@@ -2,18 +2,86 @@ package cvo
22
33import (
44 "context"
5+ "errors"
56 "fmt"
7+ "log"
8+ "time"
69
710 g "github.com/onsi/ginkgo/v2"
811 o "github.com/onsi/gomega"
12+ appsv1 "k8s.io/api/apps/v1"
13+ authenticationv1 "k8s.io/api/authentication/v1"
14+ corev1 "k8s.io/api/core/v1"
15+ rbacv1 "k8s.io/api/rbac/v1"
916 kerrors "k8s.io/apimachinery/pkg/api/errors"
1017 metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
18+ "k8s.io/apimachinery/pkg/util/intstr"
19+ "k8s.io/apimachinery/pkg/util/wait"
20+ clientmetav1 "k8s.io/client-go/applyconfigurations/meta/v1"
21+ applyconfigurationspolicyv1 "k8s.io/client-go/applyconfigurations/policy/v1"
1122 "k8s.io/client-go/kubernetes"
23+ "k8s.io/utils/ptr"
1224
1325 v1 "github.com/openshift/client-go/config/clientset/versioned/typed/config/v1"
1426 "github.com/openshift/cluster-version-operator/test/utilities"
1527)
1628
29+ func CreateServiceAccount (client * kubernetes.Clientset , accountName string , clusterRole string , namespace string ) (token string , err error ) {
30+
31+ _ , err = client .CoreV1 ().ServiceAccounts (namespace ).Get (context .TODO (), accountName , metav1.GetOptions {})
32+
33+ if err == nil {
34+ token , err := client .CoreV1 ().ServiceAccounts (namespace ).CreateToken (context .TODO (), accountName , & authenticationv1.TokenRequest {}, metav1.CreateOptions {})
35+ return token .String (), err
36+ }
37+
38+ account := & corev1.ServiceAccount {
39+ ObjectMeta : metav1.ObjectMeta {
40+ Name : accountName ,
41+ Namespace : namespace ,
42+ },
43+ }
44+ _ , err = client .CoreV1 ().ServiceAccounts (namespace ).Create (context .TODO (), account , metav1.CreateOptions {})
45+ o .Expect (err ).NotTo (o .HaveOccurred ())
46+
47+ rb := & rbacv1.ClusterRoleBinding {
48+ ObjectMeta : metav1.ObjectMeta {
49+ Name : fmt .Sprintf ("%s:%s:%s" , namespace , clusterRole , accountName ),
50+ Namespace : namespace ,
51+ },
52+ RoleRef : rbacv1.RoleRef {
53+ APIGroup : "rbac.authorization.k8s.io" ,
54+ Kind : "ClusterRole" ,
55+ Name : "cluster-admin" ,
56+ },
57+ Subjects : []rbacv1.Subject {
58+ {
59+ Kind : "ServiceAccount" ,
60+ Name : accountName ,
61+ Namespace : namespace ,
62+ },
63+ },
64+ }
65+ _ , err = client .RbacV1 ().ClusterRoleBindings ().Create (context .TODO (), rb , metav1.CreateOptions {})
66+ o .Expect (err ).NotTo (o .HaveOccurred ())
67+
68+ newToken , err := client .CoreV1 ().ServiceAccounts (namespace ).CreateToken (context .TODO (), accountName , & authenticationv1.TokenRequest {}, metav1.CreateOptions {})
69+ return newToken .String (), err
70+ }
71+
72+ func DeleteServiceAccount (client * kubernetes.Clientset , accountName string , clusterRole string , namespace string ) {
73+ name := fmt .Sprintf ("%s:%s:%s" , namespace , clusterRole , accountName )
74+ err := client .RbacV1 ().ClusterRoleBindings ().Delete (context .TODO (), name , metav1.DeleteOptions {})
75+ if err != nil {
76+ panic ("failed to delete ClusterRoleBindings" )
77+ }
78+
79+ err = client .CoreV1 ().ServiceAccounts (namespace ).Delete (context .TODO (), accountName , metav1.DeleteOptions {})
80+ if err != nil {
81+ panic ("failed to delete ServiceAccount" )
82+ }
83+ }
84+
1785var _ = g .Describe (`[Jira:"Cluster Version Operator"] cluster-version-operator-tests` , func () {
1886 g .It ("should support passing tests" , func () {
1987 o .Expect (true ).To (o .BeTrue ())
@@ -81,4 +149,106 @@ var _ = g.Describe("[Jira:Cluster Version Operator] The cluster version operator
81149 fmt .Println ("success" )
82150 }
83151 })
152+
153+ g .It (`Precheck with oc adm upgrade recommend` , g .Label ("Conformance" , "Low" , "70980" ), func () {
