func getProjects(oClient *client.Client) ([]api.Project, error) { projects, err := oClient.Projects().List(labels.Everything(), fields.Everything()) if err != nil { return nil, err } return projects.Items, nil }
func getTokenInfo(token string, osClient *osclient.Client) (string, *osintypes.InfoResponseData, error) { osResult := osClient.Get().AbsPath("oauth", "info").Param("code", token).Do() if osResult.Error() != nil { return "", nil, fmt.Errorf("Error making info request: %v", osResult.Error()) } body, err := osResult.Raw() if err != nil { return "", nil, fmt.Errorf("Error reading info response: %v\n", err) } glog.V(1).Infof("Raw JSON: %v\n", string(body)) var accessData osintypes.InfoResponseData err = json.Unmarshal(body, &accessData) if err != nil { return "", nil, fmt.Errorf("Error while unmarshalling info response: %v %v", err, string(body)) } if accessData.Error == "invalid_request" { return "", nil, fmt.Errorf("\"%v\" is not a valid token.\n", token) } if len(accessData.ErrorDescription) != 0 { return "", nil, fmt.Errorf("%v\n", accessData.ErrorDescription) } return string(body), &accessData, nil }
func runBuildRunningPodDeleteTest(t *testing.T, clusterAdminClient *client.Client, clusterAdminKubeClient *kclient.Client) { buildWatch, err := clusterAdminClient.Builds(testutil.Namespace()).Watch(labels.Everything(), fields.Everything(), "0") if err != nil { t.Fatalf("Couldn't subscribe to Builds %v", err) } defer buildWatch.Stop() created, err := clusterAdminClient.Builds(testutil.Namespace()).Create(mockBuild()) if err != nil { t.Fatalf("Couldn't create Build: %v", err) } podWatch, err := clusterAdminKubeClient.Pods(testutil.Namespace()).Watch(labels.Everything(), fields.Everything(), created.ResourceVersion) if err != nil { t.Fatalf("Couldn't subscribe to Pods %v", err) } defer podWatch.Stop() // wait for initial build event from the creation of the imagerepo with tag latest event := waitForWatch(t, "initial build added", buildWatch) if e, a := watchapi.Added, event.Type; e != a { t.Fatalf("expected watch event type %s, got %s", e, a) } newBuild := event.Object.(*buildapi.Build) // initial pod creation for build event = waitForWatch(t, "build pod created", podWatch) if e, a := watchapi.Added, event.Type; e != a { t.Fatalf("expected watch event type %s, got %s", e, a) } event = waitForWatch(t, "build updated to pending", buildWatch) if e, a := watchapi.Modified, event.Type; e != a { t.Fatalf("expected watch event type %s, got %s", e, a) } newBuild = event.Object.(*buildapi.Build) if newBuild.Status != buildapi.BuildStatusPending { t.Fatalf("expected build status to be marked pending, but was marked %s", newBuild.Status) } clusterAdminKubeClient.Pods(testutil.Namespace()).Delete(buildutil.GetBuildPodName(newBuild), kapi.NewDeleteOptions(0)) event = waitForWatch(t, "build updated to error", buildWatch) if e, a := watchapi.Modified, event.Type; e != a { t.Fatalf("expected watch event type %s, got %s", e, a) } newBuild = event.Object.(*buildapi.Build) if newBuild.Status != buildapi.BuildStatusError { t.Fatalf("expected build status to be marked error, but was marked %s", newBuild.Status) } }
func whoAmI(client *client.Client) (*api.User, error) { me, err := client.Users().Get("~") if err != nil { return nil, err } return me, nil }
func verifyOpenShiftUser(client *client.Client) error { if _, err := client.Users().Get("~"); err != nil { log.Errorf("Get user failed with error: %s", err) if kerrors.IsUnauthorized(err) || kerrors.IsForbidden(err) { return ErrOpenShiftAccessDenied } return err } return nil }
