Skip to content

Commit

Permalink
operator_privileged test
Browse files Browse the repository at this point in the history
  • Loading branch information
williscool committed Jul 26, 2023
1 parent 176fa3a commit 5b386e0
Showing 1 changed file with 73 additions and 35 deletions.
108 changes: 73 additions & 35 deletions spec/workload/operator_spec.cr
Original file line number Diff line number Diff line change
Expand Up @@ -10,34 +10,45 @@ require "json"

describe "Operator" do

it "'operator_test' test if operator is being used", tags: ["operator_test"] do
describe "pre OLM install" do
it "'operator_test' operator should not be found", tags: ["operator_test"] do
begin
LOGGING.info `./cnf-testsuite cnf_setup cnf-path=sample-cnfs/sample_coredns`
$?.success?.should be_true
resp = `./cnf-testsuite -l info operator_installed`
Log.info { "#{resp}" }
(/NA: No Operators Found/ =~ resp).should_not be_nil
ensure
LOGGING.info `./cnf-testsuite cnf_cleanup cnf-path=sample-cnfs/sample_coredns`
$?.success?.should be_true
end
end
end

describe "post OLM install" do
current_dir = FileUtils.pwd
install_dir = "#{current_dir}/#{TOOLS_DIR}/olm"
if Dir.exists?("#{install_dir}/olm/.git")
Log.info { "OLM already installed. Skipping git clone for OLM." }
else
GitClient.clone("https://github.com/operator-framework/operator-lifecycle-manager.git #{install_dir}")
`cd #{install_dir} && git fetch -a && git checkout tags/v0.22.0 && cd -`
end
before_all do
# Install OLM
if Dir.exists?("#{install_dir}/olm/.git")
Log.info { "OLM already installed. Skipping git clone for OLM." }
else
GitClient.clone("https://github.com/operator-framework/operator-lifecycle-manager.git #{install_dir}")
`cd #{install_dir} && git fetch -a && git checkout tags/v0.22.0 && cd -`
end

Helm.install("operator --set olm.image.ref=quay.io/operator-framework/olm:v0.22.0 --set catalog.image.ref=quay.io/operator-framework/olm:v0.22.0 --set package.image.ref=quay.io/operator-framework/olm:v0.22.0 #{install_dir}/deploy/chart/")
Helm.install("operator --set olm.image.ref=quay.io/operator-framework/olm:v0.22.0 --set catalog.image.ref=quay.io/operator-framework/olm:v0.22.0 --set package.image.ref=quay.io/operator-framework/olm:v0.22.0 #{install_dir}/deploy/chart/")
end

begin
LOGGING.info `./cnf-testsuite -l info cnf_setup cnf-path=./sample-cnfs/sample_operator`
$?.success?.should be_true
resp = `./cnf-testsuite -l info operator_installed`
Log.info { "#{resp}" }
(/PASSED: Operator is installed/ =~ resp).should_not be_nil
ensure
LOGGING.info `./cnf-testsuite -l info cnf_cleanup cnf-path=./sample-cnfs/sample_operator`
$?.success?.should be_true
after_all do
# uninstall OLM
pods = KubectlClient::Get.pods_by_resource(KubectlClient::Get.deployment("catalog-operator", "operator-lifecycle-manager"), "operator-lifecycle-manager") + KubectlClient::Get.pods_by_resource(KubectlClient::Get.deployment("olm-operator", "operator-lifecycle-manager"), "operator-lifecycle-manager") + KubectlClient::Get.pods_by_resource(KubectlClient::Get.deployment("packageserver", "operator-lifecycle-manager"), "operator-lifecycle-manager")

