fix: make policies controller tests independent.

Updates the integration tests to make all the tests independent. Therefore, each one can be run individually and can be randomized with not issues. Signed-off-by: José Guilherme Vanz <jguilhermevanz@suse.com>
kubewarden · Apr 24, 2024 · 6723672 · 6723672
1 parent 14d472b
commit 6723672
Show file tree

Hide file tree

Showing 2 changed files with 260 additions and 239 deletions.
diff --git a/controllers/admissionpolicy_controller_test.go b/controllers/admissionpolicy_controller_test.go
@@ -32,9 +32,12 @@ import (
 )
 
 var _ = Describe("AdmissionPolicy controller", func() {
-	policyNamespace := "admission-policy-controller-test"
+	var policyNamespace string
+	var policyServerName string
 
 	BeforeEach(func() {
+		policyNamespace = "admission-policy-controller-test"
+		policyServerName = newName("policy-server")
 		Expect(
 			k8sClient.Create(ctx, &corev1.Namespace{
 				ObjectMeta: metav1.ObjectMeta{
@@ -45,20 +48,17 @@ var _ = Describe("AdmissionPolicy controller", func() {
 	})
 
 	When("creating a validating AdmissionPolicy", func() {
-		policyServerName := newName("policy-server")
-		policyName := newName("validating-policy")
-
-		It("should set the AdmissionPolicy to active", func() {
-			By("creating the PolicyServer")
-			Expect(
-				k8sClient.Create(ctx, policyServerFactory(policyServerName)),
-			).To(Succeed())
-
-			By("creating the AdmissionPolicy")
-			Expect(
-				k8sClient.Create(ctx, admissionPolicyFactory(policyName, policyNamespace, policyServerName, false)),
-			).To(Succeed())
+		var policyName string
+		var policy *policiesv1.AdmissionPolicy
+
+		BeforeEach(func() {
+			policyName = newName("validating-policy")
+			createPolicyServerAndWaitForItsService(policyServerFactory(policyServerName))
+			policy = admissionPolicyFactory(policyName, policyNamespace, policyServerName, false)
+			Expect(k8sClient.Create(ctx, policy)).To(Succeed())
+		})
 
+		It("should set the AdminissionPolicy to active sometime after its creation", func() {
 			By("changing the policy status to pending")
 			Eventually(func() (*policiesv1.AdmissionPolicy, error) {
 				return getTestAdmissionPolicy(policyNamespace, policyName)
@@ -76,7 +76,7 @@ var _ = Describe("AdmissionPolicy controller", func() {
 
 		It("should create the ValidatingWebhookConfiguration", func() {
 			Eventually(func() error {
-				validatingWebhookConfiguration, err := getTestValidatingWebhookConfiguration(fmt.Sprintf("namespaced-%s-%s", policyNamespace, policyName))
+				validatingWebhookConfiguration, err := getTestValidatingWebhookConfiguration(policy.GetUniqueName())
 				if err != nil {
 					return err
 				}
@@ -96,74 +96,77 @@ var _ = Describe("AdmissionPolicy controller", func() {
 			}, timeout, pollInterval).Should(Succeed())
 		})
 
