Add e2e test if channel implementation exposes OIDC audience (#7381)

* Make some oidc addressable conformance tests private * Add OIDC audience population test for Channel implementation
knative · Nov 10, 2023 · 9431ce9 · 9431ce9
1 parent 0fa1bbc
commit 9431ce9
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 8 deletions.
diff --git a/test/auth/features/oidc/addressable_oidc_conformance.go b/test/auth/features/oidc/addressable_oidc_conformance.go
@@ -47,10 +47,10 @@ func AddressableOIDCTokenConformance(gvr schema.GroupVersionResource, kind, name
 	fs := feature.FeatureSet{
 		Name: fmt.Sprintf("%s handles requests with OIDC tokens correctly", kind),
 		Features: []*feature.Feature{
-			AddressableRejectInvalidAudience(gvr, kind, name),
-			AddressableRejectCorruptedSignature(gvr, kind, name),
-			AddressableRejectExpiredToken(gvr, kind, name),
-			AddressableAllowsValidRequest(gvr, kind, name),
+			addressableRejectInvalidAudience(gvr, kind, name),
+			addressableRejectCorruptedSignature(gvr, kind, name),
+			addressableRejectExpiredToken(gvr, kind, name),
+			addressableAllowsValidRequest(gvr, kind, name),
 		},
 	}
 
@@ -73,7 +73,7 @@ func AddressableHasAudiencePopulated(gvr schema.GroupVersionResource, kind, name
 	return f
 }
 
-func AddressableRejectInvalidAudience(gvr schema.GroupVersionResource, kind, name string) *feature.Feature {
+func addressableRejectInvalidAudience(gvr schema.GroupVersionResource, kind, name string) *feature.Feature {
 	f := feature.NewFeatureNamed(fmt.Sprintf("%s reject event for wrong OIDC audience", kind))
 
 	source := feature.MakeRandomK8sName("source")
@@ -97,7 +97,7 @@ func AddressableRejectInvalidAudience(gvr schema.GroupVersionResource, kind, nam
 	return f
 }
 
-func AddressableRejectExpiredToken(gvr schema.GroupVersionResource, kind, name string) *feature.Feature {
+func addressableRejectExpiredToken(gvr schema.GroupVersionResource, kind, name string) *feature.Feature {
 	f := feature.NewFeatureNamed(fmt.Sprintf("%s reject event with expired OIDC token", kind))
 
 	source := feature.MakeRandomK8sName("source")
@@ -121,7 +121,7 @@ func AddressableRejectExpiredToken(gvr schema.GroupVersionResource, kind, name s
 	return f
 }
 
-func AddressableRejectCorruptedSignature(gvr schema.GroupVersionResource, kind, name string) *feature.Feature {
+func addressableRejectCorruptedSignature(gvr schema.GroupVersionResource, kind, name string) *feature.Feature {
 	f := feature.NewFeatureNamed(fmt.Sprintf("%s reject event with corrupted OIDC token signature", kind))
 
 	source := feature.MakeRandomK8sName("source")
@@ -145,7 +145,7 @@ func AddressableRejectCorruptedSignature(gvr schema.GroupVersionResource, kind,
 	return f
 }
 
-func AddressableAllowsValidRequest(gvr schema.GroupVersionResource, kind, name string) *feature.Feature {
+func addressableAllowsValidRequest(gvr schema.GroupVersionResource, kind, name string) *feature.Feature {
 	f := feature.NewFeatureNamed(fmt.Sprintf("%s handles event with valid OIDC token", kind))
 
 	source := feature.MakeRandomK8sName("source")

diff --git a/test/auth/oidc_test.go b/test/auth/oidc_test.go
@@ -31,7 +31,9 @@ import (
 
 	"knative.dev/eventing/test/auth/features/oidc"
 	brokerfeatures "knative.dev/eventing/test/rekt/features/broker"
+	"knative.dev/eventing/test/rekt/features/channel"
 	"knative.dev/eventing/test/rekt/resources/broker"
+	"knative.dev/eventing/test/rekt/resources/channel_impl"
 )
 
 func TestBrokerSupportsOIDC(t *testing.T) {
@@ -52,3 +54,21 @@ func TestBrokerSupportsOIDC(t *testing.T) {
 	env.TestSet(ctx, t, oidc.AddressableOIDCConformance(broker.GVR(), "Broker", name, env.Namespace()))
 	env.Test(ctx, t, oidc.BrokerSendEventWithOIDCToken())
 }
+
+func TestChannelImplSupportsOIDC(t *testing.T) {
+	t.Parallel()
+
+	ctx, env := global.Environment(
+		knative.WithKnativeNamespace(system.Namespace()),
+		knative.WithLoggingConfig,
+		knative.WithTracingConfig,
+		k8s.WithEventListener,
+		environment.Managed(t),
+		environment.WithPollTimings(4*time.Second, 12*time.Minute),
+	)
+
+	name := feature.MakeRandomK8sName("channelimpl")
+	env.Prerequisite(ctx, t, channel.ImplGoesReady(name))
+
+	env.Test(ctx, t, oidc.AddressableHasAudiencePopulated(channel_impl.GVR(), channel_impl.GVK().Kind, name, env.Namespace()))
+}