k3s/test/e2e/federated-secret.go

/*
Copyright 2015 The Kubernetes Authors.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.
*/

package e2e

import (
	"fmt"
	"time"

	. "github.com/onsi/ginkgo"
	. "github.com/onsi/gomega"
	fedclientset "k8s.io/kubernetes/federation/client/clientset_generated/federation_release_1_5"
	"k8s.io/kubernetes/federation/pkg/federation-controller/util"
	"k8s.io/kubernetes/pkg/api/errors"
	"k8s.io/kubernetes/pkg/api/v1"
	kubeclientset "k8s.io/kubernetes/pkg/client/clientset_generated/release_1_5"
	"k8s.io/kubernetes/pkg/util/wait"
	"k8s.io/kubernetes/test/e2e/framework"
)

const (
	FederatedSecretName    = "federated-secret"
	FederatedSecretTimeout = 60 * time.Second
	MaxRetries             = 3
)

// Create/delete secret api objects
var _ = framework.KubeDescribe("Federation secrets [Feature:Federation12]", func() {
	var clusters map[string]*cluster // All clusters, keyed by cluster name

	f := framework.NewDefaultFederatedFramework("federated-secret")

	Describe("Secret objects", func() {

		BeforeEach(func() {
			framework.SkipUnlessFederated(f.Client)
			clusters = map[string]*cluster{}
			registerClusters(clusters, UserAgentName, "", f)
		})

		AfterEach(func() {
			framework.SkipUnlessFederated(f.Client)
			unregisterClusters(clusters, f)
		})

		It("should be created and deleted successfully", func() {
			framework.SkipUnlessFederated(f.Client)
			nsName := f.FederationNamespace.Name
			secret := createSecretOrFail(f.FederationClientset_1_5, nsName)
			defer func() { // Cleanup
				By(fmt.Sprintf("Deleting secret %q in namespace %q", secret.Name, nsName))
				err := f.FederationClientset_1_5.Core().Secrets(nsName).Delete(secret.Name, &v1.DeleteOptions{})
				framework.ExpectNoError(err, "Error deleting secret %q in namespace %q", secret.Name, nsName)
			}()
			// wait for secret shards being created
			waitForSecretShardsOrFail(nsName, secret, clusters)
			secret = updateSecretOrFail(f.FederationClientset_1_5, nsName)
			waitForSecretShardsUpdatedOrFail(nsName, secret, clusters)
		})
	})
})

func createSecretOrFail(clientset *fedclientset.Clientset, namespace string) *v1.Secret {
	if clientset == nil || len(namespace) == 0 {
		Fail(fmt.Sprintf("Internal error: invalid parameters passed to createSecretOrFail: clientset: %v, namespace: %v", clientset, namespace))
	}

	secret := &v1.Secret{
		ObjectMeta: v1.ObjectMeta{
			Name: FederatedSecretName,
		},
	}
	By(fmt.Sprintf("Creating secret %q in namespace %q", secret.Name, namespace))
	_, err := clientset.Core().Secrets(namespace).Create(secret)
	framework.ExpectNoError(err, "Failed to create secret %s", secret.Name)
	By(fmt.Sprintf("Successfully created federated secret %q in namespace %q", FederatedSecretName, namespace))
	return secret
}

func updateSecretOrFail(clientset *fedclientset.Clientset, namespace string) *v1.Secret {
	if clientset == nil || len(namespace) == 0 {
		Fail(fmt.Sprintf("Internal error: invalid parameters passed to updateSecretOrFail: clientset: %v, namespace: %v", clientset, namespace))
	}

	var newSecret *v1.Secret
	for retryCount := 0; retryCount < MaxRetries; retryCount++ {
		secret, err := clientset.Core().Secrets(namespace).Get(FederatedSecretName)
		if err != nil {
			framework.Failf("failed to get secret %q: %v", FederatedSecretName, err)
		}

