func getProjects(oClient *client.Client) ([]api.Project, error) {
projects, err := oClient.Projects().List(labels.Everything(), fields.Everything())
if err != nil {
return nil, err
}
return projects.Items, nil
}
func getTokenInfo(token string, osClient *osclient.Client) (string, *osintypes.InfoResponseData, error) {
osResult := osClient.Get().AbsPath("oauth", "info").Param("code", token).Do()
if osResult.Error() != nil {
return "", nil, fmt.Errorf("Error making info request: %v", osResult.Error())
}
body, err := osResult.Raw()
if err != nil {
return "", nil, fmt.Errorf("Error reading info response: %v\n", err)
}
glog.V(1).Infof("Raw JSON: %v\n", string(body))
var accessData osintypes.InfoResponseData
err = json.Unmarshal(body, &accessData)
if err != nil {
return "", nil, fmt.Errorf("Error while unmarshalling info response: %v %v", err, string(body))
}
if accessData.Error == "invalid_request" {
return "", nil, fmt.Errorf("\"%v\" is not a valid token.\n", token)
}
if len(accessData.ErrorDescription) != 0 {
return "", nil, fmt.Errorf("%v\n", accessData.ErrorDescription)
}
return string(body), &accessData, nil
}
func runBuildRunningPodDeleteTest(t *testing.T, clusterAdminClient *client.Client, clusterAdminKubeClient *kclient.Client) {
buildWatch, err := clusterAdminClient.Builds(testutil.Namespace()).Watch(labels.Everything(), fields.Everything(), "0")
if err != nil {
t.Fatalf("Couldn't subscribe to Builds %v", err)
}
defer buildWatch.Stop()
created, err := clusterAdminClient.Builds(testutil.Namespace()).Create(mockBuild())
if err != nil {
t.Fatalf("Couldn't create Build: %v", err)
}
podWatch, err := clusterAdminKubeClient.Pods(testutil.Namespace()).Watch(labels.Everything(), fields.Everything(), created.ResourceVersion)
if err != nil {
t.Fatalf("Couldn't subscribe to Pods %v", err)
}
defer podWatch.Stop()
// wait for initial build event from the creation of the imagerepo with tag latest
event := waitForWatch(t, "initial build added", buildWatch)
if e, a := watchapi.Added, event.Type; e != a {
t.Fatalf("expected watch event type %s, got %s", e, a)
}
newBuild := event.Object.(*buildapi.Build)
// initial pod creation for build
event = waitForWatch(t, "build pod created", podWatch)
if e, a := watchapi.Added, event.Type; e != a {
t.Fatalf("expected watch event type %s, got %s", e, a)
}
event = waitForWatch(t, "build updated to pending", buildWatch)
if e, a := watchapi.Modified, event.Type; e != a {
t.Fatalf("expected watch event type %s, got %s", e, a)
}
newBuild = event.Object.(*buildapi.Build)
if newBuild.Status != buildapi.BuildStatusPending {
t.Fatalf("expected build status to be marked pending, but was marked %s", newBuild.Status)
}
clusterAdminKubeClient.Pods(testutil.Namespace()).Delete(buildutil.GetBuildPodName(newBuild), kapi.NewDeleteOptions(0))
event = waitForWatch(t, "build updated to error", buildWatch)
if e, a := watchapi.Modified, event.Type; e != a {
t.Fatalf("expected watch event type %s, got %s", e, a)
}
newBuild = event.Object.(*buildapi.Build)
if newBuild.Status != buildapi.BuildStatusError {
t.Fatalf("expected build status to be marked error, but was marked %s", newBuild.Status)
}
}
func whoAmI(client *client.Client) (*api.User, error) {
me, err := client.Users().Get("~")
if err != nil {
return nil, err
}
return me, nil
}
func verifyOpenShiftUser(client *client.Client) error {
if _, err := client.Users().Get("~"); err != nil {
log.Errorf("Get user failed with error: %s", err)
if kerrors.IsUnauthorized(err) || kerrors.IsForbidden(err) {
return ErrOpenShiftAccessDenied
}
return err
}
return nil
}
func verifyPruneAccess(client *client.Client) error {
sar := authorizationapi.SubjectAccessReview{
Verb: "delete",
Resource: "images",
}
response, err := client.ClusterSubjectAccessReviews().Create(&sar)
