@@ -6,7 +6,6 @@ package osde2etests
66
77import (
88 "context"
9- "os"
109 "fmt"
1110
1211 "strings"
@@ -44,7 +43,6 @@ var _ = ginkgo.Describe("Certman Operator", ginkgo.Ordered, ginkgo.ContinueOnFai
4443 secretName string
4544
4645 dynamicClient dynamic.Interface
47- clusterName string
4846 )
4947
5048 const (
@@ -79,9 +77,6 @@ var _ = ginkgo.Describe("Certman Operator", ginkgo.Ordered, ginkgo.ContinueOnFai
7977 gomega .Expect (err ).ShouldNot (gomega .HaveOccurred (), "Unable to create dynamic client" )
8078 gomega .Expect (dynamicClient ).ShouldNot (gomega .BeNil (), "dynamic client is nil" )
8179
82- clusterName = os .Getenv ("CLUSTER_NAME" )
83- gomega .Expect (clusterName ).ToNot (gomega .BeEmpty (), "CLUSTER_NAME environment variable must be set" )
84-
8580 fmt .Println ("Setup Done Successfully" )
8681 })
8782
@@ -249,185 +244,194 @@ var _ = ginkgo.Describe("Certman Operator", ginkgo.Ordered, ginkgo.ContinueOnFai
249244 }
250245 })
251246
252- ginkgo .It ("remove finalizer from the ClusterDeployment" , func (ctx context.Context ) {
247+ ginkgo .It ("should automatically ensure finalizer is present on ClusterDeployment when not being deleted " , func (ctx context.Context ) {
253248 clusterDeploymentGVR := schema.GroupVersionResource {
254249 Group : "hive.openshift.io" ,
255250 Version : "v1" ,
256251 Resource : "clusterdeployments" ,
257252 }
258253
259- gomega .Eventually (func () bool {
260- cdList , err := dynamicClient .Resource (clusterDeploymentGVR ).Namespace ("certman-operator" ).List (ctx , metav1.ListOptions {})
261- if err != nil || len (cdList .Items ) == 0 {
262- ginkgo .Fail ("Error listing ClusterDeployments or no ClusterDeployment found" )
254+ ginkgo .By ("fetching ClusterDeployment" )
255+ cdList , err := dynamicClient .Resource (clusterDeploymentGVR ).Namespace ("certman-operator" ).List (ctx , metav1.ListOptions {})
256+ gomega .Expect (err ).ToNot (gomega .HaveOccurred (), "Error listing ClusterDeployments" )
257+ gomega .Expect (len (cdList .Items )).To (gomega .BeNumerically (">" , 0 ), "No ClusterDeployment found" )
258+
259+ clusterDeployment := cdList .Items [0 ]
260+ cdName := clusterDeployment .GetName ()
261+ logger .Info ("Processing ClusterDeployment" , "name" , cdName )
262+
263+ // Verify ClusterDeployment is not being deleted
264+ deletionTimestamp := clusterDeployment .GetDeletionTimestamp ()
265+ gomega .Expect (deletionTimestamp ).To (gomega .BeNil (), "ClusterDeployment should not be deleted for this test" )
266+
267+ // Check if the certman finalizer is missing (simulating a scenario where it was removed externally)
268+ // The operator should automatically add it back when reconciling
269+ finalizers := clusterDeployment .GetFinalizers ()
270+ hasCertmanFinalizer := false
271+ for _ , finalizer := range finalizers {
272+ if finalizer == "certificaterequests.certman.managed.openshift.io" {
273+ hasCertmanFinalizer = true
274+ break
263275 }
276+ }
264277
265- clusterDeployment := cdList .Items [0 ]
266- cdName := clusterDeployment .GetName ()
267- logger .Info ("Processing ClusterDeployment" , "name" , cdName )
278+ if ! hasCertmanFinalizer {
279+ logger .Info ("Certman finalizer is missing, waiting for operator to add it" , "name" , cdName )
280+ } else {
281+ logger .Info ("Certman finalizer already present, verifying operator maintains it" , "name" , cdName )
282+ }
268283
269- clusterDeployment .SetFinalizers ([]string {})
270- _ , err = dynamicClient .Resource (clusterDeploymentGVR ).Namespace ("certman-operator" ).Update (ctx , & clusterDeployment , metav1.UpdateOptions {})
284+ ginkgo .By ("verifying operator ensures the finalizer is present" )
285+ gomega .Eventually (func () bool {
286+ updatedCD , err := dynamicClient .Resource (clusterDeploymentGVR ).Namespace ("certman-operator" ).Get (ctx , cdName , metav1.GetOptions {})
271287 if err != nil {
272- logger .Error (err , "Failed to remove finalizers from ClusterDeployment" , "name" , cdName )
288+ logger .Error (err , "Failed to get ClusterDeployment" , "name" , cdName )
273289 return false
274290 }
275291
276- logger .Info ("Finalizers removed from ClusterDeployment" , "name" , cdName )
277-