-		When("the ValidatingWebhookConfiguration is changed", func() {
-			It("should be reconciled to the original state", func() {
-				By("changing the ValidatingWebhookConfiguration")
-				validatingWebhookConfiguration, err := getTestValidatingWebhookConfiguration(fmt.Sprintf("namespaced-%s-%s", policyNamespace, policyName))
-				Expect(err).ToNot(HaveOccurred())
-				originalValidatingWebhookConfiguration := validatingWebhookConfiguration.DeepCopy()
-
-				delete(validatingWebhookConfiguration.Labels, "kubewarden")
-				validatingWebhookConfiguration.Labels[constants.WebhookConfigurationPolicyScopeLabelKey] = newName("scope")
-				delete(validatingWebhookConfiguration.Annotations, constants.WebhookConfigurationPolicyNameAnnotationKey)
-				validatingWebhookConfiguration.Annotations[constants.WebhookConfigurationPolicyNamespaceAnnotationKey] = newName("namespace")
-				validatingWebhookConfiguration.Webhooks[0].ClientConfig.Service.Name = newName("service")
-				validatingWebhookConfiguration.Webhooks[0].ClientConfig.CABundle = []byte("invalid")
-				Expect(
-					k8sClient.Update(ctx, validatingWebhookConfiguration),
-				).To(Succeed())
-
-				By("reconciling the ValidatingWebhookConfiguration to its original state")
-				Eventually(func() (*admissionregistrationv1.ValidatingWebhookConfiguration, error) {
-					return getTestValidatingWebhookConfiguration(fmt.Sprintf("namespaced-%s-%s", policyNamespace, policyName))
-				}, timeout, pollInterval).Should(
-					And(
-						HaveField("Labels", Equal(originalValidatingWebhookConfiguration.Labels)),
-						HaveField("Annotations", Equal(originalValidatingWebhookConfiguration.Annotations)),
-						HaveField("Webhooks", Equal(originalValidatingWebhookConfiguration.Webhooks)),
-					),
-				)
-
-				// simulate unitialized labels and annotation maps (behaviour of Kubewarden <= 1.9.0), or user change
-				By("setting the ValidatingWebhookConfiguration labels and annotation to nil")
-				validatingWebhookConfiguration, err = getTestValidatingWebhookConfiguration(fmt.Sprintf("namespaced-%s-%s", policyNamespace, policyName))
-				Expect(err).ToNot(HaveOccurred())
+		It("should be reconcile the ValidationWebhookConfiguration to the original state after some change", func() {
+			var originalValidatingWebhookConfiguration *admissionregistrationv1.ValidatingWebhookConfiguration
+			var validatingWebhookConfiguration *admissionregistrationv1.ValidatingWebhookConfiguration
+			Eventually(func() error {
+				var err error
+				validatingWebhookConfiguration, err = getTestValidatingWebhookConfiguration(policy.GetUniqueName())
+				if err != nil {
+					return err
+				}
 				originalValidatingWebhookConfiguration = validatingWebhookConfiguration.DeepCopy()
-				validatingWebhookConfiguration.Labels = nil
-				validatingWebhookConfiguration.Annotations = nil
-				Expect(
-					k8sClient.Update(ctx, validatingWebhookConfiguration),
-				).To(Succeed())
-
-				By("reconciling the ValidatingWebhookConfiguration to its original state")
-				Eventually(func() (*admissionregistrationv1.ValidatingWebhookConfiguration, error) {
-					return getTestValidatingWebhookConfiguration(fmt.Sprintf("namespaced-%s-%s", policyNamespace, policyName))
-				}, timeout, pollInterval).Should(
-					And(
-						HaveField("Labels", Equal(originalValidatingWebhookConfiguration.Labels)),
-						HaveField("Annotations", Equal(originalValidatingWebhookConfiguration.Annotations)),
-						HaveField("Webhooks", Equal(originalValidatingWebhookConfiguration.Webhooks)),
-					),
-				)
-			})
-		})
-	})
-
-	When("creating a mutating AdmissionPolicy", func() {
-		policyServerName := newName("policy-server")
-		policyName := newName("mutating-policy")
+				return nil
+			}, timeout, pollInterval).Should(Succeed())
 
-		It("should set the AdmissionPolicy to active", func() {
-			By("creating the PolicyServer")
+			By("changing the ValidatingWebhookConfiguration")
+			delete(validatingWebhookConfiguration.Labels, "kubewarden")
+			validatingWebhookConfiguration.Labels[constants.WebhookConfigurationPolicyScopeLabelKey] = newName("scope")
+			delete(validatingWebhookConfiguration.Annotations, constants.WebhookConfigurationPolicyNameAnnotationKey)
+			validatingWebhookConfiguration.Annotations[constants.WebhookConfigurationPolicyNamespaceAnnotationKey] = newName("namespace")
+			validatingWebhookConfiguration.Webhooks[0].ClientConfig.Service.Name = newName("service")
+			validatingWebhookConfiguration.Webhooks[0].ClientConfig.CABundle = []byte("invalid")
 			Expect(
-				k8sClient.Create(ctx, policyServerFactory(policyServerName)),
+				k8sClient.Update(ctx, validatingWebhookConfiguration),
 			).To(Succeed())
 
