CLOUDP-122569: e2e aftereach global key deletion (#554)

leo-ri · web-flow · commit fe0139243a79 · 2022-06-14T13:38:24.000+03:00
diff --git a/.github/actions/cleanup/entrypoint.sh b/.github/actions/cleanup/entrypoint.sh
@@ -116,12 +116,12 @@ delete_all() {
 BASE_URL="https://cloud-qa.mongodb.com/api/atlas/v1.0"
 
 get_api_keys() {
-    curl -s -u "${INPUT_ATLAS_PUBLIC_KEY}:${INPUT_ATLAS_PRIVATE_KEY}" --digest "${BASE_URL}/orgs/${MCLI_ORG_ID}/apiKeys"
+    curl -s -u "${MCLI_PUBLIC_API_KEY}:${MCLI_PRIVATE_API_KEY}" --digest "${BASE_URL}/orgs/${MCLI_ORG_ID}/apiKeys"
 }
 
 delete_test_apikeys() {
     API_KEY_ID=$1
-    curl -s -u "${INPUT_ATLAS_PUBLIC_KEY}:${INPUT_ATLAS_PRIVATE_KEY}" --digest --request DELETE "${BASE_URL}/orgs/${MCLI_ORG_ID}/apiKeys/${API_KEY_ID}"
+    curl -s -u "${MCLI_PUBLIC_API_KEY}:${MCLI_PRIVATE_API_KEY}" --digest --request DELETE "${BASE_URL}/orgs/${MCLI_ORG_ID}/apiKeys/${API_KEY_ID}"
 }
 
 # ------------------------------------------------------------------------------
@@ -160,7 +160,7 @@ if [[ "${INPUT_CLEAN_ALL:-}" == "true" ]]; then
     echo "Please, remember running tests will fail (run CLEAN_ALL = false, if need soft deletion)"
     test_description="created from the AO test"
     all_keys=$(get_api_keys)
-    for key in $(echo "$all_keys" | jq '.results | keys | .[]'); do
+    for key in $(echo "$all_keys" | jq 'select(.results | length > 0) | .results | keys | .[]'); do
         element=$(echo "$all_keys" | jq ".results[$key]")
         desc=$(echo "$element" | jq -r '.desc')
         if [[ "${desc}" == "${test_description}" ]]; then
diff --git a/test/e2e/actions/steps.go b/test/e2e/actions/steps.go
@@ -115,7 +115,7 @@ func CheckIfUserExist(username, projecID string) func() bool {
 	}
 }
 
-func CompareClustersSpec(requested model.ClusterSpec, created mongodbatlas.Cluster) { // TODO
+func CompareClustersSpec(requested model.ClusterSpec, created mongodbatlas.Cluster) {
 	ExpectWithOffset(1, created).To(MatchFields(IgnoreExtras, Fields{
 		"MongoURI":            Not(BeEmpty()),
 		"MongoURIWithOptions": Not(BeEmpty()),
@@ -350,12 +350,12 @@ func CreateConnectionAtlasKey(data *model.TestDataProvider) {
 	})
 }
 
-func createConnectionAtlasKeyFrom(data *model.TestDataProvider, public, private string) {
+func createConnectionAtlasKeyFrom(data *model.TestDataProvider, key *mongodbatlas.APIKey) {
 	By("Change resources depends on AtlasKey and create key", func() {
 		if data.Resources.AtlasKeyAccessType.GlobalLevelKey {
-			kubecli.CreateApiKeySecretFrom(config.DefaultOperatorGlobalKey, data.Resources.Namespace, os.Getenv("MCLI_ORG_ID"), public, private)
+			kubecli.CreateApiKeySecretFrom(config.DefaultOperatorGlobalKey, data.Resources.Namespace, os.Getenv("MCLI_ORG_ID"), key.PublicKey, key.PrivateKey)
 		} else {
-			kubecli.CreateApiKeySecretFrom(data.Resources.KeyName, data.Resources.Namespace, os.Getenv("MCLI_ORG_ID"), public, private)
+			kubecli.CreateApiKeySecretFrom(data.Resources.KeyName, data.Resources.Namespace, os.Getenv("MCLI_ORG_ID"), key.PublicKey, key.PrivateKey)
 		}
 	})
 }
@@ -364,13 +364,14 @@ func recreateAtlasKeyIfNeed(data *model.TestDataProvider) {
 	if !data.Resources.AtlasKeyAccessType.IsFullAccess() {
 		aClient, err := atlas.AClient()
 		Expect(err).ShouldNot(HaveOccurred())
-		public, private, err := aClient.AddKeyWithAccessList(data.Resources.ProjectID, data.Resources.AtlasKeyAccessType.Roles, data.Resources.AtlasKeyAccessType.Whitelist)
+		globalKey, err := aClient.AddKeyWithAccessList(data.Resources.ProjectID, data.Resources.AtlasKeyAccessType.Roles, data.Resources.AtlasKeyAccessType.Whitelist)
 		Expect(err).ShouldNot(HaveOccurred())
-		Expect(public).ShouldNot(BeEmpty())
-		Expect(private).ShouldNot(BeEmpty())
+		Expect(globalKey.PublicKey).ShouldNot(BeEmpty())
+		Expect(globalKey.PrivateKey).ShouldNot(BeEmpty())
+		data.Resources.AtlasKeyAccessType.GlobalKeyAttached = globalKey
 
