Skip to content

Commit

Permalink
Update Auth controller tests for RHOAI
Browse files Browse the repository at this point in the history
  • Loading branch information
VaishnaviHire committed Jan 15, 2025
1 parent dc0db29 commit 4f698c0
Show file tree
Hide file tree
Showing 3 changed files with 29 additions and 13 deletions.
35 changes: 24 additions & 11 deletions tests/e2e/authcontroller_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import (
"k8s.io/apimachinery/pkg/types"

serviceApi "github.com/opendatahub-io/opendatahub-operator/v2/apis/services/v1alpha1"
"github.com/opendatahub-io/opendatahub-operator/v2/pkg/cluster"

. "github.com/onsi/gomega"
)
Expand Down Expand Up @@ -94,8 +95,16 @@ func (tc *AuthControllerTestCtx) validateAuthCRDefaultContent() error {
return errors.New("AdminGroups is empty ")
}

if tc.testAuthInstance.Spec.AdminGroups[0] != "odh-admins" {
return fmt.Errorf("expected odh-admins, found %v", tc.testAuthInstance.Spec.AdminGroups[0])
fmt.Print("************")
fmt.Print(tc.platform)
if tc.testContext.platform == cluster.SelfManagedRhoai || tc.testContext.platform == cluster.ManagedRhoai {
if tc.testAuthInstance.Spec.AdminGroups[0] != "rhods-admins" {
return fmt.Errorf("expected rhods-admins, found %v", tc.testAuthInstance.Spec.AdminGroups[0])
}
} else {
if tc.testAuthInstance.Spec.AdminGroups[0] != "odh-admins" {
return fmt.Errorf("expected odh-admins, found %v", tc.testAuthInstance.Spec.AdminGroups[0])
}
}

if tc.testAuthInstance.Spec.AllowedGroups[0] != "system:authenticated" {
Expand All @@ -109,11 +118,12 @@ func (tc *AuthControllerTestCtx) validateAuthCRRoleCreation() error {
adminRole := &rbacv1.Role{}
allowedRole := &rbacv1.Role{}

if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: "opendatahub", Name: "admingroup-role"}, adminRole); err != nil {
fmt.Print("this is the ns " + tc.testContext.applicationsNamespace)
if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: tc.testContext.applicationsNamespace, Name: "admingroup-role"}, adminRole); err != nil {
return err
}

if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: "opendatahub", Name: "allowedgroup-role"}, allowedRole); err != nil {
if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: tc.testContext.applicationsNamespace, Name: "allowedgroup-role"}, allowedRole); err != nil {
return err
}

Expand All @@ -123,7 +133,7 @@ func (tc *AuthControllerTestCtx) validateAuthCRRoleCreation() error {
func (tc *AuthControllerTestCtx) validateAuthCRClusterRoleCreation() error {
adminClusterRole := &rbacv1.ClusterRole{}

if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: "opendatahub", Name: "admingroupcluster-role"}, adminClusterRole); err != nil {
if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Name: "admingroupcluster-role"}, adminClusterRole); err != nil {
return err
}

Expand All @@ -134,11 +144,12 @@ func (tc *AuthControllerTestCtx) validateAuthCRRoleBindingCreation() error {
adminRolebinding := &rbacv1.RoleBinding{}
allowedRolebinding := &rbacv1.RoleBinding{}

if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: "opendatahub", Name: "admingroup-rolebinding"}, adminRolebinding); err != nil {
if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: tc.testContext.applicationsNamespace,
Name: "admingroup-rolebinding"}, adminRolebinding); err != nil {
return err
}

if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: "opendatahub", Name: "allowedgroup-rolebinding"}, allowedRolebinding); err != nil {
if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: tc.applicationsNamespace, Name: "allowedgroup-rolebinding"}, allowedRolebinding); err != nil {
return err
}

Expand All @@ -148,7 +159,8 @@ func (tc *AuthControllerTestCtx) validateAuthCRRoleBindingCreation() error {
func (tc *AuthControllerTestCtx) validateAuthCRClusterRoleBindingCreation() error {
adminClusterRolebinding := &rbacv1.ClusterRoleBinding{}

if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: "opendatahub", Name: "admingroupcluster-rolebinding"}, adminClusterRolebinding); err != nil {
if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: tc.applicationsNamespace,
Name: "admingroupcluster-rolebinding"}, adminClusterRolebinding); err != nil {
return err
}

Expand All @@ -167,19 +179,20 @@ func (tc *AuthControllerTestCtx) validateAddingGroups() error {
adminClusterRolebinding := &rbacv1.ClusterRoleBinding{}
allowedRolebinding := &rbacv1.RoleBinding{}

if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: "opendatahub", Name: "admingroup-rolebinding"}, adminRolebinding); err != nil {
if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: tc.applicationsNamespace, Name: "admingroup-rolebinding"}, adminRolebinding); err != nil {
if adminRolebinding.Subjects[1].Name != "aTestAdminGroup" {
return fmt.Errorf("Expected aTestAdminGroup found %s ", adminRolebinding.Subjects[1].Name)
}
}

if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: "opendatahub", Name: "admingroupcluster-rolebinding"}, adminClusterRolebinding); err != nil {
if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: tc.applicationsNamespace,
Name: "admingroupcluster-rolebinding"}, adminClusterRolebinding); err != nil {
if adminRolebinding.Subjects[1].Name != "aTestAdminGroup" {
return fmt.Errorf("Expected aTestAdminGroup found %s ", adminRolebinding.Subjects[1].Name)
}
}

if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: "opendatahub", Name: "allowedgroup-rolebinding"}, allowedRolebinding); err != nil {
if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: tc.applicationsNamespace, Name: "allowedgroup-rolebinding"}, allowedRolebinding); err != nil {
if allowedRolebinding.Subjects[1].Name != "aTestAllowedGroup" {
return fmt.Errorf("Expected aTestAllowedGroup found %s ", allowedRolebinding.Subjects[1].Name)
}
Expand Down
3 changes: 3 additions & 0 deletions tests/e2e/controller_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -94,6 +94,8 @@ type testContext struct {
testDsc *dscv1.DataScienceCluster
// test DSCI CR because we do not create it in ODH by default
testDSCI *dsciv1.DSCInitialization
// test platform
platform cluster.Platform
// context for accessing resources
//nolint:containedctx //reason: legacy v1 test setup
ctx context.Context
Expand Down Expand Up @@ -135,6 +137,7 @@ func NewTestContext() (*testContext, error) {
ctx: context.TODO(),
testDsc: testDSC,
testDSCI: testDSCI,
platform: cluster.SelfManagedRhoai,
testOpts: testOpts,
}, nil
}
Expand Down
4 changes: 2 additions & 2 deletions tests/e2e/helper_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -101,13 +101,13 @@ func setupDSCICR(name string) *dsciv1.DSCInitialization {
Name: name,
},
Spec: dsciv1.DSCInitializationSpec{
ApplicationsNamespace: "opendatahub",
ApplicationsNamespace: "redhat-ods-applications",
Monitoring: serviceApi.DSCMonitoring{
ManagementSpec: common.ManagementSpec{
ManagementState: operatorv1.Removed,
},
MonitoringCommonSpec: serviceApi.MonitoringCommonSpec{
Namespace: "opendatahub",
Namespace: "redhat-ods-monitoring",
},
},
TrustedCABundle: &dsciv1.TrustedCABundleSpec{
Expand Down

0 comments on commit 4f698c0

Please sign in to comment.