func verifyPruneAccess(client *client.Client) error { sar := authorizationapi.SubjectAccessReview{ Verb: "delete", Resource: "images", } response, err := client.ClusterSubjectAccessReviews().Create(&sar) if err != nil { log.Errorf("OpenShift client error: %s", err) if kerrors.IsUnauthorized(err) || kerrors.IsForbidden(err) { return ErrOpenShiftAccessDenied } return err } if !response.Allowed { log.Errorf("OpenShift access denied: %s", response.Reason) return ErrOpenShiftAccessDenied } return nil }
func verifyImageStreamAccess(namespace, imageRepo, verb string, client *client.Client) error { sar := authorizationapi.SubjectAccessReview{ Verb: verb, Resource: "imagestreams/layers", ResourceName: imageRepo, } response, err := client.SubjectAccessReviews(namespace).Create(&sar) if err != nil { log.Errorf("OpenShift client error: %s", err) if kerrors.IsUnauthorized(err) || kerrors.IsForbidden(err) { return ErrOpenShiftAccessDenied } return err } if !response.Allowed { log.Errorf("OpenShift access denied: %s", response.Reason) return ErrOpenShiftAccessDenied } return nil }
func runBuildDeleteTest(t *testing.T, clusterAdminClient *client.Client, clusterAdminKubeClient *kclient.Client) { buildWatch, err := clusterAdminClient.Builds(testutil.Namespace()).Watch(labels.Everything(), fields.Everything(), "0") if err != nil { t.Fatalf("Couldn't subscribe to Builds %v", err) } defer buildWatch.Stop() created, err := clusterAdminClient.Builds(testutil.Namespace()).Create(mockBuild()) if err != nil { t.Fatalf("Couldn't create Build: %v", err) } podWatch, err := clusterAdminKubeClient.Pods(testutil.Namespace()).Watch(labels.Everything(), fields.Everything(), created.ResourceVersion) if err != nil { t.Fatalf("Couldn't subscribe to Pods %v", err) } defer podWatch.Stop() // wait for initial build event from the creation of the imagerepo with tag latest event := waitForWatch(t, "initial build added", buildWatch) if e, a := watchapi.Added, event.Type; e != a { t.Fatalf("expected watch event type %s, got %s", e, a) } newBuild := event.Object.(*buildapi.Build) // initial pod creation for build event = waitForWatch(t, "build pod created", podWatch) if e, a := watchapi.Added, event.Type; e != a { t.Fatalf("expected watch event type %s, got %s", e, a) } clusterAdminClient.Builds(testutil.Namespace()).Delete(newBuild.Name) event = waitForWatch(t, "pod deleted due to build deleted", podWatch) if e, a := watchapi.Deleted, event.Type; e != a { t.Fatalf("expected watch event type %s, got %s", e, a) } pod := event.Object.(*kapi.Pod) if expected := buildutil.GetBuildPodName(newBuild); pod.Name != expected { t.Fatalf("Expected pod %s to be deleted, but pod %s was deleted", expected, pod.Name) } }
func runImageChangeTriggerTest(t *testing.T, clusterAdminClient *client.Client, imageStream *imageapi.ImageStream, imageStreamMapping *imageapi.ImageStreamMapping, config *buildapi.BuildConfig, tag string) { created, err := clusterAdminClient.BuildConfigs(testutil.Namespace()).Create(config) if err != nil { t.Fatalf("Couldn't create BuildConfig: %v", err) } watch, err := clusterAdminClient.Builds(testutil.Namespace()).Watch(labels.Everything(), fields.Everything(), created.ResourceVersion) if err != nil { t.Fatalf("Couldn't subscribe to Builds %v", err) } watch2, err := clusterAdminClient.BuildConfigs(testutil.Namespace()).Watch(labels.Everything(), fields.Everything(), created.ResourceVersion) if err != nil { t.Fatalf("Couldn't subscribe to BuildConfigs %v", err) } defer watch2.Stop() imageStream, err = clusterAdminClient.ImageStreams(testutil.Namespace()).Create(imageStream) if err != nil { t.Fatalf("Couldn't create ImageStream: %v", err) } err = clusterAdminClient.ImageStreamMappings(testutil.Namespace()).Create(imageStreamMapping) if err != nil { t.Fatalf("Couldn't create Image: %v", err) } // wait for initial build event from the creation of the imagerepo with tag latest event := waitForWatch(t, "initial build added", watch) if e, a := watchapi.Added, event.Type; e != a { t.Fatalf("expected watch event type %s, got %s", e, a) } newBuild := event.Object.