Merge pull request rancher#47674 from Priyashetty17/main_rbac-P0proje…

…cts-1251

[main] P0 Project RBAC Tests

tests/v2/actions/workloads/daemonset/daemonset.go

@@ -20,7 +20,7 @@ var DaemonsetGroupVersionResource = schema.GroupVersionResource{
 
 // CreateDaemonset is a helper to create a daemonset
 func CreateDaemonset(client *rancher.Client, clusterID, namespaceName string, replicaCount int, secretName, configMapName string, useEnvVars, useVolumes bool) (*appv1.DaemonSet, error) {
-	deploymentTemplate, err := deployment.CreateDeployment(client, clusterID, namespaceName, replicaCount, secretName, configMapName, useEnvVars, useVolumes)
+	deploymentTemplate, err := deployment.CreateDeployment(client, clusterID, namespaceName, replicaCount, secretName, configMapName, useEnvVars, useVolumes, true)
 	if err != nil {
 		return nil, err
 	}

tests/v2/actions/workloads/deployment/deployment.go

@@ -4,6 +4,7 @@ import (
 	"github.com/rancher/rancher/tests/v2/actions/kubeapi/workloads/deployments"
 	"github.com/rancher/rancher/tests/v2/actions/workloads/pods"
 	"github.com/rancher/shepherd/clients/rancher"
+	"github.com/rancher/shepherd/extensions/charts"
 	"github.com/rancher/shepherd/extensions/workloads"
 	namegen "github.com/rancher/shepherd/pkg/namegenerator"
 	"github.com/rancher/shepherd/pkg/wrangler"
@@ -21,7 +22,7 @@ const (
 )
 
 // CreateDeployment is a helper to create a deployment with or without a secret/configmap
-func CreateDeployment(client *rancher.Client, clusterID, namespaceName string, replicaCount int, secretName, configMapName string, useEnvVars, useVolumes bool) (*appv1.Deployment, error) {
+func CreateDeployment(client *rancher.Client, clusterID, namespaceName string, replicaCount int, secretName, configMapName string, useEnvVars, useVolumes, watchDeployment bool) (*appv1.Deployment, error) {
 	deploymentName := namegen.AppendRandomString("testdeployment")
 	containerName := namegen.AppendRandomString("testcontainer")
 	pullPolicy := corev1.PullAlways
@@ -56,11 +57,17 @@ func CreateDeployment(client *rancher.Client, clusterID, namespaceName string, r
 		return nil, err
 	}
 
+	if watchDeployment {
+		err = charts.WatchAndWaitDeployments(client, clusterID, namespaceName, metav1.ListOptions{
+			FieldSelector: "metadata.name=" + createdDeployment.Name,
+		})
+	}
+
 	return createdDeployment, err
 }
 
 // UpdateDeployment is a helper to update deployments
-func UpdateDeployment(client *rancher.Client, clusterID, namespaceName string, deployment *appv1.Deployment) (*appv1.Deployment, error) {
+func UpdateDeployment(client *rancher.Client, clusterID, namespaceName string, deployment *appv1.Deployment, watchDeployment bool) (*appv1.Deployment, error) {
 	var wranglerContext *wrangler.Context
 	var err error
 
@@ -84,6 +91,12 @@ func UpdateDeployment(client *rancher.Client, clusterID, namespaceName string, d
 		return nil, err
 	}
 
+	if watchDeployment {
+		err = charts.WatchAndWaitDeployments(client, clusterID, namespaceName, metav1.ListOptions{
+			FieldSelector: "metadata.name=" + updatedDeployment.Name,
+		})
+	}
+
 	return updatedDeployment, err
 }
 

tests/v2/validation/projects/projects_container_default_resource_limit_test.go

@@ -9,12 +9,10 @@ import (
 
 	"github.com/rancher/rancher/tests/v2/actions/kubeapi/namespaces"
 	"github.com/rancher/rancher/tests/v2/actions/kubeapi/projects"
-	project "github.com/rancher/rancher/tests/v2/actions/projects"
 	"github.com/rancher/rancher/tests/v2/actions/rbac"
 	deployment "github.com/rancher/rancher/tests/v2/actions/workloads/deployment"
 	"github.com/rancher/shepherd/clients/rancher"
 	management "github.com/rancher/shepherd/clients/rancher/generated/management/v3"
-	"github.com/rancher/shepherd/extensions/charts"
 	"github.com/rancher/shepherd/extensions/clusters"
 	"github.com/rancher/shepherd/extensions/users"
 	"github.com/rancher/shepherd/pkg/session"
@@ -163,8 +161,6 @@ func (pcrl *ProjectsContainerResourceLimitTestSuite) TestCpuAndMemoryLimitEqualT
 	require.Equal(pcrl.T(), memoryReservation, projectSpec.RequestsMemory, "Memory reservation mismatch")
 
