From edd612d9f10a1a4f94efeba7a56ceb7996138c1e Mon Sep 17 00:00:00 2001 From: Caleb Woodbine Date: Mon, 6 Jan 2020 01:31:55 +0000 Subject: [PATCH 1/6] Add: test to patch a secret --- test/e2e/common/secrets.go | 64 ++++++++++++++++++++++++++++++++++++++ 1 file changed, 64 insertions(+) diff --git a/test/e2e/common/secrets.go b/test/e2e/common/secrets.go index 33c896e700c..7f62106d6b8 100644 --- a/test/e2e/common/secrets.go +++ b/test/e2e/common/secrets.go @@ -26,6 +26,9 @@ import ( imageutils "k8s.io/kubernetes/test/utils/image" "github.com/onsi/ginkgo" + "github.com/onsi/gomega" + "encoding/base64" + "k8s.io/apimachinery/pkg/types" ) var _ = ginkgo.Describe("[sig-api-machinery] Secrets", func() { @@ -134,6 +137,67 @@ var _ = ginkgo.Describe("[sig-api-machinery] Secrets", func() { secret, err := createEmptyKeySecretForTest(f) framework.ExpectError(err, "created secret %q with empty key in namespace %q", secret.Name, f.Namespace.Name) }) + + ginkgo.It("should patch a secret", func() { + ginkgo.By("creating a secret") + + secretTestName := "test-secret-" + string(uuid.NewUUID()) + + // create a secret in namespace default + _, err := f.ClientSet.CoreV1().Secrets("default").Create(&v1.Secret{ + ObjectMeta: metav1.ObjectMeta{ + Name: secretTestName, + }, + Data: map[string][]byte{ + "key": []byte("value"), + }, + Type: "Opaque", + }) + framework.ExpectNoError(err, "failed to create secret") + + ginkgo.By("listing secrets in all namespaces to ensure that there are more than zero") + // list all secrets in namespace default + secretsList, err := f.ClientSet.CoreV1().Secrets("").List(metav1.ListOptions{}) + framework.ExpectNoError(err, "failed to list secrets") + gomega.Expect(len(secretsList.Items)).ToNot(gomega.Equal(0), "no secrets found") + + foundCreatedSecret := false + var secretCreatedName string + for _, val := range secretsList.Items { + if val.ObjectMeta.Name == secretTestName && string(val.Data["key"]) == "value" { + foundCreatedSecret = true + secretCreatedName = val.ObjectMeta.Name + } + } + gomega.Expect(foundCreatedSecret).To(gomega.BeTrue(), "unable to find secret by its value") + + ginkgo.By("patching the secret") + // patch the secret + secretPatchNewData := base64.StdEncoding.EncodeToString([]byte("value1")) + secretPatch := fmt.Sprintf(`{"metadata":{"labels":{"testsecret":"true"}},"data":{"key":"%v"}}`, secretPatchNewData) + _, err = f.ClientSet.CoreV1().Secrets("default").Patch(secretCreatedName, types.StrategicMergePatchType, []byte(secretPatch)) + framework.ExpectNoError(err, "failed to patch secret") + + ginkgo.By("deleting the secret using a LabelSelector") + err = f.ClientSet.CoreV1().Secrets("default").DeleteCollection(&metav1.DeleteOptions{}, metav1.ListOptions{ + LabelSelector: "testsecret=true", + }) + framework.ExpectNoError(err, "failed to delete patched secret") + + ginkgo.By("listing secrets in all namespaces, searching for label name and value in patch") + // list all secrets in namespace default + secretsList, err = f.ClientSet.CoreV1().Secrets("").List(metav1.ListOptions{}) + framework.ExpectNoError(err, "failed to list secrets") + + foundCreatedSecret = false + for _, val := range secretsList.Items { + if val.ObjectMeta.Name == secretTestName && string(val.Data["key"]) == "value" { + foundCreatedSecret = true + secretCreatedName = val.ObjectMeta.Name + } + } + gomega.Expect(foundCreatedSecret).To(gomega.BeFalse(), "secret was not deleted sucessfully") + }) }) func newEnvFromSecret(namespace, name