		// Update one of the data in the secret.
		secret.Data = map[string][]byte{
			"key": []byte("value"),
		}
		newSecret, err = clientset.Core().Secrets(namespace).Update(secret)
		if err == nil {
			return newSecret
		}
		if !errors.IsConflict(err) && !errors.IsServerTimeout(err) {
			framework.Failf("failed to update secret %q: %v", FederatedSecretName, err)
		}
	}
	framework.Failf("too many retries updating secret %q", FederatedSecretName)
	return newSecret
}

func waitForSecretShardsOrFail(namespace string, secret *v1.Secret, clusters map[string]*cluster) {
	framework.Logf("Waiting for secret %q in %d clusters", secret.Name, len(clusters))
	for _, c := range clusters {
		waitForSecretOrFail(c.Clientset, namespace, secret, true, FederatedSecretTimeout)
	}
}

func waitForSecretOrFail(clientset *kubeclientset.Clientset, namespace string, secret *v1.Secret, present bool, timeout time.Duration) {
	By(fmt.Sprintf("Fetching a federated secret shard of secret %q in namespace %q from cluster", secret.Name, namespace))
	var clusterSecret *v1.Secret
	err := wait.PollImmediate(framework.Poll, timeout, func() (bool, error) {
		clusterSecret, err := clientset.Core().Secrets(namespace).Get(secret.Name)
		if (!present) && errors.IsNotFound(err) { // We want it gone, and it's gone.
			By(fmt.Sprintf("Success: shard of federated secret %q in namespace %q in cluster is absent", secret.Name, namespace))
			return true, nil // Success
		}
		if present && err == nil { // We want it present, and the Get succeeded, so we're all good.
			By(fmt.Sprintf("Success: shard of federated secret %q in namespace %q in cluster is present", secret.Name, namespace))
			return true, nil // Success
		}
		By(fmt.Sprintf("Secret %q in namespace %q in cluster.  Found: %v, waiting for Found: %v, trying again in %s (err=%v)", secret.Name, namespace, clusterSecret != nil && err == nil, present, framework.Poll, err))
		return false, nil
	})
	framework.ExpectNoError(err, "Failed to verify secret %q in namespace %q in cluster: Present=%v", secret.Name, namespace, present)

	if present && clusterSecret != nil {
		Expect(util.SecretEquivalent(*clusterSecret, *secret))
	}
}

func waitForSecretShardsUpdatedOrFail(namespace string, secret *v1.Secret, clusters map[string]*cluster) {
	framework.Logf("Waiting for secret %q in %d clusters", secret.Name, len(clusters))
	for _, c := range clusters {
		waitForSecretUpdateOrFail(c.Clientset, namespace, secret, FederatedSecretTimeout)
	}
}

func waitForSecretUpdateOrFail(clientset *kubeclientset.Clientset, namespace string, secret *v1.Secret, timeout time.Duration) {
	By(fmt.Sprintf("Fetching a federated secret shard of secret %q in namespace %q from cluster", secret.Name, namespace))
	err := wait.PollImmediate(framework.Poll, timeout, func() (bool, error) {
		clusterSecret, err := clientset.Core().Secrets(namespace).Get(secret.Name)
		if err == nil { // We want it present, and the Get succeeded, so we're all good.
			if util.SecretEquivalent(*clusterSecret, *secret) {
				By(fmt.Sprintf("Success: shard of federated secret %q in namespace %q in cluster is updated", secret.Name, namespace))
				return true, nil
			} else {
				By(fmt.Sprintf("Expected equal secrets. expected: %+v\nactual: %+v", *secret, *clusterSecret))
			}
			By(fmt.Sprintf("Secret %q in namespace %q in cluster, waiting for secret being updated, trying again in %s (err=%v)", secret.Name, namespace, framework.Poll, err))
			return false, nil
		}
		By(fmt.Sprintf("Secret %q in namespace %q in cluster, waiting for being updated, trying again in %s (err=%v)", secret.Name, namespace, framework.Poll, err))
		return false, nil
	})
	framework.ExpectNoError(err, "Failed to verify secret %q in namespace %q in cluster", secret.Name, namespace)
}
Adding secrets to federation-apiserver & clientset, adding e2e tests 2016-06-21 16:29:03 +00:00			`/*`
			`Copyright 2015 The Kubernetes Authors.`

