Add functional test

Signed-off-by: Dominique Vernier <[email protected]>

Author: itdove

CHANGELOG.md

@@ -1,6 +1,10 @@
 [comment]: # ( Copyright Contributors to the Open Cluster Management project )
 # Release Content
+## Additions
+- Add `clusteradm delete token` [Create cmd to revoke the bootstrap token](https://github.com/open-cluster-management-io/clusteradm/issues/23)
 
-- Add support for non-bootstrap token enabled environment [issue 16](https://github.com/open-cluster-management-io/clusteradm/issues/16)
-- Avoid to run the `clusteradm init` twice on the hub [issue 21](https://github.com/open-cluster-management-io/clusteradm/issues/21)
-- Add command `clusteradm get token` [issue 22](https://github.com/open-cluster-management-io/clusteradm/issues/22)
+## Breaking Changes
+
+## Changes
+
+## Bug Fixes

VERSION.txt

@@ -1 +1 @@
-0.1.0-alpha.3
+0.1.0-alpha.4

build/run-functional-tests.sh

@@ -69,7 +69,7 @@ function joinscenario() {
    CMDJOINRESULT=$(join_hub "${CMDINITRESULT}" $1)
    echo "join command result: "$CMDJOINRESULT >&2
 
-   echo "Wait 4 min to stabilize" >&2
+   echo "Wait 4 min maximum to stabilize" >&2
 
    kubectl config use-context kind-${CLUSTER_NAME}-hub
    CMDACCEPTRESULT=$(accept_cluster "${CMDJOINRESULT}")
@@ -85,17 +85,18 @@ function joinscenario() {
 
 function gettokenscenario() {
    echo "gettokenscenario 1st parameter: "$1 >&2
+   echo "gettokenscenario 2nd parameter: "$2 >&2
    echo "get token from hub" >&2
    kubectl config use-context kind-${CLUSTER_NAME}-hub 
-   CMGETTOKENRESULT=$(gettoken)
+   CMGETTOKENRESULT=$(gettoken $2)
    echo "get token command result: "$CMGETTOKENRESULT >&2
 
    echo "join hub" >&2
    kubectl config use-context kind-${CLUSTER_NAME}-$1
    CMDJOINRESULT=$(join_hub "${CMGETTOKENRESULT}" $1)
    echo "join command result: "$CMDJOINRESULT >&1
 
-   echo "Wait 4 min to stabilize" >&2
+   echo "Wait 4 min maximum to stabilize" >&2
 
    kubectl config use-context kind-${CLUSTER_NAME}-hub
    CMDACCEPTRESULT=$(accept_cluster "${CMDJOINRESULT}")
@@ -107,6 +108,22 @@ function gettokenscenario() {
    else
       echo "accept command result: "$CMDACCEPTRESULT >&2
    fi
+
+   echo "delete token" >&2
+   clusteradm delete token
+      if [ $? != 0 ]
+   then
+      echo "accept command result: "$CMDACCEPTRESULT >&2
+      ERROR_REPORT=$ERROR_REPORT+"no CSR get approved\n"
+   fi
+
+   echo "get token from hub" >&2
+   kubectl config use-context kind-${CLUSTER_NAME}-hub 
+   CMGETTOKENRESULT2=$(gettoken $2)
+   if [ "$CMGETTOKENRESULT" == "$CMGETTOKENRESULT2" ]
+   then
+     ERROR_REPORT=$ERROR_REPORT+"new token identical as previous token after delete"
+   fi
 }
 
 echo "With bootstrap token"
@@ -132,7 +149,7 @@ kind delete cluster --name ${CLUSTER_NAME}-c1
 kind create cluster --name ${CLUSTER_NAME}-c2
 echo "Joining with get token and bootstrap token"
 echo "------------------------------------------"
-gettokenscenario c2
+gettokenscenario c2 --use-bootstrap-token 
 
 kind delete cluster --name ${CLUSTER_NAME}-hub
 kind delete cluster --name ${CLUSTER_NAME}-c2

pkg/cmd/delete/token/exec.go

@@ -74,10 +74,12 @@ func (o *Options) deleteToken(kubeClient *kubernetes.Clientset) error {
 
 	//Detele bootstrap token secret
 	secret, err := helpers.GetBootstrapSecret(kubeClient)
-	if err != nil && !errors.IsNotFound(err) {
-		return err
+	if err == nil {
+		err = kubeClient.CoreV1().Secrets(secret.Namespace).Delete(context.TODO(), secret.Name, metav1.DeleteOptions{})
+		if err != nil && !errors.IsNotFound(err) {
+			return err
+		}
 	}
-	err = kubeClient.CoreV1().Secrets(secret.Namespace).Delete(context.TODO(), secret.Name, metav1.DeleteOptions{})
 	if err != nil && !errors.IsNotFound(err) {
 		return err
 	}

pkg/helpers/client.go

@@ -157,11 +157,12 @@ func GetBootstrapSecretFromSA(
 		return nil, err
 	}
 	var secret *corev1.Secret
+	var prefix string
 	for _, objectRef := range sa.Secrets {
 		if objectRef.Namespace != "" && objectRef.Namespace != config.OpenClusterManagementNamespace {
 			continue
 		}
-		prefix := config.BootstrapSAName
+		prefix = config.BootstrapSAName
 		if len(prefix) > 63 {
 			prefix = prefix[:37]
 		}
@@ -178,11 +179,14 @@ func GetBootstrapSecretFromSA(
 		}
 	}
 	if secret == nil {
-		return nil, fmt.Errorf("secret with prefix %s and type %s not found in service account %s/%s",
-			config.BootstrapSAName,
-			corev1.SecretTypeServiceAccountToken,
-			config.OpenClusterManagementNamespace,
-			config.BootstrapSAName)
+		return nil, errors.NewNotFound(schema.GroupResource{
+			Group:    corev1.GroupName,
+			Resource: "secrets"},
+			fmt.Sprintf("secret with prefix %s and type %s not found in service account %s/%s",
+				prefix,
+				corev1.SecretTypeServiceAccountToken,
+				config.OpenClusterManagementNamespace,
+				config.BootstrapSAName))
 	}
 	return secret, nil
 }