(*buildapi.Build) switch newBuild.Parameters.Strategy.Type { case buildapi.SourceBuildStrategyType: if newBuild.Parameters.Strategy.SourceStrategy.From.Name != "registry:8080/openshift/test-image-trigger:"+tag { i, _ := clusterAdminClient.ImageStreams(testutil.Namespace()).Get(imageStream.Name) bc, _ := clusterAdminClient.BuildConfigs(testutil.Namespace()).Get(config.Name) t.Fatalf("Expected build with base image %s, got %s\n, imagerepo is %v\ntrigger is %s\n", "registry:8080/openshift/test-image-trigger:"+tag, newBuild.Parameters.Strategy.DockerStrategy.From.Name, i, bc.Triggers[0].ImageChange) } case buildapi.DockerBuildStrategyType: if newBuild.Parameters.Strategy.DockerStrategy.From.Name != "registry:8080/openshift/test-image-trigger:"+tag { i, _ := clusterAdminClient.ImageStreams(testutil.Namespace()).Get(imageStream.Name) bc, _ := clusterAdminClient.BuildConfigs(testutil.Namespace()).Get(config.Name) t.Fatalf("Expected build with base image %s, got %s\n, imagerepo is %v\ntrigger is %s\n", "registry:8080/openshift/test-image-trigger:"+tag, newBuild.Parameters.Strategy.DockerStrategy.From.Name, i, bc.Triggers[0].ImageChange) } case buildapi.CustomBuildStrategyType: if newBuild.Parameters.Strategy.CustomStrategy.From.Name != "registry:8080/openshift/test-image-trigger:"+tag { i, _ := clusterAdminClient.ImageStreams(testutil.Namespace()).Get(imageStream.Name) bc, _ := clusterAdminClient.BuildConfigs(testutil.Namespace()).Get(config.Name) t.Fatalf("Expected build with base image %s, got %s\n, imagerepo is %v\ntrigger is %s\n", "registry:8080/openshift/test-image-trigger:"+tag, newBuild.Parameters.Strategy.DockerStrategy.From.Name, i, bc.Triggers[0].ImageChange) } } // Wait for an update on the specific build that was added watch3, err := clusterAdminClient.Builds(testutil.Namespace()).Watch(labels.Everything(), fields.OneTermEqualSelector("name", newBuild.Name), newBuild.ResourceVersion) defer watch3.Stop() if err != nil { t.Fatalf("Couldn't subscribe to Builds %v", err) } event = waitForWatch(t, "initial build update", watch3) if e, a := watchapi.Modified, event.Type; e != a { t.Fatalf("expected watch event type %s, got %s", e, a) } newBuild = event.Object.(*buildapi.Build) // Make sure the resolution of the build's docker image pushspec didn't mutate the persisted API object if newBuild.Parameters.Output.To.Name != "test-image-trigger-repo" || newBuild.Parameters.Output.Tag != "outputtag" || newBuild.Parameters.Output.DockerImageReference != "" { t.Fatalf("unexpected build output: %#v %#v", newBuild.Parameters.Output.To, newBuild.Parameters.Output) } if newBuild.Labels["testlabel"] != "testvalue" { t.Fatalf("Expected build with label %s=%s from build config got %s=%s", "testlabel", "testvalue", "testlabel", newBuild.Labels["testlabel"]) } // wait for build config to be updated WaitLoop: for { select { case e := <-watch2.ResultChan(): event = &e continue case <-time.After(BuildControllersWatchTimeout): break WaitLoop } } updatedConfig := event.Object.(*buildapi.BuildConfig) if err != nil { t.Fatalf("Couldn't get BuildConfig: %v", err) } // the first tag did not have an image id, so the last trigger field is the pull spec if updatedConfig.Triggers[0].ImageChange.LastTriggeredImageID != "registry:8080/openshift/test-image-trigger:"+tag { t.Fatalf("Expected imageID equal to pull spec, got %#v", updatedConfig.Triggers[0].ImageChange) } // clear out the build/buildconfig watches before triggering a new build WaitLoop2: for { select { case <-watch.ResultChan(): continue case <-watch2.ResultChan(): continue case <-time.After(BuildControllersWatchTimeout): break WaitLoop2 } } // trigger a build by posting