diff --git a/cmd/main_test.go b/cmd/main_test.go index 78e5bd7..f5efa03 100644 --- a/cmd/main_test.go +++ b/cmd/main_test.go @@ -13,6 +13,8 @@ import ( k8sapi "k8s.io/api/core/v1" rbacv1 "k8s.io/api/rbac/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/labels" + "k8s.io/apimachinery/pkg/selection" "k8s.io/client-go/kubernetes" "context" @@ -346,7 +348,7 @@ var _ = DescribeTable("GetWorkspacesWithAccess querying for workspaces with acce allNamespaces = append(allNamespaces, ns) createRole(k8sClient, name, roleNames[i], []string{"create", "list", "watch", "delete"}) createRoleBinding(k8sClient, roleBindings[i], name, "user1@konflux.dev", roleNames[i]) - } + } expectedWorkspaces = []crt.Workspace{ { TypeMeta: metav1.TypeMeta{ @@ -408,7 +410,7 @@ var _ = DescribeTable("GetWorkspacesWithAccess querying for workspaces with acce ns, err := createNamespace(k8sClient, name) Expect(err).NotTo(HaveOccurred(), fmt.Sprintf("Error while creating the namespace %s: %v", name, err)) allNamespaces = append(allNamespaces, ns) - } + } createRole(k8sClient, "ws-test-tenant-1", "ws-namespace-access-1", []string{"create", "list", "watch", "delete"}) createRoleBinding(k8sClient, "ws-namespace-access-user-binding-1", "ws-test-tenant-1", "user1@konflux.dev", "ws-namespace-access-1") expectedWorkspaces = []crt.Workspace{ @@ -445,7 +447,7 @@ var _ = DescribeTable("GetWorkspacesWithAccess querying for workspaces with acce deleteNamespace(k8sClient, name) } }) - }) + }) Context("When no workspaces has all the necessary permissions", func() { namespaceNames := []string{"ws-test-tenant-1", "ws-test-tenant-2"} @@ -476,3 +478,128 @@ var _ = DescribeTable("GetWorkspacesWithAccess querying for workspaces with acce }) }) }) + +var _ = Describe("GetUserNamespaces", func() { + var e *echo.Echo + var req *labels.Requirement + + BeforeEach(func() { + if e == nil { + e = echo.New() + } + }) + + Context("When querying for a specific user namespace", func() { + var createdNamespace string + + BeforeEach(func() { + var err error + ns, err := createNamespace(k8sClient, "test-tenant") + Expect(err).NotTo(HaveOccurred(), "Error while creating the namespace") + createdNamespace = ns.Name + + req, err = labels.NewRequirement("kubernetes.io/metadata.name", selection.In, []string{"test-tenant"}) + Expect(err).NotTo(HaveOccurred(), "Error creating label requirement") + }) + + It("Should return only the specified namespace", func() { + namespaces, err := getUserNamespaces(e, *req) + Expect(err).NotTo(HaveOccurred(), "Error getting user namespaces") + + var actualNamespaces []string + for _, ns := range namespaces { + actualNamespaces = append(actualNamespaces, ns.Name) + } + + Expect(actualNamespaces).To(ConsistOf(createdNamespace)) + }) + + AfterEach(func() { + deleteNamespace(k8sClient, createdNamespace) + }) + }) + + Context("When querying for multiple specific user namespaces", func() { + var createdNamespaces []string + + BeforeEach(func() { + var err error + + for _, name := range []string{"ws-test-tenant-1", "ws-test-tenant-2"} { + ns, err := createNamespace(k8sClient, name) + Expect(err).NotTo(HaveOccurred(), fmt.Sprintf("Error while creating the namespace %s", name)) + createdNamespaces = append(createdNamespaces, ns.Name) + } + + req, err = labels.NewRequirement("kubernetes.io/metadata.name", selection.In, createdNamespaces) + Expect(err).NotTo(HaveOccurred(), "Error creating label requirement") + }) + + It("Should return both specified namespaces", func() { + namespaces, err := getUserNamespaces(e, *req) + Expect(err).NotTo(HaveOccurred(), "Error getting user namespaces") + + var actualNamespaces []string + for _, ns := range namespaces { + actualNamespaces = append(actualNamespaces, ns.Name) + } + + Expect(actualNamespaces).To(ConsistOf(createdNamespaces)) + }) + + AfterEach(func() { + for _, ns := range createdNamespaces { + deleteNamespace(k8sClient, ns) + } + }) + }) + + Context("When querying for a non-existent namespace", func() { + BeforeEach(func() { + var err error + req, err = labels.NewRequirement("kubernetes.io/metadata.name", selection.In, []string{"non-existent-namespace"}) + Expect(err).NotTo(HaveOccurred(), "Error creating label requirement") + }) + + It("Should return an empty list", func() { + namespaces, err := getUserNamespaces(e, *req) + Expect(err).NotTo(HaveOccurred(), "Error getting user namespaces") + Expect(namespaces).To(BeEmpty()) + }) + }) + + Context("When querying for all user namespaces", func() { + var createdNamespaces []string + + BeforeEach(func() { + var err error + + for _, name := range []string{"test-tenant-1", "test-tenant-2", "test-tenant-3"} { + ns, err := createNamespace(k8sClient, name) + Expect(err).NotTo(HaveOccurred(), fmt.Sprintf("Error creating the namespace %s", name)) + createdNamespaces = append(createdNamespaces, ns.Name) + } + + req, err = labels.NewRequirement("konflux.ci/type", selection.Exists, []string{}) + Expect(err).NotTo(HaveOccurred(), "Error creating label requirement") + }) + + It("Should return all user namespaces", func() { + namespaces, err := getUserNamespaces(e, *req) + Expect(err).NotTo(HaveOccurred(), "Error getting user namespaces") + + var actualNamespaces []string + for _, ns := range namespaces { + actualNamespaces = append(actualNamespaces, ns.Name) + } + + Expect(actualNamespaces).To(ConsistOf(createdNamespaces)) + }) + + AfterEach(func() { + for _, ns := range createdNamespaces { + deleteNamespace(k8sClient, ns) + } + }) + }) +})