: v1 kind: ConfigMap diff --git a/tests/e2e/testfiles/values.yaml b/tests/e2e/testfiles/values.yaml index caf2280c7..8fc97158c 100644 --- a/tests/e2e/testfiles/values.yaml +++ b/tests/e2e/testfiles/values.yaml @@ -12,7 +12,7 @@ - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" - "Configure authorization-proxy-server for [powerscale] for CR [1]" - # - "Configure authorization-proxy-server for [powerflex] for CR [1]" + - "Configure authorization-proxy-server for [powerflex] for CR [1]" - "Delete custom resource [1]" - "Delete Authorization CRDs [2]" @@ -29,60 +29,56 @@ - "Validate [storages] CRD for Authorization is installed" - "Delete Authorization CRDs [1]" -- scenario: "Install Authorization CRDs" - paths: - - "testfiles/authorization-templates/csm_authorization_crds.yaml" - modules: - - "authorizationproxyserver" - steps: - - "Given an environment with k8s or openshift, and CSM operator installed" - - "Install Authorization CRDs [1]" - - "Validate [csmroles] CRD for Authorization is installed" - - "Validate [csmtenants] CRD for Authorization is installed" - - "Validate [storages] CRD for Authorization is installed" - - "Delete Authorization CRDs [1]" - - scenario: "Install Authorization Proxy Server With Default Redis Storage Class" paths: - "testfiles/authorization-templates/csm_authorization_proxy_server_default_redis.yaml" + - "testfiles/authorization-templates/csm_authorization_crds.yaml" modules: - "authorizationproxyserver" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [2]" - "Create [authorization-proxy-server] prerequisites from CR [1]" - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" - - "Configure authorization-proxy-server for [powerscale]" - - "Configure authorization-proxy-server for [powerflex]" + - "Configure authorization-proxy-server for [powerscale] for CR [1]" + - "Configure authorization-proxy-server for [powerflex] for CR [1]" - "Delete custom resource [1]" + - "Delete Authorization CRDs [2]" - scenario: "Install Authorization Proxy Server with alternate namespace" paths: - "testfiles/authorization-templates/csm_authorization_proxy_server_alt_ns.yaml" + - "testfiles/authorization-templates/csm_authorization_crds.yaml" modules: - "authorizationproxyserver" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [2]" - "Create [authorization-proxy-server] prerequisites from CR [1]" - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" - "Configure authorization-proxy-server for [powerscale] for CR [1]" - "Configure authorization-proxy-server for [powerflex] for CR [1]" - "Delete custom resource [1]" + - "Delete Authorization CRDs [2]" - scenario: "Install Authorization Proxy Server with OpenShift default ingress controller" paths: - "testfiles/authorization-templates/csm_authorization_proxy_server_ocp.yaml" + - "testfiles/authorization-templates/csm_authorization_crds.yaml" modules: - "authorizationproxyserver" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [2]" - "Create [authorization-proxy-server] prerequisites from CR [1]" - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" - "Configure authorization-proxy-server for [powerscale] for CR [1]" - "Configure authorization-proxy-server for [powerflex] for CR [1]" - "Delete custom resource [1]" + - "Delete Authorization CRDs [2]" - scenario: "Install PowerScale Driver(Standalone)" paths: @@ -204,11 +200,13 @@ paths: - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" - "testfiles/storage_csm_powerscale_auth.yaml" + - "testfiles/authorization-templates/csm_authorization_crds.yaml" modules: - "authorizationproxyserver" - "authorization" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [3]" - "Create [authorization-proxy-server] prerequisites from CR [1]" - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" @@ -226,6 +224,7 @@ - "Enable forceRemoveDriver on CR [2]" - "Delete custom resource [2]" - "Delete custom resource [1]" + - "Delete Authorization CRDs [3]" - "Restore template [testfiles/powerscale-templates/powerscale-auth-secret-template.yaml] for [pscaleAuth]" - "Restore template [testfiles/powerscale-templates/karavi-authorization-config.json] for [pscaleAuthSidecar]" customTest: @@ -237,11 +236,13 @@ paths: - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" - "testfiles/storage_csm_powerscale.yaml" + - "testfiles/authorization-templates/csm_authorization_crds.yaml" modules: - "authorizationproxyserver" - "authorization" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [3]" - "Create [authorization-proxy-server] prerequisites from CR [1]" - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" @@ -263,6 +264,7 @@ - "Enable forceRemoveDriver on CR [2]" - "Delete custom resource [2]" - "Delete custom resource [1]" + - "Delete Authorization CRDs [3]" - "Restore template [testfiles/powerscale-templates/powerscale-secret-template.yaml] for [pscale]" - "Restore template [testfiles/powerscale-templates/karavi-authorization-config.json] for [pscaleAuthSidecar]" customTest: @@ -337,11 +339,13 @@ paths: - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" - "testfiles/storage_csm_powerscale_auth.yaml" + - "testfiles/authorization-templates/csm_authorization_crds.yaml" modules: - "authorizationproxyserver" - "authorization" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [3]" - "Create [authorization-proxy-server] prerequisites from CR [1]" - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" @@ -363,6 +367,7 @@ - "Enable forceRemoveDriver on CR [2]" - "Delete custom resource [2]" - "Delete custom resource [1]" + - "Delete Authorization CRDs [3]" - "Restore template [testfiles/powerscale-templates/powerscale-secret-template.yaml] for [pscale]" - "Restore template [testfiles/powerscale-templates/powerscale-auth-secret-template.yaml] for [pscaleAuth]" - "Restore template [testfiles/powerscale-templates/karavi-authorization-config.json] for [pscaleAuthSidecar]" @@ -470,12 +475,14 @@ paths: - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" - "testfiles/storage_csm_powerscale_observability_auth.yaml" + - "testfiles/authorization-templates/csm_authorization_crds.yaml" modules: - "authorizationproxyserver" - "authorization" - "observability" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [3]" - "Create [authorization-proxy-server] prerequisites from CR [1]" - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" @@ -494,6 +501,7 @@ - "Enable forceRemoveDriver on CR [2]" - "Delete custom resource [2]" - "Delete custom resource [1]" + - "Delete Authorization CRDs [3]" - "Restore template [testfiles/powerscale-templates/powerscale-storageclass-template.yaml] for [pscale]" - "Restore template [testfiles/powerscale-templates/powerscale-auth-secret-template.yaml] for [pscaleAuth]" - "Restore template [testfiles/powerscale-templates/karavi-authorization-config.json] for [pscaleAuthSidecar]" @@ -507,12 +515,14 @@ paths: - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" - "testfiles/storage_csm_powerscale.yaml" + - "testfiles/authorization-templates/csm_authorization_crds.yaml" modules: - "authorizationproxyserver" - "observability" - "authorization" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [3]" - "Create [authorization-proxy-server] prerequisites from CR [1]" - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" @@ -539,6 +549,7 @@ - "Enable forceRemoveDriver on CR [2]" - "Delete custom resource [2]" - "Delete custom resource [1]" + - "Delete Authorization CRDs [3]" - "Restore template [testfiles/powerscale-templates/powerscale-secret-template.yaml] for [pscale]" - "Restore template [testfiles/powerscale-templates/karavi-authorization-config.json] for [pscaleAuthSidecar]" @@ -546,12 +557,14 @@ paths: - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" - "testfiles/storage_csm_powerscale_observability_auth.yaml" + - "testfiles/authorization-templates/csm_authorization_crds.yaml" modules: - "authorizationproxyserver" - "authorization" - "observability" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [3]" - "Create [authorization-proxy-server] prerequisites from CR [1]" - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" @@ -579,6 +592,7 @@ - "Enable forceRemoveDriver on CR [2]" - "Delete custom resource [2]" - "Delete custom resource [1]" + - "Delete Authorization CRDs [3]" - "Restore template [testfiles/powerscale-templates/powerscale-storageclass-template.yaml] for [pscale]" - "Restore template [testfiles/powerscale-templates/powerscale-auth-secret-template.yaml] for [pscaleAuth]" - "Restore template [testfiles/powerscale-templates/karavi-authorization-config.json] for [pscaleAuthSidecar]" @@ -592,12 +606,14 @@ paths: - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" - "testfiles/storage_csm_powerscale_observability_auth.yaml" + - "testfiles/authorization-templates/csm_authorization_crds.yaml" modules: - "authorizationproxyserver" - "authorization" - "observability" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [3]" - "Create [authorization-proxy-server] prerequisites from CR [1]" - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" @@ -625,6 +641,7 @@ - "Enable forceRemoveDriver on CR [2]" - "Delete custom resource [2]" - "Delete custom