Add retries to TestSupervisorTLSTerminationWithSNI and TestSupervisorOIDCDiscovery.

These tests occasionally flake because of a conflict error such as:

```
    supervisor_discovery_test.go:105:
        	Error Trace:	supervisor_discovery_test.go:587
        	            				supervisor_discovery_test.go:105
        	Error:      	Received unexpected error:
        	            	Operation cannot be fulfilled on federationdomains.config.supervisor.pinniped.dev "test-oidc-provider-lvjfw": the object has been modified; please apply your changes to the latest version and try again
        	Test:       	TestSupervisorOIDCDiscovery
```

These retries should improve the reliability of the tests.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
This commit is contained in:
Matt Moyer 2021-03-11 13:18:15 -06:00
parent c14621428f
commit e98c6dfdd8
No known key found for this signature in database
GPG Key ID: EAE88AD172C5AE2D

View File

@ -24,6 +24,7 @@ import (
k8serrors "k8s.io/apimachinery/pkg/api/errors"
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
"k8s.io/client-go/kubernetes"
"k8s.io/client-go/util/retry"
"go.pinniped.dev/generated/latest/apis/supervisor/config/v1alpha1"
pinnipedclientset "go.pinniped.dev/generated/latest/client/supervisor/clientset/versioned"
@ -181,11 +182,15 @@ func TestSupervisorTLSTerminationWithSNI(t *testing.T) {
// Update the config to with a new .spec.tls.secretName.
certSecretName1update := "integration-test-cert-1-update"
federationDomain1LatestVersion, err := pinnipedClient.ConfigV1alpha1().FederationDomains(ns).Get(ctx, federationDomain1.Name, metav1.GetOptions{})
require.NoError(t, err)
federationDomain1LatestVersion.Spec.TLS = &v1alpha1.FederationDomainTLSSpec{SecretName: certSecretName1update}
_, err = pinnipedClient.ConfigV1alpha1().FederationDomains(ns).Update(ctx, federationDomain1LatestVersion, metav1.UpdateOptions{})
require.NoError(t, err)
require.NoError(t, retry.RetryOnConflict(retry.DefaultRetry, func() error {
federationDomain1LatestVersion, err := pinnipedClient.ConfigV1alpha1().FederationDomains(ns).Get(ctx, federationDomain1.Name, metav1.GetOptions{})
if err != nil {
return err
}
federationDomain1LatestVersion.Spec.TLS = &v1alpha1.FederationDomainTLSSpec{SecretName: certSecretName1update}
_, err = pinnipedClient.ConfigV1alpha1().FederationDomains(ns).Update(ctx, federationDomain1LatestVersion, metav1.UpdateOptions{})
return err
}))
// The the endpoints should fail with TLS errors again.
requireEndpointHasTLSErrorBecauseCertificatesAreNotReady(t, issuer1)
@ -579,13 +584,16 @@ func editFederationDomainIssuerName(
ctx, cancel := context.WithTimeout(context.Background(), 2*time.Minute)
defer cancel()
mostRecentVersion, err := client.ConfigV1alpha1().FederationDomains(ns).Get(ctx, existingFederationDomain.Name, metav1.GetOptions{})
require.NoError(t, err)
mostRecentVersion.Spec.Issuer = newIssuerName
updated, err := client.ConfigV1alpha1().FederationDomains(ns).Update(ctx, mostRecentVersion, metav1.UpdateOptions{})
require.NoError(t, err)
var updated *v1alpha1.FederationDomain
require.NoError(t, retry.RetryOnConflict(retry.DefaultRetry, func() error {
mostRecentVersion, err := client.ConfigV1alpha1().FederationDomains(ns).Get(ctx, existingFederationDomain.Name, metav1.GetOptions{})
if err != nil {
return err
}
mostRecentVersion.Spec.Issuer = newIssuerName
updated, err = client.ConfigV1alpha1().FederationDomains(ns).Update(ctx, mostRecentVersion, metav1.UpdateOptions{})
return err
}))
return updated
}