func newProjectAuthorizationCache(openshiftClient *osclient.Client, kubeClient *kclient.Client,
policyClient policyclient.ReadOnlyPolicyClient) *projectauth.AuthorizationCache {
return projectauth.NewAuthorizationCache(
projectauth.NewReviewer(openshiftClient),
kubeClient.Namespaces(),
policyClient,
)
}
func countRemaining(c *client.Client, withName string) (int, error) {
var cnt = 0
nsList, err := c.Namespaces().List(labels.Everything(), fields.Everything())
for _, item := range nsList.Items {
if strings.Contains(item.Name, "nslifetest") {
cnt++
}
}
return cnt, err
}
func extinguish(c *client.Client, totalNS int, maxAllowedAfterDel int, maxSeconds int) {
var err error
By("Creating testing namespaces")
wg := &sync.WaitGroup{}
for n := 0; n < totalNS; n += 1 {
wg.Add(1)
go func(n int) {
defer wg.Done()
defer GinkgoRecover()
_, err = createTestingNS(fmt.Sprintf("nslifetest-%v", n), c)
Expect(err).NotTo(HaveOccurred())
}(n)
}
wg.Wait()
By("Waiting 10 seconds")
//Wait 10 seconds, then SEND delete requests for all the namespaces.
time.Sleep(time.Duration(10 * time.Second))
By("Deleting namespaces")
nsList, err := c.Namespaces().List(labels.Everything(), fields.Everything())
Expect(err).NotTo(HaveOccurred())
var nsCount = 0
for _, item := range nsList.Items {
if strings.Contains(item.Name, "nslifetest") {
wg.Add(1)
nsCount++
go func(nsName string) {
defer wg.Done()
defer GinkgoRecover()
Expect(c.Namespaces().Delete(nsName)).To(Succeed())
Logf("namespace : %v api call to delete is complete ", nsName)
}(item.Name)
}
}
Expect(nsCount).To(Equal(totalNS))
wg.Wait()
By("Waiting for namespaces to vanish")
//Now POLL until all namespaces have been eradicated.
expectNoError(wait.Poll(2*time.Second, time.Duration(maxSeconds)*time.Second,
func() (bool, error) {
if rem, err := countRemaining(c, "nslifetest"); err != nil || rem > maxAllowedAfterDel {
Logf("Remaining namespaces : %v", rem)
return false, err
} else {
return true, nil
}
}))
}
func watchProxyTest(cluster1AdminKubeClient, cluster2AdminKubeClient *kclient.Client, t *testing.T) {
// list namespaces in order to determine correct resourceVersion
namespaces, err := cluster1AdminKubeClient.Namespaces().List(labels.Everything(), fields.Everything())
// open a watch on Cluster 2 for namespaces starting with latest resourceVersion
namespaceWatch, err := cluster2AdminKubeClient.Namespaces().Watch(labels.Everything(), fields.Everything(), namespaces.ResourceVersion)
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
defer namespaceWatch.Stop()
// add namespace in Cluster 2
namespace := &kapi.Namespace{
ObjectMeta: kapi.ObjectMeta{Name: "test-namespace"},
}
createdNamespace, err := cluster2AdminKubeClient.Namespaces().Create(namespace)
if err != nil {
t.Fatalf("unexpected error: %v", err)
}
// consume watch output and record it if it's the event we want to see
select {
case e := <-namespaceWatch.ResultChan():
// check that the watch shows the new namespace
if e.Type != watch.Added {
t.Fatalf("expected an Added event but got: %v", e)
}
addedNamespace, ok := e.Object.(*kapi.Namespace)
if !ok {
t.Fatalf("unexpected cast error from event Object to Namespace")
}
if addedNamespace.ObjectMeta.Name != createdNamespace.Name {
t.Fatalf("namespace returned from Watch is not the same ast that created: got %v, wanted %v", createdNamespace, addedNamespace)
}
case <-time.After(10 * time.Second):
t.Fatal("Timed out waiting for watch")
}
}
var err error
c, err = loadClient()
Expect(err).NotTo(HaveOccurred())
By("Building a namespace api objects")
for i := range namespaces {
namespacePtr, err := createTestingNS(fmt.Sprintf("service-%d", i), c)
Expect(err).NotTo(HaveOccurred())
namespaces[i] = namespacePtr.Name
}
})
AfterEach(func() {
for _, ns := range namespaces {
By(fmt.Sprintf("Destroying namespace %v", ns))
if err := c.Namespaces().Delete(ns); err != nil {
Failf("Couldn't delete namespace %s: %s", ns, err)
}
}
})
// TODO: We get coverage of TCP/UDP and multi-port services through the DNS test. We should have a simpler test for multi-port TCP here.
It("should provide secure master service", func() {
_, err := c.Services(api.NamespaceDefault).Get("kubernetes")
Expect(err).NotTo(HaveOccurred())
})
It("should serve a basic endpoint from pods", func() {
serviceName := "endpoint-test2"
ns := namespaces[0]
labels := map[string]string{
"foo": "bar",
var _ = Describe("Examples e2e", func() {
var c *client.Client
var ns string
var testingNs *api.Namespace
BeforeEach(func() {
var err error
c, err = loadClient()
expectNoError(err)
testingNs, err = createTestingNS("examples", c)
ns = testingNs.Name
Expect(err).NotTo(HaveOccurred())
})
AfterEach(func() {
By(fmt.Sprintf("Destroying namespace for this suite %v", ns))
if err := c.Namespaces().Delete(ns); err != nil {
Failf("Couldn't delete ns %s", err)
}
})
Describe("[Skipped][Example]Redis", func() {
It("should create and stop redis servers", func() {
mkpath := func(file string) string {
return filepath.Join(testContext.RepoRoot, "examples/redis", file)
}
bootstrapYaml := mkpath("redis-master.yaml")
sentinelServiceYaml := mkpath("redis-sentinel-service.yaml")
sentinelControllerYaml := mkpath("redis-sentinel-controller.yaml")
controllerYaml := mkpath("redis-controller.yaml")
bootstrapPodName := "redis-master"
var ns string
BeforeEach(func() {
var err error
c, err = loadClient()
Expect(err).NotTo(HaveOccurred())
ns_, err := createTestingNS("metadata-volume", c)
ns = ns_.Name
Expect(err).NotTo(HaveOccurred())
})
AfterEach(func() {
// Clean up the namespace if a non-default one was used
if ns != api.NamespaceDefault {
By("Cleaning up the namespace")
err := c.Namespaces().Delete(ns)
expectNoError(err)
}
})
It("should provide labels and annotations files", func() {
podName := "metadata-volume-" + string(util.NewUUID())
pod := &api.Pod{
ObjectMeta: api.ObjectMeta{
Name: podName,
Labels: map[string]string{"cluster": "rack10"},
Annotations: map[string]string{"builder": "john-doe"},
},
Spec: api.PodSpec{
Containers: []api.Container{
{
