(cleanup): (cleanup): Refactor metrics endpoint tests by extracting shared helpers

camilamacedo86 · camilamacedo86 · commit e1579a6845e7 · 2025-02-05T23:46:46.000Z
Refactored the metrics endpoint tests by introducing reusable helper functions.
This reduces duplication and improves maintainability across both tests.
diff --git a/test/e2e/metrics_test.go b/test/e2e/metrics_test.go
@@ -1,3 +1,4 @@
+//nolint:gosec
 package e2e
 
 import (
@@ -7,9 +8,10 @@ import (
 	"testing"
 
 	"github.com/stretchr/testify/require"
+
+	"github.com/operator-framework/operator-controller/test/utils"
 )
 
-// nolint:gosec
 // TestOperatorControllerMetricsExportedEndpoint verifies that the metrics endpoint for the operator controller
 // is exported correctly and accessible by authorized users through RBAC and a ServiceAccount token.
 // The test performs the following steps:
@@ -20,103 +22,15 @@ import (
 // 5. Executes a curl command from the pod to validate the metrics endpoint.
 // 6. Cleans up all resources created during the test, such as the ClusterRoleBinding and curl pod.
 func TestOperatorControllerMetricsExportedEndpoint(t *testing.T) {
-	var (
-		token   string
-		curlPod = "curl-metrics"
-		client  = ""
-		clients = []string{"kubectl", "oc"}
-	)
-
-	t.Log("Looking for k8s client")
-	for _, c := range clients {
-		// Would prefer to use `command -v`, but even that may not be installed!
-		err := exec.Command(c, "version", "--client").Run()
-		if err == nil {
-			client = c
-			break
-		}
-	}
-	if client == "" {
-		t.Fatal("k8s client not found")
-	}
-	t.Logf("Using %q as k8s client", client)
-
-	t.Log("Determining operator-controller namespace")
-	cmd := exec.Command(client, "get", "pods", "--all-namespaces", "--selector=control-plane=operator-controller-controller-manager", "--output=jsonpath={.items[0].metadata.namespace}")
-	output, err := cmd.CombinedOutput()
-	require.NoError(t, err, "Error creating determining operator-controller namespace: %s", string(output))
-	namespace := string(output)
-	if namespace == "" {
-		t.Fatal("No operator-controller namespace found")
-	}
-	t.Logf("Using %q as operator-controller namespace", namespace)
-
-	t.Log("Creating ClusterRoleBinding for operator controller metrics")
-	cmd = exec.Command(client, "create", "clusterrolebinding", "operator-controller-metrics-binding",
-		"--clusterrole=operator-controller-metrics-reader",
-		"--serviceaccount="+namespace+":operator-controller-controller-manager")
-	output, err = cmd.CombinedOutput()
-	require.NoError(t, err, "Error creating ClusterRoleBinding: %s", string(output))
-
-	defer func() {
-		t.Log("Cleaning up ClusterRoleBinding")
-		_ = exec.Command(client, "delete", "clusterrolebinding", "operator-controller-metrics-binding", "--ignore-not-found=true").Run()
-	}()
-
-	t.Log("Generating ServiceAccount token")
-	tokenCmd := exec.Command(client, "create", "token", "operator-controller-controller-manager", "-n", namespace)
-	tokenOutput, tokenCombinedOutput, err := stdoutAndCombined(tokenCmd)
-	require.NoError(t, err, "Error creating token: %s", string(tokenCombinedOutput))
-	token = string(bytes.TrimSpace(tokenOutput))
-
-	t.Log("Creating curl pod to validate the metrics endpoint")
-	cmd = exec.Command(client, "run", curlPod,
-		"--image=curlimages/curl:7.87.0", "-n", namespace,
-		"--restart=Never",
-		"--overrides", `{
-			"spec": {
-				"containers": [{
-					"name": "curl",
-					"image": "curlimages/curl:7.87.0",
-					"command": ["sh", "-c", "sleep 3600"],
-					"securityContext": {
-						"allowPrivilegeEscalation": false,
-						"capabilities": {
-							"drop": ["ALL"]
-						},
-						"runAsNonRoot": true,
-						"runAsUser": 1000,
-						"seccompProfile": {
-							"type": "RuntimeDefault"
-						}
-					}
-				}],
-				"serviceAccountName": "operator-controller-controller-manager"
-			}
-		}`)
-	output, err = cmd.CombinedOutput()
-	require.NoError(t, err, "Error creating curl pod: %s", string(output))
-
-	defer func() {
-		t.Log("Cleaning up curl pod")
-		_ = exec.Command(client, "delete", "pod", curlPod, "-n", namespace, "--ignore-not-found=true").Run()
-	}()
-
-	t.Log("Waiting for the curl pod to be ready")
-	waitCmd := exec.Command(client, "wait", "--for=condition=Ready", "pod", curlPod, "-n", namespace, "--timeout=60s")
-	waitOutput, waitErr := waitCmd.CombinedOutput()
-	require.NoError(t, waitErr, "Error waiting for curl pod to be ready: %s", string(waitOutput))
-
-	t.Log("Validating the metrics endpoint")
-	metricsURL := "https://operator-controller-service." + namespace + ".svc.cluster.local:8443/metrics"
-	curlCmd := exec.Command(client, "exec", curlPod, "-n", namespace, "--",
-		"curl", "-v", "-k", "-H", "Authorization: Bearer "+token, metricsURL)
-	output, err = curlCmd.CombinedOutput()
-	require.NoError(t, err, "Error calling metrics endpoint: %s", string(output))
-	require.Contains(t, string(output), "200 OK", "Metrics endpoint did not return 200 OK")
+	client := utils.FindK8sClient(t)
+	namespace := getNamespace(t, client, "control-plane=operator-controller-controller-manager")
+	createClusterRoleBinding(t, client, "operator-controller-metrics-binding", "operator-controller-metrics-reader", namespace, "operator-controller-controller-manager")
+	token := createServiceAccountToken(t, client, namespace, "operator-controller-controller-manager")
+	createCurlPod(t, client, namespace, "curl-metrics", "operator-controller-controller-manager")
+	waitForPodReady(t, client, namespace, "curl-metrics")
+	validateMetricsEndpoint(t, client, namespace, "curl-metrics", token, "https://operator-controller-service."+namespace+".svc.cluster.local:8443/metrics")
 }
 
