All controller unit tests should not cancel context until test is over
All controller unit tests were accidentally using a timeout context for the informers, instead of a cancel context which stays alive until each test is completely finished. There is no reason to risk unpredictable behavior of a timeout being reached during an individual test, even though with the previous 3 second timeout it could only be reached on a machine which is running orders of magnitude slower than usual, since each test usually runs in about 100-300 ms. Unfortunately, sometimes our CI workers might get that slow. This sparked a review of other usages of timeout contexts in other tests, and all of them were increased to a minimum value of 1 minute, under the rule of thumb that our tests will be more reliable on slow machines if they "pass fast and fail slow".
This commit is contained in:
parent
b102aa8991
commit
d8c6894cbc
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package main
|
package main
|
||||||
@ -99,7 +99,7 @@ func TestWebhook(t *testing.T) {
|
|||||||
},
|
},
|
||||||
}))
|
}))
|
||||||
|
|
||||||
secretInformer := createSecretInformer(t, kubeClient)
|
secretInformer := createSecretInformer(ctx, t, kubeClient)
|
||||||
|
|
||||||
certProvider, caBundle, serverName := newCertProvider(t)
|
certProvider, caBundle, serverName := newCertProvider(t)
|
||||||
w := newWebhook(certProvider, secretInformer)
|
w := newWebhook(certProvider, secretInformer)
|
||||||
@ -437,7 +437,7 @@ func TestWebhook(t *testing.T) {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func createSecretInformer(t *testing.T, kubeClient kubernetes.Interface) corev1informers.SecretInformer {
|
func createSecretInformer(ctx context.Context, t *testing.T, kubeClient kubernetes.Interface) corev1informers.SecretInformer {
|
||||||
t.Helper()
|
t.Helper()
|
||||||
|
|
||||||
kubeInformers := kubeinformers.NewSharedInformerFactory(kubeClient, 0)
|
kubeInformers := kubeinformers.NewSharedInformerFactory(kubeClient, 0)
|
||||||
@ -448,9 +448,6 @@ func createSecretInformer(t *testing.T, kubeClient kubernetes.Interface) corev1i
|
|||||||
// informer factory before syncing it.
|
// informer factory before syncing it.
|
||||||
secretInformer.Informer()
|
secretInformer.Informer()
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), time.Second*3)
|
|
||||||
defer cancel()
|
|
||||||
|
|
||||||
kubeInformers.Start(ctx.Done())
|
kubeInformers.Start(ctx.Done())
|
||||||
|
|
||||||
informerTypesSynced := kubeInformers.WaitForCacheSync(ctx.Done())
|
informerTypesSynced := kubeInformers.WaitForCacheSync(ctx.Done())
|
||||||
|
@ -7,7 +7,6 @@ import (
|
|||||||
"context"
|
"context"
|
||||||
"errors"
|
"errors"
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
|
||||||
|
|
||||||
"github.com/sclevine/spec"
|
"github.com/sclevine/spec"
|
||||||
"github.com/sclevine/spec/report"
|
"github.com/sclevine/spec/report"
|
||||||
@ -112,8 +111,8 @@ func TestAPIServiceUpdaterControllerSync(t *testing.T) {
|
|||||||
var aggregatorAPIClient *aggregatorfake.Clientset
|
var aggregatorAPIClient *aggregatorfake.Clientset
|
||||||
var kubeInformerClient *kubernetesfake.Clientset
|
var kubeInformerClient *kubernetesfake.Clientset
|
||||||
var kubeInformers kubeinformers.SharedInformerFactory
|
var kubeInformers kubeinformers.SharedInformerFactory
|
||||||
var timeoutContext context.Context
|
var cancelContext context.Context
|
||||||
var timeoutContextCancel context.CancelFunc
|
var cancelContextCancelFunc context.CancelFunc
|
||||||
var syncContext *controllerlib.Context
|
var syncContext *controllerlib.Context
|
||||||
|
|
||||||
// Defer starting the informers until the last possible moment so that the
|
// Defer starting the informers until the last possible moment so that the
|
||||||
@ -131,7 +130,7 @@ func TestAPIServiceUpdaterControllerSync(t *testing.T) {
|
|||||||
|
|
||||||
// Set this at the last second to support calling subject.Name().
|
// Set this at the last second to support calling subject.Name().
|
||||||
syncContext = &controllerlib.Context{
|
syncContext = &controllerlib.Context{
|
||||||
Context: timeoutContext,
|
Context: cancelContext,
|
||||||
Name: subject.Name(),
|
Name: subject.Name(),
|
||||||
Key: controllerlib.Key{
|
Key: controllerlib.Key{
|
||||||
Namespace: installedInNamespace,
|
Namespace: installedInNamespace,
|
||||||
@ -140,14 +139,14 @@ func TestAPIServiceUpdaterControllerSync(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Must start informers before calling TestRunSynchronously()
|
// Must start informers before calling TestRunSynchronously()
|
||||||
kubeInformers.Start(timeoutContext.Done())
|
kubeInformers.Start(cancelContext.Done())
|
||||||
controllerlib.TestRunSynchronously(t, subject)
|
controllerlib.TestRunSynchronously(t, subject)
|
||||||
}
|
}
|
||||||
|
|
||||||
it.Before(func() {
|
it.Before(func() {
|
||||||
r = require.New(t)
|
r = require.New(t)
|
||||||
|
|
||||||
timeoutContext, timeoutContextCancel = context.WithTimeout(context.Background(), time.Second*3)
|
cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background())
|
||||||
|
|
||||||
kubeInformerClient = kubernetesfake.NewSimpleClientset()
|
kubeInformerClient = kubernetesfake.NewSimpleClientset()
|
||||||
kubeInformers = kubeinformers.NewSharedInformerFactory(kubeInformerClient, 0)
|
kubeInformers = kubeinformers.NewSharedInformerFactory(kubeInformerClient, 0)
|
||||||
@ -155,7 +154,7 @@ func TestAPIServiceUpdaterControllerSync(t *testing.T) {
|
|||||||
})
|
})
|
||||||
|
|
||||||
it.After(func() {
|
it.After(func() {
|
||||||
timeoutContextCancel()
|
cancelContextCancelFunc()
|
||||||
})
|
})
|
||||||
|
|
||||||
when("there is not yet a serving cert Secret in the installation namespace or it was deleted", func() {
|
when("there is not yet a serving cert Secret in the installation namespace or it was deleted", func() {
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package apicerts
|
package apicerts
|
||||||
@ -216,7 +216,7 @@ func TestExpirerControllerSync(t *testing.T) {
|
|||||||
t.Run(test.name, func(t *testing.T) {
|
t.Run(test.name, func(t *testing.T) {
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), time.Second*3)
|
ctx, cancel := context.WithCancel(context.Background())
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
kubeAPIClient := kubernetesfake.NewSimpleClientset()
|
kubeAPIClient := kubernetesfake.NewSimpleClientset()
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package apicerts
|
package apicerts
|
||||||
@ -125,8 +125,8 @@ func TestManagerControllerSync(t *testing.T) {
|
|||||||
var kubeAPIClient *kubernetesfake.Clientset
|
var kubeAPIClient *kubernetesfake.Clientset
|
||||||
var kubeInformerClient *kubernetesfake.Clientset
|
var kubeInformerClient *kubernetesfake.Clientset
|
||||||
var kubeInformers kubeinformers.SharedInformerFactory
|
var kubeInformers kubeinformers.SharedInformerFactory
|
||||||
var timeoutContext context.Context
|
var cancelContext context.Context
|
||||||
var timeoutContextCancel context.CancelFunc
|
var cancelContextCancelFunc context.CancelFunc
|
||||||
var syncContext *controllerlib.Context
|
var syncContext *controllerlib.Context
|
||||||
|
|
||||||
// Defer starting the informers until the last possible moment so that the
|
// Defer starting the informers until the last possible moment so that the
|
||||||
@ -151,7 +151,7 @@ func TestManagerControllerSync(t *testing.T) {
|
|||||||
|
|
||||||
// Set this at the last second to support calling subject.Name().
|
// Set this at the last second to support calling subject.Name().
|
||||||
syncContext = &controllerlib.Context{
|
syncContext = &controllerlib.Context{
|
||||||
Context: timeoutContext,
|
Context: cancelContext,
|
||||||
Name: subject.Name(),
|
Name: subject.Name(),
|
||||||
Key: controllerlib.Key{
|
Key: controllerlib.Key{
|
||||||
Namespace: installedInNamespace,
|
Namespace: installedInNamespace,
|
||||||
@ -160,14 +160,14 @@ func TestManagerControllerSync(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Must start informers before calling TestRunSynchronously()
|
// Must start informers before calling TestRunSynchronously()
|
||||||
kubeInformers.Start(timeoutContext.Done())
|
kubeInformers.Start(cancelContext.Done())
|
||||||
controllerlib.TestRunSynchronously(t, subject)
|
controllerlib.TestRunSynchronously(t, subject)
|
||||||
}
|
}
|
||||||
|
|
||||||
it.Before(func() {
|
it.Before(func() {
|
||||||
r = require.New(t)
|
r = require.New(t)
|
||||||
|
|
||||||
timeoutContext, timeoutContextCancel = context.WithTimeout(context.Background(), time.Second*3)
|
cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background())
|
||||||
|
|
||||||
kubeInformerClient = kubernetesfake.NewSimpleClientset()
|
kubeInformerClient = kubernetesfake.NewSimpleClientset()
|
||||||
kubeInformers = kubeinformers.NewSharedInformerFactory(kubeInformerClient, 0)
|
kubeInformers = kubeinformers.NewSharedInformerFactory(kubeInformerClient, 0)
|
||||||
@ -175,7 +175,7 @@ func TestManagerControllerSync(t *testing.T) {
|
|||||||
})
|
})
|
||||||
|
|
||||||
it.After(func() {
|
it.After(func() {
|
||||||
timeoutContextCancel()
|
cancelContextCancelFunc()
|
||||||
})
|
})
|
||||||
|
|
||||||
when("there is not yet a serving cert Secret in the installation namespace or it was deleted", func() {
|
when("there is not yet a serving cert Secret in the installation namespace or it was deleted", func() {
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package apicerts
|
package apicerts
|
||||||
@ -6,7 +6,6 @@ package apicerts
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
|
||||||
|
|
||||||
"github.com/sclevine/spec"
|
"github.com/sclevine/spec"
|
||||||
"github.com/sclevine/spec/report"
|
"github.com/sclevine/spec/report"
|
||||||
@ -104,8 +103,8 @@ func TestObserverControllerSync(t *testing.T) {
|
|||||||
var subject controllerlib.Controller
|
var subject controllerlib.Controller
|
||||||
var kubeInformerClient *kubernetesfake.Clientset
|
var kubeInformerClient *kubernetesfake.Clientset
|
||||||
var kubeInformers kubeinformers.SharedInformerFactory
|
var kubeInformers kubeinformers.SharedInformerFactory
|
||||||
var timeoutContext context.Context
|
var cancelContext context.Context
|
||||||
var timeoutContextCancel context.CancelFunc
|
var cancelContextCancelFunc context.CancelFunc
|
||||||
var syncContext *controllerlib.Context
|
var syncContext *controllerlib.Context
|
||||||
var dynamicCertProvider dynamiccert.Provider
|
var dynamicCertProvider dynamiccert.Provider
|
||||||
|
|
||||||
@ -123,7 +122,7 @@ func TestObserverControllerSync(t *testing.T) {
|
|||||||
|
|
||||||
// Set this at the last second to support calling subject.Name().
