Skip to content

Commit

Permalink
Update Auth controller tests for RHOAI (#1499)
Browse files Browse the repository at this point in the history
(cherry picked from commit 3b18522)
  • Loading branch information
VaishnaviHire authored Jan 15, 2025
1 parent 4fe5bed commit ad20d38
Show file tree
Hide file tree
Showing 2 changed files with 26 additions and 11 deletions.
31 changes: 20 additions & 11 deletions tests/e2e/authcontroller_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,7 @@ import (
"k8s.io/apimachinery/pkg/types"

serviceApi "github.com/opendatahub-io/opendatahub-operator/v2/apis/services/v1alpha1"
"github.com/opendatahub-io/opendatahub-operator/v2/pkg/cluster"

. "github.com/onsi/gomega"
)
Expand Down Expand Up @@ -94,8 +95,14 @@ func (tc *AuthControllerTestCtx) validateAuthCRDefaultContent() error {
return errors.New("AdminGroups is empty ")
}

if tc.testAuthInstance.Spec.AdminGroups[0] != "odh-admins" {
return fmt.Errorf("expected odh-admins, found %v", tc.testAuthInstance.Spec.AdminGroups[0])
if tc.platform == cluster.SelfManagedRhoai || tc.platform == cluster.ManagedRhoai {
if tc.testAuthInstance.Spec.AdminGroups[0] != "rhods-admins" {
return fmt.Errorf("expected rhods-admins, found %v", tc.testAuthInstance.Spec.AdminGroups[0])
}
} else {
if tc.testAuthInstance.Spec.AdminGroups[0] != "odh-admins" {
return fmt.Errorf("expected odh-admins, found %v", tc.testAuthInstance.Spec.AdminGroups[0])
}
}

if tc.testAuthInstance.Spec.AllowedGroups[0] != "system:authenticated" {
Expand All @@ -109,11 +116,11 @@ func (tc *AuthControllerTestCtx) validateAuthCRRoleCreation() error {
adminRole := &rbacv1.Role{}
allowedRole := &rbacv1.Role{}

if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: "opendatahub", Name: "admingroup-role"}, adminRole); err != nil {
if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: tc.applicationsNamespace, Name: "admingroup-role"}, adminRole); err != nil {
return err
}

if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: "opendatahub", Name: "allowedgroup-role"}, allowedRole); err != nil {
if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: tc.applicationsNamespace, Name: "allowedgroup-role"}, allowedRole); err != nil {
return err
}

Expand All @@ -123,7 +130,7 @@ func (tc *AuthControllerTestCtx) validateAuthCRRoleCreation() error {
func (tc *AuthControllerTestCtx) validateAuthCRClusterRoleCreation() error {
adminClusterRole := &rbacv1.ClusterRole{}

if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: "opendatahub", Name: "admingroupcluster-role"}, adminClusterRole); err != nil {
if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: tc.applicationsNamespace, Name: "admingroupcluster-role"}, adminClusterRole); err != nil {
return err
}

Expand All @@ -134,11 +141,11 @@ func (tc *AuthControllerTestCtx) validateAuthCRRoleBindingCreation() error {
adminRolebinding := &rbacv1.RoleBinding{}
allowedRolebinding := &rbacv1.RoleBinding{}

if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: "opendatahub", Name: "admingroup-rolebinding"}, adminRolebinding); err != nil {
if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: tc.applicationsNamespace, Name: "admingroup-rolebinding"}, adminRolebinding); err != nil {
return err
}

if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: "opendatahub", Name: "allowedgroup-rolebinding"}, allowedRolebinding); err != nil {
if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: tc.applicationsNamespace, Name: "allowedgroup-rolebinding"}, allowedRolebinding); err != nil {
return err
}

Expand All @@ -148,7 +155,8 @@ func (tc *AuthControllerTestCtx) validateAuthCRRoleBindingCreation() error {
func (tc *AuthControllerTestCtx) validateAuthCRClusterRoleBindingCreation() error {
adminClusterRolebinding := &rbacv1.ClusterRoleBinding{}

if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: "opendatahub", Name: "admingroupcluster-rolebinding"}, adminClusterRolebinding); err != nil {
if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: tc.applicationsNamespace,
Name: "admingroupcluster-rolebinding"}, adminClusterRolebinding); err != nil {
return err
}

Expand All @@ -167,19 +175,20 @@ func (tc *AuthControllerTestCtx) validateAddingGroups() error {
adminClusterRolebinding := &rbacv1.ClusterRoleBinding{}
allowedRolebinding := &rbacv1.RoleBinding{}

if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: "opendatahub", Name: "admingroup-rolebinding"}, adminRolebinding); err != nil {
if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: tc.applicationsNamespace, Name: "admingroup-rolebinding"}, adminRolebinding); err != nil {
if adminRolebinding.Subjects[1].Name != "aTestAdminGroup" {
return fmt.Errorf("Expected aTestAdminGroup found %s ", adminRolebinding.Subjects[1].Name)
}
}

if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: "opendatahub", Name: "admingroupcluster-rolebinding"}, adminClusterRolebinding); err != nil {
if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: tc.applicationsNamespace,
Name: "admingroupcluster-rolebinding"}, adminClusterRolebinding); err != nil {
if adminRolebinding.Subjects[1].Name != "aTestAdminGroup" {
return fmt.Errorf("Expected aTestAdminGroup found %s ", adminRolebinding.Subjects[1].Name)
}
}

if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: "opendatahub", Name: "allowedgroup-rolebinding"}, allowedRolebinding); err != nil {
if err := tc.testContext.customClient.Get(tc.ctx, types.NamespacedName{Namespace: tc.applicationsNamespace, Name: "allowedgroup-rolebinding"}, allowedRolebinding); err != nil {
if allowedRolebinding.Subjects[1].Name != "aTestAllowedGroup" {
return fmt.Errorf("Expected aTestAllowedGroup found %s ", allowedRolebinding.Subjects[1].Name)
}
Expand Down
6 changes: 6 additions & 0 deletions tests/e2e/controller_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -31,6 +31,7 @@ import (
dsciv1 "github.com/opendatahub-io/opendatahub-operator/v2/apis/dscinitialization/v1"
featurev1 "github.com/opendatahub-io/opendatahub-operator/v2/apis/features/v1"
serviceApi "github.com/opendatahub-io/opendatahub-operator/v2/apis/services/v1alpha1"
"github.com/opendatahub-io/opendatahub-operator/v2/pkg/cluster"
)

type TestFn func(t *testing.T)
Expand Down Expand Up @@ -93,6 +94,8 @@ type testContext struct {
testDsc *dscv1.DataScienceCluster
// test DSCI CR because we do not create it in ODH by default
testDSCI *dsciv1.DSCInitialization
// test platform
platform cluster.Platform
// context for accessing resources
//nolint:containedctx //reason: legacy v1 test setup
ctx context.Context
Expand Down Expand Up @@ -120,6 +123,8 @@ func NewTestContext() (*testContext, error) {
return nil, fmt.Errorf("failed to initialize custom client: %w", err)
}

release := cluster.GetRelease()

// setup DSCI CR since we do not create automatically by operator
testDSCI := setupDSCICR("e2e-test-dsci")
// Setup DataScienceCluster CR
Expand All @@ -134,6 +139,7 @@ func NewTestContext() (*testContext, error) {
ctx: context.TODO(),
testDsc: testDSC,
testDSCI: testDSCI,
platform: release.Name,
testOpts: testOpts,
}, nil
}
Expand Down

0 comments on commit ad20d38

Please sign in to comment.