Merge pull request #8204 from bryan-cox/migrate-self-azure-e2e

CNTRLPLANE-3222: Migrate self-managed Azure e2e tests to v2 Ginkgo framework

Author: openshift-merge-bot[bot]

test/e2e/create_cluster_test.go

@@ -129,7 +129,7 @@ func TestCreateCluster(t *testing.T) {
 
 		if globalOpts.Platform == hyperv1.AzurePlatform || globalOpts.Platform == hyperv1.AWSPlatform {
 			// ensure Ingress Operator configuration is properly applied
-			e2eutil.EnsureIngressOperatorConfiguration(t, ctx, mgtClient, guestClient, hostedCluster)
+			e2eutil.EnsureIngressOperatorConfiguration(t, ctx, guestClient, hostedCluster)
 		}
 
 		e2eutil.EnsureAWSCCMWithCustomizations(t, ctx, &e2eutil.AWSCCMTestConfig{

test/e2e/util/azure.go

@@ -17,86 +17,93 @@ import (
 	crclient "sigs.k8s.io/controller-runtime/pkg/client"
 )
 
-func EnsureAzureWorkloadIdentityWebhookMutation(t *testing.T, ctx context.Context, guestClient crclient.Client) {
-	t.Run("EnsureAzureWorkloadIdentityWebhookMutation", func(t *testing.T) {
-		AtLeast(t, Version422)
-		g := NewWithT(t)
+func ValidateAzureWorkloadIdentityWebhookMutation(t testing.TB, ctx context.Context, guestClient crclient.Client) {
+	g := NewWithT(t)
 
-		nsName := fmt.Sprintf("azure-wi-e2e-%d", time.Now().UnixNano())
-		testNamespace := &corev1.Namespace{ObjectMeta: metav1.ObjectMeta{Name: nsName}}
-		g.Expect(guestClient.Create(ctx, testNamespace)).To(Succeed(), "failed to create test namespace")
+	nsName := fmt.Sprintf("azure-wi-e2e-%d", time.Now().UnixNano())
+	testNamespace := &corev1.Namespace{ObjectMeta: metav1.ObjectMeta{Name: nsName}}
+	g.Expect(guestClient.Create(ctx, testNamespace)).To(Succeed(), "failed to create test namespace")
+	defer func() {
+		_ = guestClient.Delete(context.Background(), testNamespace)
+	}()
 
-		serviceAccount := &corev1.ServiceAccount{
-			ObjectMeta: metav1.ObjectMeta{
-				Name:      "azure-wi-test-sa",
-				Namespace: nsName,
-				Annotations: map[string]string{
-					"azure.workload.identity/client-id": "00000000-0000-0000-0000-000000000000",
-				},
+	serviceAccount := &corev1.ServiceAccount{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      "azure-wi-test-sa",
+			Namespace: nsName,
+			Annotations: map[string]string{
+				"azure.workload.identity/client-id": "00000000-0000-0000-0000-000000000000",
 			},
-		}
-		g.Expect(guestClient.Create(ctx, serviceAccount)).To(Succeed(), "failed to create test service account")
+		},
+	}
+	g.Expect(guestClient.Create(ctx, serviceAccount)).To(Succeed(), "failed to create test service account")
 
-		pod := &corev1.Pod{
-			ObjectMeta: metav1.ObjectMeta{
-				Name:      "azure-wi-webhook-test-pod",
-				Namespace: nsName,
-				Labels: map[string]string{
-					"azure.workload.identity/use": "true",
-				},
+	pod := &corev1.Pod{
+		ObjectMeta: metav1.ObjectMeta{
+			Name:      "azure-wi-webhook-test-pod",
+			Namespace: nsName,
+			Labels: map[string]string{
+				"azure.workload.identity/use": "true",
 			},
-			Spec: corev1.PodSpec{
-				ServiceAccountName: serviceAccount.Name,
-				SecurityContext: &corev1.PodSecurityContext{
-					RunAsNonRoot: ptr.To(true),
-					SeccompProfile: &corev1.SeccompProfile{
-						Type: corev1.SeccompProfileTypeRuntimeDefault,
-					},
+		},
+		Spec: corev1.PodSpec{
+			ServiceAccountName: serviceAccount.Name,
+			SecurityContext: &corev1.PodSecurityContext{
+				RunAsNonRoot: ptr.To(true),
+				SeccompProfile: &corev1.SeccompProfile{
+					Type: corev1.SeccompProfileTypeRuntimeDefault,
 				},
-				Containers: []corev1.Container{
-					{
-						Name:    "app",
-						Image:   "registry.k8s.io/pause:3.10",
-						Command: []string{"/pause"},
-						SecurityContext: &corev1.SecurityContext{
-							AllowPrivilegeEscalation: ptr.To(false),
-							Capabilities: &corev1.Capabilities{
-								Drop: []corev1.Capability{"ALL"},
-							},
+			},
+			Containers: []corev1.Container{
+				{
+					Name:    "app",
+					Image:   "registry.k8s.io/pause:3.10",
+					Command: []string{"/pause"},
+					SecurityContext: &corev1.SecurityContext{
+						AllowPrivilegeEscalation: ptr.To(false),
+						Capabilities: &corev1.Capabilities{
+							Drop: []corev1.Capability{"ALL"},
 						},
 					},
 				},
-				RestartPolicy: corev1.RestartPolicyNever,
 			},
-		}
-		g.Expect(guestClient.Create(ctx, pod)).To(Succeed(), "failed to create pod for webhook mutation test")
+			RestartPolicy: corev1.RestartPolicyNever,
+		},
+	}
+	g.Expect(guestClient.Create(ctx, pod)).To(Succeed(), "failed to create pod for webhook mutation test")
 