resource [1]" + - "Delete Authorization CRDs [3]" - "Restore template [testfiles/powerscale-templates/powerscale-storageclass-template.yaml] for [pscale]" - "Restore template [testfiles/powerscale-templates/powerscale-auth-secret-template.yaml] for [pscaleAuth]" - "Restore template [testfiles/powerscale-templates/karavi-authorization-config.json] for [pscaleAuthSidecar]" @@ -792,11 +809,13 @@ paths: - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" - "testfiles/storage_csm_powerflex_auth.yaml" + - "testfiles/authorization-templates/csm_authorization_crds.yaml" modules: - "authorization" - "authorizationproxyserver" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [3]" - "Create [authorization-proxy-server] prerequisites from CR [1]" - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" @@ -815,6 +834,7 @@ - "Enable forceRemoveDriver on CR [2]" - "Delete custom resource [2]" - "Delete custom resource [1]" + - "Delete Authorization CRDs [3]" - "Restore template [testfiles/powerflex-templates/csm-authorization-config.json] for [pflexAuthSidecar]" - "Restore template [testfiles/powerflex-templates/powerflex-secret-template.yaml] for [pflexAuth]" - "Restore template [testfiles/powerflex-templates/powerflex-storageclass-template.yaml] for [pflex]" @@ -827,11 +847,13 @@ paths: - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" - "testfiles/storage_csm_powerflex.yaml" + - "testfiles/authorization-templates/csm_authorization_crds.yaml" modules: - "authorizationproxyserver" - "authorization" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [3]" - "Create [authorization-proxy-server] prerequisites from CR [1]" - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" @@ -853,6 +875,7 @@ - "Enable forceRemoveDriver on CR [2]" - "Delete custom resource [1]" - "Delete custom resource [2]" + - "Delete Authorization CRDs [3]" - "Restore template [testfiles/powerflex-templates/powerflex-secret-template.yaml] for [pflexAuth]" - "Restore template [testfiles/powerflex-templates/powerflex-storageclass-template.yaml] for [pflex]" - "Restore template [testfiles/powerflex-templates/csm-authorization-config.json] for [pflexAuthSidecar]" @@ -865,11 +888,13 @@ paths: - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" - "testfiles/storage_csm_powerflex_auth.yaml" + - "testfiles/authorization-templates/csm_authorization_crds.yaml" modules: - "authorization" - "authorizationproxyserver" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [3]" - "Create [authorization-proxy-server] prerequisites from CR [1]" - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" @@ -892,6 +917,7 @@ - "Enable forceRemoveDriver on CR [2]" - "Delete custom resource [1]" - "Delete custom resource [2]" + - "Delete Authorization CRDs [3]" - "Restore template [testfiles/powerflex-templates/powerflex-secret-template.yaml] for [pflex]" - "Restore template [testfiles/powerflex-templates/powerflex-storageclass-template.yaml] for [pflex]" - "Restore template [testfiles/powerflex-templates/csm-authorization-config.json] for [pflexAuthSidecar]" @@ -1073,12 +1099,14 @@ paths: - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" - "testfiles/storage_csm_powerflex.yaml" + - "testfiles/authorization-templates/csm_authorization_crds.yaml" modules: - "authorizationproxyserver" - "authorization" - "observability" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [3]" - "Create [authorization-proxy-server] prerequisites from CR [1]" - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" @@ -1106,6 +1134,7 @@ - "Enable forceRemoveDriver on CR [2]" - "Delete custom resource [1]" - "Delete custom resource [2]" + - "Delete Authorization CRDs [3]" - "Restore template [testfiles/powerflex-templates/powerflex-secret-template.yaml] for [pflexAuth]" - "Restore template [testfiles/powerflex-templates/powerflex-storageclass-template.yaml] for [pflex]" - "Restore template [testfiles/powerflex-templates/csm-authorization-config.json] for [pflexAuthSidecar]" @@ -1114,12 +1143,14 @@ paths: - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" - "testfiles/storage_csm_powerflex_observability_auth.yaml" + - "testfiles/authorization-templates/csm_authorization_crds.yaml" modules: - "authorizationproxyserver" - "authorization" - "observability" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [3]" - "Create [authorization-proxy-server] prerequisites from CR [1]" - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" @@ -1138,6 +1169,7 @@ - "Enable forceRemoveDriver on CR [2]" - "Delete custom resource [2]" - "Delete custom resource [1]" + - "Delete