Helm.uninstall("operator")
# TODO: get the correct operator version from whatever file or api so we can delete it properly
KubectlClient::Delete.command("csv prometheusoperator.0.47.0")

pods.map do |pod|
pods.map do |pod|
pod_name = pod.dig("metadata", "name")
pod_namespace = pod.dig("metadata", "namespace")
Log.info { "Wait for Uninstall on Pod Name: #{pod_name}, Namespace: #{pod_namespace}" }
Expand All @@ -46,7 +57,7 @@ describe "Operator" do

second_count = 0
wait_count = 20
delete=false
delete = false
until delete || second_count > wait_count.to_i
File.write("operator.json", "#{KubectlClient::Get.namespaces("operators").to_json}")
json = File.open("operator.json") do |file|
Expand All @@ -56,14 +67,14 @@ describe "Operator" do
File.write("operator.json", "#{json.to_json}")
Log.info { "Uninstall Namespace Finalizer" }
if KubectlClient::Replace.command("--raw '/api/v1/namespaces/operators/finalize' -f ./operator.json")[:status].success?
delete=true
delete = true
end
sleep 3
end

second_count = 0
wait_count = 20
delete=false
delete = false
until delete || second_count > wait_count.to_i
File.write("manager.json", "#{KubectlClient::Get.namespaces("operator-lifecycle-manager").to_json}")
json = File.open("manager.json") do |file|
Expand All @@ -73,23 +84,50 @@ describe "Operator" do
File.write("manager.json", "#{json.to_json}")
Log.info { "Uninstall Namespace Finalizer" }
if KubectlClient::Replace.command("--raw '/api/v1/namespaces/operator-lifecycle-manager/finalize' -f ./manager.json")[:status].success?
delete=true
delete = true
end
sleep 3
end
end
end

it "'operator_test' operator should not be found", tags: ["operator_test"] do
begin
LOGGING.info `./cnf-testsuite cnf_setup cnf-path=sample-cnfs/sample_coredns`
$?.success?.should be_true
resp = `./cnf-testsuite -l info operator_installed`
Log.info { "#{resp}" }
(/NA: No Operators Found/ =~ resp).should_not be_nil
ensure
LOGGING.info `./cnf-testsuite cnf_cleanup cnf-path=sample-cnfs/sample_coredns`
$?.success?.should be_true
end

it "'operator_test' test if operator is being used", tags: ["operator_test"] do
begin
LOGGING.info `./cnf-testsuite -l info cnf_setup cnf-path=./sample-cnfs/sample_operator`
$?.success?.should be_true
resp = `./cnf-testsuite -l info operator_installed`
Log.info { "#{resp}" }
(/PASSED: Operator is installed/ =~ resp).should_not be_nil
ensure
LOGGING.info `./cnf-testsuite -l info cnf_cleanup cnf-path=./sample-cnfs/sample_operator`
$?.success?.should be_true
end
end

it "'operator_privileged' test privileged operator NOT being used" do
begin
LOGGING.info `./cnf-testsuite -l info cnf_setup cnf-path=./sample-cnfs/sample_operator`
$?.success?.should be_true
resp = `./cnf-testsuite -l info operator_privileged`
Log.info { "#{resp}" }
(/PASSED: Operator is NOT running with privileged rights/ =~ resp).should_not be_nil
ensure
LOGGING.info `./cnf-testsuite -l info cnf_cleanup cnf-path=./sample-cnfs/sample_operator`
$?.success?.should be_true
end
end

it "'operator_privileged' test if a privileged operator is being used" do
begin
LOGGING.info `./cnf-testsuite -l info cnf_setup cnf-path=./sample-cnfs/sample_operator_privileged`
$?.success?.should be_true
resp = `./cnf-testsuite -l info operator_privileged`
Log.info { "#{resp}" }
(/FAILED: Operator is running with privileged rights/ =~ resp).should_not be_nil
ensure
LOGGING.info `./cnf-testsuite -l info cnf_cleanup cnf-path=./sample-cnfs/sample_operator_privileged`
$?.success?.should be_true
end
end

end
end

0 comments on commit 5b386e0

Please sign in to comment.