From 14a11f990a23ae426e08f6a4fc02ed34b8133bc4 Mon Sep 17 00:00:00 2001 From: Justin Kulikauskas Date: Tue, 25 Apr 2023 17:17:13 -0400 Subject: [PATCH] Use common parent policy creation function Creating a configuration policy that "belongs" to a parent policy is slightly tricky, because it needs an owner reference with a UID. A common function makes this a bit easier. Signed-off-by: Justin Kulikauskas --- test/e2e/case15_event_format_test.go | 68 +++---------------- test/e2e/case17_evaluation_interval_test.go | 21 +----- .../e2e/case21_alternative_kubeconfig_test.go | 17 +---- 3 files changed, 11 insertions(+), 95 deletions(-) diff --git a/test/e2e/case15_event_format_test.go b/test/e2e/case15_event_format_test.go index b1772632..83a802df 100644 --- a/test/e2e/case15_event_format_test.go +++ b/test/e2e/case15_event_format_test.go @@ -36,21 +36,8 @@ const ( var _ = Describe("Testing compliance event formatting", func() { It("Records the right events for a policy that is always compliant", func() { - By("Creating parent policy " + case15AlwaysCompliantParentName + " on " + testNamespace) - utils.Kubectl("apply", "-f", case15AlwaysCompliantParentYaml, "-n", testNamespace) - parent := utils.GetWithTimeout(clientManagedDynamic, gvrPolicy, - case15AlwaysCompliantParentName, testNamespace, true, defaultTimeoutSeconds) - Expect(parent).NotTo(BeNil()) - - By("Creating compliant policy " + case15AlwaysCompliantName + " on " + testNamespace + " with parent " + - case15AlwaysCompliantParentName) - plcDef := utils.ParseYaml(case15AlwaysCompliantYaml) - ownerRefs := plcDef.GetOwnerReferences() - ownerRefs[0].UID = parent.GetUID() - plcDef.SetOwnerReferences(ownerRefs) - _, err := clientManagedDynamic.Resource(gvrConfigPolicy).Namespace(testNamespace). - Create(context.TODO(), plcDef, metav1.CreateOptions{}) - Expect(err).To(BeNil()) + createConfigPolicyWithParent(case15AlwaysCompliantParentYaml, case15AlwaysCompliantParentName, + case15AlwaysCompliantYaml) plc := utils.GetWithTimeout(clientManagedDynamic, gvrConfigPolicy, case15AlwaysCompliantName, testNamespace, true, defaultTimeoutSeconds) @@ -81,21 +68,8 @@ var _ = Describe("Testing compliance event formatting", func() { Expect(nonCompParentEvents).To(BeEmpty()) }) It("Records the right events for a policy that is never compliant", func() { - By("Creating parent policy " + case15NeverCompliantParentName + " on " + testNamespace) - utils.Kubectl("apply", "-f", case15NeverCompliantParentYaml, "-n", testNamespace) - parent := utils.GetWithTimeout(clientManagedDynamic, gvrPolicy, - case15NeverCompliantParentName, testNamespace, true, defaultTimeoutSeconds) - Expect(parent).NotTo(BeNil()) - - By("Creating noncompliant policy " + case15NeverCompliantName + " on " + testNamespace + " with parent " + - case15NeverCompliantParentName) - plcDef := utils.ParseYaml(case15NeverCompliantYaml) - ownerRefs := plcDef.GetOwnerReferences() - ownerRefs[0].UID = parent.GetUID() - plcDef.SetOwnerReferences(ownerRefs) - _, err := clientManagedDynamic.Resource(gvrConfigPolicy).Namespace(testNamespace). - Create(context.TODO(), plcDef, metav1.CreateOptions{}) - Expect(err).To(BeNil()) + createConfigPolicyWithParent(case15NeverCompliantParentYaml, case15NeverCompliantParentName, + case15NeverCompliantYaml) plc := utils.GetWithTimeout(clientManagedDynamic, gvrConfigPolicy, case15NeverCompliantName, testNamespace, true, defaultTimeoutSeconds) @@ -126,21 +100,8 @@ var _ = Describe("Testing compliance event formatting", func() { Expect(nonCompParentEvents).NotTo(BeEmpty()) }) It("Records events for a policy that becomes compliant", func() { - By("Creating parent policy " + case15BecomesCompliantParentName + " on " + testNamespace) - utils.Kubectl("apply", "-f", case15BecomesCompliantParentYaml, "-n", testNamespace) - parent := utils.GetWithTimeout(clientManagedDynamic, gvrPolicy, - case15BecomesCompliantParentName, testNamespace, true, defaultTimeoutSeconds) - Expect(parent).NotTo(BeNil()) - - By("Creating noncompliant policy " + case15BecomesCompliantName + " on " + testNamespace + " with parent " + - case15BecomesCompliantParentName) - plcDef := utils.ParseYaml(case15BecomesCompliantYaml) - ownerRefs := plcDef.GetOwnerReferences() - ownerRefs[0].UID = parent.GetUID() - plcDef.SetOwnerReferences(ownerRefs) - _, err := clientManagedDynamic.Resource(gvrConfigPolicy).Namespace(testNamespace). - Create(context.TODO(), plcDef, metav1.CreateOptions{}) - Expect(err).To(BeNil()) + createConfigPolicyWithParent(case15BecomesCompliantParentYaml, case15BecomesCompliantParentName, + case15BecomesCompliantYaml) plc := utils.GetWithTimeout(clientManagedDynamic, gvrConfigPolicy, case15BecomesCompliantName, testNamespace, true, defaultTimeoutSeconds) @@ -176,21 +137,8 @@ var _ = Describe("Testing compliance event formatting", func() { Expect(compParentEvents).NotTo(BeEmpty()) }) It("Records events for a policy that becomes noncompliant", func() { - By("Creating parent policy " + case15BecomesNonCompliantParentName + " on " + testNamespace) - utils.Kubectl("apply", "-f", case15BecomesNonCompliantParentYaml, "-n", testNamespace) - parent := utils.GetWithTimeout(clientManagedDynamic, gvrPolicy, - case15BecomesNonCompliantParentName, testNamespace, true, defaultTimeoutSeconds) - Expect(parent).NotTo(BeNil()) - - By("Creating compliant policy " + case15BecomesNonCompliantName + " on " + testNamespace + " with parent " + - case15BecomesNonCompliantParentName) - plcDef := utils.ParseYaml(case15BecomesNonCompliantYaml) - ownerRefs := plcDef.GetOwnerReferences() - ownerRefs[0].UID = parent.GetUID() - plcDef.SetOwnerReferences(ownerRefs) - _, err := clientManagedDynamic.Resource(gvrConfigPolicy).Namespace(testNamespace). - Create(context.TODO(), plcDef, metav1.CreateOptions{}) - Expect(err).To(BeNil()) + createConfigPolicyWithParent(case15BecomesNonCompliantParentYaml, case15BecomesNonCompliantParentName, + case15BecomesNonCompliantYaml) plc := utils.GetWithTimeout(clientManagedDynamic, gvrConfigPolicy, case15BecomesNonCompliantName, testNamespace, true, defaultTimeoutSeconds) diff --git a/test/e2e/case17_evaluation_interval_test.go b/test/e2e/case17_evaluation_interval_test.go index 3952bd90..43077ca1 100644 --- a/test/e2e/case17_evaluation_interval_test.go +++ b/test/e2e/case17_evaluation_interval_test.go @@ -29,26 +29,7 @@ const ( var _ = Describe("Test evaluation interval", func() { It("Verifies that status.lastEvaluated is properly set", func() { - By("Creating the parent policy " + case17ParentPolicyName + " on the managed cluster") - utils.Kubectl("apply", "-f", case17ParentPolicy, "-n", testNamespace) - parent := utils.GetWithTimeout(clientManagedDynamic, - gvrPolicy, - case17ParentPolicyName, - testNamespace, - true, - defaultTimeoutSeconds, - ) - Expect(parent).NotTo(BeNil()) - - By("Creating " + case17PolicyName + " on the managed cluster") - plcDef := utils.ParseYaml(case17Policy) - ownerRefs := plcDef.GetOwnerReferences() - ownerRefs[0].UID = parent.GetUID() - plcDef.SetOwnerReferences(ownerRefs) - _, err := clientManagedDynamic.Resource(gvrConfigPolicy).Namespace(testNamespace).Create( - context.TODO(), plcDef, v1.CreateOptions{}, - ) - Expect(err).To(BeNil()) + createConfigPolicyWithParent(case17ParentPolicy, case17ParentPolicyName, case17Policy) By("Getting status.lastEvaluated") var managedPlc *unstructured.Unstructured diff --git a/test/e2e/case21_alternative_kubeconfig_test.go b/test/e2e/case21_alternative_kubeconfig_test.go index a497a97c..22e971b3 100644 --- a/test/e2e/case21_alternative_kubeconfig_test.go +++ b/test/e2e/case21_alternative_kubeconfig_test.go @@ -58,20 +58,7 @@ var _ = Describe("Test an alternative kubeconfig for policy evaluation", Ordered }) It("should create the namespace using the alternative kubeconfig", func() { - By("Creating parent policy " + parentPolicyName + " on " + testNamespace) - utils.Kubectl("apply", "-f", parentPolicyYAML, "-n", testNamespace) - parent := utils.GetWithTimeout(clientManagedDynamic, gvrPolicy, - parentPolicyName, testNamespace, true, defaultTimeoutSeconds) - Expect(parent).NotTo(BeNil()) - - By("Creating the " + policyName + " policy") - plcDef := utils.ParseYaml(policyYAML) - ownerRefs := plcDef.GetOwnerReferences() - ownerRefs[0].UID = parent.GetUID() - plcDef.SetOwnerReferences(ownerRefs) - _, err := clientManagedDynamic.Resource(gvrConfigPolicy).Namespace(testNamespace). - Create(context.TODO(), plcDef, metav1.CreateOptions{}) - Expect(err).To(BeNil()) + createConfigPolicyWithParent(parentPolicyYAML, parentPolicyName, policyYAML) By("Verifying that the " + policyName + " policy is compliant") Eventually(func() interface{} { @@ -83,7 +70,7 @@ var _ = Describe("Test an alternative kubeconfig for policy evaluation", Ordered }, defaultTimeoutSeconds, 1).Should(Equal("Compliant")) By("Verifying that the " + policyName + " was created using the alternative kubeconfig") - _, err = targetK8sClient.CoreV1().Namespaces().Get(context.TODO(), namespaceName, metav1.GetOptions{}) + _, err := targetK8sClient.CoreV1().Namespaces().Get(context.TODO(), namespaceName, metav1.GetOptions{}) Expect(err).To(BeNil()) By("Verifying that a compliance event was created on the parent policy")