Fix RBAC provisioning after rebase (changes to SA name package)

Signed-off-by: Angel Misevski <amisevsk@redhat.com>
devfile · Nov 7, 2022 · f825089 · f825089
1 parent ee81bb3
commit f825089
Show file tree

Hide file tree

Showing 5 changed files with 15 additions and 15 deletions.
diff --git a/pkg/provision/workspace/rbac/common_test.go b/pkg/provision/workspace/rbac/common_test.go
@@ -104,8 +104,8 @@ var (
 func TestSyncRBAC(t *testing.T) {
 	testdw1 := getTestDevWorkspaceWithAttributes(t, "test-devworkspace", constants.WorkspaceSCCAttribute, testSCCName)
 	testdw2 := getTestDevWorkspaceWithAttributes(t, "test-devworkspace2", constants.WorkspaceSCCAttribute, testSCCName)
-	testdw1SAName := common.ServiceAccountName(testdw1.Status.DevWorkspaceId)
-	testdw2SAName := common.ServiceAccountName(testdw2.Status.DevWorkspaceId)
+	testdw1SAName := common.ServiceAccountName(testdw1)
+	testdw2SAName := common.ServiceAccountName(testdw2)
 	api := getTestClusterAPI(t, testdw1.DevWorkspace, testdw2.DevWorkspace, oldRole, oldRolebinding)
 	// Keep calling SyncRBAC until error returned is nil, to account for multiple steps
 	iterCount := 0

diff --git a/pkg/provision/workspace/rbac/finalize.go b/pkg/provision/workspace/rbac/finalize.go
@@ -28,7 +28,7 @@ func FinalizeRBAC(workspace *common.DevWorkspaceWithConfig, api sync.ClusterAPI)
 			return err
 		}
 	}
-	saName := common.ServiceAccountName(workspace.Status.DevWorkspaceId)
+	saName := common.ServiceAccountName(workspace)
 	roleName := common.WorkspaceRoleName()
 	rolebindingName := common.WorkspaceRolebindingName()
 	numWorkspaces, err := countNonDeletedWorkspaces(workspace.Namespace, api)
@@ -52,7 +52,7 @@ func FinalizeRBAC(workspace *common.DevWorkspaceWithConfig, api sync.ClusterAPI)
 
 func finalizeSCCRBAC(workspace *common.DevWorkspaceWithConfig, api sync.ClusterAPI) error {
 	sccName := workspace.Spec.Template.Attributes.GetString(constants.WorkspaceSCCAttribute, nil)
-	saName := common.ServiceAccountName(workspace.Status.DevWorkspaceId)
+	saName := common.ServiceAccountName(workspace)
 	roleName := common.WorkspaceSCCRoleName(sccName)
 	rolebindingName := common.WorkspaceSCCRolebindingName(sccName)
 	numWorkspaces, err := countNonDeletedWorkspacesUsingSCC(sccName, workspace.Namespace, api)

diff --git a/pkg/provision/workspace/rbac/finalize_test.go b/pkg/provision/workspace/rbac/finalize_test.go
@@ -76,8 +76,8 @@ func TestShouldRemoveWorkspaceSAFromRolebindingWhenDeleted(t *testing.T) {
 	testdw := getTestDevWorkspace("test-devworkspace")
 	testdw2 := getTestDevWorkspace("test-devworkspace2")
 	testdw.DeletionTimestamp = &metav1.Time{Time: time.Now()}
-	testdwSAName := common.ServiceAccountName(testdw.Status.DevWorkspaceId)
-	testdw2SAName := common.ServiceAccountName(testdw2.Status.DevWorkspaceId)
+	testdwSAName := common.ServiceAccountName(testdw)
+	testdw2SAName := common.ServiceAccountName(testdw2)
 	testrb := newRolebinding.DeepCopy()
 	testrb.Subjects = append(testrb.Subjects,
 		rbacv1.Subject{
@@ -176,8 +176,8 @@ func TestShouldRemoveWorkspaceSAFromSCCRolebindingWhenDeleted(t *testing.T) {
 	testdw := getTestDevWorkspaceWithAttributes(t, "test-devworkspace", constants.WorkspaceSCCAttribute, testSCCName)
 	testdw2 := getTestDevWorkspaceWithAttributes(t, "test-devworkspace2", constants.WorkspaceSCCAttribute, testSCCName)
 	testdw.DeletionTimestamp = &metav1.Time{Time: time.Now()}
-	testdwSAName := common.ServiceAccountName(testdw.Status.DevWorkspaceId)
-	testdw2SAName := common.ServiceAccountName(testdw2.Status.DevWorkspaceId)
+	testdwSAName := common.ServiceAccountName(testdw)
+	testdw2SAName := common.ServiceAccountName(testdw2)
 	testrb := newSCCRolebinding.DeepCopy()
 	testrb.Subjects = append(testrb.Subjects,
 		rbacv1.Subject{

