(cleanup): (cleanup): Refactor metrics endpoint tests by extracting shared helpers

camilamacedo86 · camilamacedo86 · commit 89697b89c207 · 2025-02-06T00:26:19.000Z
Refactored the metrics endpoint tests by introducing reusable helper functions.
This reduces duplication and improves maintainability across both tests.
diff --git a/test/e2e/metrics_test.go b/test/e2e/metrics_test.go
@@ -1,76 +1,110 @@
+// nolint:gosec
+// Package e2e contains end-to-end tests to verify that the metrics endpoints
+// for both components. Metrics are exported and accessible by authorized users through
+// RBAC and ServiceAccount tokens.
+//
+// These tests perform the following steps:
+// 1. Create a ClusterRoleBinding to grant necessary permissions for accessing metrics.
+// 2. Generate a ServiceAccount token for authentication.
+// 3. Deploy a curl pod to interact with the metrics endpoint.
+// 4. Wait for the curl pod to become ready.
+// 5. Execute a curl command from the pod to validate the metrics endpoint.
+// 6. Clean up all resources created during the test, such as the ClusterRoleBinding and curl pod.
 package e2e
 
 import (
 	"bytes"
 	"io"
 	"os/exec"
 	"testing"
+	"time"
 
 	"github.com/stretchr/testify/require"
+
+	"github.com/operator-framework/operator-controller/test/utils"
 )
 
-// nolint:gosec
 // TestOperatorControllerMetricsExportedEndpoint verifies that the metrics endpoint for the operator controller
-// is exported correctly and accessible by authorized users through RBAC and a ServiceAccount token.
-// The test performs the following steps:
-// 1. Creates a ClusterRoleBinding to grant necessary permissions for accessing metrics.
-// 2. Generates a ServiceAccount token for authentication.
-// 3. Deploys a curl pod to interact with the metrics endpoint.
-// 4. Waits for the curl pod to become ready.
-// 5. Executes a curl command from the pod to validate the metrics endpoint.
-// 6. Cleans up all resources created during the test, such as the ClusterRoleBinding and curl pod.
 func TestOperatorControllerMetricsExportedEndpoint(t *testing.T) {
-	var (
-		token   string
-		curlPod = "curl-metrics"
-		client  = ""
-		clients = []string{"kubectl", "oc"}
+	client := utils.FindK8sClient(t)
+	namespace := getNamespace(t, client, "control-plane=operator-controller-controller-manager")
+
+	createClusterRoleBinding(
+		t, client, "operator-controller-metrics-binding",
+		"operator-controller-metrics-reader", namespace,
+		"operator-controller-controller-manager",
 	)
 
-	t.Log("Looking for k8s client")
-	for _, c := range clients {
-		// Would prefer to use `command -v`, but even that may not be installed!
-		err := exec.Command(c, "version", "--client").Run()
-		if err == nil {
-			client = c
-			break
-		}
-	}
-	if client == "" {
-		t.Fatal("k8s client not found")
-	}
-	t.Logf("Using %q as k8s client", client)
+	token := createServiceAccountToken(t, client, namespace, "operator-controller-controller-manager")
+
+	createCurlPod(t, client, namespace, "oper-curl-metrics", "operator-controller-controller-manager")
+	waitForPodReady(t, client, namespace, "oper-curl-metrics")
+
+	validateMetricsEndpoint(
+		t, client, namespace, "oper-curl-metrics", token,
+		"https://operator-controller-service."+namespace+".svc.cluster.local:8443/metrics",
+	)
+}
+
+// TestCatalogdMetricsExportedEndpoint verifies that the metrics endpoint for catalogd
+func TestCatalogdMetricsExportedEndpoint(t *testing.T) {
+	client := utils.FindK8sClient(t)
+	namespace := getNamespace(t, client, "control-plane=catalogd-controller-manager")
+
+	createClusterRoleBinding(
+		t, client, "catalogd-metrics-binding",
+		"catalogd-metrics-reader", namespace,
+		"catalogd-controller-manager",
+	)
+
+	token := createServiceAccountToken(t, client, namespace, "catalogd-controller-manager")
+
+	createCurlPod(t, client, namespace, "catalogd-curl-metrics", "catalogd-controller-manager")
+	waitForPodReady(t, client, namespace, "catalogd-curl-metrics")
 