-// nolint:gosec
 // TestCatalogdMetricsExportedEndpoint verifies that the metrics endpoint for the catalogd
 // is exported correctly and accessible by authorized users through RBAC and a ServiceAccount token.
 // The test performs the following steps:
@@ -127,57 +41,52 @@ func TestOperatorControllerMetricsExportedEndpoint(t *testing.T) {
 // 5. Executes a curl command from the pod to validate the metrics endpoint.
 // 6. Cleans up all resources created during the test, such as the ClusterRoleBinding and curl pod.
 func TestCatalogdMetricsExportedEndpoint(t *testing.T) {
-	var (
-		token   string
-		curlPod = "curl-metrics"
-		client  = ""
-		clients = []string{"kubectl", "oc"}
-	)
-
-	t.Log("Looking for k8s client")
-	for _, c := range clients {
-		// Would prefer to use `command -v`, but even that may not be installed!
-		err := exec.Command(c, "version", "--client").Run()
-		if err == nil {
-			client = c
-			break
-		}
-	}
-	if client == "" {
-		t.Fatal("k8s client not found")
-	}
-	t.Logf("Using %q as k8s client", client)
+	client := utils.FindK8sClient(t)
+	namespace := getNamespace(t, client, "control-plane=catalogd-controller-manager")
+	createClusterRoleBinding(t, client, "catalogd-metrics-binding", "catalogd-metrics-reader", namespace, "catalogd-controller-manager")
+	token := createServiceAccountToken(t, client, namespace, "catalogd-controller-manager")
+	createCurlPod(t, client, namespace, "curl-metrics", "catalogd-controller-manager")
+	waitForPodReady(t, client, namespace, "curl-metrics")
+	validateMetricsEndpoint(t, client, namespace, "curl-metrics", token, "https://catalogd-service."+namespace+".svc.cluster.local:7443/metrics")
+}
 