|
// Set this at the last second to support calling subject.Name().
|
||||||
syncContext = &controllerlib.Context{
|
syncContext = &controllerlib.Context{
|
||||||
Context: timeoutContext,
|
Context: cancelContext,
|
||||||
Name: subject.Name(),
|
Name: subject.Name(),
|
||||||
Key: controllerlib.Key{
|
Key: controllerlib.Key{
|
||||||
Namespace: installedInNamespace,
|
Namespace: installedInNamespace,
|
||||||
@ -132,14 +131,14 @@ func TestObserverControllerSync(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Must start informers before calling TestRunSynchronously()
|
// Must start informers before calling TestRunSynchronously()
|
||||||
kubeInformers.Start(timeoutContext.Done())
|
kubeInformers.Start(cancelContext.Done())
|
||||||
controllerlib.TestRunSynchronously(t, subject)
|
controllerlib.TestRunSynchronously(t, subject)
|
||||||
}
|
}
|
||||||
|
|
||||||
it.Before(func() {
|
it.Before(func() {
|
||||||
r = require.New(t)
|
r = require.New(t)
|
||||||
|
|
||||||
timeoutContext, timeoutContextCancel = context.WithTimeout(context.Background(), time.Second*3)
|
cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background())
|
||||||
|
|
||||||
kubeInformerClient = kubernetesfake.NewSimpleClientset()
|
kubeInformerClient = kubernetesfake.NewSimpleClientset()
|
||||||
kubeInformers = kubeinformers.NewSharedInformerFactory(kubeInformerClient, 0)
|
kubeInformers = kubeinformers.NewSharedInformerFactory(kubeInformerClient, 0)
|
||||||
@ -147,7 +146,7 @@ func TestObserverControllerSync(t *testing.T) {
|
|||||||
})
|
})
|
||||||
|
|
||||||
it.After(func() {
|
it.After(func() {
|
||||||
timeoutContextCancel()
|
cancelContextCancelFunc()
|
||||||
})
|
})
|
||||||
|
|
||||||
when("there is not yet a serving cert Secret in the installation namespace or it was deleted", func() {
|
when("there is not yet a serving cert Secret in the installation namespace or it was deleted", func() {
|
||||||
|
@ -6,7 +6,6 @@ package cachecleaner
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
|
||||||
|
|
||||||
"github.com/golang/mock/gomock"
|
"github.com/golang/mock/gomock"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
@ -150,7 +149,7 @@ func TestController(t *testing.T) {
|
|||||||
jwtAuthenticators := informers.Authentication().V1alpha1().JWTAuthenticators()
|
jwtAuthenticators := informers.Authentication().V1alpha1().JWTAuthenticators()
|
||||||
controller := New(cache, webhooks, jwtAuthenticators, testLog)
|
controller := New(cache, webhooks, jwtAuthenticators, testLog)
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Second)
|
ctx, cancel := context.WithCancel(context.Background())
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
informers.Start(ctx.Done())
|
informers.Start(ctx.Done())
|
||||||
|
@ -325,7 +325,7 @@ func TestController(t *testing.T) {
|
|||||||
|
|
||||||
controller := New(cache, informers.Authentication().V1alpha1().JWTAuthenticators(), testLog)
|
controller := New(cache, informers.Authentication().V1alpha1().JWTAuthenticators(), testLog)
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Second)
|
ctx, cancel := context.WithCancel(context.Background())
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
informers.Start(ctx.Done())
|
informers.Start(ctx.Done())
|
||||||
|
@ -11,7 +11,6 @@ import (
|
|||||||
"net/http"
|
"net/http"
|
||||||
"os"
|
"os"
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
||||||
@ -93,7 +92,7 @@ func TestController(t *testing.T) {
|
|||||||
|
|
||||||
controller := New(cache, informers.Authentication().V1alpha1().WebhookAuthenticators(), testLog)
|
controller := New(cache, informers.Authentication().V1alpha1().WebhookAuthenticators(), testLog)
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Second)
|
ctx, cancel := context.WithCancel(context.Background())
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
informers.Start(ctx.Done())
|
informers.Start(ctx.Done())
|
||||||
|
@ -297,8 +297,8 @@ func TestImpersonatorConfigControllerSync(t *testing.T) {
|
|||||||
var pinnipedAPIClient *pinnipedfake.Clientset
|
var pinnipedAPIClient *pinnipedfake.Clientset
|
||||||
var kubeInformerClient *kubernetesfake.Clientset
|
var kubeInformerClient *kubernetesfake.Clientset
|
||||||
var kubeInformers kubeinformers.SharedInformerFactory
|
var kubeInformers kubeinformers.SharedInformerFactory
|
||||||
var timeoutContext context.Context
|
var cancelContext context.Context
|
||||||
var timeoutContextCancel context.CancelFunc
|
var cancelContextCancelFunc context.CancelFunc
|
||||||
var syncContext *controllerlib.Context
|
var syncContext *controllerlib.Context
|
||||||
var startTLSListenerFuncWasCalled int
|
var startTLSListenerFuncWasCalled int
|
||||||
var startTLSListenerFuncError error
|
var startTLSListenerFuncError error
|
||||||
@ -369,11 +369,12 @@ func TestImpersonatorConfigControllerSync(t *testing.T) {
|
|||||||
url := "https://" + addr
|
url := "https://" + addr
|
||||||
req, err := http.NewRequestWithContext(context.Background(), "GET", url, nil)
|
req, err := http.NewRequestWithContext(context.Background(), "GET", url, nil)
|
||||||
r.NoError(err)
|
r.NoError(err)
|
||||||
|
|
||||||
var resp *http.Response
|
var resp *http.Response
|
||||||
assert.Eventually(t, func() bool {
|
assert.Eventually(t, func() bool {
|
||||||
resp, err = client.Do(req.Clone(context.Background())) //nolint:bodyclose
|
resp, err = client.Do(req.Clone(context.Background())) //nolint:bodyclose
|
||||||
return err == nil
|
return err == nil
|
||||||
}, 5*time.Second, 5*time.Millisecond)
|
}, 20*time.Second, 50*time.Millisecond)
|
||||||
r.NoError(err)
|
r.NoError(err)
|
||||||
|
|
||||||
r.Equal(http.StatusOK, resp.StatusCode)
|
r.Equal(http.StatusOK, resp.StatusCode)
|
||||||
@ -392,13 +393,14 @@ func TestImpersonatorConfigControllerSync(t *testing.T) {
|
|||||||
url := "https://" + testServerAddr()
|
url := "https://" + testServerAddr()
|
||||||
req, err := http.NewRequestWithContext(context.Background(), "GET", url, nil)
|
req, err := http.NewRequestWithContext(context.Background(), "GET", url, nil)
|
||||||
r.NoError(err)
|
r.NoError(err)
|
||||||
|
|
||||||
expectedErrorRegex := "Get .*: remote error: tls: unrecognized name"
|
expectedErrorRegex := "Get .*: remote error: tls: unrecognized name"
|
||||||
expectedErrorRegexCompiled, err := regexp.Compile(expectedErrorRegex)
|
expectedErrorRegexCompiled, err := regexp.Compile(expectedErrorRegex)
|
||||||
r.NoError(err)
|
r.NoError(err)
|
||||||
assert.Eventually(t, func() bool {
|
assert.Eventually(t, func() bool {
|
||||||
_, err = client.Do(req.Clone(context.Background())) //nolint:bodyclose
|
_, err = client.Do(req.Clone(context.Background())) //nolint:bodyclose
|
||||||
return err != nil && expectedErrorRegexCompiled.MatchString(err.Error())
|
return err != nil && expectedErrorRegexCompiled.MatchString(err.Error())
|
||||||
}, 5*time.Second, 5*time.Millisecond)
|
}, 20*time.Second, 50*time.Millisecond)
|
||||||
r.Error(err)
|
r.Error(err)
|
||||||
r.Regexp(expectedErrorRegex, err.Error())
|
r.Regexp(expectedErrorRegex, err.Error())
|
||||||
}
|
}
|
||||||
@ -416,7 +418,7 @@ func TestImpersonatorConfigControllerSync(t *testing.T) {
|
|||||||
&tls.Config{InsecureSkipVerify: true}, //nolint:gosec
|
&tls.Config{InsecureSkipVerify: true}, //nolint:gosec
|
||||||
)
|
)
|
||||||
return err != nil && expectedErrorRegexCompiled.MatchString(err.Error())
|
return err != nil && expectedErrorRegexCompiled.MatchString(err.Error())
|
||||||
}, 5*time.Second, 5*time.Millisecond)
|
}, 20*time.Second, 50*time.Millisecond)
|
||||||
r.Error(err)
|
r.Error(err)
|
||||||
r.Regexp(expectedErrorRegex, err.Error())
|
r.Regexp(expectedErrorRegex, err.Error())
|
||||||
}
|
}
|
||||||
@ -456,7 +458,7 @@ func TestImpersonatorConfigControllerSync(t *testing.T) {
|
|||||||
|
|
||||||
// Set this at the last second to support calling subject.Name().
|
// Set this at the last second to support calling subject.Name().