278- updatedCD , err := dynamicClient .Resource (clusterDeploymentGVR ).Namespace ("certman-operator" ).Get (ctx , cdName , metav1.GetOptions {})
279- if err != nil {
280- logger .Info ("ClusterDeployment is deleted" , "name" , cdName )
281- return true
292+ // Verify it's still not being deleted
293+ if updatedCD .GetDeletionTimestamp () != nil {
294+ logger .Info ("ClusterDeployment is being deleted, skipping finalizer check" , "name" , cdName )
295+ return false
282296 }
283297
284- finalizers := updatedCD .GetFinalizers ()
285- for _ , finalizer := range finalizers {
286- if finalizer == "hive.openshift.io/deprovision" || finalizer == " certificaterequests.certman.managed.openshift.io"
287- logger .Info ("Finalizer has been re-added to ClusterDeployment" , "name" , cdName )
298+ updatedFinalizers := updatedCD .GetFinalizers ()
299+ for _ , finalizer := range updatedFinalizers {
300+ if finalizer == "certificaterequests.certman.managed.openshift.io" {
301+ logger .Info ("Operator has ensured finalizer is present on ClusterDeployment" , "name" , cdName , "finalizer" , finalizer )
288302 return true
289303 }
290304 }
291305
292- logger .Info ("Finalizer not yet re-added to ClusterDeployment" , "name" , cdName )
306+ logger .Info ("Finalizer not yet present on ClusterDeployment, waiting for operator to add it " , "name" , cdName )
293307 return false
294308
295- }, pollingDuration , 30 * time .Second ).Should (gomega .BeTrue (), "ClusterDeployment should be deleted or have finalizer re-added " )
309+ }, pollingDuration , 30 * time .Second ).Should (gomega .BeTrue (), "Operator should ensure ClusterDeployment has the certman finalizer when not being deleted " )
296310 })
297311
298- ginkgo .It ("remove finalizer from the CertificateRequest" , func (ctx context.Context ) {
312+ ginkgo .It ("should automatically ensure finalizer is present on CertificateRequest when not being deleted " , func (ctx context.Context ) {
299313 certRequestGVR := schema.GroupVersionResource {
300314 Group : "certman.managed.openshift.io" ,
301315 Version : "v1alpha1" ,
302316 Resource : "certificaterequests" ,
303317 }
304318
305- gomega .Eventually (func () bool {
306- crList , err := dynamicClient .Resource (certRequestGVR ).Namespace ("certman-operator" ).List (ctx , metav1.ListOptions {})
307- if err != nil || len (crList .Items ) == 0 {
308- logger .Error (err , "Error listing CertificateRequests or no CRs found" )
309- return false
319+ ginkgo .By ("fetching CertificateRequest" )
320+ crList , err := dynamicClient .Resource (certRequestGVR ).Namespace ("certman-operator" ).List (ctx , metav1.ListOptions {})
321+ gomega .Expect (err ).ToNot (gomega .HaveOccurred (), "Error listing CertificateRequests" )
322+ gomega .Expect (len (crList .Items )).To (gomega .BeNumerically (">" , 0 ), "No CertificateRequest found" )
323+
324+ certRequest := crList .Items [0 ]
325+ crName := certRequest .GetName ()
326+ logger .Info ("Processing CertificateRequest" , "name" , crName )
327+
328+ // Verify CertificateRequest is not being deleted
329+ deletionTimestamp := certRequest .GetDeletionTimestamp ()
330+ gomega .Expect (deletionTimestamp ).To (gomega .BeNil (), "CertificateRequest should not be deleted for this test" )
331+
332+ // Check if the certman finalizer is missing (simulating a scenario where it was removed externally)
333+ // The operator should automatically add it back when reconciling
334+ finalizers := certRequest .GetFinalizers ()
335+ hasCertmanFinalizer := false
336+ for _ , finalizer := range finalizers {
337+ if finalizer == "certificaterequests.certman.managed.openshift.io" {
338+ hasCertmanFinalizer = true
339+ break
310340 }
341+ }
311342
312- certRequest := crList .Items [0 ]
313- crName := certRequest .GetName ()
314- logger .Info ("Processing CertificateRequest" , "name" , crName )
343+ if ! hasCertmanFinalizer {
344+ logger .Info ("Certman finalizer is missing, waiting for operator to add it" , "name" , crName )
345+ } else {
346+ logger .Info ("Certman finalizer already present, verifying operator maintains it" , "name" , crName )
347+ }
315348
316- certRequest .SetFinalizers ([]string {})