-			By("creating the AdmissionPolicy")
+			By("reconciling the ValidatingWebhookConfiguration to its original state")
+			Eventually(func() (*admissionregistrationv1.ValidatingWebhookConfiguration, error) {
+				return getTestValidatingWebhookConfiguration(policy.GetUniqueName())
+			}, timeout, pollInterval).Should(
+				And(
+					HaveField("Labels", Equal(originalValidatingWebhookConfiguration.Labels)),
+					HaveField("Annotations", Equal(originalValidatingWebhookConfiguration.Annotations)),
+					HaveField("Webhooks", Equal(originalValidatingWebhookConfiguration.Webhooks)),
+				),
+			)
+
+			// simulate unitialized labels and annotation maps (behaviour of Kubewarden <= 1.9.0), or user change
+			By("setting the ValidatingWebhookConfiguration labels and annotation to nil")
+			validatingWebhookConfiguration, err := getTestValidatingWebhookConfiguration(policy.GetUniqueName())
+			Expect(err).ToNot(HaveOccurred())
+			originalValidatingWebhookConfiguration = validatingWebhookConfiguration.DeepCopy()
+			validatingWebhookConfiguration.Labels = nil
+			validatingWebhookConfiguration.Annotations = nil
 			Expect(
-				k8sClient.Create(ctx, admissionPolicyFactory(policyName, policyNamespace, policyServerName, true)),
+				k8sClient.Update(ctx, validatingWebhookConfiguration),
 			).To(Succeed())
 
+			By("reconciling the ValidatingWebhookConfiguration to its original state")
+			Eventually(func() (*admissionregistrationv1.ValidatingWebhookConfiguration, error) {
+				return getTestValidatingWebhookConfiguration(policy.GetUniqueName())
+			}, timeout, pollInterval).Should(
+				And(
+					HaveField("Labels", Equal(originalValidatingWebhookConfiguration.Labels)),
+					HaveField("Annotations", Equal(originalValidatingWebhookConfiguration.Annotations)),
+					HaveField("Webhooks", Equal(originalValidatingWebhookConfiguration.Webhooks)),
+				),
+			)
+		})
+	})
+
+	When("creating a mutating AdmissionPolicy", func() {
+		var policyName string
+		var policy *policiesv1.AdmissionPolicy
+
+		BeforeEach(func() {
+			policyName = newName("mutating-policy")
+			createPolicyServerAndWaitForItsService(policyServerFactory(policyServerName))
+			policy = admissionPolicyFactory(policyName, policyNamespace, policyServerName, true)
+			Expect(k8sClient.Create(ctx, policy)).To(Succeed())
+		})
+
+		It("should set the AdmissionPolicy to active", func() {
 			By("changing the policy status to pending")
 			Eventually(func() (*policiesv1.AdmissionPolicy, error) {
 				return getTestAdmissionPolicy(policyNamespace, policyName)
@@ -181,7 +184,7 @@ var _ = Describe("AdmissionPolicy controller", func() {
 
 		It("should create the MutatingWebhookConfiguration", func() {
 			Eventually(func() error {
-				mutatingWebhookConfiguration, err := getTestMutatingWebhookConfiguration(fmt.Sprintf("namespaced-%s-%s", policyNamespace, policyName))
+				mutatingWebhookConfiguration, err := getTestMutatingWebhookConfiguration(policy.GetUniqueName())
 				if err != nil {
 					return err
 				}
@@ -201,86 +204,91 @@ var _ = Describe("AdmissionPolicy controller", func() {
 			}, timeout, pollInterval).Should(Succeed())
 		})
 