a new image if err := clusterAdminClient.ImageStreamMappings(testutil.Namespace()).Create(&imageapi.ImageStreamMapping{ ObjectMeta: kapi.ObjectMeta{ Namespace: testutil.Namespace(), Name: imageStream.Name, }, Tag: tag, Image: imageapi.Image{ ObjectMeta: kapi.ObjectMeta{ Name: "ref-2-random", }, DockerImageReference: "registry:8080/openshift/test-image-trigger:ref-2-random", }, }); err != nil { t.Fatalf("unexpected error: %v", err) } event = waitForWatch(t, "second build created", watch) if e, a := watchapi.Added, event.Type; e != a { t.Fatalf("expected watch event type %s, got %s", e, a) } newBuild = event.Object.(*buildapi.Build) switch newBuild.Parameters.Strategy.Type { case buildapi.SourceBuildStrategyType: if newBuild.Parameters.Strategy.SourceStrategy.From.Name != "registry:8080/openshift/test-image-trigger:ref-2-random" { i, _ := clusterAdminClient.ImageStreams(testutil.Namespace()).Get(imageStream.Name) bc, _ := clusterAdminClient.BuildConfigs(testutil.Namespace()).Get(config.Name) t.Fatalf("Expected build with base image %s, got %s\n, imagerepo is %v\trigger is %s\n", "registry:8080/openshift/test-image-trigger:ref-2-random", newBuild.Parameters.Strategy.DockerStrategy.From.Name, i, bc.Triggers[3].ImageChange) } case buildapi.DockerBuildStrategyType: if newBuild.Parameters.Strategy.DockerStrategy.From.Name != "registry:8080/openshift/test-image-trigger:ref-2-random" { i, _ := clusterAdminClient.ImageStreams(testutil.Namespace()).Get(imageStream.Name) bc, _ := clusterAdminClient.BuildConfigs(testutil.Namespace()).Get(config.Name) t.Fatalf("Expected build with base image %s, got %s\n, imagerepo is %v\trigger is %s\n", "registry:8080/openshift/test-image-trigger:ref-2-random", newBuild.Parameters.Strategy.DockerStrategy.From.Name, i, bc.Triggers[3].ImageChange) } case buildapi.CustomBuildStrategyType: if newBuild.Parameters.Strategy.CustomStrategy.From.Name != "registry:8080/openshift/test-image-trigger:ref-2-random" { i, _ := clusterAdminClient.ImageStreams(testutil.Namespace()).Get(imageStream.Name) bc, _ := clusterAdminClient.BuildConfigs(testutil.Namespace()).Get(config.Name) t.Fatalf("Expected build with base image %s, got %s\n, imagerepo is %v\trigger is %s\n", "registry:8080/openshift/test-image-trigger:ref-2-random", newBuild.Parameters.Strategy.DockerStrategy.From.Name, i, bc.Triggers[3].ImageChange) } } // Listen to events on specific build watch4, err := clusterAdminClient.Builds(testutil.Namespace()).Watch(labels.Everything(), fields.OneTermEqualSelector("name", newBuild.Name), newBuild.ResourceVersion) defer watch4.Stop() event = waitForWatch(t, "update on second build", watch4) if e, a := watchapi.Modified, event.Type; e != a { t.Fatalf("expected watch event type %s, got %s", e, a) } newBuild = event.Object.(*buildapi.Build) // Make sure the resolution of the build's docker image pushspec didn't mutate the persisted API object if newBuild.Parameters.Output.To.Name != "test-image-trigger-repo" || newBuild.Parameters.Output.Tag != "outputtag" || newBuild.Parameters.Output.DockerImageReference != "" { t.Fatalf("unexpected build output: %#v %#v", newBuild.Parameters.Output.To, newBuild.Parameters.Output) } if newBuild.Labels["testlabel"] != "testvalue" { t.Fatalf("Expected build with label %s=%s from build config got %s=%s", "testlabel", "testvalue", "testlabel", newBuild.Labels["testlabel"]) } WaitLoop3: for { select { case e := <-watch2.ResultChan(): event = &e continue case <-time.After(BuildControllersWatchTimeout): break WaitLoop3 } } updatedConfig = event.Object.(*buildapi.BuildConfig) if e, a := "registry:8080/openshift/test-image-trigger:ref-2-random", updatedConfig.Triggers[0].ImageChange.LastTriggeredImageID; e != a { t.Errorf("unexpected trigger id: expected %v, got %v", e, a) } }