Convert scoped_client_test to ginkgo

Author: harishsurf

go.sum

@@ -1043,6 +1043,7 @@ k8s.io/kube-openapi v0.0.0-20200121204235-bf4fb3bd569c h1:/KUFqjjqAcY4Us6luF5RDN
 k8s.io/kube-openapi v0.0.0-20200121204235-bf4fb3bd569c/go.mod h1:GRQhZsXIAJ1xR0C9bd8UpWHZ5plfAS9fzPjJuQ6JL3E=
 k8s.io/kubectl v0.18.0 h1:hu52Ndq/d099YW+3sS3VARxFz61Wheiq8K9S7oa82Dk=
 k8s.io/kubectl v0.18.0/go.mod h1:LOkWx9Z5DXMEg5KtOjHhRiC1fqJPLyCr3KtQgEolCkU=
+k8s.io/kubernetes v1.13.0 h1:qTfB+u5M92k2fCCCVP2iuhgwwSOv1EkAkvQY1tQODD8=
 k8s.io/kubernetes v1.13.0/go.mod h1:ocZa8+6APFNC2tX1DZASIbocyYT5jHzqFVsY5aoB7Jk=
 k8s.io/metrics v0.18.0/go.mod h1:8aYTW18koXqjLVKL7Ds05RPMX9ipJZI3mywYvBOxXd4=
 k8s.io/utils v0.0.0-20190801114015-581e00157fb1/go.mod h1:sZAwmy6armz5eXlNoLmJcl4F1QuKu7sr+mFQ0byX7Ew=

test/e2e/scoped_client_test.go

@@ -2,17 +2,14 @@ package e2e
 
 import (
 	"context"
-	"time"
-
 	. "github.com/onsi/ginkgo"
 	"github.com/onsi/ginkgo/extensions/table"
+	. "github.com/onsi/gomega"
 	"github.com/sirupsen/logrus"
-	"github.com/stretchr/testify/require"
 	corev1 "k8s.io/api/core/v1"
 	k8serrors "k8s.io/apimachinery/pkg/api/errors"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
 	"k8s.io/apimachinery/pkg/runtime/schema"
-	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/client-go/dynamic"
 	"k8s.io/client-go/rest"
 
@@ -22,17 +19,18 @@ import (
 	"github.com/operator-framework/operator-lifecycle-manager/test/e2e/ctx"
 )
 
-var _ = Describe("Scoped Client", func() {
+var _ = Describe("Scoped Client bound to a service account can be used to make API calls", func() {
 	// TestScopedClient ensures that we can create a scoped client bound to a
 	// service account and then we can use the scoped client to make API calls.
+	var (
+		config *rest.Config
 
-	var config *rest.Config
-
-	var kubeclient operatorclient.ClientInterface
-	var crclient versioned.Interface
-	var dynamicclient dynamic.Interface
+		kubeclient    operatorclient.ClientInterface
+		crclient      versioned.Interface
+		dynamicclient dynamic.Interface
 
-	var logger *logrus.Logger
+		logger *logrus.Logger
+	)
 
 	BeforeEach(func() {
 		config = ctx.Ctx().RESTConfig()
@@ -42,6 +40,7 @@ var _ = Describe("Scoped Client", func() {
 		dynamicclient = ctx.Ctx().DynamicClient()
 
 		logger = logrus.New()
+		logger.SetOutput(GinkgoWriter)
 	})
 
 	type testParameter struct {
@@ -55,30 +54,28 @@ var _ = Describe("Scoped Client", func() {
 		// scoped client has enough permission, we expect a NotFound error code.
 		// Otherwise, we expect a 'Forbidden' error code due to lack of permission.
 
-		table.Entry("ServiceAccountDoesNotHaveAnyPermission", testParameter{
+		table.Entry("returns error on API calls as ServiceAccount does not have any permission", testParameter{
 			// The service account does not have any permission granted to it.
 			// We expect the get api call to return 'Forbidden' error due to
 			// lack of permission.
-			name: "ServiceAccountDoesNotHaveAnyPermission",
 			assertFunc: func(errGot error) {
-				require.True(GinkgoT(), k8serrors.IsForbidden(errGot))
+				Expect(k8serrors.IsForbidden(errGot)).To(BeTrue())
 			},
 		}),
-		table.Entry("ServiceAccountHasPermission", testParameter{
+		table.Entry("successfully allows API calls to be made when ServiceAccount has permission", testParameter{
 			// The service account does have permission granted to it.
 			// We expect the get api call to return 'NotFound' error.
-			name: "ServiceAccountHasPermission",
 			grant: func(namespace, name string) (cleanup cleanupFunc) {
 				cleanup = grantPermission(GinkgoT(), kubeclient, namespace, name)
 				return
 			},
 			assertFunc: func(errGot error) {
-				require.True(GinkgoT(), k8serrors.IsNotFound(errGot))
+				Expect(k8serrors.IsNotFound(errGot)).To(BeTrue())
 			},
 		}),
 	}
 
