Refactor TestImpersonationProxy "apply annotation" test for clarity.

This test felt overly complex and some of the cleanup logic wasn't 100% correct (it didn't clean up in all cases).

The new code is essentially the same flow but hopefully easier to read.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
This commit is contained in:
Matt Moyer 2021-06-01 15:01:42 -05:00
parent 75d92079e4
commit 2ee3cec5ed
No known key found for this signature in database
GPG Key ID: EAE88AD172C5AE2D

View File

@ -1200,44 +1200,55 @@ func TestImpersonationProxy(t *testing.T) { //nolint:gocyclo // yeah, it's compl
t.Skip("only running when the cluster is meant to be using LoadBalancer services") t.Skip("only running when the cluster is meant to be using LoadBalancer services")
} }
applyAnnotations := func(mutateAnnotationsFunc func(map[string]string)) { // Grab the state of the CredentialIssuer prior to this test, so we can restore things back afterwards.
var expectedAnnotations map[string]string previous, err := adminConciergeClient.ConfigV1alpha1().CredentialIssuers().Get(ctx, credentialIssuerName(env), metav1.GetOptions{})
require.NoError(t, err)
applyCredentialIssuerAnnotations := func(annotations map[string]string) {
require.NoError(t, retry.RetryOnConflict(retry.DefaultRetry, func() error { require.NoError(t, retry.RetryOnConflict(retry.DefaultRetry, func() error {
newCredentialIssuer, err := adminConciergeClient.ConfigV1alpha1().CredentialIssuers().Get(ctx, credentialIssuerName(env), metav1.GetOptions{}) issuer, err := adminConciergeClient.ConfigV1alpha1().CredentialIssuers().Get(ctx, credentialIssuerName(env), metav1.GetOptions{})
if err != nil { if err != nil {
return err return err
} }
mutateAnnotationsFunc(newCredentialIssuer.Spec.ImpersonationProxy.Service.Annotations) updated := issuer.DeepCopy()
expectedAnnotations = newCredentialIssuer.Spec.ImpersonationProxy.Service.Annotations updated.Spec.ImpersonationProxy.Service.Annotations = annotations
_, err = adminConciergeClient.ConfigV1alpha1().CredentialIssuers().Update(ctx, newCredentialIssuer, metav1.UpdateOptions{}) if equality.Semantic.DeepEqual(issuer, updated) {
return nil
}
t.Logf("updating CredentialIssuer with spec.impersonationProxy.service.annotations: %v", annotations)
_, err = adminConciergeClient.ConfigV1alpha1().CredentialIssuers().Update(ctx, updated, metav1.UpdateOptions{})
return err return err
})) }))
t.Logf("updated CredentialIssuer with annotations %v", expectedAnnotations) }
// Wait until the annotation shows up on the load balancer waitForServiceAnnotations := func(annotations map[string]string) {
library.RequireEventuallyWithoutError(t, func() (bool, error) { library.RequireEventuallyWithoutError(t, func() (bool, error) {
service, err := adminClient.CoreV1().Services(env.ConciergeNamespace).Get(ctx, impersonationProxyLoadBalancerName(env), metav1.GetOptions{}) service, err := adminClient.CoreV1().Services(env.ConciergeNamespace).Get(ctx, impersonationProxyLoadBalancerName(env), metav1.GetOptions{})
if err != nil { if err != nil {
return false, err return false, err
} }
t.Logf("found Service %s of type %s with annotations: %s", service.Name, service.Spec.Type, service.Annotations) t.Logf("found Service %s of type %s with annotations: %s", service.Name, service.Spec.Type, service.Annotations)
return equality.Semantic.DeepEqual(service.Annotations, expectedAnnotations), nil return equality.Semantic.DeepEqual(service.Annotations, annotations), nil
}, 30*time.Second, 100*time.Millisecond) }, 30*time.Second, 100*time.Millisecond)
} }
// Set a new annotation and expect it to appear on the Service. // Whatever happens, set the annotations back to the original value and expect the Service to be updated.
newAnnotationKey := "pinniped.dev/test-" + library.RandHex(t, 8) t.Cleanup(func() {
newAnnotationValue := "test-" + library.RandHex(t, 8) t.Log("reverting CredentialIssuer back to previous configuration")
applyAnnotations(func(annotations map[string]string) { applyCredentialIssuerAnnotations(previous.Spec.ImpersonationProxy.Service.DeepCopy().Annotations)
annotations[newAnnotationKey] = newAnnotationValue waitForServiceAnnotations(previous.Spec.ImpersonationProxy.Service.DeepCopy().Annotations)
}) })
// Remove the annotation and expect it to be removed from the Service // Set a new annotation in the CredentialIssuer spec.impersonationProxy.service.annotations field.
t.Cleanup(func() { newAnnotationKey := "pinniped.dev/test-" + library.RandHex(t, 8)
applyAnnotations(func(annotations map[string]string) { newAnnotationValue := "test-" + library.RandHex(t, 8)
delete(annotations, newAnnotationKey) updatedAnnotations := previous.Spec.ImpersonationProxy.Service.DeepCopy().Annotations
}) updatedAnnotations[newAnnotationKey] = newAnnotationValue
}) applyCredentialIssuerAnnotations(updatedAnnotations)
// Expect it to be applied to the Service.
waitForServiceAnnotations(updatedAnnotations)
}) })
t.Run("running impersonation proxy with ClusterIP service", func(t *testing.T) { t.Run("running impersonation proxy with ClusterIP service", func(t *testing.T) {