Authorization CRDs [3]" - "Restore template [testfiles/powerflex-templates/powerflex-secret-template.yaml] for [pflexAuth]" - "Restore template [testfiles/powerflex-templates/powerflex-storageclass-template.yaml] for [pflex]" - "Restore template [testfiles/powerflex-templates/csm-authorization-config.json] for [pflexAuthSidecar]" @@ -1150,12 +1182,14 @@ paths: - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" - "testfiles/storage_csm_powerflex_observability_auth.yaml" + - "testfiles/authorization-templates/csm_authorization_crds.yaml" modules: - "authorizationproxyserver" - "authorization" - "observability" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [3]" - "Create [authorization-proxy-server] prerequisites from CR [1]" - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" @@ -1183,6 +1217,7 @@ - "Enable forceRemoveDriver on CR [2]" - "Delete custom resource [2]" - "Delete custom resource [1]" + - "Delete Authorization CRDs [3]" - "Restore template [testfiles/powerflex-templates/powerflex-secret-template.yaml] for [pflexAuth]" - "Restore template [testfiles/powerflex-templates/powerflex-storageclass-template.yaml] for [pflex]" - "Restore template [testfiles/powerflex-templates/csm-authorization-config.json] for [pflexAuthSidecar]" @@ -1195,12 +1230,14 @@ paths: - "testfiles/authorization-templates/csm_authorization_proxy_server.yaml" - "testfiles/storage_csm_powerflex_observability_auth.yaml" + - "testfiles/authorization-templates/csm_authorization_crds.yaml" modules: - "authorizationproxyserver" - "authorization" - "observability" steps: - "Given an environment with k8s or openshift, and CSM operator installed" + - "Install Authorization CRDs [3]" - "Create [authorization-proxy-server] prerequisites from CR [1]" - "Apply custom resource [1]" - "Validate [authorization-proxy-server] module from CR [1] is installed" @@ -1228,6 +1265,7 @@ - "Enable forceRemoveDriver on CR [2]" - "Delete custom resource [2]" - "Delete custom resource [1]" + - "Delete Authorization CRDs [3]" - "Restore template [testfiles/powerflex-templates/powerflex-secret-template.yaml] for [pflexAuth]" - "Restore template [testfiles/powerflex-templates/powerflex-storageclass-template.yaml] for [pflex]" - "Restore template [testfiles/powerflex-templates/csm-authorization-config.json] for [pflexAuthSidecar]" From dc0ff4e062c9dff3664fd19321773d570154f100 Mon Sep 17 00:00:00 2001 From: Evgeny Uglov Date: Tue, 11 Jun 2024 16:45:58 +0000 Subject: [PATCH 5/5] [KRV-24554] Remove array data from test files --- .../csm-authorization_v1_csmrole.yaml | 2 +- .../csm-authorization_v1_csmtenant.yaml | 2 +- .../csm-authorization_v1_storage.yaml | 10 +++++----- 3 files changed, 7 insertions(+), 7 deletions(-) diff --git a/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_csmrole.yaml b/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_csmrole.yaml index c5092e519..4948ba7b1 100644 --- a/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_csmrole.yaml +++ b/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_csmrole.yaml @@ -10,6 +10,6 @@ metadata: name: csmrole-sample spec: quota: 0GB - systemID: PIE-IsilonS-24241-Cluster + systemID: pscale-xyz systemType: powerscale pool: /ifs/data/csi diff --git a/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_csmtenant.yaml b/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_csmtenant.yaml index 195e885ac..c6f25183f 100644 --- a/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_csmtenant.yaml +++ b/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_csmtenant.yaml @@ -10,7 +10,7 @@ metadata: name: csmtenant-sample spec: # TODO(user): Add fields here - roles: csmrole-sample + roles: role1,role2 approveSdc: false revoke: false # This prefix is added for each new volume provisioned by the tenant. diff --git a/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_storage.yaml b/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_storage.yaml index 06bcaa128..2343a1259 100644 --- a/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_storage.yaml +++ b/tests/e2e/testfiles/authorization-templates/csm-authorization_v1_storage.yaml @@ -1,12 +1,12 @@ apiVersion: csm-authorization.storage.dell.com/v1alpha1 kind: Storage metadata: - name: powerscale + name: powerflex spec: - type: powerscale - endpoint: https://10.230.24.241:8080 - systemID: PIE-IsilonS-24241-Cluster + type: powerflex + endpoint: https://127.0.0.1 + systemID: 1a99aa999999aa9a credentialStore: vault - credentialPath: storage/powerscale + credentialPath: storage/powerflex skipCertificateValidation: true pollInterval: 30s