-	table.DescribeTable("Test", func(tt testParameter) {
+	table.DescribeTable("API call using scoped client", func(tc testParameter) {
 		// Steps:
 		// 1. Create a new namespace
 		// 2. Create a service account.
@@ -87,67 +84,53 @@ var _ = Describe("Scoped Client", func() {
 		// 5. Invoke Get API call on non existent object(s) to check if
 		//    the call can be made successfully.
 		namespace := genName("a")
-		_, cleanupNS := newNamespace(GinkgoT(), kubeclient, namespace)
+		_, cleanupNS := newNamespace(kubeclient, namespace)
 		defer cleanupNS()
 
 		saName := genName("user-defined-")
-		sa, cleanupSA := newServiceAccount(GinkgoT(), kubeclient, namespace, saName)
+		sa, cleanupSA := newServiceAccount(kubeclient, namespace, saName)
 		defer cleanupSA()
 
-		waitForServiceAccountSecretAvailable(GinkgoT(), kubeclient, sa.GetNamespace(), sa.GetName())
+		By("Wait for ServiceAccount secret to be available")
+		Eventually(func() (*corev1.ServiceAccount, error) {
+			sa, err := kubeclient.KubernetesInterface().CoreV1().ServiceAccounts(sa.GetNamespace()).Get(context.TODO(), sa.GetName(), metav1.GetOptions{})
+			return sa, err
+		}).ShouldNot(WithTransform(func(v *corev1.ServiceAccount) []corev1.ObjectReference {
+			return v.Secrets
+		}, BeEmpty()))
 
 		strategy := scoped.NewClientAttenuator(logger, config, kubeclient, crclient, dynamicclient)
 		getter := func() (reference *corev1.ObjectReference, err error) {
 			reference = &corev1.ObjectReference{
 				Namespace: namespace,
 				Name:      saName,
 			}
-
 			return
 		}
 
-		if tt.grant != nil {
-			cleanupPerm := tt.grant(sa.GetNamespace(), sa.GetName())
+		if tc.grant != nil {
+			cleanupPerm := tc.grant(sa.GetNamespace(), sa.GetName())
 			defer cleanupPerm()
 		}
 
-		// We expect to get scoped client instance(s).
+		By("Get scoped client instance(s)")
 		kubeclientGot, crclientGot, dynamicClientGot, errGot := strategy.AttenuateClient(getter)
-		require.NoError(GinkgoT(), errGot)
-		require.NotNil(GinkgoT(), kubeclientGot)
-		require.NotNil(GinkgoT(), crclientGot)
+		Expect(errGot).ToNot(HaveOccurred())
+		Expect(kubeclientGot).ToNot(BeNil())
+		Expect(crclientGot).ToNot(BeNil())
+		Expect(dynamicClientGot).ToNot(BeNil())
 
 		_, errGot = kubeclientGot.KubernetesInterface().CoreV1().ConfigMaps(namespace).Get(context.TODO(), genName("does-not-exist-"), metav1.GetOptions{})
-		require.Error(GinkgoT(), errGot)
-		tt.assertFunc(errGot)
+		Expect(errGot).To(HaveOccurred())
+		tc.assertFunc(errGot)
 
 		_, errGot = crclientGot.OperatorsV1alpha1().CatalogSources(namespace).Get(context.TODO(), genName("does-not-exist-"), metav1.GetOptions{})
-		require.Error(GinkgoT(), errGot)
-		tt.assertFunc(errGot)
+		Expect(errGot).To(HaveOccurred())
+		tc.assertFunc(errGot)
 