if err != nil {
log.Errorf("OpenShift client error: %s", err)
if kerrors.IsUnauthorized(err) || kerrors.IsForbidden(err) {
return ErrOpenShiftAccessDenied
}
return err
}
if !response.Allowed {
log.Errorf("OpenShift access denied: %s", response.Reason)
return ErrOpenShiftAccessDenied
}
return nil
}
func verifyImageStreamAccess(namespace, imageRepo, verb string, client *client.Client) error {
sar := authorizationapi.SubjectAccessReview{
Verb: verb,
Resource: "imagestreams/layers",
ResourceName: imageRepo,
}
response, err := client.SubjectAccessReviews(namespace).Create(&sar)
if err != nil {
log.Errorf("OpenShift client error: %s", err)
if kerrors.IsUnauthorized(err) || kerrors.IsForbidden(err) {
return ErrOpenShiftAccessDenied
}
return err
}
if !response.Allowed {
log.Errorf("OpenShift access denied: %s", response.Reason)
return ErrOpenShiftAccessDenied
}
return nil
}
func runBuildDeleteTest(t *testing.T, clusterAdminClient *client.Client, clusterAdminKubeClient *kclient.Client) {
buildWatch, err := clusterAdminClient.Builds(testutil.Namespace()).Watch(labels.Everything(), fields.Everything(), "0")
if err != nil {
t.Fatalf("Couldn't subscribe to Builds %v", err)
}
defer buildWatch.Stop()
created, err := clusterAdminClient.Builds(testutil.Namespace()).Create(mockBuild())
if err != nil {
t.Fatalf("Couldn't create Build: %v", err)
}
podWatch, err := clusterAdminKubeClient.Pods(testutil.Namespace()).Watch(labels.Everything(), fields.Everything(), created.ResourceVersion)
if err != nil {
t.Fatalf("Couldn't subscribe to Pods %v", err)
}
defer podWatch.Stop()
// wait for initial build event from the creation of the imagerepo with tag latest
event := waitForWatch(t, "initial build added", buildWatch)
if e, a := watchapi.Added, event.Type; e != a {
t.Fatalf("expected watch event type %s, got %s", e, a)
}
newBuild := event.Object.(*buildapi.Build)
// initial pod creation for build
event = waitForWatch(t, "build pod created", podWatch)
if e, a := watchapi.Added, event.Type; e != a {
t.Fatalf("expected watch event type %s, got %s", e, a)
}
clusterAdminClient.Builds(testutil.Namespace()).Delete(newBuild.Name)
event = waitForWatch(t, "pod deleted due to build deleted", podWatch)
if e, a := watchapi.Deleted, event.Type; e != a {
t.Fatalf("expected watch event type %s, got %s", e, a)
}
pod := event.Object.(*kapi.Pod)
if expected := buildutil.GetBuildPodName(newBuild); pod.Name != expected {
t.Fatalf("Expected pod %s to be deleted, but pod %s was deleted", expected, pod.Name)
}
}
func runImageChangeTriggerTest(t *testing.T, clusterAdminClient *client.Client, imageStream *imageapi.ImageStream, imageStreamMapping *imageapi.ImageStreamMapping, config *buildapi.BuildConfig, tag string) {
created, err := clusterAdminClient.BuildConfigs(testutil.Namespace()).Create(config)
if err != nil {
t.Fatalf("Couldn't create BuildConfig: %v", err)
}
watch, err := clusterAdminClient.Builds(testutil.Namespace()).Watch(labels.Everything(), fields.Everything(), created.ResourceVersion)
if err != nil {
t.Fatalf("Couldn't subscribe to Builds %v", err)
}
watch2, err := clusterAdminClient.BuildConfigs(testutil.Namespace()).Watch(labels.Everything(), fields.Everything(), created.ResourceVersion)
if err != nil {
t.Fatalf("Couldn't subscribe to BuildConfigs %v", err)
}
defer watch2.Stop()
imageStream, err = clusterAdminClient.ImageStreams(testutil.Namespace()).Create(imageStream)
if err != nil {
t.Fatalf("Couldn't create ImageStream: %v", err)
}
err = clusterAdminClient.ImageStreamMappings(testutil.Namespace()).Create(imageStreamMapping)
if err != nil {
t.Fatalf("Couldn't create Image: %v", err)
}
// wait for initial build event from the creation of the imagerepo with tag latest
event := waitForWatch(t, "initial build added", watch)