|
||||||
syncContext = &controllerlib.Context{
|
syncContext = &controllerlib.Context{
|
||||||
Context: timeoutContext,
|
Context: cancelContext,
|
||||||
Name: subject.Name(),
|
Name: subject.Name(),
|
||||||
Key: controllerlib.Key{
|
Key: controllerlib.Key{
|
||||||
Namespace: installedInNamespace,
|
Namespace: installedInNamespace,
|
||||||
@ -465,7 +467,7 @@ func TestImpersonatorConfigControllerSync(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Must start informers before calling TestRunSynchronously()
|
// Must start informers before calling TestRunSynchronously()
|
||||||
kubeInformers.Start(timeoutContext.Done())
|
kubeInformers.Start(cancelContext.Done())
|
||||||
controllerlib.TestRunSynchronously(t, subject)
|
controllerlib.TestRunSynchronously(t, subject)
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -552,18 +554,29 @@ func TestImpersonatorConfigControllerSync(t *testing.T) {
|
|||||||
// If an object is added to the informer's client *before* the informer is started, then waiting is
|
// If an object is added to the informer's client *before* the informer is started, then waiting is
|
||||||
// not needed because the informer's initial "list" will pick up the object.
|
// not needed because the informer's initial "list" will pick up the object.
|
||||||
var waitForObjectToAppearInInformer = func(obj kubeclient.Object, informer controllerlib.InformerGetter) {
|
var waitForObjectToAppearInInformer = func(obj kubeclient.Object, informer controllerlib.InformerGetter) {
|
||||||
r.Eventually(func() bool {
|
var objFromInformer interface{}
|
||||||
gotObj, exists, err := informer.Informer().GetIndexer().GetByKey(installedInNamespace + "/" + obj.GetName())
|
var exists bool
|
||||||
return err == nil && exists && reflect.DeepEqual(gotObj.(kubeclient.Object), obj)
|
var err error
|
||||||
}, 10*time.Second, 5*time.Millisecond)
|
assert.Eventually(t, func() bool {
|
||||||
|
objFromInformer, exists, err = informer.Informer().GetIndexer().GetByKey(installedInNamespace + "/" + obj.GetName())
|
||||||
|
return err == nil && exists && reflect.DeepEqual(objFromInformer.(kubeclient.Object), obj)
|
||||||
|
}, 30*time.Second, 10*time.Millisecond)
|
||||||
|
r.NoError(err)
|
||||||
|
r.True(exists, "this object should have existed in informer but didn't: %+v", obj)
|
||||||
|
r.Equal(obj, objFromInformer, "was waiting for expected to be found in informer, but found actual")
|
||||||
}
|
}
|
||||||
|
|
||||||
// See comment for waitForObjectToAppearInInformer above.
|
// See comment for waitForObjectToAppearInInformer above.
|
||||||
var waitForObjectToBeDeletedFromInformer = func(resourceName string, informer controllerlib.InformerGetter) {
|
var waitForObjectToBeDeletedFromInformer = func(resourceName string, informer controllerlib.InformerGetter) {
|
||||||
r.Eventually(func() bool {
|
var objFromInformer interface{}
|
||||||
_, exists, err := informer.Informer().GetIndexer().GetByKey(installedInNamespace + "/" + resourceName)
|
var exists bool
|
||||||
|
var err error
|
||||||
|
assert.Eventually(t, func() bool {
|
||||||
|
objFromInformer, exists, err = informer.Informer().GetIndexer().GetByKey(installedInNamespace + "/" + resourceName)
|
||||||
return err == nil && !exists
|
return err == nil && !exists
|
||||||
}, 10*time.Second, 5*time.Millisecond)
|
}, 30*time.Second, 10*time.Millisecond)
|
||||||
|
r.NoError(err)
|
||||||
|
r.False(exists, "this object should have been deleted from informer but wasn't: %s", objFromInformer)
|
||||||
}
|
}
|
||||||
|
|
||||||
var addObjectToInformerAndWait = func(obj kubeclient.Object, informer controllerlib.InformerGetter) {
|
var addObjectToInformerAndWait = func(obj kubeclient.Object, informer controllerlib.InformerGetter) {
|
||||||
@ -835,7 +848,7 @@ func TestImpersonatorConfigControllerSync(t *testing.T) {
|
|||||||
|
|
||||||
it.Before(func() {
|
it.Before(func() {
|
||||||
r = require.New(t)
|
r = require.New(t)
|
||||||
timeoutContext, timeoutContextCancel = context.WithTimeout(context.Background(), time.Second*3)
|
cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background())
|
||||||
kubeInformerClient = kubernetesfake.NewSimpleClientset()
|
kubeInformerClient = kubernetesfake.NewSimpleClientset()
|
||||||
kubeInformers = kubeinformers.NewSharedInformerFactoryWithOptions(kubeInformerClient, 0,
|
kubeInformers = kubeinformers.NewSharedInformerFactoryWithOptions(kubeInformerClient, 0,
|
||||||
kubeinformers.WithNamespace(installedInNamespace),
|
kubeinformers.WithNamespace(installedInNamespace),
|
||||||
@ -846,7 +859,7 @@ func TestImpersonatorConfigControllerSync(t *testing.T) {
|
|||||||
})
|
})
|
||||||
|
|
||||||
it.After(func() {
|
it.After(func() {
|
||||||
timeoutContextCancel()
|
cancelContextCancelFunc()
|
||||||
closeTLSListener()
|
closeTLSListener()
|
||||||
})
|
})
|
||||||
|
|
||||||
|
@ -79,8 +79,8 @@ func TestAnnotaterControllerSync(t *testing.T) {
|
|||||||
var agentInformerClient *kubernetesfake.Clientset
|
var agentInformerClient *kubernetesfake.Clientset
|
||||||
var agentInformers kubeinformers.SharedInformerFactory
|
var agentInformers kubeinformers.SharedInformerFactory
|
||||||
var pinnipedAPIClient *pinnipedfake.Clientset
|
var pinnipedAPIClient *pinnipedfake.Clientset
|
||||||
var timeoutContext context.Context
|
var cancelContext context.Context
|
||||||
var timeoutContextCancel context.CancelFunc
|
var cancelContextCancelFunc context.CancelFunc
|
||||||
var syncContext *controllerlib.Context
|
var syncContext *controllerlib.Context
|
||||||
var controllerManagerPod, agentPod *corev1.Pod
|
var controllerManagerPod, agentPod *corev1.Pod
|
||||||
var podsGVR schema.GroupVersionResource
|
var podsGVR schema.GroupVersionResource
|
||||||
@ -116,7 +116,7 @@ func TestAnnotaterControllerSync(t *testing.T) {
|
|||||||
|
|
||||||
// Set this at the last second to support calling subject.Name().
|
// Set this at the last second to support calling subject.Name().
|
||||||
syncContext = &controllerlib.Context{
|
syncContext = &controllerlib.Context{
|
||||||
Context: timeoutContext,
|
Context: cancelContext,
|
||||||
Name: subject.Name(),
|
Name: subject.Name(),
|
||||||
Key: controllerlib.Key{
|
Key: controllerlib.Key{
|
||||||
Namespace: kubeSystemNamespace,
|
Namespace: kubeSystemNamespace,
|
||||||
@ -125,8 +125,8 @@ func TestAnnotaterControllerSync(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Must start informers before calling TestRunSynchronously()
|
// Must start informers before calling TestRunSynchronously()
|
||||||
kubeSystemInformers.Start(timeoutContext.Done())
|
kubeSystemInformers.Start(cancelContext.Done())
|
||||||
agentInformers.Start(timeoutContext.Done())
|
agentInformers.Start(cancelContext.Done())
|
||||||
controllerlib.TestRunSynchronously(t, subject)
|
controllerlib.TestRunSynchronously(t, subject)
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -143,7 +143,7 @@ func TestAnnotaterControllerSync(t *testing.T) {
|
|||||||
|
|
||||||
pinnipedAPIClient = pinnipedfake.NewSimpleClientset()
|
pinnipedAPIClient = pinnipedfake.NewSimpleClientset()
|
||||||
|
|
||||||
timeoutContext, timeoutContextCancel = context.WithTimeout(context.Background(), time.Second*3)
|
cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background())
|
||||||
|
|
||||||
controllerManagerPod, agentPod = exampleControllerManagerAndAgentPods(
|
controllerManagerPod, agentPod = exampleControllerManagerAndAgentPods(
|
||||||
kubeSystemNamespace, agentPodNamespace, certPath, keyPath,
|
kubeSystemNamespace, agentPodNamespace, certPath, keyPath,
|
||||||
@ -173,7 +173,7 @@ func TestAnnotaterControllerSync(t *testing.T) {
|
|||||||
})
|
})
|
||||||
|
|
||||||
it.After(func() {
|
it.After(func() {
|
||||||
timeoutContextCancel()
|
cancelContextCancelFunc()
|
||||||
})
|
})
|
||||||
|
|
||||||
when("there is an agent pod without annotations set", func() {
|
when("there is an agent pod without annotations set", func() {
|
||||||
|
@ -94,8 +94,8 @@ func TestCreaterControllerSync(t *testing.T) {
|
|||||||
var agentInformerClient *kubernetesfake.Clientset
|
var agentInformerClient *kubernetesfake.Clientset
|
||||||
var agentInformers kubeinformers.SharedInformerFactory
|
var agentInformers kubeinformers.SharedInformerFactory
|
||||||
var pinnipedAPIClient *pinnipedfake.Clientset
|
var pinnipedAPIClient *pinnipedfake.Clientset
|
||||||
var timeoutContext context.Context
|
var cancelContext context.Context
|
||||||
var timeoutContextCancel context.CancelFunc
|
var cancelContextCancelFunc context.CancelFunc
|
||||||
var syncContext *controllerlib.Context
|
var syncContext *controllerlib.Context
|
||||||
var controllerManagerPod, agentPod *corev1.Pod
|
var controllerManagerPod, agentPod *corev1.Pod
|
||||||
var podsGVR schema.GroupVersionResource
|
var podsGVR schema.GroupVersionResource
|
||||||
@ -135,7 +135,7 @@ func TestCreaterControllerSync(t *testing.T) {
|
|||||||
|
|
||||||
// Set this at the last second to support calling subject.Name().
|
// Set this at the last second to support calling subject.Name().
