Make scenario steps for roles match regex (#1108)

* Make scenario steps for roles match regex

* Add Strict check to acceptance tests

Author: andrewstucki

acceptance/features/role-crds.feature

@@ -31,15 +31,16 @@ Feature: Role CRDs
     """
     And role "admin-role" is successfully synced
     Then role "admin-role" should exist in cluster "roles"
-    And role "admin-role" should have members "alice" and "bob" in cluster "roles"
+    And role "admin-role" should have members "alice and bob" in cluster "roles"
 
   @skip:gke @skip:aks @skip:eks
   Scenario: Manage roles with authorization
     Given there is no role "read-only-role" in cluster "roles"
     And there are the following pre-existing users in cluster "roles"
       | name    | password | mechanism     |
       | charlie | password | SCRAM-SHA-256 |
-    When I apply Kubernetes manifest:
+    When I create topic "public-test" in cluster "roles"
+    And I apply Kubernetes manifest:
     """
 # tag::manage-roles-with-authorization[]
     # In this example manifest, a role called "read-only-role" is created in a cluster called "roles".
@@ -68,7 +69,7 @@ Feature: Role CRDs
     And role "read-only-role" is successfully synced
     Then role "read-only-role" should exist in cluster "roles"
     And role "read-only-role" should have ACLs for topic pattern "public-" in cluster "roles"
-    And user "charlie" should be able to read from topic "public-test" in cluster "roles"
+    And "charlie" should be able to read from topic "public-test" in cluster "roles"
 
   @skip:gke @skip:aks @skip:eks
   Scenario: Manage authorization-only roles

acceptance/main_test.go

@@ -44,6 +44,7 @@ func getSuite(t *testing.T) *framework.Suite {
 
 var setupSuite = sync.OnceValues(func() (*framework.Suite, error) {
 	return framework.SuiteBuilderFromFlags().
+		Strict().
 		RegisterProvider("eks", framework.NoopProvider).
 		RegisterProvider("gke", framework.NoopProvider).
 		RegisterProvider("aks", framework.NoopProvider).

acceptance/steps/helpers.go

@@ -206,6 +206,17 @@ func (c *clusterClients) checkSchema(ctx context.Context, schema string, exists
 	}
 }
 
+func (c *clusterClients) CreateTopic(ctx context.Context, topic string) {
+	t := framework.T(ctx)
+
+	admin := kadm.NewClient(c.Kafka(ctx))
+	defer admin.Close()
+
+	response, err := admin.CreateTopic(ctx, 1, 1, map[string]*string{}, topic)
+	require.NoError(t, err)
+	require.NoError(t, response.Err)
+}
+
 func (c *clusterClients) ExpectTopic(ctx context.Context, topic string) {
 	t := framework.T(ctx)
 

acceptance/steps/register.go

@@ -29,6 +29,7 @@ func init() {
 	framework.RegisterStep(`^there is no topic "([^"]*)" in cluster "([^"]*)"$`, thereIsNoTopic)
 	framework.RegisterStep(`^topic "([^"]*)" is successfully synced$`, topicIsSuccessfullySynced)
 	framework.RegisterStep(`^I should be able to produce and consume from "([^"]*)" in cluster "([^"]*)"$`, iShouldBeAbleToProduceAndConsumeFrom)
+	framework.RegisterStep(`I create topic "([^"]*)" in cluster "([^"]*)"`, iCreateTopicInCluster)
 
 	// User scenario steps
 	framework.RegisterStep(`^user "([^"]*)" is successfully synced$`, userIsSuccessfullySynced)

acceptance/steps/topics.go

@@ -39,6 +39,10 @@ func thereIsNoTopic(ctx context.Context, topic, cluster string) {
 	clientsForCluster(ctx, cluster).ExpectNoTopic(ctx, topic)
 }
 
+func iCreateTopicInCluster(ctx context.Context, topic, cluster string) {
+	clientsForCluster(ctx, cluster).CreateTopic(ctx, topic)
+}
+
 func iShouldBeAbleToProduceAndConsumeFrom(ctx context.Context, t framework.TestingT, topic, cluster string) {
 	payload := []byte("test")
 

harpoon/suite.go

@@ -189,6 +189,11 @@ func (b *SuiteBuilder) WithCRDDirectory(directory string) *SuiteBuilder {
 	return b
 }
 
+func (b *SuiteBuilder) Strict() *SuiteBuilder {
+	b.opts.Strict = true
+	return b
+}
+
 func setupErrorCheck(ctx context.Context, err error, cleanupFn func(ctx context.Context)) {
 	if err != nil {
 		fmt.Printf("setting up test suite: %v\n", err)