-	t.Log("Determining operator-controller namespace")
-	cmd := exec.Command(client, "get", "pods", "--all-namespaces", "--selector=control-plane=operator-controller-controller-manager", "--output=jsonpath={.items[0].metadata.namespace}")
+	validateMetricsEndpoint(
+		t, client, namespace, "catalogd-curl-metrics", token,
+		"https://catalogd-service."+namespace+".svc.cluster.local:7443/metrics",
+	)
+}
+
+func getNamespace(t *testing.T, client, selector string) string {
+	cmd := exec.Command(client, "get", "pods", "--all-namespaces", "--selector="+selector, "--output=jsonpath={.items[0].metadata.namespace}")
 	output, err := cmd.CombinedOutput()
-	require.NoError(t, err, "Error creating determining operator-controller namespace: %s", string(output))
-	namespace := string(output)
+	require.NoError(t, err, "Error determining namespace: %s", string(output))
+
+	namespace := string(bytes.TrimSpace(output))
 	if namespace == "" {
-		t.Fatal("No operator-controller namespace found")
+		t.Fatal("No namespace found for selector " + selector)
 	}
-	t.Logf("Using %q as operator-controller namespace", namespace)
+	return namespace
+}
 
-	t.Log("Creating ClusterRoleBinding for operator controller metrics")
-	cmd = exec.Command(client, "create", "clusterrolebinding", "operator-controller-metrics-binding",
-		"--clusterrole=operator-controller-metrics-reader",
-		"--serviceaccount="+namespace+":operator-controller-controller-manager")
-	output, err = cmd.CombinedOutput()
+func createClusterRoleBinding(t *testing.T, client, name, clusterRole, namespace, serviceAccount string) {
+	t.Logf("Creating ClusterRoleBinding %s", name)
+	cmd := exec.Command(client, "create", "clusterrolebinding", name,
+		"--clusterrole="+clusterRole,
+		"--serviceaccount="+namespace+":"+serviceAccount)
+	output, err := cmd.CombinedOutput()
 	require.NoError(t, err, "Error creating ClusterRoleBinding: %s", string(output))
 
 	defer func() {
-		t.Log("Cleaning up ClusterRoleBinding")
-		_ = exec.Command(client, "delete", "clusterrolebinding", "operator-controller-metrics-binding", "--ignore-not-found=true").Run()
+		t.Logf("Cleaning up ClusterRoleBinding %s", name)
+		_ = exec.Command(client, "delete", "clusterrolebinding", name, "--ignore-not-found=true").Run()
 	}()
+}
 
+func createServiceAccountToken(t *testing.T, client, namespace, serviceAccount string) string {
 	t.Log("Generating ServiceAccount token")
-	tokenCmd := exec.Command(client, "create", "token", "operator-controller-controller-manager", "-n", namespace)
-	tokenOutput, tokenCombinedOutput, err := stdoutAndCombined(tokenCmd)
+	cmd := exec.Command(client, "create", "token", serviceAccount, "-n", namespace)
+	tokenOutput, tokenCombinedOutput, err := stdoutAndCombined(cmd)
 	require.NoError(t, err, "Error creating token: %s", string(tokenCombinedOutput))
-	token = string(bytes.TrimSpace(tokenOutput))
+	return string(bytes.TrimSpace(tokenOutput))
+}
 
+func createCurlPod(t *testing.T, client, namespace, podName, serviceAccount string) {
 	t.Log("Creating curl pod to validate the metrics endpoint")
-	cmd = exec.Command(client, "run", curlPod,
+	cmd := exec.Command(client, "run", podName,
 		"--image=curlimages/curl:7.87.0", "-n", namespace,
 		"--restart=Never",
 		"--overrides", `{
@@ -81,154 +115,62 @@ func TestOperatorControllerMetricsExportedEndpoint(t *testing.T) {
 					"command": ["sh", "-c", "sleep 3600"],
 					"securityContext": {
 						"allowPrivilegeEscalation": false,
-						"capabilities": {
-							"drop": ["ALL"]
-						},
+						"capabilities": {"drop": ["ALL"]},
 						"runAsNonRoot": true,
 						"runAsUser": 1000,
-						"seccompProfile": {
-							"type": "RuntimeDefault"
-						}
+						"seccompProfile": {"type": "RuntimeDefault"}
 					}
 				}],
-				"serviceAccountName": "operator-controller-controller-manager"
+				"serviceAccountName": "`+serviceAccount+`"
 			}
 		}`)
-	output, err = cmd.CombinedOutput()
+	output, err := cmd.CombinedOutput()
 	require.NoError(t, err, "Error creating curl pod: %s", string(output))
 