 		kubecli.DeleteApiKeySecret(data.Resources.KeyName, data.Resources.Namespace)
-		createConnectionAtlasKeyFrom(data, public, private)
+		createConnectionAtlasKeyFrom(data, globalKey)
 	}
 }
 
@@ -436,7 +437,7 @@ func DeployUserResourcesAction(data *model.TestDataProvider) {
 	DeployUsers(data)
 }
 
-func DeleteDBUsersApps(data *model.TestDataProvider) {
+func DeleteDBUsersApps(data model.TestDataProvider) {
 	By("Delete dbusers applications", func() {
 		for _, user := range data.Resources.Users {
 			helm.Uninstall("test-app-"+user.Spec.Username, data.Resources.Namespace)
@@ -471,11 +472,23 @@ func DeleteUserResourcesProject(data *model.TestDataProvider) {
 	})
 }
 
+func DeleteGlobalKeyIfExist(data model.TestDataProvider) {
+	if data.Resources.AtlasKeyAccessType.GlobalLevelKey {
+		By("Delete Global API key for test", func() {
+			client, err := atlas.AClient()
+			Expect(err).ShouldNot(HaveOccurred())
+			err = client.DeleteGlobalKey(*data.Resources.AtlasKeyAccessType.GlobalKeyAttached)
+			Expect(err).ShouldNot(HaveOccurred())
+		})
+	}
+}
+
 func AfterEachFinalCleanup(datas []model.TestDataProvider) {
-	for i := range datas {
+	for _, data := range datas {
 		GinkgoWriter.Write([]byte("AfterEach. Final cleanup...\n"))
-		DeleteDBUsersApps(&datas[i])
-		Expect(kubecli.DeleteNamespace(datas[i].Resources.Namespace)).Should(Say("deleted"), "Cant delete namespace after testing")
+		DeleteDBUsersApps(data)
+		Expect(kubecli.DeleteNamespace(data.Resources.Namespace)).Should(Say("deleted"), "Cant delete namespace after testing")
+		DeleteGlobalKeyIfExist(data)
 		GinkgoWriter.Write([]byte("AfterEach. Cleanup finished\n"))
 	}
 }
diff --git a/test/e2e/api/atlas/atlas.go b/test/e2e/api/atlas/atlas.go
@@ -24,6 +24,10 @@ type Atlas struct {
 	Client  *mongodbatlas.Client
 }
 
+const (
+	keyDescription = "created from the AO test"
+)
+
 func AClient() (Atlas, error) {
 	var A Atlas
 	A.OrgID = os.Getenv("MCLI_ORG_ID")
@@ -40,21 +44,21 @@ func AClient() (Atlas, error) {
 	return A, nil
 }
 
-func (a *Atlas) AddKeyWithAccessList(projectID string, roles, access []string) (public string, private string, err error) {
+func (a *Atlas) AddKeyWithAccessList(projectID string, roles, access []string) (*mongodbatlas.APIKey, error) {
 	createKeyRequest := &mongodbatlas.APIKeyInput{
-		Desc:  "created from the AO test",
+		Desc:  keyDescription,
 		Roles: roles,
 	}
 	newKey, _, err := a.Client.ProjectAPIKeys.Create(context.Background(), projectID, createKeyRequest)
 	if err != nil {
-		return "", "", err
+		return nil, err
 	}
 	createAccessRequest := formAccessRequest(access)
 	_, _, err = a.Client.WhitelistAPIKeys.Create(context.Background(), a.OrgID, newKey.ID, createAccessRequest)
 	if err != nil {
-		return "", "", err
+		return nil, err
 	}
-	return newKey.PublicKey, newKey.PrivateKey, nil
+	return newKey, nil
 }
 