-	t.Log("Determining catalogd namespace")
-	cmd := exec.Command(client, "get", "pods", "--all-namespaces", "--selector=control-plane=catalogd-controller-manager", "--output=jsonpath={.items[0].metadata.namespace}")
+func getNamespace(t *testing.T, client, selector string) string {
+	cmd := exec.Command(client, "get", "pods", "--all-namespaces", "--selector="+selector, "--output=jsonpath={.items[0].metadata.namespace}")
 	output, err := cmd.CombinedOutput()
-	require.NoError(t, err, "Error creating determining catalogd namespace: %s", string(output))
-	namespace := string(output)
+	require.NoError(t, err, "Error determining namespace: %s", string(output))
+
+	namespace := string(bytes.TrimSpace(output))
 	if namespace == "" {
-		t.Fatal("No catalogd namespace found")
+		t.Fatal("No namespace found for selector " + selector)
 	}
-	t.Logf("Using %q as catalogd namespace", namespace)
+	return namespace
+}
 
-	t.Log("Creating ClusterRoleBinding for metrics access")
-	cmd = exec.Command(client, "create", "clusterrolebinding", "catalogd-metrics-binding",
-		"--clusterrole=catalogd-metrics-reader",
-		"--serviceaccount="+namespace+":catalogd-controller-manager")
-	output, err = cmd.CombinedOutput()
+func createClusterRoleBinding(t *testing.T, client, name, clusterRole, namespace, serviceAccount string) {
+	t.Logf("Creating ClusterRoleBinding %s", name)
+	cmd := exec.Command(client, "create", "clusterrolebinding", name,
+		"--clusterrole="+clusterRole,
+		"--serviceaccount="+namespace+":"+serviceAccount)
+	output, err := cmd.CombinedOutput()
 	require.NoError(t, err, "Error creating ClusterRoleBinding: %s", string(output))
 
 	defer func() {
-		t.Log("Cleaning up ClusterRoleBinding")
-		_ = exec.Command(client, "delete", "clusterrolebinding", "catalogd-metrics-binding", "--ignore-not-found=true").Run()
+		t.Logf("Cleaning up ClusterRoleBinding %s", name)
+		_ = exec.Command(client, "delete", "clusterrolebinding", name, "--ignore-not-found=true").Run()
 	}()
+}
 
-	t.Log("Creating service account token for authentication")
-	tokenCmd := exec.Command(client, "create", "token", "catalogd-controller-manager", "-n", namespace)
-	tokenOutput, tokenCombinedOutput, err := stdoutAndCombined(tokenCmd)
+func createServiceAccountToken(t *testing.T, client, namespace, serviceAccount string) string {
+	t.Log("Generating ServiceAccount token")
+	cmd := exec.Command(client, "create", "token", serviceAccount, "-n", namespace)
+	tokenOutput, tokenCombinedOutput, err := stdoutAndCombined(cmd)
 	require.NoError(t, err, "Error creating token: %s", string(tokenCombinedOutput))
-	token = string(bytes.TrimSpace(tokenOutput))
+	return string(bytes.TrimSpace(tokenOutput))
+}
 
-	t.Log("Creating a pod to run curl commands")
-	cmd = exec.Command(client, "run", curlPod,
+func createCurlPod(t *testing.T, client, namespace, podName, serviceAccount string) {
+	t.Log("Creating curl pod to validate the metrics endpoint")
+	cmd := exec.Command(client, "run", podName,
 		"--image=curlimages/curl:7.87.0", "-n", namespace,
 		"--restart=Never",
 		"--overrides", `{
@@ -188,47 +97,44 @@ func TestCatalogdMetricsExportedEndpoint(t *testing.T) {
 					"command": ["sh", "-c", "sleep 3600"],
 					"securityContext": {
 						"allowPrivilegeEscalation": false,
-						"capabilities": {
-							"drop": ["ALL"]
-						},
+						"capabilities": {"drop": ["ALL"]},
 						"runAsNonRoot": true,
 						"runAsUser": 1000,
-						"seccompProfile": {
-							"type": "RuntimeDefault"
-						}
+						"seccompProfile": {"type": "RuntimeDefault"}
 					}
 				}],
-				"serviceAccountName": "catalogd-controller-manager"
+				"serviceAccountName": "`+serviceAccount+`"
 			}
 		}`)
-	output, err = cmd.CombinedOutput()
+	output, err := cmd.CombinedOutput()
 	require.NoError(t, err, "Error creating curl pod: %s", string(output))
 
