ae56fcb46a
- Intended to be a red test in this commit; will make it go green in a future commit - Enhance env.go and prepare-for-integration-tests.sh to make it possible to write integration tests for the supervisor app by setting more env vars and by exposing the service to the kind host on a localhost port - Add `--clean` option to prepare-for-integration-tests.sh to make it easier to start fresh - Make prepare-for-integration-tests.sh advise you to run `go test -v -count 1 ./test/integration` because this does not buffer the test output - Make concierge_api_discovery_test.go pass by adding expectations for the new OIDCProviderConfig type
147 lines
4.3 KiB
Go
147 lines
4.3 KiB
Go
// Copyright 2020 the Pinniped contributors. All Rights Reserved.
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package integration
|
|
|
|
import (
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/require"
|
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
|
|
|
"go.pinniped.dev/test/library"
|
|
)
|
|
|
|
func TestGetAPIResourceList(t *testing.T) {
|
|
library.SkipUnlessIntegration(t)
|
|
|
|
client := library.NewPinnipedClientset(t)
|
|
|
|
groups, resources, err := client.Discovery().ServerGroupsAndResources()
|
|
require.NoError(t, err)
|
|
|
|
tests := []struct {
|
|
group metav1.APIGroup
|
|
resourceByVersion map[string][]metav1.APIResource
|
|
}{
|
|
{
|
|
group: metav1.APIGroup{
|
|
Name: "login.pinniped.dev",
|
|
Versions: []metav1.GroupVersionForDiscovery{
|
|
{
|
|
GroupVersion: "login.pinniped.dev/v1alpha1",
|
|
Version: "v1alpha1",
|
|
},
|
|
},
|
|
PreferredVersion: metav1.GroupVersionForDiscovery{
|
|
GroupVersion: "login.pinniped.dev/v1alpha1",
|
|
Version: "v1alpha1",
|
|
},
|
|
},
|
|
resourceByVersion: map[string][]metav1.APIResource{
|
|
"login.pinniped.dev/v1alpha1": {
|
|
{
|
|
Name: "tokencredentialrequests",
|
|
Kind: "TokenCredentialRequest",
|
|
Verbs: []string{"create"},
|
|
Namespaced: true,
|
|
|
|
// This is currently an empty string in the response; maybe it should not be
|
|
// empty? Seems like no harm in keeping it like this for now, but feel free
|
|
// to update in the future if there is a compelling reason to do so.
|
|
SingularName: "",
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
group: metav1.APIGroup{
|
|
Name: "config.pinniped.dev",
|
|
Versions: []metav1.GroupVersionForDiscovery{
|
|
{
|
|
GroupVersion: "config.pinniped.dev/v1alpha1",
|
|
Version: "v1alpha1",
|
|
},
|
|
},
|
|
PreferredVersion: metav1.GroupVersionForDiscovery{
|
|
GroupVersion: "config.pinniped.dev/v1alpha1",
|
|
Version: "v1alpha1",
|
|
},
|
|
},
|
|
resourceByVersion: map[string][]metav1.APIResource{
|
|
"config.pinniped.dev/v1alpha1": {
|
|
{
|
|
Name: "credentialissuerconfigs",
|
|
SingularName: "credentialissuerconfig",
|
|
Namespaced: true,
|
|
Kind: "CredentialIssuerConfig",
|
|
Verbs: []string{"delete", "deletecollection", "get", "list", "patch", "create", "update", "watch"},
|
|
ShortNames: []string{"cic"},
|
|
},
|
|
{
|
|
Name: "oidcproviderconfigs",
|
|
SingularName: "oidcproviderconfig",
|
|
Namespaced: true,
|
|
Kind: "OIDCProviderConfig",
|
|
Verbs: []string{"delete", "deletecollection", "get", "list", "patch", "create", "update", "watch"},
|
|
ShortNames: []string{"opc"},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
{
|
|
group: metav1.APIGroup{
|
|
Name: "idp.pinniped.dev",
|
|
Versions: []metav1.GroupVersionForDiscovery{
|
|
{
|
|
GroupVersion: "idp.pinniped.dev/v1alpha1",
|
|
Version: "v1alpha1",
|
|
},
|
|
},
|
|
PreferredVersion: metav1.GroupVersionForDiscovery{
|
|
GroupVersion: "idp.pinniped.dev/v1alpha1",
|
|
Version: "v1alpha1",
|
|
},
|
|
},
|
|
resourceByVersion: map[string][]metav1.APIResource{
|
|
"idp.pinniped.dev/v1alpha1": {
|
|
{
|
|
Name: "webhookidentityproviders",
|
|
SingularName: "webhookidentityprovider",
|
|
Namespaced: true,
|
|
Kind: "WebhookIdentityProvider",
|
|
Verbs: []string{"delete", "deletecollection", "get", "list", "patch", "create", "update", "watch"},
|
|
ShortNames: []string{"webhookidp", "webhookidps"},
|
|
Categories: []string{"all", "idp", "idps"},
|
|
},
|
|
},
|
|
},
|
|
},
|
|
}
|
|
|
|
for _, tt := range tests {
|
|
tt := tt
|
|
t.Run(tt.group.Name, func(t *testing.T) {
|
|
require.Contains(t, groups, &tt.group)
|
|
|
|
for groupVersion, expectedResources := range tt.resourceByVersion {
|
|
// Find the actual resource list and make a copy.
|
|
var actualResourceList *metav1.APIResourceList
|
|
for _, resource := range resources {
|
|
if resource.GroupVersion == groupVersion {
|
|
actualResourceList = resource.DeepCopy()
|
|
}
|
|
}
|
|
require.NotNilf(t, actualResourceList, "could not find groupVersion %s", groupVersion)
|
|
|
|
// Because its hard to predict the storage version hash (e.g. "t/+v41y+3e4="), we just don't
|
|
// worry about comparing that field.
|
|
for i := range actualResourceList.APIResources {
|
|
actualResourceList.APIResources[i].StorageVersionHash = ""
|
|
}
|
|
require.EqualValues(t, expectedResources, actualResourceList.APIResources, "unexpected API resources")
|
|
}
|
|
})
|
|
}
|
|
}
|