|
||||||
syncContext = &controllerlib.Context{
|
syncContext = &controllerlib.Context{
|
||||||
Context: timeoutContext,
|
Context: cancelContext,
|
||||||
Name: subject.Name(),
|
Name: subject.Name(),
|
||||||
Key: controllerlib.Key{
|
Key: controllerlib.Key{
|
||||||
Namespace: kubeSystemNamespace,
|
Namespace: kubeSystemNamespace,
|
||||||
@ -144,8 +144,8 @@ func TestCreaterControllerSync(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Must start informers before calling TestRunSynchronously()
|
// Must start informers before calling TestRunSynchronously()
|
||||||
kubeSystemInformers.Start(timeoutContext.Done())
|
kubeSystemInformers.Start(cancelContext.Done())
|
||||||
agentInformers.Start(timeoutContext.Done())
|
agentInformers.Start(cancelContext.Done())
|
||||||
controllerlib.TestRunSynchronously(t, subject)
|
controllerlib.TestRunSynchronously(t, subject)
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -162,7 +162,7 @@ func TestCreaterControllerSync(t *testing.T) {
|
|||||||
|
|
||||||
pinnipedAPIClient = pinnipedfake.NewSimpleClientset()
|
pinnipedAPIClient = pinnipedfake.NewSimpleClientset()
|
||||||
|
|
||||||
timeoutContext, timeoutContextCancel = context.WithTimeout(context.Background(), time.Second*3)
|
cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background())
|
||||||
|
|
||||||
controllerManagerPod, agentPod = exampleControllerManagerAndAgentPods(
|
controllerManagerPod, agentPod = exampleControllerManagerAndAgentPods(
|
||||||
kubeSystemNamespace, agentPodNamespace, "ignored for this test", "ignored for this test",
|
kubeSystemNamespace, agentPodNamespace, "ignored for this test", "ignored for this test",
|
||||||
@ -201,7 +201,7 @@ func TestCreaterControllerSync(t *testing.T) {
|
|||||||
})
|
})
|
||||||
|
|
||||||
it.After(func() {
|
it.After(func() {
|
||||||
timeoutContextCancel()
|
cancelContextCancelFunc()
|
||||||
})
|
})
|
||||||
|
|
||||||
when("there is a controller manager pod", func() {
|
when("there is a controller manager pod", func() {
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package kubecertagent
|
package kubecertagent
|
||||||
@ -6,7 +6,6 @@ package kubecertagent
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
|
||||||
|
|
||||||
"github.com/sclevine/spec"
|
"github.com/sclevine/spec"
|
||||||
"github.com/sclevine/spec/report"
|
"github.com/sclevine/spec/report"
|
||||||
@ -57,8 +56,8 @@ func TestDeleterControllerSync(t *testing.T) {
|
|||||||
var kubeSystemInformers kubeinformers.SharedInformerFactory
|
var kubeSystemInformers kubeinformers.SharedInformerFactory
|
||||||
var agentInformerClient *kubernetesfake.Clientset
|
var agentInformerClient *kubernetesfake.Clientset
|
||||||
var agentInformers kubeinformers.SharedInformerFactory
|
var agentInformers kubeinformers.SharedInformerFactory
|
||||||
var timeoutContext context.Context
|
var cancelContext context.Context
|
||||||
var timeoutContextCancel context.CancelFunc
|
var cancelContextCancelFunc context.CancelFunc
|
||||||
var syncContext *controllerlib.Context
|
var syncContext *controllerlib.Context
|
||||||
var controllerManagerPod, agentPod *corev1.Pod
|
var controllerManagerPod, agentPod *corev1.Pod
|
||||||
var podsGVR schema.GroupVersionResource
|
var podsGVR schema.GroupVersionResource
|
||||||
@ -85,7 +84,7 @@ func TestDeleterControllerSync(t *testing.T) {
|
|||||||
|
|
||||||
// Set this at the last second to support calling subject.Name().
|
// Set this at the last second to support calling subject.Name().
|
||||||
syncContext = &controllerlib.Context{
|
syncContext = &controllerlib.Context{
|
||||||
Context: timeoutContext,
|
Context: cancelContext,
|
||||||
Name: subject.Name(),
|
Name: subject.Name(),
|
||||||
Key: controllerlib.Key{
|
Key: controllerlib.Key{
|
||||||
Namespace: kubeSystemNamespace,
|
Namespace: kubeSystemNamespace,
|
||||||
@ -94,8 +93,8 @@ func TestDeleterControllerSync(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Must start informers before calling TestRunSynchronously()
|
// Must start informers before calling TestRunSynchronously()
|
||||||
kubeSystemInformers.Start(timeoutContext.Done())
|
kubeSystemInformers.Start(cancelContext.Done())
|
||||||
agentInformers.Start(timeoutContext.Done())
|
agentInformers.Start(cancelContext.Done())
|
||||||
controllerlib.TestRunSynchronously(t, subject)
|
controllerlib.TestRunSynchronously(t, subject)
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -109,7 +108,7 @@ func TestDeleterControllerSync(t *testing.T) {
|
|||||||
it.Before(func() {
|
it.Before(func() {
|
||||||
r = require.New(t)
|
r = require.New(t)
|
||||||
|
|
||||||
timeoutContext, timeoutContextCancel = context.WithTimeout(context.Background(), time.Second*3)
|
cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background())
|
||||||
|
|
||||||
kubeAPIClient = kubernetesfake.NewSimpleClientset()
|
kubeAPIClient = kubernetesfake.NewSimpleClientset()
|
||||||
|
|
||||||
@ -139,7 +138,7 @@ func TestDeleterControllerSync(t *testing.T) {
|
|||||||
})
|
})
|
||||||
|
|
||||||
it.After(func() {
|
it.After(func() {
|
||||||
timeoutContextCancel()
|
cancelContextCancelFunc()
|
||||||
})
|
})
|
||||||
|
|
||||||
when("there is an agent pod", func() {
|
when("there is an agent pod", func() {
|
||||||
|
@ -146,8 +146,8 @@ func TestManagerControllerSync(t *testing.T) {
|
|||||||
var r *require.Assertions
|
var r *require.Assertions
|
||||||
|
|
||||||
var subject controllerlib.Controller
|
var subject controllerlib.Controller
|
||||||
var timeoutContext context.Context
|
var cancelContext context.Context
|
||||||
var timeoutContextCancel context.CancelFunc
|
var cancelContextCancelFunc context.CancelFunc
|
||||||
var syncContext *controllerlib.Context
|
var syncContext *controllerlib.Context
|
||||||
var pinnipedAPIClient *pinnipedfake.Clientset
|
var pinnipedAPIClient *pinnipedfake.Clientset
|
||||||
var kubeInformerFactory kubeinformers.SharedInformerFactory
|
var kubeInformerFactory kubeinformers.SharedInformerFactory
|
||||||
@ -181,7 +181,7 @@ func TestManagerControllerSync(t *testing.T) {
|
|||||||
|
|
||||||
// Set this at the last second to support calling subject.Name().
|
// Set this at the last second to support calling subject.Name().
|
||||||
syncContext = &controllerlib.Context{
|
syncContext = &controllerlib.Context{
|
||||||
Context: timeoutContext,
|
Context: cancelContext,
|
||||||
Name: subject.Name(),
|
Name: subject.Name(),
|
||||||
Key: controllerlib.Key{
|
Key: controllerlib.Key{
|
||||||
Namespace: agentPodNamespace,
|
Namespace: agentPodNamespace,
|
||||||
@ -190,7 +190,7 @@ func TestManagerControllerSync(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Must start informers before calling TestRunSynchronously()
|
// Must start informers before calling TestRunSynchronously()
|
||||||
kubeInformerFactory.Start(timeoutContext.Done())
|
kubeInformerFactory.Start(cancelContext.Done())
|
||||||
controllerlib.TestRunSynchronously(t, subject)
|
controllerlib.TestRunSynchronously(t, subject)
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -228,7 +228,7 @@ func TestManagerControllerSync(t *testing.T) {
|
|||||||
it.Before(func() {
|
it.Before(func() {
|
||||||
r = require.New(t)
|
r = require.New(t)
|
||||||
|
|
||||||
timeoutContext, timeoutContextCancel = context.WithTimeout(context.Background(), time.Second*3)
|
cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background())
|
||||||
pinnipedAPIClient = pinnipedfake.NewSimpleClientset()
|
pinnipedAPIClient = pinnipedfake.NewSimpleClientset()
|
||||||
kubeClientset = kubernetesfake.NewSimpleClientset()
|
kubeClientset = kubernetesfake.NewSimpleClientset()
|
||||||
kubeInformerFactory = kubeinformers.NewSharedInformerFactory(kubeClientset, 0)
|
kubeInformerFactory = kubeinformers.NewSharedInformerFactory(kubeClientset, 0)
|
||||||
@ -253,7 +253,7 @@ func TestManagerControllerSync(t *testing.T) {
|
|||||||
})
|
})
|
||||||
|
|
||||||
it.After(func() {
|
it.After(func() {
|
||||||
timeoutContextCancel()
|
cancelContextCancelFunc()
|
||||||
})
|
})
|
||||||
|
|
||||||
when("there is not yet any agent pods or they were deleted", func() {
|
when("there is not yet any agent pods or they were deleted", func() {
|
||||||
|
@ -103,8 +103,8 @@ func TestSync(t *testing.T) {
|
|||||||
var federationDomainInformerClient *pinnipedfake.Clientset
|
var federationDomainInformerClient *pinnipedfake.Clientset
|
||||||
var federationDomainInformers pinnipedinformers.SharedInformerFactory
|
var federationDomainInformers pinnipedinformers.SharedInformerFactory
|
||||||
var pinnipedAPIClient *pinnipedfake.Clientset
|
var pinnipedAPIClient *pinnipedfake.Clientset
|
||||||
var timeoutContext context.Context
|
var cancelContext context.Context
|
||||||
var timeoutContextCancel context.CancelFunc
|
var cancelContextCancelFunc context.CancelFunc
|
||||||
var syncContext *controllerlib.Context
|
var syncContext *controllerlib.Context
|
||||||
var frozenNow time.Time
|
var frozenNow time.Time
|
||||||
var providersSetter *fakeProvidersSetter
|
var providersSetter *fakeProvidersSetter
|
||||||
@ -124,7 +124,7 @@ func TestSync(t *testing.T) {
|
|||||||
|
|
||||||
// Set this at the last second to support calling subject.Name().
|
// Set this at the last second to support calling subject.Name().