 func formAccessRequest(access []string) []*mongodbatlas.WhitelistAPIKeysReq {
@@ -117,6 +121,13 @@ func (a *Atlas) GetUserByName(database, projectID, username string) (*mongodbatl
 	if err != nil {
 		return nil, err
 	}
-
 	return dbUser, nil
 }
+
+func (a *Atlas) DeleteGlobalKey(key mongodbatlas.APIKey) error {
+	_, err := a.Client.APIKeys.Delete(context.Background(), a.OrgID, key.ID)
+	if err != nil {
+		return err
+	}
+	return nil
+}
diff --git a/test/e2e/helm_chart_test.go b/test/e2e/helm_chart_test.go
@@ -57,6 +57,7 @@ var _ = Describe("HELM charts", func() {
 					data.Resources.Namespace,
 				)
 				actions.SaveTestAppLogs(data.Resources)
+				actions.DeleteGlobalKeyIfExist(data)
 			}
 		})
 	})
diff --git a/test/e2e/integration_test.go b/test/e2e/integration_test.go
@@ -51,6 +51,7 @@ var _ = Describe("Configuration namespaced. Deploy cluster", Label("integration-
 				data.Resources.Namespace,
 			)
 			actions.DeleteUserResourcesProject(&data)
+			actions.DeleteGlobalKeyIfExist(data)
 		}
 	})
 
diff --git a/test/e2e/model/atlas_key_type.go b/test/e2e/model/atlas_key_type.go
@@ -1,5 +1,7 @@
 package model
 
+import "go.mongodb.org/atlas/mongodbatlas"
+
 type AtlasRoles = string
 
 const (
@@ -18,10 +20,12 @@ const (
 )
 
 type AtlasKeyType struct {
-	GlobalLevelKey       bool         // if true, tests create "<operator-deployment-name>-api-key"
 	DefaultFullAccessKey bool         // use full access key provided with github secrets
 	Roles                []AtlasRoles // specify role for non default
 	Whitelist            []string
+
+	GlobalLevelKey    bool // if true, tests create "<operator-deployment-name>-api-key"
+	GlobalKeyAttached *mongodbatlas.APIKey
 }
 
 func NewAtlasKeyType(r []AtlasRoles, wl []string) *AtlasKeyType {
diff --git a/test/e2e/multinamespace_test.go b/test/e2e/multinamespace_test.go
@@ -41,6 +41,7 @@ var _ = Describe("Users can use clusterwide configuration with limitation to wat
 						data.Resources.Namespace,
 					)
 				}
+				actions.AfterEachFinalCleanup(listData)
 			}
 		})
 	})
diff --git a/test/e2e/private_link_test.go b/test/e2e/private_link_test.go
@@ -71,6 +71,7 @@ var _ = Describe("UserLogin", Label("privatelink"), func() {
 		})
 		By("Delete Resources, Project with PEService", func() {
 			actions.DeleteUserResourcesProject(&data)
+			actions.DeleteGlobalKeyIfExist(data)
 		})
 	})
 

Original file line number	Diff line number	Diff line change
`@@ -57,6 +57,7 @@ var _ = Describe("HELM charts", func() {`
`57`	`57`	`data.Resources.Namespace,`
`58`	`58`	`)`
`59`	`59`	`actions.SaveTestAppLogs(data.Resources)`
	`60`	`+ actions.DeleteGlobalKeyIfExist(data)`
`60`	`61`	`}`
`61`	`62`	`})`
`62`	`63`	`})`
Original file line number	Diff line number	Diff line change
`@@ -51,6 +51,7 @@ var _ = Describe("Configuration namespaced. Deploy cluster", Label("integration-`
`51`	`51`	`data.Resources.Namespace,`
`52`	`52`	`)`
`53`	`53`	`actions.DeleteUserResourcesProject(&data)`
	`54`	`+ actions.DeleteGlobalKeyIfExist(data)`
`54`	`55`	`}`
`55`	`56`	`})`
`56`	`57`
Original file line number	Diff line number	Diff line change
`@@ -41,6 +41,7 @@ var _ = Describe("Users can use clusterwide configuration with limitation to wat`
`41`	`41`	`data.Resources.Namespace,`
`42`	`42`	`)`
`43`	`43`	`}`
	`44`	`+ actions.AfterEachFinalCleanup(listData)`
`44`	`45`	`}`
`45`	`46`	`})`
`46`	`47`	`})`