Add test for configpolicy cleanup during uninstall

Tests that the ConfigurationPolicy CRD does not become stuck due to pruneObjectBehavior finalizers when the controller is uninstalled. Refs: - https://issues.redhat.com/browse/ACM-2923 Signed-off-by: Justin Kulikauskas <jkulikau@redhat.com>
stolostron · Jan 19, 2023 · bb53bee · bb53bee
1 parent 00b3923
commit bb53bee
Showing 1 changed file with 115 additions and 20 deletions.
diff --git a/test/configuration_policy_prune.go b/test/configuration_policy_prune.go
@@ -5,6 +5,7 @@ package test
 
 import (
 	"errors"
+	"os"
 
 	. "github.com/onsi/ginkgo/v2"
 	. "github.com/onsi/gomega"
@@ -20,6 +21,26 @@ func ConfigPruneBehavior(labels ...string) bool {
 		pruneConfigMapYaml string = "../resources/configuration_policy_prune/configmap-only.yaml"
 	)
 
+	cleanPolicy := func(policyName, policyYaml string) func() {
+		return func() {
+			_, err := OcHub(
+				"delete", "-f", policyYaml,
+				"--ignore-not-found",
+			)
+			Expect(err).To(BeNil())
+			_, err = OcManaged(
+				"delete",
+				"events",
+				"-n",
+				ClusterNamespace,
+				"--field-selector=involvedObject.name="+
+					UserNamespace+"."+policyName,
+				"--ignore-not-found",
+			)
+			Expect(err).To(BeNil())
+		}
+	}
+
 	pruneTestCreatedByPolicy := func(policyName, policyYaml string, cmShouldBeDeleted bool) {
 		clientManagedDynamic := NewKubeClientDynamic("", KubeconfigManaged, "")
 
@@ -270,26 +291,6 @@ func ConfigPruneBehavior(labels ...string) bool {
 		BeforeEach(cleanConfigMap)
 		AfterAll(cleanConfigMap)
 
-		cleanPolicy := func(policyName, policyYaml string) func() {
-			return func() {
-				_, err := OcHub(
-					"delete", "-f", policyYaml,
-					"--ignore-not-found",
-				)
-				Expect(err).To(BeNil())
-				_, err = OcManaged(
-					"delete",
-					"events",
-					"-n",
-					ClusterNamespace,
-					"--field-selector=involvedObject.name="+
-						UserNamespace+"."+policyName,
-					"--ignore-not-found",
-				)
-				Expect(err).To(BeNil())
-			}
-		}
-
 		Describe("Test DeleteAll pruning", func() {
 			policyName := "cm-policy-prune-all"
 			policyYaml := "../resources/configuration_policy_prune/cm-policy-prune-all.yaml"
@@ -361,5 +362,99 @@ func ConfigPruneBehavior(labels ...string) bool {
 		})
 	})
 
+	Describe("GRC: [P1][Sev1][policy-grc] Test cleanup during controller removal", Ordered, func() {
+		var configpolicyDeploymentYaml string
+		var configpolicyCRDYaml string
+
+		clientManagedDynamic := NewKubeClientDynamic("", KubeconfigManaged, "")
+		policyName := "cm-policy-prune-all"
+		policyYaml := "../resources/configuration_policy_prune/cm-policy-prune-all.yaml"
+		pruneFinalizer := "policy.open-cluster-management.io/delete-related-objects"
+
+		BeforeAll(func() {
+			var err error
+
+			configpolicyDeploymentYaml, err = OcManaged("get", "deployment", "-o=yaml",
+				"--namespace=open-cluster-management-agent-addon", "config-policy-controller")
+			Expect(err).To(BeNil())
+
+			configpolicyCRDYaml, err = OcManaged("get", "crd", "-o=yaml",
+				"configurationpolicies.policy.open-cluster-management.io")
+			Expect(err).To(BeNil())
+		})
+
+		AfterAll(func() {
+			By("Re-applying the config policy controller deployment")
+			tmpDeployFile, err := os.CreateTemp("", "config-policy-controller-*.yaml")
+			Expect(err).To(BeNil())
+
+			defer os.Remove(tmpDeployFile.Name())
+
+			_, err = tmpDeployFile.WriteString(configpolicyDeploymentYaml)
+			Expect(err).To(BeNil())
+
+			Expect(tmpDeployFile.Close()).To(BeNil())
+
+			_, err = OcManaged("apply", "-f", tmpDeployFile.Name())
+			Expect(err).To(BeNil())
+
+			By("Re-applying the configuration policy CRD")
+			tmpCRDFile, err := os.CreateTemp("", "config-policy-crd-*.yaml")
+			Expect(err).To(BeNil())
+
+			defer os.Remove(tmpCRDFile.Name())
+
+			_, err = tmpCRDFile.WriteString(configpolicyCRDYaml)
+			Expect(err).To(BeNil())
+
+			Expect(tmpCRDFile.Close()).To(BeNil())
+
+			_, err = OcManaged("apply", "-f", tmpCRDFile.Name())
+			Expect(err).To(BeNil())
+		})
+
+		AfterAll(cleanPolicy(policyName, policyYaml))
+
+		It("Should have the finalizer on the deployment", func() {
+			DoCreatePolicyTest(policyYaml, GvrConfigurationPolicy)
+
+			By("Checking for the finalizer")
+			Eventually(func(g Gomega) {
+				deployment := utils.GetWithTimeout(
+					clientManagedDynamic,
+					GvrDeployment,
+					"config-policy-controller",
+					"open-cluster-management-agent-addon",
+					true,
+					DefaultTimeoutSeconds,
+				)
+
+				g.Expect(deployment.GetFinalizers()).Should(ContainElement(pruneFinalizer))
+			}, DefaultTimeoutSeconds, 1).Should(Succeed())
+		})
+
+		It("Should eventually remove the deployment despite the finalizer", func() {
+			// Ignoring error because it probably should take more than 1 second,
+			// but we check whether it eventually succeeds separately.
+			OcManaged("delete", "deployment", "--timeout=1s",
+				"--namespace=open-cluster-management-agent-addon", "config-policy-controller")
+
+			utils.GetWithTimeout(
+				clientManagedDynamic,
+				GvrDeployment,
+				"config-policy-controller",
+				"open-cluster-management-agent-addon",
+				false,
+				DefaultTimeoutSeconds,
+			)
+		})
+
+		It("Should remove the CRD in a timely manner", func() {
+			_, err := OcManaged("delete", "crd", "--timeout=15s",
+				"configurationpolicies.policy.open-cluster-management.io")
+			Expect(err).To(BeNil())
+		})
+	})
+
 	return true
 }