 	defer func() {
 		t.Log("Cleaning up curl pod")
-		_ = exec.Command(client, "delete", "pod", curlPod, "-n", namespace, "--ignore-not-found=true").Run()
+		_ = exec.Command(client, "delete", "pod", podName, "-n", namespace, "--ignore-not-found=true").Run()
 	}()
-
-	t.Log("Waiting for the curl pod to be ready")
-	waitCmd := exec.Command(client, "wait", "--for=condition=Ready", "pod", curlPod, "-n", namespace, "--timeout=60s")
-	waitOutput, waitErr := waitCmd.CombinedOutput()
-	require.NoError(t, waitErr, "Error waiting for curl pod to be ready: %s", string(waitOutput))
-
-	t.Log("Validating the metrics endpoint")
-	metricsURL := "https://operator-controller-service." + namespace + ".svc.cluster.local:8443/metrics"
-	curlCmd := exec.Command(client, "exec", curlPod, "-n", namespace, "--",
-		"curl", "-v", "-k", "-H", "Authorization: Bearer "+token, metricsURL)
-	output, err = curlCmd.CombinedOutput()
-	require.NoError(t, err, "Error calling metrics endpoint: %s", string(output))
-	require.Contains(t, string(output), "200 OK", "Metrics endpoint did not return 200 OK")
 }
 
-// nolint:gosec
-// TestCatalogdMetricsExportedEndpoint verifies that the metrics endpoint for the catalogd
-// is exported correctly and accessible by authorized users through RBAC and a ServiceAccount token.
-// The test performs the following steps:
-// 1. Creates a ClusterRoleBinding to grant necessary permissions for accessing metrics.
-// 2. Generates a ServiceAccount token for authentication.
-// 3. Deploys a curl pod to interact with the metrics endpoint.
-// 4. Waits for the curl pod to become ready.
-// 5. Executes a curl command from the pod to validate the metrics endpoint.
-// 6. Cleans up all resources created during the test, such as the ClusterRoleBinding and curl pod.
-func TestCatalogdMetricsExportedEndpoint(t *testing.T) {
-	var (
-		token   string
-		curlPod = "curl-metrics"
-		client  = ""
-		clients = []string{"kubectl", "oc"}
-	)
+func waitForPodReady(t *testing.T, client, namespace, podName string) {
+	t.Logf("Waiting for pod %s to appear before checking readiness...", podName)
+	maxRetries := 10
+	delay := time.Second * 3
 
-	t.Log("Looking for k8s client")
-	for _, c := range clients {
-		// Would prefer to use `command -v`, but even that may not be installed!
-		err := exec.Command(c, "version", "--client").Run()
+	// Ensure the pod exists before waiting for readiness
+	for i := 0; i < maxRetries; i++ {
+		cmd := exec.Command(client, "get", "pod", podName, "-n", namespace)
+		_, err := cmd.CombinedOutput()
 		if err == nil {
-			client = c
+			t.Logf("Pod %s found, proceeding to wait for readiness...", podName)
 			break
 		}
+		t.Logf("Pod %s not found yet, retrying... (%d/%d)", podName, i+1, maxRetries)
+		time.Sleep(delay)
 	}
-	if client == "" {
-		t.Fatal("k8s client not found")
-	}
-	t.Logf("Using %q as k8s client", client)
 