string) *v1.Secret { From c5e3ab12489fb5a6010234fbb37d4beb869dbd45 Mon Sep 17 00:00:00 2001 From: Caleb Woodbine Date: Mon, 6 Jan 2020 21:47:08 +0000 Subject: [PATCH 2/6] Fix: formatting, spelling --- test/e2e/common/secrets.go | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/test/e2e/common/secrets.go b/test/e2e/common/secrets.go index 7f62106d6b8..82e3ea1b4c6 100644 --- a/test/e2e/common/secrets.go +++ b/test/e2e/common/secrets.go @@ -25,9 +25,9 @@ import ( "k8s.io/kubernetes/test/e2e/framework" imageutils "k8s.io/kubernetes/test/utils/image" + "encoding/base64" "github.com/onsi/ginkgo" "github.com/onsi/gomega" - "encoding/base64" "k8s.io/apimachinery/pkg/types" ) @@ -143,7 +143,7 @@ var _ = ginkgo.Describe("[sig-api-machinery] Secrets", func() { secretTestName := "test-secret-" + string(uuid.NewUUID()) - // create a secret in namespace default + // create a secret in namespace default _, err := f.ClientSet.CoreV1().Secrets("default").Create(&v1.Secret{ ObjectMeta: metav1.ObjectMeta{ Name: secretTestName, @@ -193,10 +193,9 @@ var _ = ginkgo.Describe("[sig-api-machinery] Secrets", func() { for _, val := range secretsList.Items { if val.ObjectMeta.Name == secretTestName && string(val.Data["key"]) == "value" { foundCreatedSecret = true - secretCreatedName = val.ObjectMeta.Name } } - gomega.Expect(foundCreatedSecret).To(gomega.BeFalse(), "secret was not deleted sucessfully") + gomega.Expect(foundCreatedSecret).To(gomega.BeFalse(), "secret was not deleted successfully") }) }) From ab12f460d95ea9fa39c72dfeda35017db5898bee Mon Sep 17 00:00:00 2001 From: Caleb Woodbine Date: Tue, 7 Jan 2020 00:56:19 +0000 Subject: [PATCH 3/6] Update: to use framework instead of gomega for testing values --- test/e2e/common/secrets.go | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/test/e2e/common/secrets.go b/test/e2e/common/secrets.go index 82e3ea1b4c6..419dae32b4d 100644 --- a/test/e2e/common/secrets.go +++ b/test/e2e/common/secrets.go @@ -27,7 +27,6 @@ import ( "encoding/base64" "github.com/onsi/ginkgo" - "github.com/onsi/gomega" "k8s.io/apimachinery/pkg/types" ) @@ -159,7 +158,7 @@ var _ = ginkgo.Describe("[sig-api-machinery] Secrets", func() { // list all secrets in namespace default secretsList, err := f.ClientSet.CoreV1().Secrets("").List(metav1.ListOptions{}) framework.ExpectNoError(err, "failed to list secrets") - gomega.Expect(len(secretsList.Items)).ToNot(gomega.Equal(0), "no secrets found") + framework.ExpectNotEqual(len(secretsList.Items), 0, "no secrets found") foundCreatedSecret := false var secretCreatedName string @@ -169,7 +168,7 @@ var _ = ginkgo.Describe("[sig-api-machinery] Secrets", func() { secretCreatedName = val.ObjectMeta.Name } } - gomega.Expect(foundCreatedSecret).To(gomega.BeTrue(), "unable to find secret by its value") + framework.ExpectEqual(foundCreatedSecret, true, "unable to find secret by its value") ginkgo.By("patching the secret") // patch the secret @@ -195,7 +194,7 @@ var _ = ginkgo.Describe("[sig-api-machinery] Secrets", func() { foundCreatedSecret = true } } - gomega.Expect(foundCreatedSecret).To(gomega.BeFalse(), "secret was not deleted successfully") + framework.ExpectEqual(foundCreatedSecret, false, "secret was not deleted successfully") }) }) From b4fb46409d12d94b568e38259040c7e0c13262fd Mon Sep 17 00:00:00 2001 From: Caleb Woodbine Date: Tue, 7 Jan 2020 19:51:24 +0000 Subject: [PATCH 4/6] Update: test secret contains a default label, secrets are listed via default label, patch payload is marshaled