|
||||||
syncContext = &controllerlib.Context{
|
syncContext = &controllerlib.Context{
|
||||||
Context: timeoutContext,
|
Context: cancelContext,
|
||||||
Name: subject.Name(),
|
Name: subject.Name(),
|
||||||
Key: controllerlib.Key{
|
Key: controllerlib.Key{
|
||||||
Namespace: namespace,
|
Namespace: namespace,
|
||||||
@ -133,7 +133,7 @@ func TestSync(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Must start informers before calling TestRunSynchronously()
|
// Must start informers before calling TestRunSynchronously()
|
||||||
federationDomainInformers.Start(timeoutContext.Done())
|
federationDomainInformers.Start(cancelContext.Done())
|
||||||
controllerlib.TestRunSynchronously(t, subject)
|
controllerlib.TestRunSynchronously(t, subject)
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -143,7 +143,7 @@ func TestSync(t *testing.T) {
|
|||||||
providersSetter = &fakeProvidersSetter{}
|
providersSetter = &fakeProvidersSetter{}
|
||||||
frozenNow = time.Date(2020, time.September, 23, 7, 42, 0, 0, time.Local)
|
frozenNow = time.Date(2020, time.September, 23, 7, 42, 0, 0, time.Local)
|
||||||
|
|
||||||
timeoutContext, timeoutContextCancel = context.WithTimeout(context.Background(), time.Second*3)
|
cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background())
|
||||||
|
|
||||||
federationDomainInformerClient = pinnipedfake.NewSimpleClientset()
|
federationDomainInformerClient = pinnipedfake.NewSimpleClientset()
|
||||||
federationDomainInformers = pinnipedinformers.NewSharedInformerFactory(federationDomainInformerClient, 0)
|
federationDomainInformers = pinnipedinformers.NewSharedInformerFactory(federationDomainInformerClient, 0)
|
||||||
@ -157,7 +157,7 @@ func TestSync(t *testing.T) {
|
|||||||
})
|
})
|
||||||
|
|
||||||
it.After(func() {
|
it.After(func() {
|
||||||
timeoutContextCancel()
|
cancelContextCancelFunc()
|
||||||
})
|
})
|
||||||
|
|
||||||
when("there are some valid FederationDomains in the informer", func() {
|
when("there are some valid FederationDomains in the informer", func() {
|
||||||
|
@ -10,7 +10,6 @@ import (
|
|||||||
"fmt"
|
"fmt"
|
||||||
"sync"
|
"sync"
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
|
||||||
|
|
||||||
"github.com/golang/mock/gomock"
|
"github.com/golang/mock/gomock"
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
@ -630,7 +629,7 @@ func TestFederationDomainSecretsControllerSync(t *testing.T) {
|
|||||||
t.Run(test.name, func(t *testing.T) {
|
t.Run(test.name, func(t *testing.T) {
|
||||||
t.Parallel()
|
t.Parallel()
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), time.Second*3)
|
ctx, cancel := context.WithCancel(context.Background())
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
pinnipedAPIClient := pinnipedfake.NewSimpleClientset()
|
pinnipedAPIClient := pinnipedfake.NewSimpleClientset()
|
||||||
|
@ -8,7 +8,6 @@ import (
|
|||||||
"errors"
|
"errors"
|
||||||
"sync"
|
"sync"
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
appsv1 "k8s.io/api/apps/v1"
|
appsv1 "k8s.io/api/apps/v1"
|
||||||
@ -412,7 +411,7 @@ func TestSupervisorSecretsControllerSync(t *testing.T) {
|
|||||||
t.Run(test.name, func(t *testing.T) {
|
t.Run(test.name, func(t *testing.T) {
|
||||||
// We cannot currently run this test in parallel since it uses the global generateKey function.
|
// We cannot currently run this test in parallel since it uses the global generateKey function.
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), time.Second*3)
|
ctx, cancel := context.WithCancel(context.Background())
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
if test.generateKey != nil {
|
if test.generateKey != nil {
|
||||||
|
@ -7,7 +7,6 @@ import (
|
|||||||
"context"
|
"context"
|
||||||
"encoding/json"
|
"encoding/json"
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
|
||||||
|
|
||||||
"github.com/sclevine/spec"
|
"github.com/sclevine/spec"
|
||||||
"github.com/sclevine/spec/report"
|
"github.com/sclevine/spec/report"
|
||||||
@ -130,8 +129,8 @@ func TestJWKSObserverControllerSync(t *testing.T) {
|
|||||||
kubeInformerClient *kubernetesfake.Clientset
|
kubeInformerClient *kubernetesfake.Clientset
|
||||||
pinnipedInformers pinnipedinformers.SharedInformerFactory
|
pinnipedInformers pinnipedinformers.SharedInformerFactory
|
||||||
kubeInformers kubeinformers.SharedInformerFactory
|
kubeInformers kubeinformers.SharedInformerFactory
|
||||||
timeoutContext context.Context
|
cancelContext context.Context
|
||||||
timeoutContextCancel context.CancelFunc
|
cancelContextCancelFunc context.CancelFunc
|
||||||
syncContext *controllerlib.Context
|
syncContext *controllerlib.Context
|
||||||
issuerToJWKSSetter *fakeIssuerToJWKSMapSetter
|
issuerToJWKSSetter *fakeIssuerToJWKSMapSetter
|
||||||
)
|
)
|
||||||
@ -149,7 +148,7 @@ func TestJWKSObserverControllerSync(t *testing.T) {
|
|||||||
|
|
||||||
// Set this at the last second to support calling subject.Name().
|
// Set this at the last second to support calling subject.Name().
|
||||||
syncContext = &controllerlib.Context{
|
syncContext = &controllerlib.Context{
|
||||||
Context: timeoutContext,
|
Context: cancelContext,
|
||||||
Name: subject.Name(),
|
Name: subject.Name(),
|
||||||
Key: controllerlib.Key{
|
Key: controllerlib.Key{
|
||||||
Namespace: installedInNamespace,
|
Namespace: installedInNamespace,
|
||||||
@ -158,15 +157,15 @@ func TestJWKSObserverControllerSync(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Must start informers before calling TestRunSynchronously()
|
// Must start informers before calling TestRunSynchronously()
|
||||||
kubeInformers.Start(timeoutContext.Done())
|
kubeInformers.Start(cancelContext.Done())
|
||||||
pinnipedInformers.Start(timeoutContext.Done())
|
pinnipedInformers.Start(cancelContext.Done())
|
||||||
controllerlib.TestRunSynchronously(t, subject)
|
controllerlib.TestRunSynchronously(t, subject)
|
||||||
}
|
}
|
||||||
|
|
||||||
it.Before(func() {
|
it.Before(func() {
|
||||||
r = require.New(t)
|
r = require.New(t)
|
||||||
|
|
||||||
timeoutContext, timeoutContextCancel = context.WithTimeout(context.Background(), time.Second*3)
|
cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background())
|
||||||
|
|
||||||
kubeInformerClient = kubernetesfake.NewSimpleClientset()
|
kubeInformerClient = kubernetesfake.NewSimpleClientset()
|
||||||
kubeInformers = kubeinformers.NewSharedInformerFactory(kubeInformerClient, 0)
|
kubeInformers = kubeinformers.NewSharedInformerFactory(kubeInformerClient, 0)
|
||||||
@ -184,7 +183,7 @@ func TestJWKSObserverControllerSync(t *testing.T) {
|
|||||||
})
|
})
|
||||||
|
|
||||||
it.After(func() {
|
it.After(func() {
|
||||||
timeoutContextCancel()
|
cancelContextCancelFunc()
|
||||||
})
|
})
|
||||||
|
|
||||||
when("there are no FederationDomains and no JWKS Secrets yet", func() {
|
when("there are no FederationDomains and no JWKS Secrets yet", func() {
|
||||||
|
@ -12,7 +12,6 @@ import (
|
|||||||
"io"
|
"io"
|
||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
|
||||||
|
|
||||||
"github.com/stretchr/testify/require"
|
"github.com/stretchr/testify/require"
|
||||||
corev1 "k8s.io/api/core/v1"
|
corev1 "k8s.io/api/core/v1"
|
||||||
@ -674,7 +673,7 @@ func TestJWKSWriterControllerSync(t *testing.T) {
|
|||||||
return goodKey, test.generateKeyErr
|
return goodKey, test.generateKeyErr
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), time.Second*3)
|
ctx, cancel := context.WithCancel(context.Background())
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
kubeAPIClient := kubernetesfake.NewSimpleClientset()
|
kubeAPIClient := kubernetesfake.NewSimpleClientset()
|
||||||
|
@ -9,7 +9,6 @@ import (
|
|||||||
"io/ioutil"
|
"io/ioutil"
|
||||||
"net/url"
|
"net/url"
|
||||||
"testing"
|
"testing"
|
||||||
"time"
|
|
||||||
|
|
||||||
"github.com/sclevine/spec"
|
"github.com/sclevine/spec"
|
||||||
"github.com/sclevine/spec/report"
|
"github.com/sclevine/spec/report"
|
||||||
@ -136,8 +135,8 @@ func TestTLSCertObserverControllerSync(t *testing.T) {
|
|||||||
kubeInformerClient *kubernetesfake.Clientset
|
kubeInformerClient *kubernetesfake.Clientset
|
||||||
pinnipedInformers pinnipedinformers.SharedInformerFactory
|
pinnipedInformers pinnipedinformers.SharedInformerFactory
|
||||||
kubeInformers kubeinformers.SharedInformerFactory
|
kubeInformers kubeinformers.SharedInformerFactory
|
||||||
timeoutContext context.Context
|
cancelContext context.Context
|
||||||
timeoutContextCancel context.CancelFunc
|
cancelContextCancelFunc context.CancelFunc
|
||||||
syncContext *controllerlib.Context
|
syncContext *controllerlib.Context
|
||||||
issuerTLSCertSetter *fakeIssuerTLSCertSetter
|
issuerTLSCertSetter *fakeIssuerTLSCertSetter
|
||||||
)
|
)
|
||||||
@ -156,7 +155,7 @@ func TestTLSCertObserverControllerSync(t *testing.T) {
|
|||||||
|
|
||||||
// Set this at the last second to support calling subject.Name().
|
// Set this at the last second to support calling subject.Name().