317- _ , err = dynamicClient .Resource (certRequestGVR ).Namespace ("certman-operator" ).Update (ctx , & certRequest , metav1.UpdateOptions {})
349+ ginkgo .By ("verifying operator ensures the finalizer is present" )
350+ gomega .Eventually (func () bool {
351+ updatedCR , err := dynamicClient .Resource (certRequestGVR ).Namespace ("certman-operator" ).Get (ctx , crName , metav1.GetOptions {})
318352 if err != nil {
319- logger .Error (err , "Failed to remove finalizers from CertificateRequest" , "name" , crName )
353+ logger .Error (err , "Failed to get CertificateRequest" , "name" , crName )
320354 return false
321355 }
322- logger .Info ("Finalizers removed from CertificateRequest" , "name" , crName )
323356
324- updatedCR , err := dynamicClient . Resource ( certRequestGVR ). Namespace ( "certman-operator" ). Get ( ctx , crName , metav1. GetOptions {})
325- if err != nil {
326- logger .Info ("CertificateRequest is deleted" , "name" , crName )
327- return true
357+ // Verify it's still not being deleted
358+ if updatedCR . GetDeletionTimestamp () != nil {
359+ logger .Info ("CertificateRequest is being deleted, skipping finalizer check " , "name" , crName )
360+ return false
328361 }
329362
330- finalizers := updatedCR .GetFinalizers ()
331- for _ , finalizer := range finalizers {
363+ updatedFinalizers := updatedCR .GetFinalizers ()
364+ for _ , finalizer := range updatedFinalizers {
332365 if finalizer == "certificaterequests.certman.managed.openshift.io" {
333- logger .Info ("Finalizer has been re-added to CertificateRequest" , "name" , crName )
366+ logger .Info ("Operator has ensured finalizer is present on CertificateRequest" , "name" , crName , "finalizer" , finalizer )
334367 return true
335368 }
336369 }
337370
338- logger .Info ("Finalizer not yet re-added to CertificateRequest" , "name" , crName )
371+ logger .Info ("Finalizer not yet present on CertificateRequest, waiting for operator to add it " , "name" , crName )
339372 return false
340373
341- }, pollingDuration , 30 * time .Second ).Should (gomega .BeTrue (), "CertificateRequest should be deleted or have finalizer re-added " )
374+ }, pollingDuration , 30 * time .Second ).Should (gomega .BeTrue (), "Operator should ensure CertificateRequest has the certman finalizer when not being deleted " )
342375 })
343376
344377 ginkgo .It ("should have ClusterDeployment as the owner of the CertificateRequest" , func (ctx context.Context ) {
345-
378+ logger . Info ( "waiting to ckeck if finalizer is there or not" )
346379 clusterDeploymentGVR := schema.GroupVersionResource {
347- Group : "hive.openshift.io" ,
380+ Group : "hive.openshift.io" ,
348381 Version : "v1" ,
349382 Resource : "clusterdeployments" ,
350383 }
351384
352- logger .Info ("Checking if ClusterDeployment exists." )
353-
354- clusterDeploymentList , err := dynamicClient .Resource (clusterDeploymentGVR ).Namespace ("certman-operator" ).List (ctx , metav1.ListOptions {})
355- if err != nil {
356- ginkgo .Fail ("Error fetching ClusterDeployments" )
357- }
358-
359- if len (clusterDeploymentList .Items ) == 0 {
360- ginkgo .Fail ("ClusterDeployment not found." )
361- }
362-
363- logger .Info ("ClusterDeployment found, proceeding to check Owner Reference" )
364-
365- clusterDeploymentGVR = schema.GroupVersionResource {
385+ certRequestGVR := schema.GroupVersionResource {
366386 Group : "certman.managed.openshift.io" ,
367387 Version : "v1alpha1" ,
368388 Resource : "certificaterequests" ,
369389 }
370390
371- logger .Info ("Fetching CertificateRequests..." )
372-
391+ ginkgo .By ("fetching ClusterDeployment to get its name and UID" )
392+ clusterDeploymentList , err := dynamicClient .Resource (clusterDeploymentGVR ).Namespace ("certman-operator" ).List (ctx , metav1.ListOptions {})
393+ gomega .Expect (err ).ToNot (gomega .HaveOccurred (), "Error fetching ClusterDeployments" )
394+ gomega .Expect (len (clusterDeploymentList .Items )).To (gomega .BeNumerically (">" , 0 ), "ClusterDeployment not found" )
395+
396+ clusterDeployment := clusterDeploymentList .Items [0 ]
397+ cdName := clusterDeployment .GetName ()
398+ cdUID := clusterDeployment .GetUID ()
399+ logger .Info ("Found ClusterDeployment" , "name" , cdName , "uid" , cdUID )
400+