instead of written in raw JSON, secret deleted check; Fix: comments, test namespace usage --- test/e2e/common/secrets.go | 36 +++++++++++++++++++++++++----------- 1 file changed, 25 insertions(+), 11 deletions(-) diff --git a/test/e2e/common/secrets.go b/test/e2e/common/secrets.go index 419dae32b4d..9877596be95 100644 --- a/test/e2e/common/secrets.go +++ b/test/e2e/common/secrets.go @@ -17,6 +17,7 @@ limitations under the License. package common import ( + "encoding/json" "fmt" "k8s.io/api/core/v1" @@ -142,10 +143,13 @@ var _ = ginkgo.Describe("[sig-api-machinery] Secrets", func() { secretTestName := "test-secret-" + string(uuid.NewUUID()) - // create a secret in namespace default - _, err := f.ClientSet.CoreV1().Secrets("default").Create(&v1.Secret{ + // create a secret in the test namespace + _, err := f.ClientSet.CoreV1().Secrets(f.Namespace.Name).Create(&v1.Secret{ ObjectMeta: metav1.ObjectMeta{ Name: secretTestName, + Labels: map[string]string{ + "testsecret-constant": "true", + }, }, Data: map[string][]byte{ "key": []byte("value"), @@ -155,8 +159,10 @@ var _ = ginkgo.Describe("[sig-api-machinery] Secrets", func() { framework.ExpectNoError(err, "failed to create secret") ginkgo.By("listing secrets in all namespaces to ensure that there are more than zero") - // list all secrets in namespace default - secretsList, err := f.ClientSet.CoreV1().Secrets("").List(metav1.ListOptions{}) + // list all secrets in all namespaces + secretsList, err := f.ClientSet.CoreV1().Secrets("").List(metav1.ListOptions{ + LabelSelector: "testsecret-constant=true", + }) framework.ExpectNoError(err, "failed to list secrets") framework.ExpectNotEqual(len(secretsList.Items), 0, "no secrets found") @@ -171,26 +177,34 @@ var _ = ginkgo.Describe("[sig-api-machinery] Secrets", func() { framework.ExpectEqual(foundCreatedSecret, true, "unable to find secret by its value") ginkgo.By("patching the secret") - // patch the secret + // patch the secret in the test namespace secretPatchNewData := base64.StdEncoding.EncodeToString([]byte("value1")) - secretPatch := fmt.Sprintf(`{"metadata":{"labels":{"testsecret":"true"}},"data":{"key":"%v"}}`, secretPatchNewData) - _, err = f.ClientSet.CoreV1().Secrets("default").Patch(secretCreatedName, types.StrategicMergePatchType, []byte(secretPatch)) + secretPatch, err := json.Marshal(map[string]interface{}{ + "metadata": map[string]interface{}{ + "labels": map[string]string{"testsecret": "true"}, + }, + "data": map[string][]byte{"key": []byte(secretPatchNewData)}, + }) + framework.ExpectNoError(err, "failed to marshal JSON") + _, err = f.ClientSet.CoreV1().Secrets(f.Namespace.Name).Patch(secretCreatedName, types.StrategicMergePatchType, []byte(secretPatch)) framework.ExpectNoError(err, "failed to patch secret") ginkgo.By("deleting the secret using a LabelSelector") - err = f.ClientSet.CoreV1().Secrets("default").DeleteCollection(&metav1.DeleteOptions{}, metav1.ListOptions{ + err = f.ClientSet.CoreV1().Secrets(f.Namespace.Name).DeleteCollection(&metav1.DeleteOptions{}, metav1.ListOptions{ LabelSelector: "testsecret=true", }) framework.ExpectNoError(err, "failed to delete patched secret") ginkgo.By("listing secrets in all namespaces, searching for label name and value in patch") - // list all secrets in namespace default - secretsList, err = f.ClientSet.CoreV1().Secrets("").List(metav1.ListOptions{}) + // list all secrets in all namespaces + secretsList, err = f.ClientSet.CoreV1().Secrets("").List(metav1.ListOptions{ + LabelSelector: "testsecret-constant=true", + }) framework.ExpectNoError(err, "failed to list secrets") foundCreatedSecret = false for _, val := range secretsList.Items { - if val.ObjectMeta.Name == secretTestName && string(val.Data["key"]) == "value" { + if val.ObjectMeta.Name == secretTestName && val.ObjectMeta.Namespace == f.Namespace.Name { foundCreatedSecret = true } } From 07e3c46cb4b522aa03525d3e5a85d5d836f2ca54 Mon Sep 17 00:00:00 2001 From: Caleb Woodbine Date: Thu, 9 Jan 2020 22:05:28 +0000 Subject: [PATCH 5/6] Add: secret data patch check --- test/e2e/common/secrets.go | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/test/e2e/common/secrets.go b/test/e2e/common/secrets.go index 9877596be95..84f0d8e341c 100644 --- a/test/e2e/common/secrets.go +++ b/test/e2e/common/secrets.go @@ -189,6 +189,14 @@ var _ = ginkgo.Describe("[sig-api-machinery] Secrets", func() { _, err = f.ClientSet.CoreV1().Secrets(f.Namespace.Name).Patch(secretCreatedName, types.StrategicMergePatchType, []byte(secretPatch)) framework.ExpectNoError(err, "failed to patch secret") + secret, err := f.ClientSet.CoreV1().Secrets(f.Namespace.Name).Get(secretCreatedName, metav1.GetOptions{}) + framework.ExpectNoError(err, "failed to get secret") + + secretDecodedstring, err := base64.StdEncoding.DecodeString(string(secret.Data["key"])) + framework.ExpectNoError(err, "failed to decode secret from Base64") + + framework.ExpectEqual(string(secretDecodedstring), "value1", "found secret, but the data wasn't updated from the patch") + ginkgo.By("deleting the secret using a LabelSelector") err = f.ClientSet.CoreV1().Secrets(f.Namespace.Name).DeleteCollection(&metav1.DeleteOptions{}, metav1.ListOptions{ LabelSelector: "testsecret=true", From dcd4dcdf2171fb40bd6187b526348733cbb4a9f8 Mon Sep 17 00:00:00 2001 From: Caleb Woodbine Date: Fri, 10 Jan 2020 02:38:49 +0000 Subject: [PATCH 6/6] Update: comments, searching for secrets in lists --- test/e2e/common/secrets.go | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/test/e2e/common/secrets.go b/test/e2e/common/secrets.go index 84f0d8e341c..f28607cfc33 100644 --- a/test/e2e/common/secrets.go +++ b/test/e2e/common/secrets.go @@ -159,7 +159,7 @@ var _ = ginkgo.Describe("[sig-api-machinery] Secrets", func() { framework.ExpectNoError(err, "failed to create secret") ginkgo.By("listing secrets in all namespaces to ensure that there are more than zero") - // list all secrets in all namespaces + // list all secrets in all namespaces to ensure endpoint coverage secretsList, err := f.ClientSet.CoreV1().Secrets("").List(metav1.ListOptions{ LabelSelector: "testsecret-constant=true", }) @@ -169,9 +169,10 @@ var _ = ginkgo.Describe("[sig-api-machinery] Secrets", func() { foundCreatedSecret := false var secretCreatedName string for _, val := range secretsList.Items { - if val.ObjectMeta.Name == secretTestName && string(val.Data["key"]) == "value" { + if val.ObjectMeta.Name == secretTestName && val.ObjectMeta.Namespace == f.Namespace.Name { foundCreatedSecret = true secretCreatedName = val.ObjectMeta.Name + break } } framework.ExpectEqual(foundCreatedSecret, true, "unable to find secret by its value") @@ -214,6 +215,7 @@ var _ = ginkgo.Describe("[sig-api-machinery] Secrets", func() { for _, val := range secretsList.Items { if val.ObjectMeta.Name == secretTestName && val.ObjectMeta.Namespace == f.Namespace.Name { foundCreatedSecret = true + break } } framework.ExpectEqual(foundCreatedSecret, false, "secret was not deleted successfully")