			`Licensed under the Apache License, Version 2.0 (the "License");`
			`you may not use this file except in compliance with the License.`
			`You may obtain a copy of the License at`

			`http://www.apache.org/licenses/LICENSE-2.0`

			`Unless required by applicable law or agreed to in writing, software`
			`distributed under the License is distributed on an "AS IS" BASIS,`
			`WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.`
			`See the License for the specific language governing permissions and`
			`limitations under the License.`
			`*/`

			`package e2e`

			`import (`
			`"fmt"`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`"time"`
Adding secrets to federation-apiserver & clientset, adding e2e tests 2016-06-21 16:29:03 +00:00
			`. "github.com/onsi/ginkgo"`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`. "github.com/onsi/gomega"`
manual changes to let client-gen use versioned options 2016-09-02 18:57:44 +00:00			`fedclientset "k8s.io/kubernetes/federation/client/clientset_generated/federation_release_1_5"`
Fixing federation secret and replicaset e2e tests 2016-09-13 01:46:01 +00:00			`"k8s.io/kubernetes/federation/pkg/federation-controller/util"`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`"k8s.io/kubernetes/pkg/api/errors"`
Adding secrets to federation-apiserver & clientset, adding e2e tests 2016-06-21 16:29:03 +00:00			`"k8s.io/kubernetes/pkg/api/v1"`
manual changes to let client-gen use versioned options 2016-09-02 18:57:44 +00:00			`kubeclientset "k8s.io/kubernetes/pkg/client/clientset_generated/release_1_5"`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`"k8s.io/kubernetes/pkg/util/wait"`
Adding secrets to federation-apiserver & clientset, adding e2e tests 2016-06-21 16:29:03 +00:00			`"k8s.io/kubernetes/test/e2e/framework"`
			`)`

			`const (`
Fixing federation secret and replicaset e2e tests 2016-09-13 01:46:01 +00:00			`FederatedSecretName = "federated-secret"`
			`FederatedSecretTimeout = 60 * time.Second`
			`MaxRetries = 3`
Adding secrets to federation-apiserver & clientset, adding e2e tests 2016-06-21 16:29:03 +00:00			`)`

			`// Create/delete secret api objects`
Fixing federation secret and replicaset e2e tests 2016-09-13 01:46:01 +00:00			`var _ = framework.KubeDescribe("Federation secrets [Feature:Federation12]", func() {`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`var clusters map[string]*cluster // All clusters, keyed by cluster name`

Adding secrets to federation-apiserver & clientset, adding e2e tests 2016-06-21 16:29:03 +00:00			`f := framework.NewDefaultFederatedFramework("federated-secret")`

			`Describe("Secret objects", func() {`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00
			`BeforeEach(func() {`
Adding secrets to federation-apiserver & clientset, adding e2e tests 2016-06-21 16:29:03 +00:00			`framework.SkipUnlessFederated(f.Client)`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`clusters = map[string]*cluster{}`
			`registerClusters(clusters, UserAgentName, "", f)`
			`})`
Adding secrets to federation-apiserver & clientset, adding e2e tests 2016-06-21 16:29:03 +00:00
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`AfterEach(func() {`
			`framework.SkipUnlessFederated(f.Client)`
			`unregisterClusters(clusters, f)`
Adding secrets to federation-apiserver & clientset, adding e2e tests 2016-06-21 16:29:03 +00:00			`})`