401+ ginkgo .By ("fetching CertificateRequest" )
402+ crList , err := dynamicClient .Resource (certRequestGVR ).Namespace ("certman-operator" ).List (ctx , metav1.ListOptions {})
403+ gomega .Expect (err ).ToNot (gomega .HaveOccurred (), "Error fetching CertificateRequests" )
404+ gomega .Expect (len (crList .Items )).To (gomega .BeNumerically (">" , 0 ), "No CertificateRequest found" )
405+
406+ certRequest := crList .Items [0 ]
407+ crName := certRequest .GetName ()
408+ logger .Info ("Found CertificateRequest" , "name" , crName )
409+
410+ ginkgo .By ("removing owner reference from CertificateRequest to test operator functionality" )
411+ certRequest .SetOwnerReferences ([]metav1.OwnerReference {})
412+ _ , err = dynamicClient .Resource (certRequestGVR ).Namespace ("certman-operator" ).Update (ctx , & certRequest , metav1.UpdateOptions {})
413+ gomega .Expect (err ).ToNot (gomega .HaveOccurred (), "Failed to remove owner reference from CertificateRequest" )
414+ logger .Info ("Owner reference removed from CertificateRequest" , "name" , crName )
415+
416+ ginkgo .By ("verifying operator automatically adds ClusterDeployment as owner reference" )
373417 gomega .Eventually (func () bool {
374- crList , err := dynamicClient .Resource (clusterDeploymentGVR ).Namespace ("certman-operator" ).List (ctx , metav1.ListOptions {})
375-
376- if err != nil || len (crList .Items ) == 0 {
377- logger .Error (err , "Error fetching CertificateRequests" )
418+ updatedCR , err := dynamicClient .Resource (certRequestGVR ).Namespace ("certman-operator" ).Get (ctx , crName , metav1.GetOptions {})
419+ if err != nil {
420+ logger .Error (err , "Failed to get CertificateRequest" , "name" , crName )
378421 return false
379422 }
380423
381- certRequest := crList .Items [0 ]
382- logger .Info ("Found CertificateRequest" , "name" , certRequest .GetName ())
383-
384- ownerRefs := certRequest .GetOwnerReferences ()
385- logger .Info ("Found OwnerReferences" , "ownerRefs" , ownerRefs )
386-
387- var clusterDeploymentOwnerFound bool
424+ ownerRefs := updatedCR .GetOwnerReferences ()
388425 for _ , owner := range ownerRefs {
389- logger .Info ("Checking owner" , "kind" , owner .Kind , "name" , owner .Name )
390- if owner .Kind == "ClusterDeployment" && owner .Name == clusterName {
391- logger .Info ("Found ClusterDeployment as owner!" )
392- clusterDeploymentOwnerFound = true
393- break
394- }
395- }
396-
397- if ! clusterDeploymentOwnerFound {
398- logger .Info ("ClusterDeployment is not the owner, adding it as the owner..." )
399-
400- isTrue := true
401- ownerRef := metav1.OwnerReference {
402- APIVersion : "hive.openshift.io/v1" ,
403- BlockOwnerDeletion : & isTrue ,
404- Controller : & isTrue ,
405- Kind : "ClusterDeployment" ,
406- Name : clusterName ,
407- UID : certRequest .GetUID (),
408- }
409-
410- certRequest .SetOwnerReferences (append (ownerRefs , ownerRef ))
411-
412- _ , err := dynamicClient .Resource (clusterDeploymentGVR ).Namespace ("certman-operator" ).Update (ctx , & certRequest , metav1.UpdateOptions {})
413- if err != nil {
414- logger .Error (err , "Error updating CertificateRequest with new owner reference" )
415- return false
416- }
417-
418- logger .Info ("Successfully added ClusterDeployment as the OwnerReference." )
419- }
420-
421- for _ , owner := range certRequest .GetOwnerReferences () {
422- if owner .Kind == "ClusterDeployment" && owner .Name == clusterName {
423- logger .Info ("ClusterDeployment is now the owner!" )
426+ if owner .Kind == "ClusterDeployment" && owner .Name == cdName {
427+ logger .Info ("ClusterDeployment has been added as owner by operator" , "name" , crName , "owner" , owner .Name )
424428 return true
425429 }
426430 }
427431
432+ logger .Info ("Owner reference not yet added by operator" , "name" , crName )
428433 return false
429- }, pollingDuration , 30 * time .Second ).Should (gomega .BeTrue (), "ClusterDeployment should be the owner of CertificateRequest" )
430-
434+ }, pollingDuration , 30 * time .Second ).Should (gomega .BeTrue (), "ClusterDeployment should be automatically added as owner of CertificateRequest by operator" )
431435 })
432436
433437 ginkgo .AfterAll (func (ctx context.Context ) {
0 commit comments