 	log.Info("Verify that the namespace has the label and annotation referencing the project.")
-	err = project.WaitForProjectIDAnnotationUpdate(standardUserClient, pcrl.cluster.ID, createdProject.Name, createdNamespace.Name)
-	require.NoError(pcrl.T(), err)
 	updatedNamespace, err := namespaces.GetNamespaceByName(standardUserClient, pcrl.cluster.ID, createdNamespace.Name)
 	require.NoError(pcrl.T(), err)
 	err = checkNamespaceLabelsAndAnnotations(pcrl.cluster.ID, createdProject.Name, updatedNamespace)
@@ -175,12 +171,8 @@ func (pcrl *ProjectsContainerResourceLimitTestSuite) TestCpuAndMemoryLimitEqualT
 	require.NoError(pcrl.T(), err)
 
 	log.Info("Create a deployment in the namespace with one replica and verify that a pod is created.")
-	createdDeployment, err := deployment.CreateDeployment(standardUserClient, pcrl.cluster.ID, updatedNamespace.Name, 1, "", "", false, false)
+	createdDeployment, err := deployment.CreateDeployment(standardUserClient, pcrl.cluster.ID, updatedNamespace.Name, 1, "", "", false, false, true)
 	require.NoError(pcrl.T(), err, "Failed to create deployment in the namespace")
-	err = charts.WatchAndWaitDeployments(standardUserClient, pcrl.cluster.ID, updatedNamespace.Name, metav1.ListOptions{
-		FieldSelector: "metadata.name=" + createdDeployment.Name,
-	})
-	require.NoError(pcrl.T(), err)
 
 	log.Info("Verify that the resource limits and requests for the container in the pod spec is accurate.")
 	err = checkContainerResources(standardUserClient, pcrl.cluster.ID, updatedNamespace.Name, createdDeployment.Name, cpuLimit, cpuReservation, memoryLimit, memoryReservation)
@@ -210,8 +202,6 @@ func (pcrl *ProjectsContainerResourceLimitTestSuite) TestCpuAndMemoryLimitGreate
 	require.Equal(pcrl.T(), memoryReservation, projectSpec.RequestsMemory, "Memory reservation mismatch")
 
 	log.Info("Verify that the namespace has the label and annotation referencing the project.")
-	err = project.WaitForProjectIDAnnotationUpdate(standardUserClient, pcrl.cluster.ID, createdProject.Name, createdNamespace.Name)
-	require.NoError(pcrl.T(), err)
 	updatedNamespace, err := namespaces.GetNamespaceByName(standardUserClient, pcrl.cluster.ID, createdNamespace.Name)
 	require.NoError(pcrl.T(), err)
 	err = checkNamespaceLabelsAndAnnotations(pcrl.cluster.ID, createdProject.Name, updatedNamespace)
@@ -222,12 +212,8 @@ func (pcrl *ProjectsContainerResourceLimitTestSuite) TestCpuAndMemoryLimitGreate
 	require.NoError(pcrl.T(), err)
 
 	log.Info("Create a deployment in the namespace with one replica and verify that a pod is created.")
-	createdDeployment, err := deployment.CreateDeployment(standardUserClient, pcrl.cluster.ID, updatedNamespace.Name, 1, "", "", false, false)
+	createdDeployment, err := deployment.CreateDeployment(standardUserClient, pcrl.cluster.ID, updatedNamespace.Name, 1, "", "", false, false, true)
 	require.NoError(pcrl.T(), err, "Failed to create deployment in the namespace")
-	err = charts.WatchAndWaitDeployments(standardUserClient, pcrl.cluster.ID, updatedNamespace.Name, metav1.ListOptions{
-		FieldSelector: "metadata.name=" + createdDeployment.Name,
-	})
-	require.NoError(pcrl.T(), err)
 
 	log.Info("Verify that the resource limits and requests for the container in the pod spec is accurate.")
 	err = checkContainerResources(standardUserClient, pcrl.cluster.ID, updatedNamespace.Name, createdDeployment.Name, cpuLimit, cpuReservation, memoryLimit, memoryReservation)
@@ -368,8 +354,6 @@ func (pcrl *ProjectsContainerResourceLimitTestSuite) TestLimitDeletionPropagatio
 	require.Equal(pcrl.T(), memoryReservation, projectSpec.RequestsMemory, "Memory reservation mismatch")
 
 	log.Info("Verify that the namespace has the label and annotation referencing the project.")
-	err = project.WaitForProjectIDAnnotationUpdate(standardUserClient, pcrl.cluster.ID, createdProject.Name, createdNamespace.Name)
-	require.NoError(pcrl.T(), err)
 	updatedNamespace, err := namespaces.GetNamespaceByName(standardUserClient, pcrl.cluster.ID, createdNamespace.Name)
 	require.NoError(pcrl.T(), err)
 	err = checkNamespaceLabelsAndAnnotations(pcrl.cluster.ID, createdProject.Name, updatedNamespace)
@@ -401,12 +385,8 @@ func (pcrl *ProjectsContainerResourceLimitTestSuite) TestLimitDeletionPropagatio
 	require.Equal(pcrl.T(), 0, len(limitRanges.Items))
 
