diff --git a/test/e2e/client_tls_test.go b/test/e2e/client_tls_test.go index 16672f2246..dc7ee26ae7 100644 --- a/test/e2e/client_tls_test.go +++ b/test/e2e/client_tls_test.go @@ -737,15 +737,7 @@ func TestMTLSWithCRLs(t *testing.T) { }, } - namespace := corev1.Namespace{ - ObjectMeta: metav1.ObjectMeta{ - Name: namespaceName, - }, - } - if err := kclient.Create(context.TODO(), &namespace); err != nil { - t.Fatalf("Failed to create namespace %q: %v", namespace.Name, err) - } - defer assertDeletedWaitForCleanup(t, kclient, &namespace) + namespace := createNamespace(t, namespaceName) for _, tc := range testCases { t.Run(tc.Name, func(t *testing.T) { tcCerts := tc.CreateCerts() diff --git a/test/e2e/hsts_policy_test.go b/test/e2e/hsts_policy_test.go index 6499a85cad..2400502a2a 100644 --- a/test/e2e/hsts_policy_test.go +++ b/test/e2e/hsts_policy_test.go @@ -14,9 +14,6 @@ import ( configv1 "github.com/openshift/api/config/v1" routev1 "github.com/openshift/api/route/v1" - corev1 "k8s.io/api/core/v1" - - metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/wait" "k8s.io/utils/pointer" @@ -72,20 +69,7 @@ func TestHstsPolicyWorks(t *testing.T) { t.Logf("created a RequiredHSTSPolicy with DomainPatterns: %v,\n preload policy: %s,\n includeSubDomains policy: %s,\n largest age: %d,\n smallest age: %d\n", p.DomainPatterns, p.PreloadPolicy, p.IncludeSubDomainsPolicy, *p.MaxAge.LargestMaxAge, *p.MaxAge.SmallestMaxAge) // Use the same namespace for route, service, and pod - ns := &corev1.Namespace{ - ObjectMeta: metav1.ObjectMeta{ - Name: "hsts-policy-namespace", - }, - } - if err := kclient.Create(context.TODO(), ns); err != nil { - t.Fatalf("failed to create namespace: %v", err) - } - defer func() { - // this will cleanup all components in this namespace - if err := kclient.Delete(context.TODO(), ns); err != nil { - t.Fatalf("failed to delete test namespace %s: %v", ns.Name, err) - } - }() + ns := createNamespace(t, "hsts-policy-namespace") // Create pod echoPod := buildEchoPod("hsts-policy-echo", ns.Name) diff --git a/test/e2e/util_test.go b/test/e2e/util_test.go index 2a68b758f1..081d09f1af 100644 --- a/test/e2e/util_test.go +++ b/test/e2e/util_test.go @@ -20,6 +20,7 @@ import ( appsv1 "k8s.io/api/apps/v1" corev1 "k8s.io/api/core/v1" + rbacv1 "k8s.io/api/rbac/v1" "k8s.io/utils/pointer" "k8s.io/apimachinery/pkg/api/errors" @@ -55,7 +56,7 @@ func buildEchoPod(name, namespace string) *corev1.Pod { `EXEC:'/bin/bash -c \"printf \\\"HTTP/1.0 200 OK\r\n\r\n\\\"; sed -e \\\"/^\r/q\\\"\"'`, }, Command: []string{"/bin/socat"}, - Image: "openshift/origin-node", + Image: "image-registry.openshift-image-registry.svc:5000/openshift/tools:latest", Name: "echo", Ports: []corev1.ContainerPort{ { @@ -219,7 +220,7 @@ func buildSlowHTTPDPod(name, namespace string) *corev1.Pod { `EXEC:'/bin/bash -c \"sleep 40; printf \\\"HTTP/1.0 200 OK\r\n\r\nfin\r\n\\\"\"'`, }, Command: []string{"/bin/socat"}, - Image: "openshift/origin-node", + Image: "image-registry.openshift-image-registry.svc:5000/openshift/tools:latest", Name: "echo", Ports: []corev1.ContainerPort{ { @@ -712,3 +713,89 @@ func getRouteHost(t *testing.T, route *routev1.Route, router string) string { t.Fatalf("failed to find host name for default router in route: %#v", route) return "" } + +// dumpEventsInNamespace gets the events in the specified namespace and logs +// them. +func dumpEventsInNamespace(t *testing.T, ns string) { + t.Helper() + + eventList := &corev1.EventList{} + if err := kclient.List(context.TODO(), eventList, client.InNamespace(ns)); err != nil { + t.Errorf("failed to list events for namespace %s: %v", ns, err) + return + } + + for _, e := range eventList.Items { + t.Log(e.FirstTimestamp, e.Source, e.InvolvedObject.Kind, e.InvolvedObject.Name, e.Reason, e.Message) + } +} + +// createNamespace creates a namespace with the specified name and registers a +// cleanup handler to delete the namespace when the test finishes. +// +// After creating the namespace, this function waits for the "default" +// ServiceAccount and "system:image-pullers" RoleBinding to be created as well, +// which is necessary in order for pods in the new namespace to be able to pull +// images. +func createNamespace(t *testing.T, name string) *corev1.Namespace { + t.Helper() + + t.Logf("Creating namespace %q...", name) + ns := &corev1.Namespace{ObjectMeta: metav1.ObjectMeta{Name: name}} + if err := kclient.Create(context.TODO(), ns); err != nil { + t.Fatalf("failed to create namespace: %v", err) + } + t.Cleanup(func() { + t.Logf("Dumping events in namespace %q...", name) + if t.Failed() { + dumpEventsInNamespace(t, name) + } + t.Logf("Deleting namespace %q...", name) + if err := kclient.Delete(context.TODO(), ns); err != nil { + t.Errorf("failed to delete namespace %s: %v", ns.Name, err) + } + }) + + saName := types.NamespacedName{ + Namespace: name, + Name: "default", + } + t.Logf("Waiting for ServiceAccount %s to be provisioned...", saName) + if err := wait.PollImmediate(1*time.Second, 3*time.Minute, func() (bool, error) { + var sa corev1.ServiceAccount + if err := kclient.Get(context.TODO(), saName, &sa); err != nil { + if errors.IsNotFound(err) { + return false, nil + } + return false, err + } + for _, s := range sa.Secrets { + if strings.Contains(s.Name, "dockercfg") { + return true, nil + } + } + return false, nil + }); err != nil { + t.Fatalf(`Timed out waiting for ServiceAccount %s to be provisioned: %v`, saName, err) + } + + rbName := types.NamespacedName{ + Namespace: name, + Name: "system:image-pullers", + } + t.Logf("Waiting for RoleBinding %s to be created...", rbName) + if err := wait.PollImmediate(1*time.Second, 3*time.Minute, func() (bool, error) { + var rb rbacv1.RoleBinding + if err := kclient.Get(context.TODO(), rbName, &rb); err != nil { + if errors.IsNotFound(err) { + return false, nil + } + return false, err + } + return true, nil + }); err != nil { + t.Fatalf(`Timed out waiting for RoleBinding "default" to be provisioned: %v`, err) + } + + return ns +}