if e, a := watchapi.Added, event.Type; e != a {
t.Fatalf("expected watch event type %s, got %s", e, a)
}
newBuild := event.Object.(*buildapi.Build)
switch newBuild.Parameters.Strategy.Type {
case buildapi.SourceBuildStrategyType:
if newBuild.Parameters.Strategy.SourceStrategy.From.Name != "registry:8080/openshift/test-image-trigger:"+tag {
i, _ := clusterAdminClient.ImageStreams(testutil.Namespace()).Get(imageStream.Name)
bc, _ := clusterAdminClient.BuildConfigs(testutil.Namespace()).Get(config.Name)
t.Fatalf("Expected build with base image %s, got %s\n, imagerepo is %v\ntrigger is %s\n", "registry:8080/openshift/test-image-trigger:"+tag, newBuild.Parameters.Strategy.DockerStrategy.From.Name, i, bc.Triggers[0].ImageChange)
}
case buildapi.DockerBuildStrategyType:
if newBuild.Parameters.Strategy.DockerStrategy.From.Name != "registry:8080/openshift/test-image-trigger:"+tag {
i, _ := clusterAdminClient.ImageStreams(testutil.Namespace()).Get(imageStream.Name)
bc, _ := clusterAdminClient.BuildConfigs(testutil.Namespace()).Get(config.Name)
t.Fatalf("Expected build with base image %s, got %s\n, imagerepo is %v\ntrigger is %s\n", "registry:8080/openshift/test-image-trigger:"+tag, newBuild.Parameters.Strategy.DockerStrategy.From.Name, i, bc.Triggers[0].ImageChange)
}
case buildapi.CustomBuildStrategyType:
if newBuild.Parameters.Strategy.CustomStrategy.From.Name != "registry:8080/openshift/test-image-trigger:"+tag {
i, _ := clusterAdminClient.ImageStreams(testutil.Namespace()).Get(imageStream.Name)
bc, _ := clusterAdminClient.BuildConfigs(testutil.Namespace()).Get(config.Name)
t.Fatalf("Expected build with base image %s, got %s\n, imagerepo is %v\ntrigger is %s\n", "registry:8080/openshift/test-image-trigger:"+tag, newBuild.Parameters.Strategy.DockerStrategy.From.Name, i, bc.Triggers[0].ImageChange)
}
}
// Wait for an update on the specific build that was added
watch3, err := clusterAdminClient.Builds(testutil.Namespace()).Watch(labels.Everything(), fields.OneTermEqualSelector("name", newBuild.Name), newBuild.ResourceVersion)
defer watch3.Stop()
if err != nil {
t.Fatalf("Couldn't subscribe to Builds %v", err)
}
event = waitForWatch(t, "initial build update", watch3)
if e, a := watchapi.Modified, event.Type; e != a {
t.Fatalf("expected watch event type %s, got %s", e, a)
}
newBuild = event.Object.(*buildapi.Build)
// Make sure the resolution of the build's docker image pushspec didn't mutate the persisted API object
if newBuild.Parameters.Output.To.Name != "test-image-trigger-repo" || newBuild.Parameters.Output.Tag != "outputtag" || newBuild.Parameters.Output.DockerImageReference != "" {
t.Fatalf("unexpected build output: %#v %#v", newBuild.Parameters.Output.To, newBuild.Parameters.Output)
}
if newBuild.Labels["testlabel"] != "testvalue" {
t.Fatalf("Expected build with label %s=%s from build config got %s=%s", "testlabel", "testvalue", "testlabel", newBuild.Labels["testlabel"])
}
// wait for build config to be updated
WaitLoop:
for {
select {
case e := <-watch2.ResultChan():
event = &e
continue
case <-time.After(BuildControllersWatchTimeout):
break WaitLoop
}
}
updatedConfig := event.Object.(*buildapi.BuildConfig)
if err != nil {
t.Fatalf("Couldn't get BuildConfig: %v", err)
}
// the first tag did not have an image id, so the last trigger field is the pull spec
if updatedConfig.Triggers[0].ImageChange.LastTriggeredImageID != "registry:8080/openshift/test-image-trigger:"+tag {
t.Fatalf("Expected imageID equal to pull spec, got %#v", updatedConfig.Triggers[0].ImageChange)
}
// clear out the build/buildconfig watches before triggering a new build
WaitLoop2:
for {
select {
case <-watch.ResultChan():
continue
case <-watch2.ResultChan():
continue
case <-time.After(BuildControllersWatchTimeout):
break WaitLoop2
}
}
// trigger a build by posting a new image