 		gvr := schema.GroupVersionResource{Group: "", Version: "v1", Resource: "ConfigMap"}
 		_, errGot = dynamicClientGot.Resource(gvr).Namespace(namespace).Get(context.TODO(), genName("does-not-exist-"), metav1.GetOptions{})
-		require.Error(GinkgoT(), errGot)
-		tt.assertFunc(errGot)
+		Expect(errGot).To(HaveOccurred())
+		tc.assertFunc(errGot)
 	}, tableEntries...)
 })
-
-func waitForServiceAccountSecretAvailable(t GinkgoTInterface, client operatorclient.ClientInterface, namespace, name string) *corev1.ServiceAccount {
-	var sa *corev1.ServiceAccount
-	err := wait.Poll(5*time.Second, time.Minute, func() (bool, error) {
-		sa, err := client.KubernetesInterface().CoreV1().ServiceAccounts(namespace).Get(context.TODO(), name, metav1.GetOptions{})
-		if err != nil {
-			return false, err
-		}
-
-		if len(sa.Secrets) > 0 {
-			return true, nil
-		}
-
-		return false, nil
-
-	})
-
-	require.NoError(t, err)
-	return sa
-}

test/e2e/user_defined_sa_test.go

@@ -6,6 +6,7 @@ import (
 
 	"github.com/blang/semver"
 	. "github.com/onsi/ginkgo"
+	. "github.com/onsi/gomega"
 	v1 "github.com/operator-framework/api/pkg/operators/v1"
 	"github.com/operator-framework/api/pkg/operators/v1alpha1"
 	"github.com/operator-framework/operator-lifecycle-manager/pkg/api/client/clientset/versioned"
@@ -29,17 +30,17 @@ var _ = Describe("User defined service account", func() {
 		crclient := newCRClient()
 
 		namespace := genName("scoped-ns-")
-		_, cleanupNS := newNamespace(GinkgoT(), kubeclient, namespace)
+		_, cleanupNS := newNamespace(kubeclient, namespace)
 		defer cleanupNS()
 
 		// Create a service account, but add no permission to it.
 		saName := genName("scoped-sa-")
-		_, cleanupSA := newServiceAccount(GinkgoT(), kubeclient, namespace, saName)
+		_, cleanupSA := newServiceAccount(kubeclient, namespace, saName)
 		defer cleanupSA()
 
 		// Add an OperatorGroup and specify the service account.
 		ogName := genName("scoped-og-")
-		_, cleanupOG := newOperatorGroupWithServiceAccount(GinkgoT(), crclient, namespace, ogName, saName)
+		_, cleanupOG := newOperatorGroupWithServiceAccount(crclient, namespace, ogName, saName)
 		defer cleanupOG()
 
 		permissions := deploymentPermissions()
@@ -84,19 +85,19 @@ var _ = Describe("User defined service account", func() {
 		crclient := newCRClient()
 
 		namespace := genName("scoped-ns-")
-		_, cleanupNS := newNamespace(GinkgoT(), kubeclient, namespace)
+		_, cleanupNS := newNamespace(kubeclient, namespace)
 		defer cleanupNS()
 
 		// Create a service account, add enough permission to it so that operator install is successful.
 		saName := genName("scoped-sa")
-		_, cleanupSA := newServiceAccount(GinkgoT(), kubeclient, namespace, saName)
+		_, cleanupSA := newServiceAccount(kubeclient, namespace, saName)
 		defer cleanupSA()
 		cleanupPerm := grantPermission(GinkgoT(), kubeclient, namespace, saName)
 		defer cleanupPerm()
 
 		// Add an OperatorGroup and specify the service account.
 		ogName := genName("scoped-og-")
-		_, cleanupOG := newOperatorGroupWithServiceAccount(GinkgoT(), crclient, namespace, ogName, saName)
+		_, cleanupOG := newOperatorGroupWithServiceAccount(crclient, namespace, ogName, saName)
 		defer cleanupOG()
 
 		permissions := deploymentPermissions()
@@ -140,17 +141,17 @@ var _ = Describe("User defined service account", func() {
 		crclient := newCRClient()
 
 		namespace := genName("scoped-ns-")
-		_, cleanupNS := newNamespace(GinkgoT(), kubeclient, namespace)
+		_, cleanupNS := newNamespace(kubeclient, namespace)
 		defer cleanupNS()
 
 		// Create a service account, but add no permission to it.
 		saName := genName("scoped-sa-")
-		_, cleanupSA := newServiceAccount(GinkgoT(), kubeclient, namespace, saName)
+		_, cleanupSA := newServiceAccount(kubeclient, namespace, saName)
 		defer cleanupSA()
 
 		// Add an OperatorGroup and specify the service account.
 		ogName := genName("scoped-og-")
-		_, cleanupOG := newOperatorGroupWithServiceAccount(GinkgoT(), crclient, namespace, ogName, saName)
+		_, cleanupOG := newOperatorGroupWithServiceAccount(crclient, namespace, ogName, saName)
 		defer cleanupOG()
 
 		permissions := deploymentPermissions()
@@ -188,26 +189,26 @@ var _ = Describe("User defined service account", func() {
 	})
 })
 
