-
Notifications
You must be signed in to change notification settings - Fork 7
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
test(RHTAPWATCH-1068): Unit test for getNamespacesWithAccess
Add unit test for workspace-manager function getNamespacesWithAccess Jira-Url: https://issues.redhat.com/browse/RHTAPWATCH-1068 Signed-off-by: Homaja Marisetty <[email protected]>
- Loading branch information
Showing
1 changed file
with
46 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -17,15 +17,18 @@ import ( | |
"context" | ||
"os" | ||
"testing" | ||
"net/http/httptest" | ||
|
||
. "github.com/onsi/ginkgo/v2" | ||
. "github.com/onsi/gomega" | ||
"github.com/labstack/echo/v4" | ||
"k8s.io/client-go/rest" | ||
"k8s.io/client-go/tools/clientcmd" | ||
clientcmdapi "k8s.io/client-go/tools/clientcmd/api" | ||
"sigs.k8s.io/controller-runtime/pkg/client" | ||
"sigs.k8s.io/controller-runtime/pkg/client/config" | ||
"sigs.k8s.io/controller-runtime/pkg/envtest" | ||
"sigs.k8s.io/controller-runtime/pkg/client/config" | ||
) | ||
|
||
type HTTPResponse struct { | ||
|
@@ -40,6 +43,7 @@ type HTTPheader struct { | |
|
||
var k8sClient client.Client | ||
var testEnv *envtest.Environment | ||
var ns1, ns2, ns3 k8sapi.Namespace | ||
|
||
func createRole(k8sClient client.Client, nsName string, roleName string, verbs []string) { | ||
role := &rbacv1.Role{ | ||
|
@@ -256,6 +260,9 @@ var _ = BeforeSuite(func() { | |
createRoleBinding(k8sClient, "namespace-access-user-binding", "test-tenant", user1, "namespace-access") | ||
createRoleBinding(k8sClient, "namespace-access-user-binding-2", "test-tenant", user2, "namespace-access") | ||
createRoleBinding(k8sClient, "namespace-access-user-binding-3", "test-tenant-2", user2, "namespace-access-2") | ||
ns1, err = GetNamespace(k8sClient, "test-tenant") | ||
ns2, err = GetNamespace(k8sClient, "test-tenant-2") | ||
ns3, err = GetNamespace(k8sClient, "test-tenant-3") | ||
serverProcess = exec.Command("go", "run", "main.go") | ||
err = serverProcess.Start() | ||
Expect(err).NotTo(HaveOccurred(), fmt.Sprintf("Error starting the server during test setup: %v", err)) | ||
|
@@ -301,3 +308,42 @@ var _ = DescribeTable("TestRunAccessCheck", func(user string, namespace string, | |
"patch", | ||
false), | ||
) | ||
|
||
func GetNamespace(k8sClient client.Client, namespace string) (k8sapi.Namespace, error) { | ||
ns := &k8sapi.Namespace{} | ||
err := k8sClient.Get(context.Background(), client.ObjectKey{Name: namespace}, ns) | ||
if err != nil { | ||
return k8sapi.Namespace{}, fmt.Errorf("error getting namespace: %w", err) | ||
} | ||
return *ns, nil | ||
} | ||
|
||
var _ = DescribeTable("TestGetNamespacesWithAccess", func(allNamespaces []k8sapi.Namespace, | ||
expectedNs []k8sapi.Namespace) { | ||
e := echo.New() | ||
cfg, _ := config.GetConfig() | ||
clientset, _ := kubernetes.NewForConfig(cfg) | ||
req := httptest.NewRequest(http.MethodGet, "/", nil) | ||
rec := httptest.NewRecorder() | ||
c := e.NewContext(req, rec) | ||
c.Request().Header.Set("X-Email", "[email protected]") | ||
authCl := clientset.AuthorizationV1() | ||
|
||
actualNs, err := getNamespacesWithAccess(e, c, authCl, allNamespaces) | ||
|
||
Expect(actualNs).To(Equal(expectedNs)) | ||
Expect(err).NotTo(HaveOccurred(), "Unexpected error testing GetNamespacesWithAccess") | ||
}, | ||
Entry( | ||
"when get namspace with access check allows all namespaces", | ||
[]k8sapi.Namespace{ns1, ns2}, | ||
[]k8sapi.Namespace{ns1, ns2}), | ||
Entry( | ||
"when get namspace with access denies all namespaces", | ||
[]k8sapi.Namespace{ns3}, | ||
[]k8sapi.Namespace{}), | ||
Entry( | ||
"when get namspace with access allows only some namespaces", | ||
[]k8sapi.Namespace{ns1, ns2, ns3}, | ||
[]k8sapi.Namespace{ns1, ns2}), | ||
) |