-	t.Log("Determining catalogd namespace")
-	cmd := exec.Command(client, "get", "pods", "--all-namespaces", "--selector=control-plane=catalogd-controller-manager", "--output=jsonpath={.items[0].metadata.namespace}")
+	// Now wait for the pod to become ready
+	t.Logf("Waiting for pod %s to be ready...", podName)
+	cmd := exec.Command(client, "wait", "--for=condition=Ready", "pod", podName, "-n", namespace, "--timeout=120s")
 	output, err := cmd.CombinedOutput()
-	require.NoError(t, err, "Error creating determining catalogd namespace: %s", string(output))
-	namespace := string(output)
-	if namespace == "" {
-		t.Fatal("No catalogd namespace found")
-	}
-	t.Logf("Using %q as catalogd namespace", namespace)
-
-	t.Log("Creating ClusterRoleBinding for metrics access")
-	cmd = exec.Command(client, "create", "clusterrolebinding", "catalogd-metrics-binding",
-		"--clusterrole=catalogd-metrics-reader",
-		"--serviceaccount="+namespace+":catalogd-controller-manager")
-	output, err = cmd.CombinedOutput()
-	require.NoError(t, err, "Error creating ClusterRoleBinding: %s", string(output))
-
-	defer func() {
-		t.Log("Cleaning up ClusterRoleBinding")
-		_ = exec.Command(client, "delete", "clusterrolebinding", "catalogd-metrics-binding", "--ignore-not-found=true").Run()
-	}()
-
-	t.Log("Creating service account token for authentication")
-	tokenCmd := exec.Command(client, "create", "token", "catalogd-controller-manager", "-n", namespace)
-	tokenOutput, tokenCombinedOutput, err := stdoutAndCombined(tokenCmd)
-	require.NoError(t, err, "Error creating token: %s", string(tokenCombinedOutput))
-	token = string(bytes.TrimSpace(tokenOutput))
-
-	t.Log("Creating a pod to run curl commands")
-	cmd = exec.Command(client, "run", curlPod,
-		"--image=curlimages/curl:7.87.0", "-n", namespace,
-		"--restart=Never",
-		"--overrides", `{
-			"spec": {
-				"containers": [{
-					"name": "curl",
-					"image": "curlimages/curl:7.87.0",
-					"command": ["sh", "-c", "sleep 3600"],
-					"securityContext": {
-						"allowPrivilegeEscalation": false,
-						"capabilities": {
-							"drop": ["ALL"]
-						},
-						"runAsNonRoot": true,
-						"runAsUser": 1000,
-						"seccompProfile": {
-							"type": "RuntimeDefault"
-						}
-					}
-				}],
-				"serviceAccountName": "catalogd-controller-manager"
-			}
-		}`)
-	output, err = cmd.CombinedOutput()
-	require.NoError(t, err, "Error creating curl pod: %s", string(output))
-
-	defer func() {
-		t.Log("Cleaning up curl pod")
-		_ = exec.Command(client, "delete", "pod", curlPod, "-n", namespace, "--ignore-not-found=true").Run()
-	}()
-
-	t.Log("Waiting for the curl pod to become ready")
-	waitCmd := exec.Command(client, "wait", "--for=condition=Ready", "pod", curlPod, "-n", namespace, "--timeout=60s")
-	waitOutput, waitErr := waitCmd.CombinedOutput()
-	require.NoError(t, waitErr, "Error waiting for curl pod to be ready: %s", string(waitOutput))
+	require.NoError(t, err, "Error waiting for pod to be ready: %s", string(output))
+}
 
+func validateMetricsEndpoint(t *testing.T, client, namespace, podName, token, metricsURL string) {
 	t.Log("Validating the metrics endpoint")
-	metricsURL := "https://catalogd-service." + namespace + ".svc.cluster.local:7443/metrics"
-	curlCmd := exec.Command(client, "exec", curlPod, "-n", namespace, "--",
+	cmd := exec.Command(client, "exec", podName, "-n", namespace, "--",
 		"curl", "-v", "-k", "-H", "Authorization: Bearer "+token, metricsURL)
-	output, err = curlCmd.CombinedOutput()
+	output, err := cmd.CombinedOutput()
 	require.NoError(t, err, "Error calling metrics endpoint: %s", string(output))
 	require.Contains(t, string(output), "200 OK", "Metrics endpoint did not return 200 OK")
 }
 
 func stdoutAndCombined(cmd *exec.Cmd) ([]byte, []byte, error) {
-	var outOnly bytes.Buffer
-	var outAndErr bytes.Buffer
+	var outOnly, outAndErr bytes.Buffer
 	allWriter := io.MultiWriter(&outOnly, &outAndErr)
-	cmd.Stderr = &outAndErr
 	cmd.Stdout = allWriter
+	cmd.Stderr = &outAndErr
 	err := cmd.Run()
 	return outOnly.Bytes(), outAndErr.Bytes(), err
 }
diff --git a/test/utils/utils.go b/test/utils/utils.go
@@ -0,0 +1,23 @@
+package utils
+
+import (
+	"os/exec"
+	"testing"
+)
+
+// FindK8sClient returns the first available Kubernetes CLI client from the system,
+// It checks for the existence of each client by running `version --client`.
+// If no suitable client is found, the function terminates the test with a failure.
+func FindK8sClient(t *testing.T) string {
+	t.Logf("Finding kubectl client")
+	clients := []string{"kubectl", "oc"}
+	for _, c := range clients {
+		// Would prefer to use `command -v`, but even that may not be installed!
+		if err := exec.Command(c, "version", "--client").Run(); err == nil {
+			t.Logf("Using %q as k8s client", c)
+			return c
+		}
+	}
+	t.Fatal("k8s client not found")
+	return ""
+}