-		When("the MutatingWebhookConfiguration is changed", func() {
-			It("should be reconciled to the original state", func() {
-				By("changing the MutatingWebhookConfiguration")
-				mutatingWebhookConfiguration, err := getTestMutatingWebhookConfiguration(fmt.Sprintf("namespaced-%s-%s", policyNamespace, policyName))
-				Expect(err).ToNot(HaveOccurred())
-				originalMutatingWebhookConfiguration := mutatingWebhookConfiguration.DeepCopy()
-
-				delete(mutatingWebhookConfiguration.Labels, "kubewarden")
-				mutatingWebhookConfiguration.Labels[constants.WebhookConfigurationPolicyScopeLabelKey] = newName("scope")
-				delete(mutatingWebhookConfiguration.Annotations, constants.WebhookConfigurationPolicyNameAnnotationKey)
-				mutatingWebhookConfiguration.Annotations[constants.WebhookConfigurationPolicyNamespaceAnnotationKey] = newName("namespace")
-				mutatingWebhookConfiguration.Webhooks[0].ClientConfig.Service.Name = newName("service")
-				mutatingWebhookConfiguration.Webhooks[0].ClientConfig.CABundle = []byte("invalid")
-				Expect(
-					k8sClient.Update(ctx, mutatingWebhookConfiguration),
-				).To(Succeed())
-
-				By("reconciling the MutatingWebhookConfiguration to its original state")
-				Eventually(func() (*admissionregistrationv1.MutatingWebhookConfiguration, error) {
-					return getTestMutatingWebhookConfiguration(fmt.Sprintf("namespaced-%s-%s", policyNamespace, policyName))
-				}, timeout, pollInterval).Should(
-					And(
-						HaveField("Labels", Equal(originalMutatingWebhookConfiguration.Labels)),
-						HaveField("Annotations", Equal(originalMutatingWebhookConfiguration.Annotations)),
-						HaveField("Webhooks", Equal(originalMutatingWebhookConfiguration.Webhooks)),
-					),
-				)
-
-				// simulate unitialized labels and annotation maps (behaviour of Kubewarden <= 1.9.0), or user change
-				By("by setting the MutatingWebhookConfiguration labels and annotation to nil")
-				mutatingWebhookConfiguration, err = getTestMutatingWebhookConfiguration(fmt.Sprintf("namespaced-%s-%s", policyNamespace, policyName))
-				Expect(err).ToNot(HaveOccurred())
+		It("should be reconcile the MutatingWebhookConfiguration to the original state after some change", func() {
+			var originalMutatingWebhookConfiguration *admissionregistrationv1.MutatingWebhookConfiguration
+			var mutatingWebhookConfiguration *admissionregistrationv1.MutatingWebhookConfiguration
+			Eventually(func() error {
+				var err error
+				mutatingWebhookConfiguration, err = getTestMutatingWebhookConfiguration(policy.GetUniqueName())
+				if err != nil {
+					return err
+				}
 				originalMutatingWebhookConfiguration = mutatingWebhookConfiguration.DeepCopy()
-				mutatingWebhookConfiguration.Labels = nil
-				mutatingWebhookConfiguration.Annotations = nil
-				Expect(
-					k8sClient.Update(ctx, mutatingWebhookConfiguration),
-				).To(Succeed())
-
-				By("reconciling the MutatingWebhookConfiguration to its original state")
-				Eventually(func() (*admissionregistrationv1.MutatingWebhookConfiguration, error) {
-					return getTestMutatingWebhookConfiguration(fmt.Sprintf("namespaced-%s-%s", policyNamespace, policyName))
-				}, timeout, pollInterval).Should(
-					And(
-						HaveField("Labels", Equal(originalMutatingWebhookConfiguration.Labels)),
-						HaveField("Annotations", Equal(originalMutatingWebhookConfiguration.Annotations)),
-						HaveField("Webhooks", Equal(originalMutatingWebhookConfiguration.Webhooks)),
-					),
-				)
-			})
-		})
-	})
+				return nil
+			}, timeout, pollInterval).Should(Succeed())
 
-	When("creating an AdmissionPolicy without a PolicyServer assigned", func() {
-		policyName := newName("unscheduled-policy")
+			By("changing the MutatingWebhookConfiguration")
+			delete(mutatingWebhookConfiguration.Labels, "kubewarden")
+			mutatingWebhookConfiguration.Labels[constants.WebhookConfigurationPolicyScopeLabelKey] = newName("scope")
+			delete(mutatingWebhookConfiguration.Annotations, constants.WebhookConfigurationPolicyNameAnnotationKey)
+			mutatingWebhookConfiguration.Annotations[constants.WebhookConfigurationPolicyNamespaceAnnotationKey] = newName("namespace")
+			mutatingWebhookConfiguration.Webhooks[0].ClientConfig.Service.Name = newName("service")
+			mutatingWebhookConfiguration.Webhooks[0].ClientConfig.CABundle = []byte("invalid")
+			Expect(
+				k8sClient.Update(ctx, mutatingWebhookConfiguration),
+			).To(Succeed())
+
+			By("reconciling the MutatingWebhookConfiguration to its original state")
+			Eventually(func() (*admissionregistrationv1.MutatingWebhookConfiguration, error) {
+				return getTestMutatingWebhookConfiguration(fmt.Sprintf("namespaced-%s-%s", policyNamespace, policyName))
+			}, timeout, pollInterval).Should(
+				And(
+					HaveField("Labels", Equal(originalMutatingWebhookConfiguration.Labels)),
+					HaveField("Annotations", Equal(originalMutatingWebhookConfiguration.Annotations)),
+					HaveField("Webhooks", Equal(originalMutatingWebhookConfiguration.Webhooks)),
+				),
+			)
 