|
||||||
syncContext = &controllerlib.Context{
|
syncContext = &controllerlib.Context{
|
||||||
Context: timeoutContext,
|
Context: cancelContext,
|
||||||
Name: subject.Name(),
|
Name: subject.Name(),
|
||||||
Key: controllerlib.Key{
|
Key: controllerlib.Key{
|
||||||
Namespace: installedInNamespace,
|
Namespace: installedInNamespace,
|
||||||
@ -165,8 +164,8 @@ func TestTLSCertObserverControllerSync(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Must start informers before calling TestRunSynchronously()
|
// Must start informers before calling TestRunSynchronously()
|
||||||
kubeInformers.Start(timeoutContext.Done())
|
kubeInformers.Start(cancelContext.Done())
|
||||||
pinnipedInformers.Start(timeoutContext.Done())
|
pinnipedInformers.Start(cancelContext.Done())
|
||||||
controllerlib.TestRunSynchronously(t, subject)
|
controllerlib.TestRunSynchronously(t, subject)
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -179,7 +178,7 @@ func TestTLSCertObserverControllerSync(t *testing.T) {
|
|||||||
it.Before(func() {
|
it.Before(func() {
|
||||||
r = require.New(t)
|
r = require.New(t)
|
||||||
|
|
||||||
timeoutContext, timeoutContextCancel = context.WithTimeout(context.Background(), time.Second*3)
|
cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background())
|
||||||
|
|
||||||
kubeInformerClient = kubernetesfake.NewSimpleClientset()
|
kubeInformerClient = kubernetesfake.NewSimpleClientset()
|
||||||
kubeInformers = kubeinformers.NewSharedInformerFactory(kubeInformerClient, 0)
|
kubeInformers = kubeinformers.NewSharedInformerFactory(kubeInformerClient, 0)
|
||||||
@ -197,7 +196,7 @@ func TestTLSCertObserverControllerSync(t *testing.T) {
|
|||||||
})
|
})
|
||||||
|
|
||||||
it.After(func() {
|
it.After(func() {
|
||||||
timeoutContextCancel()
|
cancelContextCancelFunc()
|
||||||
})
|
})
|
||||||
|
|
||||||
when("there are no FederationDomains and no TLS Secrets yet", func() {
|
when("there are no FederationDomains and no TLS Secrets yet", func() {
|
||||||
|
@ -624,7 +624,7 @@ func TestController(t *testing.T) {
|
|||||||
controllerlib.WithInformer,
|
controllerlib.WithInformer,
|
||||||
)
|
)
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
|
ctx, cancel := context.WithCancel(context.Background())
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
pinnipedInformers.Start(ctx.Done())
|
pinnipedInformers.Start(ctx.Done())
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package supervisorstorage
|
package supervisorstorage
|
||||||
@ -113,8 +113,8 @@ func TestGarbageCollectorControllerSync(t *testing.T) {
|
|||||||
kubeInformerClient *kubernetesfake.Clientset
|
kubeInformerClient *kubernetesfake.Clientset
|
||||||
kubeClient *kubernetesfake.Clientset
|
kubeClient *kubernetesfake.Clientset
|
||||||
kubeInformers kubeinformers.SharedInformerFactory
|
kubeInformers kubeinformers.SharedInformerFactory
|
||||||
timeoutContext context.Context
|
cancelContext context.Context
|
||||||
timeoutContextCancel context.CancelFunc
|
cancelContextCancelFunc context.CancelFunc
|
||||||
syncContext *controllerlib.Context
|
syncContext *controllerlib.Context
|
||||||
fakeClock *clock.FakeClock
|
fakeClock *clock.FakeClock
|
||||||
frozenNow time.Time
|
frozenNow time.Time
|
||||||
@ -133,7 +133,7 @@ func TestGarbageCollectorControllerSync(t *testing.T) {
|
|||||||
|
|
||||||
// Set this at the last second to support calling subject.Name().
|
// Set this at the last second to support calling subject.Name().
|
||||||
syncContext = &controllerlib.Context{
|
syncContext = &controllerlib.Context{
|
||||||
Context: timeoutContext,
|
Context: cancelContext,
|
||||||
Name: subject.Name(),
|
Name: subject.Name(),
|
||||||
Key: controllerlib.Key{
|
Key: controllerlib.Key{
|
||||||
Namespace: "",
|
Namespace: "",
|
||||||
@ -142,14 +142,14 @@ func TestGarbageCollectorControllerSync(t *testing.T) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// Must start informers before calling TestRunSynchronously()
|
// Must start informers before calling TestRunSynchronously()
|
||||||
kubeInformers.Start(timeoutContext.Done())
|
kubeInformers.Start(cancelContext.Done())
|
||||||
controllerlib.TestRunSynchronously(t, subject)
|
controllerlib.TestRunSynchronously(t, subject)
|
||||||
}
|
}
|
||||||
|
|
||||||
it.Before(func() {
|
it.Before(func() {
|
||||||
r = require.New(t)
|
r = require.New(t)
|
||||||
|
|
||||||
timeoutContext, timeoutContextCancel = context.WithTimeout(context.Background(), time.Second*3)
|
cancelContext, cancelContextCancelFunc = context.WithCancel(context.Background())
|
||||||
|
|
||||||
kubeInformerClient = kubernetesfake.NewSimpleClientset()
|
kubeInformerClient = kubernetesfake.NewSimpleClientset()
|
||||||
kubeClient = kubernetesfake.NewSimpleClientset()
|
kubeClient = kubernetesfake.NewSimpleClientset()
|
||||||
@ -168,7 +168,7 @@ func TestGarbageCollectorControllerSync(t *testing.T) {
|
|||||||
})
|
})
|
||||||
|
|
||||||
it.After(func() {
|
it.After(func() {
|
||||||
timeoutContextCancel()
|
cancelContextCancelFunc()
|
||||||
})
|
})
|
||||||
|
|
||||||
when("there are secrets without the garbage-collect-after annotation", func() {
|
when("there are secrets without the garbage-collect-after annotation", func() {
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package securityheader
|
package securityheader
|
||||||
@ -22,7 +22,7 @@ func TestWrap(t *testing.T) {
|
|||||||
})))
|
})))
|
||||||
t.Cleanup(testServer.Close)
|
t.Cleanup(testServer.Close)
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
req, err := http.NewRequestWithContext(ctx, http.MethodGet, testServer.URL, nil)
|
req, err := http.NewRequestWithContext(ctx, http.MethodGet, testServer.URL, nil)
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package secret
|
package secret
|
||||||
@ -68,7 +68,7 @@ func TestCacheSynchronized(t *testing.T) {
|
|||||||
c.SetStateEncoderHashKey(issuer, stateEncoderHashKey)
|
c.SetStateEncoderHashKey(issuer, stateEncoderHashKey)
|
||||||
c.SetStateEncoderBlockKey(issuer, stateEncoderBlockKey)
|
c.SetStateEncoderBlockKey(issuer, stateEncoderBlockKey)
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), time.Second*3)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
eg, _ := errgroup.WithContext(ctx)
|
eg, _ := errgroup.WithContext(ctx)
|
||||||
|
@ -1,4 +1,4 @@
|
|||||||
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
|
// Copyright 2020-2021 the Pinniped contributors. All Rights Reserved.
|
||||||
// SPDX-License-Identifier: Apache-2.0
|
// SPDX-License-Identifier: Apache-2.0
|
||||||
|
|
||||||
package oidcclient
|
package oidcclient
|
||||||
@ -941,7 +941,7 @@ func TestHandleAuthCodeCallback(t *testing.T) {
|
|||||||
require.NoError(t, tt.opt(t)(h))
|
require.NoError(t, tt.opt(t)(h))
|
||||||
}
|
}
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
resp := httptest.NewRecorder()
|
resp := httptest.NewRecorder()
|
||||||
|
@ -38,7 +38,7 @@ func TestCLIGetKubeconfigStaticToken(t *testing.T) {
|
|||||||
library.AssertNoRestartsDuringTest(t, env.ConciergeNamespace, "")
|
library.AssertNoRestartsDuringTest(t, env.ConciergeNamespace, "")
|
||||||
|
|
||||||
// Create a test webhook configuration to use with the CLI.
|
// Create a test webhook configuration to use with the CLI.
|
||||||
ctx, cancelFunc := context.WithTimeout(context.Background(), 4*time.Minute)
|
ctx, cancelFunc := context.WithTimeout(context.Background(), 5*time.Minute)
|
||||||
defer cancelFunc()
|
defer cancelFunc()
|
||||||
|
|
||||||
authenticator := library.CreateTestWebhookAuthenticator(ctx, t)
|
authenticator := library.CreateTestWebhookAuthenticator(ctx, t)
|
||||||
|
@ -78,7 +78,7 @@ func TestAPIServingCertificateAutoCreationAndRotation(t *testing.T) {
|
|||||||
kubeClient := library.NewKubernetesClientset(t)
|
kubeClient := library.NewKubernetesClientset(t)
|
||||||
aggregatedClient := library.NewAggregatedClientset(t)
|
aggregatedClient := library.NewAggregatedClientset(t)
|
||||||
conciergeClient := library.NewConciergeClientset(t)
|
conciergeClient := library.NewConciergeClientset(t)
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 3*time.Minute)
|
ctx, cancel := context.WithTimeout(context.Background(), 5*time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
apiServiceName := "v1alpha1.login.concierge." + env.APIGroupSuffix
|
apiServiceName := "v1alpha1.login.concierge." + env.APIGroupSuffix
|
||||||
|
@ -20,7 +20,7 @@ func TestGetDeployment(t *testing.T) {
|
|||||||
env := library.IntegrationEnv(t)
|
env := library.IntegrationEnv(t)
|
||||||
client := library.NewKubernetesClientset(t)
|
client := library.NewKubernetesClientset(t)
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
appDeployment, err := client.AppsV1().Deployments(env.ConciergeNamespace).Get(ctx, env.ConciergeAppName, metav1.GetOptions{})
|
appDeployment, err := client.AppsV1().Deployments(env.ConciergeNamespace).Get(ctx, env.ConciergeAppName, metav1.GetOptions{})
|
||||||
|
@ -59,7 +59,7 @@ func TestClient(t *testing.T) {
|
|||||||
|
|
||||||
library.AssertNoRestartsDuringTest(t, env.ConciergeNamespace, "")
|
library.AssertNoRestartsDuringTest(t, env.ConciergeNamespace, "")
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
webhook := library.CreateTestWebhookAuthenticator(ctx, t)
|
webhook := library.CreateTestWebhookAuthenticator(ctx, t)
|
||||||
|
@ -25,7 +25,7 @@ func TestCredentialIssuer(t *testing.T) {
|
|||||||
|
|
||||||
library.AssertNoRestartsDuringTest(t, env.ConciergeNamespace, "")
|
library.AssertNoRestartsDuringTest(t, env.ConciergeNamespace, "")
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
t.Run("test successful CredentialIssuer", func(t *testing.T) {
|
t.Run("test successful CredentialIssuer", func(t *testing.T) {
|
||||||
|
@ -27,7 +27,7 @@ func TestUnsuccessfulCredentialRequest(t *testing.T) {
|
|||||||
|
|
||||||
library.AssertNoRestartsDuringTest(t, env.ConciergeNamespace, "")
|
library.AssertNoRestartsDuringTest(t, env.ConciergeNamespace, "")
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
response, err := makeRequest(ctx, t, validCredentialRequestSpecWithRealToken(t, corev1.TypedLocalObjectReference{
|
response, err := makeRequest(ctx, t, validCredentialRequestSpecWithRealToken(t, corev1.TypedLocalObjectReference{
|
||||||
@ -137,7 +137,7 @@ func TestFailedCredentialRequestWhenTheRequestIsValidButTheTokenDoesNotAuthentic
|
|||||||
|
|
||||||
// Create a testWebhook so we have a legitimate authenticator to pass to the
|
// Create a testWebhook so we have a legitimate authenticator to pass to the
|
||||||
// TokenCredentialRequest API.
|
// TokenCredentialRequest API.