			`It("should be created and deleted successfully", func() {`
			`framework.SkipUnlessFederated(f.Client)`
Fixing/updating e2e tests 2016-08-22 17:48:43 +00:00			`nsName := f.FederationNamespace.Name`
manual changes to let client-gen use versioned options 2016-09-02 18:57:44 +00:00			`secret := createSecretOrFail(f.FederationClientset_1_5, nsName)`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`defer func() { // Cleanup`
			`By(fmt.Sprintf("Deleting secret %q in namespace %q", secret.Name, nsName))`
manual changes to let client-gen use versioned options 2016-09-02 18:57:44 +00:00			`err := f.FederationClientset_1_5.Core().Secrets(nsName).Delete(secret.Name, &v1.DeleteOptions{})`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`framework.ExpectNoError(err, "Error deleting secret %q in namespace %q", secret.Name, nsName)`
			`}()`
			`// wait for secret shards being created`
			`waitForSecretShardsOrFail(nsName, secret, clusters)`
manual changes to let client-gen use versioned options 2016-09-02 18:57:44 +00:00			`secret = updateSecretOrFail(f.FederationClientset_1_5, nsName)`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`waitForSecretShardsUpdatedOrFail(nsName, secret, clusters)`
			`})`
Adding secrets to federation-apiserver & clientset, adding e2e tests 2016-06-21 16:29:03 +00:00			`})`
			`})`

manual changes to let client-gen use versioned options 2016-09-02 18:57:44 +00:00			`func createSecretOrFail(clientset fedclientset.Clientset, namespace string) v1.Secret {`
Adding secrets to federation-apiserver & clientset, adding e2e tests 2016-06-21 16:29:03 +00:00			`if clientset == nil \|\| len(namespace) == 0 {`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`Fail(fmt.Sprintf("Internal error: invalid parameters passed to createSecretOrFail: clientset: %v, namespace: %v", clientset, namespace))`
Adding secrets to federation-apiserver & clientset, adding e2e tests 2016-06-21 16:29:03 +00:00			`}`

			`secret := &v1.Secret{`
			`ObjectMeta: v1.ObjectMeta{`
			`Name: FederatedSecretName,`
			`},`
			`}`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`By(fmt.Sprintf("Creating secret %q in namespace %q", secret.Name, namespace))`
Adding secrets to federation-apiserver & clientset, adding e2e tests 2016-06-21 16:29:03 +00:00			`_, err := clientset.Core().Secrets(namespace).Create(secret)`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`framework.ExpectNoError(err, "Failed to create secret %s", secret.Name)`
Adding secrets to federation-apiserver & clientset, adding e2e tests 2016-06-21 16:29:03 +00:00			`By(fmt.Sprintf("Successfully created federated secret %q in namespace %q", FederatedSecretName, namespace))`
			`return secret`
			`}`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00
manual changes to let client-gen use versioned options 2016-09-02 18:57:44 +00:00			`func updateSecretOrFail(clientset fedclientset.Clientset, namespace string) v1.Secret {`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`if clientset == nil \|\| len(namespace) == 0 {`
			`Fail(fmt.Sprintf("Internal error: invalid parameters passed to updateSecretOrFail: clientset: %v, namespace: %v", clientset, namespace))`
			`}`

			`var newSecret *v1.Secret`
			`for retryCount := 0; retryCount < MaxRetries; retryCount++ {`
Fixing federation secret and replicaset e2e tests 2016-09-13 01:46:01 +00:00			`secret, err := clientset.Core().Secrets(namespace).Get(FederatedSecretName)`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`if err != nil {`
			`framework.Failf("failed to get secret %q: %v", FederatedSecretName, err)`
			`}`
Fixing federation secret and replicaset e2e tests 2016-09-13 01:46:01 +00:00
			`// Update one of the data in the secret.`
			`secret.Data = map[string][]byte{`
			`"key": []byte("value"),`
			`}`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`newSecret, err = clientset.Core().Secrets(namespace).Update(secret)`
			`if err == nil {`
			`return newSecret`
			`}`
			`if !errors.IsConflict(err) && !errors.IsServerTimeout(err) {`
			`framework.Failf("failed to update secret %q: %v", FederatedSecretName, err)`
			`}`
			`}`
			`framework.Failf("too many retries updating secret %q", FederatedSecretName)`
			`return newSecret`
			`}`