-func newNamespace(t GinkgoTInterface, client operatorclient.ClientInterface, name string) (ns *corev1.Namespace, cleanup cleanupFunc) {
+func newNamespace(client operatorclient.ClientInterface, name string) (ns *corev1.Namespace, cleanup cleanupFunc) {
 	request := &corev1.Namespace{
 		ObjectMeta: metav1.ObjectMeta{
 			Name: name,
 		},
 	}
 
 	ns, err := client.KubernetesInterface().CoreV1().Namespaces().Create(context.TODO(), request, metav1.CreateOptions{})
-	require.NoError(t, err)
-	require.NotNil(t, ns)
+	Expect(err).ToNot(HaveOccurred())
+	Expect(ns).ToNot(BeNil())
 
 	cleanup = func() {
 		err := client.KubernetesInterface().CoreV1().Namespaces().Delete(context.TODO(), ns.GetName(), metav1.DeleteOptions{})
-		require.NoError(t, err)
+		Expect(err).ToNot(HaveOccurred())
 	}
 
 	return
 }
 
-func newServiceAccount(t GinkgoTInterface, client operatorclient.ClientInterface, namespace, name string) (sa *corev1.ServiceAccount, cleanup cleanupFunc) {
+func newServiceAccount(client operatorclient.ClientInterface, namespace, name string) (sa *corev1.ServiceAccount, cleanup cleanupFunc) {
 	request := &corev1.ServiceAccount{
 		ObjectMeta: metav1.ObjectMeta{
 			Namespace: namespace,
@@ -216,18 +217,18 @@ func newServiceAccount(t GinkgoTInterface, client operatorclient.ClientInterface
 	}
 
 	sa, err := client.KubernetesInterface().CoreV1().ServiceAccounts(namespace).Create(context.TODO(), request, metav1.CreateOptions{})
-	require.NoError(t, err)
-	require.NotNil(t, sa)
+	Expect(err).ToNot(HaveOccurred())
+	Expect(sa).ToNot(BeNil())
 
 	cleanup = func() {
 		err := client.KubernetesInterface().CoreV1().ServiceAccounts(sa.GetNamespace()).Delete(context.TODO(), sa.GetName(), metav1.DeleteOptions{})
-		require.NoError(t, err)
+		Expect(err).ToNot(HaveOccurred())
 	}
 
 	return
 }
 
-func newOperatorGroupWithServiceAccount(t GinkgoTInterface, client versioned.Interface, namespace, name, serviceAccountName string) (og *v1.OperatorGroup, cleanup cleanupFunc) {
+func newOperatorGroupWithServiceAccount(client versioned.Interface, namespace, name, serviceAccountName string) (og *v1.OperatorGroup, cleanup cleanupFunc) {
 	request := &v1.OperatorGroup{
 		ObjectMeta: metav1.ObjectMeta{
 			Namespace: namespace,
@@ -242,12 +243,12 @@ func newOperatorGroupWithServiceAccount(t GinkgoTInterface, client versioned.Int
 	}
 
 	og, err := client.OperatorsV1().OperatorGroups(namespace).Create(context.TODO(), request, metav1.CreateOptions{})
-	require.NoError(t, err)
-	require.NotNil(t, og)
+	Expect(err).ToNot(HaveOccurred())
+	Expect(og).ToNot(BeNil())
 
 	cleanup = func() {
 		err := client.OperatorsV1().OperatorGroups(og.GetNamespace()).Delete(context.TODO(), og.GetName(), metav1.DeleteOptions{})
-		require.NoError(t, err)
+		Expect(err).ToNot(HaveOccurred())
 	}
 
 	return

test/e2e/webhook_e2e_test.go

@@ -488,10 +488,10 @@ var _ = Describe("CSVs with a Webhook", func() {
 	})
 	It("Allows multiple installs of the same webhook", func() {
 		var csv v1alpha1.ClusterServiceVersion
-		namespace1, ns1CleanupFunc := newNamespace(GinkgoT(), c, genName("webhook-test-"))
+		namespace1, ns1CleanupFunc := newNamespace(c, genName("webhook-test-"))
 		defer ns1CleanupFunc()
 
-		namespace2, ns2CleanupFunc := newNamespace(GinkgoT(), c, genName("webhook-test-"))
+		namespace2, ns2CleanupFunc := newNamespace(c, genName("webhook-test-"))
 		defer ns2CleanupFunc()
 
 		og1 := newOperatorGroup(namespace1.Name, genName("test-og-"), nil, nil, []string{"test-go-"}, false)