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), time.Second*30)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
testWebhook := library.CreateTestWebhookAuthenticator(ctx, t)
|
testWebhook := library.CreateTestWebhookAuthenticator(ctx, t)
|
||||||
|
|
||||||
@ -160,7 +160,7 @@ func TestCredentialRequest_ShouldFailWhenRequestDoesNotIncludeToken(t *testing.T
|
|||||||
|
|
||||||
// Create a testWebhook so we have a legitimate authenticator to pass to the
|
// Create a testWebhook so we have a legitimate authenticator to pass to the
|
||||||
// TokenCredentialRequest API.
|
// TokenCredentialRequest API.
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), time.Second*30)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
testWebhook := library.CreateTestWebhookAuthenticator(ctx, t)
|
testWebhook := library.CreateTestWebhookAuthenticator(ctx, t)
|
||||||
|
|
||||||
@ -188,7 +188,7 @@ func TestCredentialRequest_OtherwiseValidRequestWithRealTokenShouldFailWhenTheCl
|
|||||||
|
|
||||||
library.AssertNoRestartsDuringTest(t, env.ConciergeNamespace, "")
|
library.AssertNoRestartsDuringTest(t, env.ConciergeNamespace, "")
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
testWebhook := library.CreateTestWebhookAuthenticator(ctx, t)
|
testWebhook := library.CreateTestWebhookAuthenticator(ctx, t)
|
||||||
@ -208,7 +208,7 @@ func makeRequest(ctx context.Context, t *testing.T, spec loginv1alpha1.TokenCred
|
|||||||
|
|
||||||
client := library.NewAnonymousConciergeClientset(t)
|
client := library.NewAnonymousConciergeClientset(t)
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(ctx, 10*time.Second)
|
ctx, cancel := context.WithTimeout(ctx, time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
return client.LoginV1alpha1().TokenCredentialRequests().Create(ctx, &loginv1alpha1.TokenCredentialRequest{
|
return client.LoginV1alpha1().TokenCredentialRequests().Create(ctx, &loginv1alpha1.TokenCredentialRequest{
|
||||||
|
@ -96,7 +96,7 @@ func TestImpersonationProxy(t *testing.T) {
|
|||||||
}
|
}
|
||||||
// At the end of the test, clean up the ConfigMap.
|
// At the end of the test, clean up the ConfigMap.
|
||||||
t.Cleanup(func() {
|
t.Cleanup(func() {
|
||||||
ctx, cancel = context.WithTimeout(context.Background(), 10*time.Second)
|
ctx, cancel = context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
// Delete any version that was created by this test.
|
// Delete any version that was created by this test.
|
||||||
|
@ -30,7 +30,7 @@ func TestKubeCertAgent(t *testing.T) {
|
|||||||
|
|
||||||
library.AssertNoRestartsDuringTest(t, env.ConciergeNamespace, "")
|
library.AssertNoRestartsDuringTest(t, env.ConciergeNamespace, "")
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 1*time.Minute)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
kubeClient := library.NewKubernetesClientset(t)
|
kubeClient := library.NewKubernetesClientset(t)
|
||||||
|
@ -240,7 +240,7 @@ func verifyTokenResponse(
|
|||||||
nonceParam nonce.Nonce,
|
nonceParam nonce.Nonce,
|
||||||
expectedIDTokenClaims []string,
|
expectedIDTokenClaims []string,
|
||||||
) {
|
) {
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 1*time.Minute)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
// Verify the ID Token.
|
// Verify the ID Token.
|
||||||
@ -310,7 +310,7 @@ func (s *localCallbackServer) waitForCallback(timeout time.Duration) *http.Reque
|
|||||||
}
|
}
|
||||||
|
|
||||||
func doTokenExchange(t *testing.T, config *oauth2.Config, tokenResponse *oauth2.Token, httpClient *http.Client, provider *coreosoidc.Provider) {
|
func doTokenExchange(t *testing.T, config *oauth2.Config, tokenResponse *oauth2.Token, httpClient *http.Client, provider *coreosoidc.Provider) {
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 1*time.Minute)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
// Form the HTTP POST request with the parameters specified by RFC8693.
|
// Form the HTTP POST request with the parameters specified by RFC8693.
|
||||||
|
@ -99,7 +99,7 @@ func createSecret(ctx context.Context, t *testing.T, secrets corev1client.Secret
|
|||||||
|
|
||||||
// Make sure the Secret is deleted when the test ends.
|
// Make sure the Secret is deleted when the test ends.
|
||||||
t.Cleanup(func() {
|
t.Cleanup(func() {
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
err := secrets.Delete(ctx, secret.Name, metav1.DeleteOptions{})
|
err := secrets.Delete(ctx, secret.Name, metav1.DeleteOptions{})
|
||||||
notFound := k8serrors.IsNotFound(err)
|
notFound := k8serrors.IsNotFound(err)
|
||||||
|
@ -42,13 +42,13 @@ func TestAuthorizeCodeStorage(t *testing.T) {
|
|||||||
secrets := client.CoreV1().Secrets(env.SupervisorNamespace)
|
secrets := client.CoreV1().Secrets(env.SupervisorNamespace)
|
||||||
|
|
||||||
t.Cleanup(func() {
|
t.Cleanup(func() {
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
err := secrets.Delete(ctx, name, metav1.DeleteOptions{})
|
err := secrets.Delete(ctx, name, metav1.DeleteOptions{})
|
||||||
require.NoError(t, err)
|
require.NoError(t, err)
|
||||||
})
|
})
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
// get a session with most of the data filled out
|
// get a session with most of the data filled out
|
||||||
|
@ -34,7 +34,7 @@ func TestWhoAmI_Kubeadm(t *testing.T) {
|
|||||||
// we should add more robust logic around skipping clusters based on vendor
|
// we should add more robust logic around skipping clusters based on vendor
|
||||||
_ = library.IntegrationEnv(t).WithCapability(library.ClusterSigningKeyIsAvailable)
|
_ = library.IntegrationEnv(t).WithCapability(library.ClusterSigningKeyIsAvailable)
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
whoAmI, err := library.NewConciergeClientset(t).IdentityV1alpha1().WhoAmIRequests().
|
whoAmI, err := library.NewConciergeClientset(t).IdentityV1alpha1().WhoAmIRequests().