-		It("should set the policy status to unscheduled", func() {
+			// simulate unitialized labels and annotation maps (behaviour of Kubewarden <= 1.9.0), or user change
+			By("by setting the MutatingWebhookConfiguration labels and annotation to nil")
+			mutatingWebhookConfiguration, err := getTestMutatingWebhookConfiguration(fmt.Sprintf("namespaced-%s-%s", policyNamespace, policyName))
+			Expect(err).ToNot(HaveOccurred())
+			originalMutatingWebhookConfiguration = mutatingWebhookConfiguration.DeepCopy()
+			mutatingWebhookConfiguration.Labels = nil
+			mutatingWebhookConfiguration.Annotations = nil
 			Expect(
-				k8sClient.Create(ctx, admissionPolicyFactory(policyName, policyNamespace, "", false)),
-			).To(haveSucceededOrAlreadyExisted())
+				k8sClient.Update(ctx, mutatingWebhookConfiguration),
+			).To(Succeed())
 
-			Eventually(func() (*policiesv1.AdmissionPolicy, error) {
-				return getTestAdmissionPolicy(policyNamespace, policyName)
-			}, 30*time.Second, 250*time.Millisecond).Should(
-				HaveField("Status.PolicyStatus", Equal(policiesv1.PolicyStatusUnscheduled)),
+			By("reconciling the MutatingWebhookConfiguration to its original state")
+			Eventually(func() (*admissionregistrationv1.MutatingWebhookConfiguration, error) {
+				return getTestMutatingWebhookConfiguration(fmt.Sprintf("namespaced-%s-%s", policyNamespace, policyName))
+			}, timeout, pollInterval).Should(
+				And(
+					HaveField("Labels", Equal(originalMutatingWebhookConfiguration.Labels)),
+					HaveField("Annotations", Equal(originalMutatingWebhookConfiguration.Annotations)),
+					HaveField("Webhooks", Equal(originalMutatingWebhookConfiguration.Webhooks)),
+				),
 			)
 		})
+
 	})
 
-	When("creating an AdmissionPolicy with a PolicyServer assigned but not running yet", func() {
-		var (
-			policyName       = newName("scheduled-policy")
-			policyServerName = newName("policy-server")
+	It("should set policy status to unscheduled when creating an AdmissionPolicy without a PolicyServer assigned", func() {
+		policyName := newName("unscheduled-policy")
+		Expect(
+			k8sClient.Create(ctx, admissionPolicyFactory(policyName, policyNamespace, "", false)),
+		).To(haveSucceededOrAlreadyExisted())
+
+		Eventually(func() (*policiesv1.AdmissionPolicy, error) {
+			return getTestAdmissionPolicy(policyNamespace, policyName)
+		}, 30*time.Second, 250*time.Millisecond).Should(
+			HaveField("Status.PolicyStatus", Equal(policiesv1.PolicyStatusUnscheduled)),
 		)
 
-		It("should set the policy status to scheduled", func() {
+	})
+
+	When("creating an AdmissionPolicy with a PolicyServer assigned but not running yet", func() {
+		var policyName string
+
+		BeforeEach(func() {
+			policyName = newName("scheduled-policy")
 			Expect(
 				k8sClient.Create(ctx, admissionPolicyFactory(policyName, policyNamespace, policyServerName, false)),
 			).To(haveSucceededOrAlreadyExisted())
+		})
 
+		It("should set the policy status to scheduled", func() {
 			Eventually(func() (*policiesv1.AdmissionPolicy, error) {
 				return getTestAdmissionPolicy(policyNamespace, policyName)
 			}, timeout, pollInterval).Should(