 	defer func() {
 		t.Log("Cleaning up curl pod")
-		_ = exec.Command(client, "delete", "pod", curlPod, "-n", namespace, "--ignore-not-found=true").Run()
+		_ = exec.Command(client, "delete", "pod", podName, "-n", namespace, "--ignore-not-found=true").Run()
 	}()
+}
 
-	t.Log("Waiting for the curl pod to become ready")
-	waitCmd := exec.Command(client, "wait", "--for=condition=Ready", "pod", curlPod, "-n", namespace, "--timeout=60s")
-	waitOutput, waitErr := waitCmd.CombinedOutput()
-	require.NoError(t, waitErr, "Error waiting for curl pod to be ready: %s", string(waitOutput))
+func waitForPodReady(t *testing.T, client, namespace, podName string) {
+	t.Log("Waiting for the curl pod to be ready")
+	cmd := exec.Command(client, "wait", "--for=condition=Ready", "pod", podName, "-n", namespace, "--timeout=60s")
+	output, err := cmd.CombinedOutput()
+	require.NoError(t, err, "Error waiting for curl pod to be ready: %s", string(output))
+}
 
+func validateMetricsEndpoint(t *testing.T, client, namespace, podName, token, metricsURL string) {
 	t.Log("Validating the metrics endpoint")
-	metricsURL := "https://catalogd-service." + namespace + ".svc.cluster.local:7443/metrics"
-	curlCmd := exec.Command(client, "exec", curlPod, "-n", namespace, "--",
+	cmd := exec.Command(client, "exec", podName, "-n", namespace, "--",
 		"curl", "-v", "-k", "-H", "Authorization: Bearer "+token, metricsURL)
-	output, err = curlCmd.CombinedOutput()
+	output, err := cmd.CombinedOutput()
 	require.NoError(t, err, "Error calling metrics endpoint: %s", string(output))
 	require.Contains(t, string(output), "200 OK", "Metrics endpoint did not return 200 OK")
 }
 
 func stdoutAndCombined(cmd *exec.Cmd) ([]byte, []byte, error) {
-	var outOnly bytes.Buffer
-	var outAndErr bytes.Buffer
-	allWriter := io.MultiWriter(&outOnly, &outAndErr)
+	var outOnly, outAndErr bytes.Buffer
+	cmd.Stdout = io.MultiWriter(&outOnly, &outAndErr)
 	cmd.Stderr = &outAndErr
-	cmd.Stdout = allWriter
 	err := cmd.Run()
 	return outOnly.Bytes(), outAndErr.Bytes(), err
 }
diff --git a/test/utils/utils.go b/test/utils/utils.go
@@ -0,0 +1,23 @@
+package utils
+
+import (
+	"os/exec"
+	"testing"
+)
+
+// FindK8sClient returns the first available Kubernetes CLI client from the system,
+// It checks for the existence of each client by running `version --client`.
+// If no suitable client is found, the function terminates the test with a failure.
+func FindK8sClient(t *testing.T) string {
+	t.Logf("Finding kubectl client")
+	clients := []string{"kubectl", "oc"}
+	for _, c := range clients {
+		// Would prefer to use `command -v`, but even that may not be installed!
+		if err := exec.Command(c, "version", "--client").Run(); err == nil {
+			t.Logf("Using %q as k8s client", c)
+			return c
+		}
+	}
+	t.Fatal("k8s client not found")
+	return "" // unreachable but required
+}