|
||||||
@ -63,7 +63,7 @@ func TestWhoAmI_Kubeadm(t *testing.T) {
|
|||||||
func TestWhoAmI_ServiceAccount_Legacy(t *testing.T) {
|
func TestWhoAmI_ServiceAccount_Legacy(t *testing.T) {
|
||||||
_ = library.IntegrationEnv(t)
|
_ = library.IntegrationEnv(t)
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
kubeClient := library.NewKubernetesClientset(t).CoreV1()
|
kubeClient := library.NewKubernetesClientset(t).CoreV1()
|
||||||
@ -107,7 +107,7 @@ func TestWhoAmI_ServiceAccount_Legacy(t *testing.T) {
|
|||||||
return false, err
|
return false, err
|
||||||
}
|
}
|
||||||
return len(secret.Data[corev1.ServiceAccountTokenKey]) > 0, nil
|
return len(secret.Data[corev1.ServiceAccountTokenKey]) > 0, nil
|
||||||
}, 30*time.Second, time.Second)
|
}, time.Minute, time.Second)
|
||||||
|
|
||||||
saConfig := library.NewAnonymousClientRestConfig(t)
|
saConfig := library.NewAnonymousClientRestConfig(t)
|
||||||
saConfig.BearerToken = string(secret.Data[corev1.ServiceAccountTokenKey])
|
saConfig.BearerToken = string(secret.Data[corev1.ServiceAccountTokenKey])
|
||||||
@ -140,7 +140,7 @@ func TestWhoAmI_ServiceAccount_Legacy(t *testing.T) {
|
|||||||
func TestWhoAmI_ServiceAccount_TokenRequest(t *testing.T) {
|
func TestWhoAmI_ServiceAccount_TokenRequest(t *testing.T) {
|
||||||
_ = library.IntegrationEnv(t)
|
_ = library.IntegrationEnv(t)
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
kubeClient := library.NewKubernetesClientset(t).CoreV1()
|
kubeClient := library.NewKubernetesClientset(t).CoreV1()
|
||||||
@ -258,7 +258,7 @@ func TestWhoAmI_CSR(t *testing.T) {
|
|||||||
// we should add more robust logic around skipping clusters based on vendor
|
// we should add more robust logic around skipping clusters based on vendor
|
||||||
_ = library.IntegrationEnv(t).WithCapability(library.ClusterSigningKeyIsAvailable)
|
_ = library.IntegrationEnv(t).WithCapability(library.ClusterSigningKeyIsAvailable)
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
kubeClient := library.NewKubernetesClientset(t)
|
kubeClient := library.NewKubernetesClientset(t)
|
||||||
@ -346,7 +346,7 @@ func TestWhoAmI_CSR(t *testing.T) {
|
|||||||
func TestWhoAmI_Anonymous(t *testing.T) {
|
func TestWhoAmI_Anonymous(t *testing.T) {
|
||||||
_ = library.IntegrationEnv(t)
|
_ = library.IntegrationEnv(t)
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
anonymousConfig := library.NewAnonymousClientRestConfig(t)
|
anonymousConfig := library.NewAnonymousClientRestConfig(t)
|
||||||
@ -377,7 +377,7 @@ func TestWhoAmI_Anonymous(t *testing.T) {
|
|||||||
func TestWhoAmI_ImpersonateDirectly(t *testing.T) {
|
func TestWhoAmI_ImpersonateDirectly(t *testing.T) {
|
||||||
_ = library.IntegrationEnv(t)
|
_ = library.IntegrationEnv(t)
|
||||||
|
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 30*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
impersonationConfig := library.NewClientConfig(t)
|
impersonationConfig := library.NewClientConfig(t)
|
||||||
|
@ -88,7 +88,7 @@ func getRestartCounts(t *testing.T, namespace, labelSelector string) map[string]
|
|||||||
t.Helper()
|
t.Helper()
|
||||||
|
|
||||||
kubeClient := NewKubernetesClientset(t)
|
kubeClient := NewKubernetesClientset(t)
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
pods, err := kubeClient.CoreV1().Pods(namespace).List(ctx, metav1.ListOptions{LabelSelector: labelSelector})
|
pods, err := kubeClient.CoreV1().Pods(namespace).List(ctx, metav1.ListOptions{LabelSelector: labelSelector})
|
||||||
|
@ -156,7 +156,7 @@ func CreateTestWebhookAuthenticator(ctx context.Context, t *testing.T) corev1.Ty
|
|||||||
client := NewConciergeClientset(t)
|
client := NewConciergeClientset(t)
|
||||||
webhooks := client.AuthenticationV1alpha1().WebhookAuthenticators()
|
webhooks := client.AuthenticationV1alpha1().WebhookAuthenticators()
|
||||||
|
|
||||||
createContext, cancel := context.WithTimeout(ctx, 5*time.Second)
|
createContext, cancel := context.WithTimeout(ctx, time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
webhook, err := webhooks.Create(createContext, &auth1alpha1.WebhookAuthenticator{
|
webhook, err := webhooks.Create(createContext, &auth1alpha1.WebhookAuthenticator{
|
||||||
@ -169,7 +169,7 @@ func CreateTestWebhookAuthenticator(ctx context.Context, t *testing.T) corev1.Ty
|
|||||||
t.Cleanup(func() {
|
t.Cleanup(func() {
|
||||||
t.Helper()
|
t.Helper()
|
||||||
t.Logf("cleaning up test WebhookAuthenticator %s/%s", webhook.Namespace, webhook.Name)
|
t.Logf("cleaning up test WebhookAuthenticator %s/%s", webhook.Namespace, webhook.Name)
|
||||||
deleteCtx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
|
deleteCtx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
err := webhooks.Delete(deleteCtx, webhook.Name, metav1.DeleteOptions{})
|
err := webhooks.Delete(deleteCtx, webhook.Name, metav1.DeleteOptions{})
|
||||||
require.NoErrorf(t, err, "could not cleanup test WebhookAuthenticator %s/%s", webhook.Namespace, webhook.Name)
|
require.NoErrorf(t, err, "could not cleanup test WebhookAuthenticator %s/%s", webhook.Namespace, webhook.Name)
|
||||||
@ -219,7 +219,7 @@ func CreateTestJWTAuthenticator(ctx context.Context, t *testing.T, spec auth1alp
|
|||||||
client := NewConciergeClientset(t)
|
client := NewConciergeClientset(t)
|
||||||
jwtAuthenticators := client.AuthenticationV1alpha1().JWTAuthenticators()
|
jwtAuthenticators := client.AuthenticationV1alpha1().JWTAuthenticators()
|
||||||
|
|
||||||
createContext, cancel := context.WithTimeout(ctx, 5*time.Second)
|
createContext, cancel := context.WithTimeout(ctx, time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
jwtAuthenticator, err := jwtAuthenticators.Create(createContext, &auth1alpha1.JWTAuthenticator{
|
jwtAuthenticator, err := jwtAuthenticators.Create(createContext, &auth1alpha1.JWTAuthenticator{
|
||||||
@ -232,7 +232,7 @@ func CreateTestJWTAuthenticator(ctx context.Context, t *testing.T, spec auth1alp
|
|||||||
t.Cleanup(func() {
|
t.Cleanup(func() {
|
||||||
t.Helper()
|
t.Helper()
|
||||||
t.Logf("cleaning up test JWTAuthenticator %s/%s", jwtAuthenticator.Namespace, jwtAuthenticator.Name)
|
t.Logf("cleaning up test JWTAuthenticator %s/%s", jwtAuthenticator.Namespace, jwtAuthenticator.Name)
|
||||||
deleteCtx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
|
deleteCtx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
err := jwtAuthenticators.Delete(deleteCtx, jwtAuthenticator.Name, metav1.DeleteOptions{})
|
err := jwtAuthenticators.Delete(deleteCtx, jwtAuthenticator.Name, metav1.DeleteOptions{})
|
||||||
require.NoErrorf(t, err, "could not cleanup test JWTAuthenticator %s/%s", jwtAuthenticator.Namespace, jwtAuthenticator.Name)
|
require.NoErrorf(t, err, "could not cleanup test JWTAuthenticator %s/%s", jwtAuthenticator.Namespace, jwtAuthenticator.Name)
|
||||||
@ -255,7 +255,7 @@ func CreateTestFederationDomain(ctx context.Context, t *testing.T, issuer string
|
|||||||
t.Helper()
|
t.Helper()
|
||||||
testEnv := IntegrationEnv(t)
|
testEnv := IntegrationEnv(t)
|
||||||
|
|
||||||
createContext, cancel := context.WithTimeout(ctx, 5*time.Second)
|
createContext, cancel := context.WithTimeout(ctx, time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
if issuer == "" {
|
if issuer == "" {
|
||||||
@ -276,7 +276,7 @@ func CreateTestFederationDomain(ctx context.Context, t *testing.T, issuer string
|
|||||||
t.Cleanup(func() {
|
t.Cleanup(func() {
|
||||||
t.Helper()
|
t.Helper()
|
||||||
t.Logf("cleaning up test FederationDomain %s/%s", federationDomain.Namespace, federationDomain.Name)
|
t.Logf("cleaning up test FederationDomain %s/%s", federationDomain.Namespace, federationDomain.Name)
|
||||||
deleteCtx, cancel := context.WithTimeout(context.Background(), 5*time.Second)
|
deleteCtx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
err := federationDomains.Delete(deleteCtx, federationDomain.Name, metav1.DeleteOptions{})
|
err := federationDomains.Delete(deleteCtx, federationDomain.Name, metav1.DeleteOptions{})
|
||||||
notFound := k8serrors.IsNotFound(err)
|
notFound := k8serrors.IsNotFound(err)
|
||||||
@ -330,7 +330,7 @@ func RandHex(t *testing.T, numBytes int) string {
|
|||||||
func CreateTestSecret(t *testing.T, namespace string, baseName string, secretType corev1.SecretType, stringData map[string]string) *corev1.Secret {
|
func CreateTestSecret(t *testing.T, namespace string, baseName string, secretType corev1.SecretType, stringData map[string]string) *corev1.Secret {
|
||||||
t.Helper()
|
t.Helper()
|
||||||
client := NewKubernetesClientset(t)
|
client := NewKubernetesClientset(t)
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
created, err := client.CoreV1().Secrets(namespace).Create(ctx, &corev1.Secret{
|
created, err := client.CoreV1().Secrets(namespace).Create(ctx, &corev1.Secret{
|
||||||
@ -401,7 +401,7 @@ func CreateTestOIDCIdentityProvider(t *testing.T, spec idpv1alpha1.OIDCIdentityP
|
|||||||
func CreateTestClusterRoleBinding(t *testing.T, subject rbacv1.Subject, roleRef rbacv1.RoleRef) *rbacv1.ClusterRoleBinding {
|
func CreateTestClusterRoleBinding(t *testing.T, subject rbacv1.Subject, roleRef rbacv1.RoleRef) *rbacv1.ClusterRoleBinding {
|
||||||
t.Helper()
|
t.Helper()
|
||||||
client := NewKubernetesClientset(t)
|
client := NewKubernetesClientset(t)
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
// Create the ClusterRoleBinding using GenerateName to get a random name.
|
// Create the ClusterRoleBinding using GenerateName to get a random name.
|
||||||
@ -426,7 +426,7 @@ func CreateTestClusterRoleBinding(t *testing.T, subject rbacv1.Subject, roleRef
|
|||||||
func WaitForUserToHaveAccess(t *testing.T, user string, groups []string, shouldHaveAccessTo *authorizationv1.ResourceAttributes) {
|
func WaitForUserToHaveAccess(t *testing.T, user string, groups []string, shouldHaveAccessTo *authorizationv1.ResourceAttributes) {
|
||||||
t.Helper()
|
t.Helper()
|
||||||
client := NewKubernetesClientset(t)
|
client := NewKubernetesClientset(t)
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 20*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
RequireEventuallyWithoutError(t, func() (bool, error) {
|
RequireEventuallyWithoutError(t, func() (bool, error) {
|
||||||
@ -441,7 +441,7 @@ func WaitForUserToHaveAccess(t *testing.T, user string, groups []string, shouldH
|
|||||||
return false, err
|
return false, err
|
||||||
}
|
}
|
||||||
return subjectAccessReview.Status.Allowed, nil
|
return subjectAccessReview.Status.Allowed, nil
|
||||||
}, 10*time.Second, 500*time.Millisecond)
|
}, time.Minute, 500*time.Millisecond)
|
||||||
}
|
}
|
||||||
|
|
||||||
func testObjectMeta(t *testing.T, baseName string) metav1.ObjectMeta {
|
func testObjectMeta(t *testing.T, baseName string) metav1.ObjectMeta {
|
||||||
|
@ -22,7 +22,7 @@ func DumpLogs(t *testing.T, namespace string, labelSelector string) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
kubeClient := NewKubernetesClientset(t)
|
kubeClient := NewKubernetesClientset(t)
|
||||||
ctx, cancel := context.WithTimeout(context.Background(), 60*time.Second)
|
ctx, cancel := context.WithTimeout(context.Background(), time.Minute)
|
||||||
defer cancel()
|
defer cancel()
|
||||||
|
|
||||||
logTailLines := int64(40)
|
logTailLines := int64(40)
|
||||||
|
Loading…
Reference in New Issue
Block a user