diff --git a/pkg/provision/workspace/rbac/rolebinding.go b/pkg/provision/workspace/rbac/rolebinding.go
@@ -27,7 +27,7 @@ import (
 )
 
 func syncRolebindings(workspace *common.DevWorkspaceWithConfig, api sync.ClusterAPI) error {
-	saName := common.ServiceAccountName(workspace.Status.DevWorkspaceId)
+	saName := common.ServiceAccountName(workspace)
 	defaultRoleName := common.WorkspaceRoleName()
 	defaultRolebindingName := common.WorkspaceRolebindingName()
 	if err := addServiceAccountToRolebinding(saName, workspace.Namespace, defaultRoleName, defaultRolebindingName, api); err != nil {

diff --git a/pkg/provision/workspace/rbac/rolebinding_test.go b/pkg/provision/workspace/rbac/rolebinding_test.go
@@ -42,7 +42,7 @@ func TestCreatesRolebindingIfNotExists(t *testing.T) {
 	}, actualRB)
 	assert.NoError(t, err, "Rolebinding should be created")
 	assert.Equal(t, common.WorkspaceRoleName(), actualRB.RoleRef.Name, "Rolebinding shold reference default role")
-	expectedSAName := common.ServiceAccountName(testdw.Status.DevWorkspaceId)
+	expectedSAName := common.ServiceAccountName(testdw)
 	assert.True(t, testHasSubject(expectedSAName, testNamespace, actualRB), "Created rolebinding should have workspace SA as subject")
 }
 
@@ -72,9 +72,9 @@ func TestAddsMultipleSubjectsToRolebinding(t *testing.T) {
 	}, actualRB)
 	assert.NoError(t, err, "Rolebinding should be created")
 	assert.Equal(t, common.WorkspaceRoleName(), actualRB.RoleRef.Name, "Rolebinding shold reference default role")
-	expectedSAName := common.ServiceAccountName(testdw.Status.DevWorkspaceId)
+	expectedSAName := common.ServiceAccountName(testdw)
 	assert.True(t, testHasSubject(expectedSAName, testNamespace, actualRB), "Created rolebinding should have both workspace SAs as subjects")
-	expectedSAName2 := common.ServiceAccountName(testdw2.Status.DevWorkspaceId)
+	expectedSAName2 := common.ServiceAccountName(testdw2)
 	assert.True(t, testHasSubject(expectedSAName2, testNamespace, actualRB), "Created rolebinding should have both workspace SAs as subjects")
 }
 
@@ -100,7 +100,7 @@ func TestCreatesSCCRolebindingIfNotExists(t *testing.T) {
 	}, actualRB)
 	assert.NoError(t, err, "Rolebinding should be created")
 	assert.Equal(t, common.WorkspaceSCCRoleName(testSCCName), actualRB.RoleRef.Name, "Rolebinding shold reference default role")
-	expectedSAName := common.ServiceAccountName(testdw.Status.DevWorkspaceId)
+	expectedSAName := common.ServiceAccountName(testdw)
 	assert.True(t, testHasSubject(expectedSAName, testNamespace, actualRB), "Created rolebinding should have workspace SA as subject")
 }
 
@@ -138,9 +138,9 @@ func TestAddsMultipleSubjectsToSCCRolebinding(t *testing.T) {
 	}, actualRB)
 	assert.NoError(t, err, "Rolebinding should be created")
 	assert.Equal(t, common.WorkspaceSCCRoleName(testSCCName), actualRB.RoleRef.Name, "Rolebinding shold reference default role")
-	expectedSAName := common.ServiceAccountName(testdw.Status.DevWorkspaceId)
+	expectedSAName := common.ServiceAccountName(testdw)
 	assert.True(t, testHasSubject(expectedSAName, testNamespace, actualRB), "Created SCC rolebinding should have both workspace SAs as subjects")
-	expectedSAName2 := common.ServiceAccountName(testdw2.Status.DevWorkspaceId)
+	expectedSAName2 := common.ServiceAccountName(testdw2)
 	assert.True(t, testHasSubject(expectedSAName2, testNamespace, actualRB), "Created SCC rolebinding should have both workspace SAs as subjects")
 }