			`func waitForSecretShardsOrFail(namespace string, secret v1.Secret, clusters map[string]cluster) {`
			`framework.Logf("Waiting for secret %q in %d clusters", secret.Name, len(clusters))`
			`for _, c := range clusters {`
			`waitForSecretOrFail(c.Clientset, namespace, secret, true, FederatedSecretTimeout)`
			`}`
			`}`

manual changes to let client-gen use versioned options 2016-09-02 18:57:44 +00:00			`func waitForSecretOrFail(clientset kubeclientset.Clientset, namespace string, secret v1.Secret, present bool, timeout time.Duration) {`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`By(fmt.Sprintf("Fetching a federated secret shard of secret %q in namespace %q from cluster", secret.Name, namespace))`
			`var clusterSecret *v1.Secret`
			`err := wait.PollImmediate(framework.Poll, timeout, func() (bool, error) {`
			`clusterSecret, err := clientset.Core().Secrets(namespace).Get(secret.Name)`
			`if (!present) && errors.IsNotFound(err) { // We want it gone, and it's gone.`
			`By(fmt.Sprintf("Success: shard of federated secret %q in namespace %q in cluster is absent", secret.Name, namespace))`
			`return true, nil // Success`
			`}`
			`if present && err == nil { // We want it present, and the Get succeeded, so we're all good.`
			`By(fmt.Sprintf("Success: shard of federated secret %q in namespace %q in cluster is present", secret.Name, namespace))`
			`return true, nil // Success`
			`}`
			`By(fmt.Sprintf("Secret %q in namespace %q in cluster. Found: %v, waiting for Found: %v, trying again in %s (err=%v)", secret.Name, namespace, clusterSecret != nil && err == nil, present, framework.Poll, err))`
			`return false, nil`
			`})`
			`framework.ExpectNoError(err, "Failed to verify secret %q in namespace %q in cluster: Present=%v", secret.Name, namespace, present)`

			`if present && clusterSecret != nil {`
Fixing federation secret and replicaset e2e tests 2016-09-13 01:46:01 +00:00			`Expect(util.SecretEquivalent(clusterSecret, secret))`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`}`
			`}`

			`func waitForSecretShardsUpdatedOrFail(namespace string, secret v1.Secret, clusters map[string]cluster) {`
			`framework.Logf("Waiting for secret %q in %d clusters", secret.Name, len(clusters))`
			`for _, c := range clusters {`
			`waitForSecretUpdateOrFail(c.Clientset, namespace, secret, FederatedSecretTimeout)`
			`}`
			`}`

manual changes to let client-gen use versioned options 2016-09-02 18:57:44 +00:00			`func waitForSecretUpdateOrFail(clientset kubeclientset.Clientset, namespace string, secret v1.Secret, timeout time.Duration) {`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`By(fmt.Sprintf("Fetching a federated secret shard of secret %q in namespace %q from cluster", secret.Name, namespace))`
			`err := wait.PollImmediate(framework.Poll, timeout, func() (bool, error) {`
			`clusterSecret, err := clientset.Core().Secrets(namespace).Get(secret.Name)`
			`if err == nil { // We want it present, and the Get succeeded, so we're all good.`
Fixing federation secret and replicaset e2e tests 2016-09-13 01:46:01 +00:00			`if util.SecretEquivalent(clusterSecret, secret) {`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`By(fmt.Sprintf("Success: shard of federated secret %q in namespace %q in cluster is updated", secret.Name, namespace))`
			`return true, nil`
Fixing federation secret and replicaset e2e tests 2016-09-13 01:46:01 +00:00			`} else {`
			`By(fmt.Sprintf("Expected equal secrets. expected: %+v\nactual: %+v", secret, clusterSecret))`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`}`
Fixing federation secret and replicaset e2e tests 2016-09-13 01:46:01 +00:00			`By(fmt.Sprintf("Secret %q in namespace %q in cluster, waiting for secret being updated, trying again in %s (err=%v)", secret.Name, namespace, framework.Poll, err))`
e2e tests for Federated Secrets 2016-08-29 23:28:15 +00:00			`return false, nil`
			`}`
			`By(fmt.Sprintf("Secret %q in namespace %q in cluster, waiting for being updated, trying again in %s (err=%v)", secret.Name, namespace, framework.Poll, err))`
			`return false, nil`
			`})`
			`framework.ExpectNoError(err, "Failed to verify secret %q in namespace %q in cluster", secret.Name, namespace)`
			`}`