 	log.Info("Create a deployment in the namespace with one replica and verify that a pod is created.")
-	createdDeployment, err := deployment.CreateDeployment(standardUserClient, pcrl.cluster.ID, updatedNamespace.Name, 1, "", "", false, false)
+	createdDeployment, err := deployment.CreateDeployment(standardUserClient, pcrl.cluster.ID, updatedNamespace.Name, 1, "", "", false, false, true)
 	require.NoError(pcrl.T(), err, "Failed to create deployment in the namespace")
-	err = charts.WatchAndWaitDeployments(standardUserClient, pcrl.cluster.ID, updatedNamespace.Name, metav1.ListOptions{
-		FieldSelector: "metadata.name=" + createdDeployment.Name,
-	})
-	require.NoError(pcrl.T(), err)
 
 	log.Info("Verify that the resource limits and requests for the container in the pod spec is accurate.")
 	err = checkContainerResources(standardUserClient, pcrl.cluster.ID, updatedNamespace.Name, createdDeployment.Name, cpuLimit, cpuReservation, memoryLimit, memoryReservation)
@@ -436,8 +416,6 @@ func (pcrl *ProjectsContainerResourceLimitTestSuite) TestOverrideDefaultLimitInN
 	require.Equal(pcrl.T(), memoryReservation, projectSpec.RequestsMemory, "Memory reservation mismatch")
 
 	log.Info("Verify that the namespace has the label and annotation referencing the project.")
-	err = project.WaitForProjectIDAnnotationUpdate(standardUserClient, pcrl.cluster.ID, createdProject.Name, createdNamespace.Name)
-	require.NoError(pcrl.T(), err)
 	updatedNamespace, err := namespaces.GetNamespaceByName(standardUserClient, pcrl.cluster.ID, createdNamespace.Name)
 	require.NoError(pcrl.T(), err)
 	err = checkNamespaceLabelsAndAnnotations(pcrl.cluster.ID, createdProject.Name, updatedNamespace)
@@ -448,12 +426,8 @@ func (pcrl *ProjectsContainerResourceLimitTestSuite) TestOverrideDefaultLimitInN
 	require.NoError(pcrl.T(), err)
 
 	log.Info("Create a deployment in the namespace with one replica and verify that a pod is created.")
-	createdDeployment, err := deployment.CreateDeployment(standardUserClient, pcrl.cluster.ID, updatedNamespace.Name, 1, "", "", false, false)
+	createdDeployment, err := deployment.CreateDeployment(standardUserClient, pcrl.cluster.ID, updatedNamespace.Name, 1, "", "", false, false, true)
 	require.NoError(pcrl.T(), err, "Failed to create deployment in the namespace")
-	err = charts.WatchAndWaitDeployments(standardUserClient, pcrl.cluster.ID, updatedNamespace.Name, metav1.ListOptions{
-		FieldSelector: "metadata.name=" + createdDeployment.Name,
-	})
-	require.NoError(pcrl.T(), err)
 
 	log.Info("Verify that the resource limits and requests for the container in the pod spec is accurate.")
 	err = checkContainerResources(standardUserClient, pcrl.cluster.ID, updatedNamespace.Name, createdDeployment.Name, cpuLimit, cpuReservation, memoryLimit, memoryReservation)
@@ -479,12 +453,8 @@ func (pcrl *ProjectsContainerResourceLimitTestSuite) TestOverrideDefaultLimitInN
 	require.NoError(pcrl.T(), err)
 
 	log.Info("Create a deployment in the namespace with one replica and verify that a pod is created.")
-	createdDeployment, err = deployment.CreateDeployment(standardUserClient, pcrl.cluster.ID, updatedNamespace.Name, 1, "", "", false, false)
+	createdDeployment, err = deployment.CreateDeployment(standardUserClient, pcrl.cluster.ID, updatedNamespace.Name, 1, "", "", false, false, true)
 	require.NoError(pcrl.T(), err, "Failed to create deployment in the namespace")
-	err = charts.WatchAndWaitDeployments(standardUserClient, pcrl.cluster.ID, namespace.Name, metav1.ListOptions{
-		FieldSelector: "metadata.name=" + createdDeployment.Name,
-	})
-	require.NoError(pcrl.T(), err)
 
 	log.Info("Verify that the resource limits and requests for the container in the pod spec is accurate.")
 	err = checkContainerResources(standardUserClient, pcrl.cluster.ID, namespace.Name, createdDeployment.Name, cpuLimit, cpuReservation, memoryLimit, memoryReservation)