-		EventuallyObject(
-			t,
-			ctx,
-			"Azure workload identity webhook to mutate test pod",
-			func(ctx context.Context) (*corev1.Pod, error) {
-				mutatedPod := &corev1.Pod{}
-				err := guestClient.Get(ctx, types.NamespacedName{Name: pod.Name, Namespace: pod.Namespace}, mutatedPod)
-				return mutatedPod, err
+	EventuallyObject(
+		t,
+		ctx,
+		"Azure workload identity webhook to mutate test pod",
+		func(ctx context.Context) (*corev1.Pod, error) {
+			mutatedPod := &corev1.Pod{}
+			err := guestClient.Get(ctx, types.NamespacedName{Name: pod.Name, Namespace: pod.Namespace}, mutatedPod)
+			return mutatedPod, err
+		},
+		[]Predicate[*corev1.Pod]{
+			func(mutatedPod *corev1.Pod) (bool, string, error) {
+				if hasProjectedTokenVolume(mutatedPod.Spec.Volumes) {
+					return true, "", nil
+				}
+				return false, "expected projected service account token volume to be injected", nil
 			},
-			[]Predicate[*corev1.Pod]{
-				func(mutatedPod *corev1.Pod) (bool, string, error) {
-					if hasProjectedTokenVolume(mutatedPod.Spec.Volumes) {
-						return true, "", nil
-					}
-					return false, "expected projected service account token volume to be injected", nil
-				},
-				func(mutatedPod *corev1.Pod) (bool, string, error) {
-					if hasAzureFederatedTokenEnv(mutatedPod.Spec.Containers) {
-						return true, "", nil
-					}
-					return false, "expected AZURE_FEDERATED_TOKEN_FILE env var in pod containers", nil
-				},
+			func(mutatedPod *corev1.Pod) (bool, string, error) {
+				if hasAzureFederatedTokenEnv(mutatedPod.Spec.Containers) {
+					return true, "", nil
+				}
+				return false, "expected AZURE_FEDERATED_TOKEN_FILE env var in pod containers", nil
 			},
-			WithTimeout(3*time.Minute),
-			WithInterval(5*time.Second),
-		)
+		},
+		WithTimeout(3*time.Minute),
+		WithInterval(5*time.Second),
+	)
+}
+
+func EnsureAzureWorkloadIdentityWebhookMutation(t *testing.T, ctx context.Context, guestClient crclient.Client) {
+	t.Run("EnsureAzureWorkloadIdentityWebhookMutation", func(t *testing.T) {
+		AtLeast(t, Version422)
+		ValidateAzureWorkloadIdentityWebhookMutation(t, ctx, guestClient)
 	})
 }
 

test/e2e/util/eventually.go

@@ -82,7 +82,7 @@ func WithFilteredConditionDump(matchers ...Condition) EventuallyOption {
 }
 
 // EventuallyObject polls until the predicate is fulfilled on the object.
-func EventuallyObject[T client.Object](t *testing.T, ctx context.Context, objective string, getter func(context.Context) (T, error), predicates []Predicate[T], options ...EventuallyOption) {
+func EventuallyObject[T client.Object](t testing.TB, ctx context.Context, objective string, getter func(context.Context) (T, error), predicates []Predicate[T], options ...EventuallyOption) {
 	t.Helper()
 	opts := defaultOptions()
 	for _, option := range options {
@@ -209,7 +209,7 @@ func summarizePredicteResults(results []predicateResult) bool {
 	return done
 }
 
-func printStatus[T client.Object](t *testing.T, lastTimestamp time.Time, object T, done bool, reasons []string) {
+func printStatus[T client.Object](t testing.TB, lastTimestamp time.Time, object T, done bool, reasons []string) {
 	if len(reasons) == 0 {
 		return
 	}
@@ -236,7 +236,7 @@ type predicateResult struct {
 }
 
 // EventuallyObjects polls until the predicate is fulfilled on each of a set of objects.
-func EventuallyObjects[T client.Object](t *testing.T, ctx context.Context, objective string, getter func(context.Context) ([]T, error), groupPredicates []Predicate[[]T], predicates []Predicate[T], options ...EventuallyOption) {
+func EventuallyObjects[T client.Object](t testing.TB, ctx context.Context, objective string, getter func(context.Context) ([]T, error), groupPredicates []Predicate[[]T], predicates []Predicate[T], options ...EventuallyOption) {
 	t.Helper()
 	opts := defaultOptions()
 	for _, option := range options {
@@ -376,7 +376,7 @@ type predicateReasons struct {
 	reasons []string
 }
 
-func printCollectionStatus[T client.Object](t *testing.T, lastTimestamp time.Time, done bool, reasons map[types.NamespacedName]predicateReasons) {
+func printCollectionStatus[T client.Object](t testing.TB, lastTimestamp time.Time, done bool, reasons map[types.NamespacedName]predicateReasons) {
 	prefix := ""
 	if !done {
 		prefix = "in"
@@ -522,7 +522,7 @@ func adaptConditions(in []metav1.Condition) []Condition {
 }
 
 // EventuallyNotFound polls until the object is not found (deleted).
-func EventuallyNotFound[T client.Object](t *testing.T, ctx context.Context, c client.Client, obj T, options ...EventuallyOption) {
+func EventuallyNotFound[T client.Object](t testing.TB, ctx context.Context, c client.Client, obj T, options ...EventuallyOption) {
 	t.Helper()
 	opts := defaultOptions()
 	for _, option := range options {