|
6 | 6 |
|
7 | 7 | from test_base import TestBase |
8 | 8 |
|
9 | | -from warnet.k8s import get_kubeconfig_value |
| 9 | +from warnet.constants import WARGAMES_NAMESPACE_PREFIX |
| 10 | +from warnet.k8s import get_kubeconfig_value, get_static_client |
10 | 11 | from warnet.process import run_command |
11 | 12 |
|
12 | 13 |
|
@@ -72,30 +73,30 @@ def authenticate_and_become_bob(self): |
72 | 73 | self.log.info(self.warnet("auth kubeconfigs/bob-wargames-red-team-kubeconfig")) |
73 | 74 | assert get_kubeconfig_value("{.current-context}") == "bob-wargames-red-team" |
74 | 75 |
|
75 | | - def get_service_accounts(self) -> Optional[dict[str, str]]: |
76 | | - self.log.info("Setting up service accounts") |
77 | | - resp = self.warnet("admin service-accounts list") |
78 | | - if resp == "Could not find any matching service accounts.": |
79 | | - return None |
80 | | - service_accounts: dict[str, [str]] = {} |
81 | | - current_namespace = "" |
82 | | - for line in resp.splitlines(): |
83 | | - if line.startswith("Service"): |
84 | | - current_namespace = line.split(": ")[1] |
85 | | - service_accounts[current_namespace] = [] |
86 | | - if line.startswith("- "): |
87 | | - sa = line.lstrip("- ") |
88 | | - service_accounts[current_namespace].append(sa) |
89 | | - self.log.info(f"Service accounts: {service_accounts}") |
90 | | - return service_accounts |
91 | | - |
92 | 76 | def service_accounts_are_validated(self) -> bool: |
93 | 77 | self.log.info("Checking service accounts") |
94 | | - maybe_service_accounts = self.get_service_accounts() |
| 78 | + sclient = get_static_client() |
| 79 | + namespaces = sclient.list_namespace().items |
| 80 | + |
| 81 | + filtered_namespaces = [ |
| 82 | + ns.metadata.name |
| 83 | + for ns in namespaces |
| 84 | + if ns.metadata.name.startswith(WARGAMES_NAMESPACE_PREFIX) |
| 85 | + ] |
| 86 | + assert len(filtered_namespaces) != 0 |
| 87 | + |
| 88 | + maybe_service_accounts = {} |
| 89 | + |
| 90 | + for namespace in filtered_namespaces: |
| 91 | + service_accounts = sclient.list_namespaced_service_account(namespace=namespace).items |
| 92 | + for sa in service_accounts: |
| 93 | + maybe_service_accounts.setdefault(namespace, []).append(sa.metadata.name) |
| 94 | + |
95 | 95 | expected = { |
96 | 96 | "wargames-blue-team": ["carol", "default", "mallory"], |
97 | 97 | "wargames-red-team": ["alice", "bob", "default"], |
98 | 98 | } |
| 99 | + |
99 | 100 | return maybe_service_accounts == expected |
100 | 101 |
|
101 | 102 | def get_namespaces(self) -> Optional[list[str]]: |
|
0 commit comments