-
Notifications
You must be signed in to change notification settings - Fork 169
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
0046588
commit 6453188
Showing
1 changed file
with
110 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,110 @@ | ||
package e2e | ||
|
||
// Copyright (c) Microsoft Corporation. | ||
// Licensed under the Apache License 2.0. | ||
|
||
import ( | ||
"context" | ||
"net/http" | ||
"net/url" | ||
"strings" | ||
|
||
. "github.com/onsi/ginkgo/v2" | ||
. "github.com/onsi/gomega" | ||
|
||
corev1 "k8s.io/api/core/v1" | ||
kerrors "k8s.io/apimachinery/pkg/api/errors" | ||
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" | ||
|
||
"github.com/Azure/ARO-RP/pkg/util/stringutils" | ||
) | ||
|
||
var loadBalancerService = corev1.Service{ | ||
ObjectMeta: metav1.ObjectMeta{ | ||
Name: "test", | ||
}, | ||
Spec: corev1.ServiceSpec{ | ||
Type: corev1.ServiceTypeLoadBalancer, | ||
Ports: []corev1.ServicePort{ | ||
{ | ||
Name: "service-443", | ||
Protocol: corev1.ProtocolTCP, | ||
Port: int32(443), | ||
}, | ||
}, | ||
}, | ||
} | ||
|
||
var _ = Describe("[Admin API] Delete managed resource action", func() { | ||
BeforeEach(skipIfNotInDevelopmentEnv) | ||
|
||
It("should be possible to delete managed cluster resources", func(ctx context.Context) { | ||
var service *corev1.Service | ||
var lbRuleID string | ||
var fipConfigID string | ||
var pipAddressID string | ||
|
||
By("creating a test service of type loadbalancer") | ||
_, err := clients.Kubernetes.CoreV1().Services("default").Create(ctx, &loadBalancerService, metav1.CreateOptions{}) | ||
Expect(err).NotTo(HaveOccurred()) | ||
|
||
defer func() { | ||
By("cleaning up the k8s loadbalancer service") | ||
err := clients.Kubernetes.CoreV1().Services("default").Delete(ctx, "test", metav1.DeleteOptions{}) | ||
Expect(err).NotTo(HaveOccurred()) | ||
|
||
// wait for deletion to prevent flakes on retries | ||
Eventually(func(g Gomega, ctx context.Context) { | ||
_, err = clients.Kubernetes.CoreV1().Services("default").Get(ctx, "test", metav1.GetOptions{}) | ||
g.Expect(kerrors.IsNotFound(err)).To(BeTrue(), "expect Service to be deleted") | ||
}).WithContext(ctx).WithTimeout(DefaultEventuallyTimeout).Should(Succeed()) | ||
}() | ||
|
||
// wait for ingress IP to be assigned as this indicate the service is ready | ||
Eventually(func(g Gomega, ctx context.Context) { | ||
service, err = clients.Kubernetes.CoreV1().Services("default").Get(ctx, "test", metav1.GetOptions{}) | ||
g.Expect(err).NotTo(HaveOccurred()) | ||
g.Expect(len(service.Status.LoadBalancer.Ingress)).To(Equal(1)) | ||
}).WithContext(ctx).WithTimeout(DefaultEventuallyTimeout).Should(Succeed()) | ||
|
||
By("getting the newly created k8s service frontend IP configuration") | ||
oc, err := clients.OpenshiftClustersPreview.Get(ctx, vnetResourceGroup, clusterName) | ||
Expect(err).NotTo(HaveOccurred()) | ||
|
||
rgName := stringutils.LastTokenByte(*oc.OpenShiftClusterProperties.ClusterProfile.ResourceGroupID, '/') | ||
lbName, err := getPublicLoadBalancerName(ctx) | ||
|
||
lb, err := clients.LoadBalancers.Get(ctx, rgName, lbName, "") | ||
for _, fipConfig := range *lb.LoadBalancerPropertiesFormat.FrontendIPConfigurations { | ||
if !strings.Contains(*fipConfig.PublicIPAddress.ID, "default-v4") && !strings.Contains(*fipConfig.PublicIPAddress.ID, "pip-v4") { | ||
lbRuleID = *(*fipConfig.LoadBalancingRules)[0].ID | ||
fipConfigID = *fipConfig.ID | ||
pipAddressID = *fipConfig.PublicIPAddress.ID | ||
} | ||
} | ||
|
||
By("deleting the associated loadbalancer rule") | ||
testDeleteManagedResourceOK(ctx, lbRuleID) | ||
|
||
By("deleting the associated frontend ip config") | ||
testDeleteManagedResourceOK(ctx, fipConfigID) | ||
|
||
By("deleting the associated public ip address") | ||
testDeleteManagedResourceOK(ctx, pipAddressID) | ||
}) | ||
|
||
It("should NOT be possible to delete a resource not within the cluster's managed resource group", func(ctx context.Context) { | ||
By("trying to delete the master subnet") | ||
oc, err := clients.OpenshiftClustersPreview.Get(ctx, vnetResourceGroup, clusterName) | ||
Expect(err).NotTo(HaveOccurred()) | ||
|
||
resp, err := adminRequest(ctx, http.MethodPost, "/admin"+clusterResourceID+"/deletemanagedresource", url.Values{"resourceid": []string{*oc.OpenShiftClusterProperties.MasterProfile.SubnetID}}, true, nil, nil) | ||
Expect(resp.StatusCode).To(Equal(http.StatusBadRequest)) | ||
}) | ||
}) | ||
|
||
func testDeleteManagedResourceOK(ctx context.Context, resourceID string) { | ||
resp, err := adminRequest(ctx, http.MethodPost, "/admin"+clusterResourceID+"/deletemanagedresource", url.Values{"resourceid": []string{resourceID}}, true, nil, nil) | ||
Expect(err).NotTo(HaveOccurred()) | ||
Expect(resp.StatusCode).To(Equal(http.StatusOK)) | ||
} |