154+
155+ g .By ("create a namespace" )
156+ ns := "ns-70980"
157+ tmpNs := & corev1.Namespace {ObjectMeta : metav1.ObjectMeta {Name : ns }}
158+ kubeclient .CoreV1 ().Namespaces ().Create (context .TODO (), tmpNs , metav1.CreateOptions {})
159+
160+ defer func () {
161+ kubeclient .CoreV1 ().Namespaces ().Delete (context .TODO (), ns , metav1.DeleteOptions {})
162+ }()
163+
164+ g .By ("create a deployment" )
165+ deploymentName := "hello-openshift"
166+ containerName := "hello-openshift"
167+ containerImage := "openshift/hello-openshift:invaid"
168+ deployment := & appsv1.Deployment {
169+ ObjectMeta : metav1.ObjectMeta {
170+ Name : deploymentName ,
171+ },
172+ Spec : appsv1.DeploymentSpec {
173+ Replicas : ptr .To (int32 (2 )), // Number of desired replicas
174+ Selector : & metav1.LabelSelector {
175+ MatchLabels : map [string ]string {
176+ "app" : containerName ,
177+ },
178+ },
179+ Template : corev1.PodTemplateSpec {
180+ ObjectMeta : metav1.ObjectMeta {
181+ Labels : map [string ]string {
182+ "app" : containerName ,
183+ },
184+ },
185+ Spec : corev1.PodSpec {
186+ Containers : []corev1.Container {
187+ {
188+ Name : containerName ,
189+ Image : containerImage ,
190+ Ports : []corev1.ContainerPort {
191+ {
192+ ContainerPort : 80 ,
193+ },
194+ },
195+ },
196+ },
197+ },
198+ },
199+ },
200+ }
201+ kubeclient .AppsV1 ().Deployments (ns ).Create (context .TODO (), deployment , metav1.CreateOptions {})
202+
203+ defer func () {
204+ kubeclient .AppsV1 ().Deployments (ns ).Delete (context .TODO (), deploymentName , metav1.DeleteOptions {})
205+ }()
206+
207+ err := wait .Poll (1 * time .Minute , 3 * time .Minute , func () (bool , error ) {
208+ allPods , err := kubeclient .CoreV1 ().Pods (ns ).List (context .TODO (), metav1.ListOptions {})
209+ if err != nil {
210+ log .Fatalf ("Error listing pods: %v" , err )
211+ }
212+ for _ , pod := range allPods .Items {
213+ if pod .Status .Phase == corev1 .PodRunning {
214+ return true , errors .New ("there are pods running: " + pod .Name )
215+ }
216+ }
217+ return true , nil
218+ })
219+ allPods , _ := kubeclient .CoreV1 ().Pods (ns ).List (context .TODO (), metav1.ListOptions {})
220+ fmt .Printf ("there are %v pods\n " , len (allPods .Items ))
221+ for _ , pod := range allPods .Items {
222+ fmt .Printf (" - Pod: %s - %s\n " , pod .Name , pod .Status .Phase )
223+ }
224+ o .Expect (kerrors .IsNotFound (err )).To (o .BeFalse (), "The NotFound error should not occur" )
225+
226+ g .By ("create a PodDisruptionBudget" )
227+ pdbName := "my-pdb"
228+ pdb := & applyconfigurationspolicyv1.PodDisruptionBudgetApplyConfiguration {
229+ ObjectMetaApplyConfiguration : & clientmetav1.ObjectMetaApplyConfiguration {
230+ Name : & pdbName ,
231+ Namespace : & ns ,
232+ },
233+ Spec : & applyconfigurationspolicyv1.PodDisruptionBudgetSpecApplyConfiguration {
234+ MaxUnavailable : & intstr.IntOrString {
235+ Type : intstr .Int ,
236+ IntVal : 1 ,
237+ },
238+ },
239+ }
240+ kubeclient .PolicyV1 ().PodDisruptionBudgets (ns ).Apply (context .TODO (), pdb , metav1.ApplyOptions {})
241+
242+ defer func () {
243+ kubeclient .PolicyV1 ().PodDisruptionBudgets (ns ).Delete (context .TODO (), pdbName , metav1.DeleteOptions {})
244+ }()
245+
246+ g .By ("wait some minutes, there is a critical issue for PDB" )
247+ token , _ := CreateServiceAccount (kubeclient , "monitorer" , "cluster-admin" , ns )
248+ defer func () {
249+ DeleteServiceAccount (kubeclient , "monitorer" , "cluster-admin" , ns )
250+ }()
251+ // TODO: get alert
252+ fmt .Println (token )
253+ })
84254})
0 commit comments