if err := clusterAdminClient.ImageStreamMappings(testutil.Namespace()).Create(&imageapi.ImageStreamMapping{
ObjectMeta: kapi.ObjectMeta{
Namespace: testutil.Namespace(),
Name: imageStream.Name,
},
Tag: tag,
Image: imageapi.Image{
ObjectMeta: kapi.ObjectMeta{
Name: "ref-2-random",
},
DockerImageReference: "registry:8080/openshift/test-image-trigger:ref-2-random",
},
}); err != nil {
t.Fatalf("unexpected error: %v", err)
}
event = waitForWatch(t, "second build created", watch)
if e, a := watchapi.Added, event.Type; e != a {
t.Fatalf("expected watch event type %s, got %s", e, a)
}
newBuild = event.Object.(*buildapi.Build)
switch newBuild.Parameters.Strategy.Type {
case buildapi.SourceBuildStrategyType:
if newBuild.Parameters.Strategy.SourceStrategy.From.Name != "registry:8080/openshift/test-image-trigger:ref-2-random" {
i, _ := clusterAdminClient.ImageStreams(testutil.Namespace()).Get(imageStream.Name)
bc, _ := clusterAdminClient.BuildConfigs(testutil.Namespace()).Get(config.Name)
t.Fatalf("Expected build with base image %s, got %s\n, imagerepo is %v\trigger is %s\n", "registry:8080/openshift/test-image-trigger:ref-2-random", newBuild.Parameters.Strategy.DockerStrategy.From.Name, i, bc.Triggers[3].ImageChange)
}
case buildapi.DockerBuildStrategyType:
if newBuild.Parameters.Strategy.DockerStrategy.From.Name != "registry:8080/openshift/test-image-trigger:ref-2-random" {
i, _ := clusterAdminClient.ImageStreams(testutil.Namespace()).Get(imageStream.Name)
bc, _ := clusterAdminClient.BuildConfigs(testutil.Namespace()).Get(config.Name)
t.Fatalf("Expected build with base image %s, got %s\n, imagerepo is %v\trigger is %s\n", "registry:8080/openshift/test-image-trigger:ref-2-random", newBuild.Parameters.Strategy.DockerStrategy.From.Name, i, bc.Triggers[3].ImageChange)
}
case buildapi.CustomBuildStrategyType:
if newBuild.Parameters.Strategy.CustomStrategy.From.Name != "registry:8080/openshift/test-image-trigger:ref-2-random" {
i, _ := clusterAdminClient.ImageStreams(testutil.Namespace()).Get(imageStream.Name)
bc, _ := clusterAdminClient.BuildConfigs(testutil.Namespace()).Get(config.Name)
t.Fatalf("Expected build with base image %s, got %s\n, imagerepo is %v\trigger is %s\n", "registry:8080/openshift/test-image-trigger:ref-2-random", newBuild.Parameters.Strategy.DockerStrategy.From.Name, i, bc.Triggers[3].ImageChange)
}
}
// Listen to events on specific build
watch4, err := clusterAdminClient.Builds(testutil.Namespace()).Watch(labels.Everything(), fields.OneTermEqualSelector("name", newBuild.Name), newBuild.ResourceVersion)
defer watch4.Stop()
event = waitForWatch(t, "update on second build", watch4)
if e, a := watchapi.Modified, event.Type; e != a {
t.Fatalf("expected watch event type %s, got %s", e, a)
}
newBuild = event.Object.(*buildapi.Build)
// Make sure the resolution of the build's docker image pushspec didn't mutate the persisted API object
if newBuild.Parameters.Output.To.Name != "test-image-trigger-repo" || newBuild.Parameters.Output.Tag != "outputtag" || newBuild.Parameters.Output.DockerImageReference != "" {
t.Fatalf("unexpected build output: %#v %#v", newBuild.Parameters.Output.To, newBuild.Parameters.Output)
}
if newBuild.Labels["testlabel"] != "testvalue" {
t.Fatalf("Expected build with label %s=%s from build config got %s=%s", "testlabel", "testvalue", "testlabel", newBuild.Labels["testlabel"])
}
WaitLoop3:
for {
select {
case e := <-watch2.ResultChan():
event = &e
continue
case <-time.After(BuildControllersWatchTimeout):
break WaitLoop3
}
}
updatedConfig = event.Object.(*buildapi.BuildConfig)
if e, a := "registry:8080/openshift/test-image-trigger:ref-2-random", updatedConfig.Triggers[0].ImageChange.LastTriggeredImageID; e != a {
t.Errorf("unexpected trigger id: expected %v, got %v", e, a)
}
}