Skip to content

Commit

Permalink
Merge branch 'master' into proxy-namespace
Browse files Browse the repository at this point in the history
  • Loading branch information
alexeykazakov authored Oct 29, 2024
2 parents 21d8d15 + 571666c commit 0326e94
Show file tree
Hide file tree
Showing 3 changed files with 102 additions and 4 deletions.
6 changes: 3 additions & 3 deletions test/e2e/parallel/nstemplatetier_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ func TestNSTemplateTiers(t *testing.T) {
space := user.Space

// all tiers to check - keep the base as the last one, it will verify downgrade back to the default tier at the end of the test
tiersToCheck := []string{"advanced", "baseextendedidling", "baselarge", "test", "appstudio", "appstudiolarge", "appstudio-env", "base1ns", "base1nsnoidling", "base1ns6didler", "base"}
tiersToCheck := []string{"advanced", "baseextendedidling", "baselarge", "test", "appstudio", "appstudiolarge", "appstudio-env", "base1ns", "base1nsnoidling", "base1ns6didler", "intelmedium", "intellarge", "base"}

// when the tiers are created during the startup then we can verify them
allTiers := &toolchainv1alpha1.NSTemplateTierList{}
Expand Down Expand Up @@ -281,9 +281,9 @@ func TestTierTemplates(t *testing.T) {
allTiers := &toolchainv1alpha1.TierTemplateList{}
err = hostAwait.Client.List(context.TODO(), allTiers, client.InNamespace(hostAwait.Namespace), notCreatedByE2e)
require.NoError(t, err)
// We have 27 tier templates (base: 3, base1ns: 2, base1nsnoidling: 2, base1ns6didler: 3, baselarge: 3, baseextendedidling: 3, advanced: 3, test: 3, appstudio: 3, appstudiolarge: 3, appstudio-env: 3)
// We have 27 tier templates (base: 3, base1ns: 2, base1nsnoidling: 2, base1ns6didler: 3, baselarge: 3, baseextendedidling: 3, advanced: 3, test: 3, appstudio: 3, appstudiolarge: 3, appstudio-env: 3, intelmedium: 2, intellarge: 2)
// But we cannot verify the exact number of tiers, because during the operator update it may happen that more TierTemplates are created
assert.GreaterOrEqual(t, len(allTiers.Items), 27)
assert.GreaterOrEqual(t, len(allTiers.Items), 31)
}

func TestFeatureToggles(t *testing.T) {
Expand Down
6 changes: 5 additions & 1 deletion test/e2e/user_management_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -60,7 +60,7 @@ func (s *userManagementTestSuite) TestVerifyUserTiers() {
userTiers := &toolchainv1alpha1.UserTierList{}
err := hostAwait.Client.List(context.TODO(), userTiers, client.InNamespace(hostAwait.Namespace))
require.NoError(s.T(), err)
require.Len(s.T(), userTiers.Items, 6)
require.Len(s.T(), userTiers.Items, 7)

expectedTiers := []userTierTestData{
{
Expand All @@ -87,6 +87,10 @@ func (s *userManagementTestSuite) TestVerifyUserTiers() {
name: "deactivate365",
deactivationTimeoutDays: 365,
},
{
name: "intel",
deactivationTimeoutDays: 60,
},
}
for _, expectedTier := range expectedTiers {
s.T().Run(fmt.Sprintf("verify UserTier '%s'", expectedTier.name), func(t *testing.T) {
Expand Down
94 changes: 94 additions & 0 deletions testsupport/tiers/checks.go
Original file line number Diff line number Diff line change
Expand Up @@ -37,6 +37,8 @@ const (
baseextendedidling = "baseextendedidling"
baselarge = "baselarge"
testTier = "test"
intelMedium = "intelmedium"
intelLarge = "intellarge"

// common CPU limits
baseCPULimit = "40000m"
Expand Down Expand Up @@ -77,6 +79,10 @@ func NewChecksForTier(tier *toolchainv1alpha1.NSTemplateTier) (TierChecks, error
return &appstudioEnvTierChecks{tierName: appstudioEnv}, nil
case testTier:
return &testTierChecks{tierName: testTier}, nil
case intelMedium:
return &intelMediumTierChecks{tierName: intelMedium}, nil
case intelLarge:
return &intelLargeTierChecks{intelMediumTierChecks{tierName: intelLarge}}, nil
default:
return nil, fmt.Errorf("no assertion implementation found for %s", tier.Name)
}
Expand Down Expand Up @@ -631,6 +637,94 @@ func (a *appstudioEnvTierChecks) GetClusterObjectChecks() []clusterObjectsCheck
idlers(0, "env"))
}

type intelMediumTierChecks struct {
tierName string
}

func (a *intelMediumTierChecks) GetNamespaceObjectChecks(_ string) []namespaceObjectsCheck {
checks := []namespaceObjectsCheck{
resourceQuotaComputeDeploy("8", "16Gi", "8", "16Gi"),
resourceQuotaComputeBuild("8", "16Gi", "8", "16Gi"),
resourceQuotaStorage("15Gi", "50Gi", "15Gi", "5"),
limitRange("1", "1000Mi", "10m", "64Mi"),
numberOfLimitRanges(1),
execPodsRole(),
crtadminPodsRoleBinding(),
crtadminViewRoleBinding(),
}
checks = append(checks, commonNetworkPolicyChecks()...)
checks = append(checks, networkPolicyAllowFromCRW(), networkPolicyAllowFromVirtualizationNamespaces(), networkPolicyAllowFromRedHatODSNamespaceToMariaDB(), networkPolicyAllowFromRedHatODSNamespaceToModelMesh(), numberOfNetworkPolicies(9))
return checks
}

func (a *intelMediumTierChecks) GetSpaceRoleChecks(spaceRoles map[string][]string) ([]spaceRoleObjectsCheck, error) {
checks := []spaceRoleObjectsCheck{}
roles := 0
rolebindings := 0
for role, usernames := range spaceRoles {
switch role {
case "admin":
checks = append(checks, rbacEditRole())
roles++
for _, userName := range usernames {
checks = append(checks,
rbacEditRoleBinding(userName),
userEditRoleBinding(userName),
)
rolebindings += 2
}
default:
return nil, fmt.Errorf("unexpected template name: '%s'", role)
}
}
// also count the roles, rolebindings
checks = append(checks,
numberOfToolchainRoles(roles+1), // +1 for `exec-pods`
numberOfToolchainRoleBindings(rolebindings+2), // +2 for `crtadmin-pods` and `crtadmin-view`
)
return checks, nil
}

func (a *intelMediumTierChecks) GetExpectedTemplateRefs(t *testing.T, hostAwait *wait.HostAwaitility) TemplateRefs {
templateRefs := GetTemplateRefs(t, hostAwait, a.tierName)
verifyNsTypes(t, a.tierName, templateRefs, "dev")
return templateRefs
}

func (a *intelMediumTierChecks) GetClusterObjectChecks() []clusterObjectsCheck {
return clusterObjectsChecks(
clusterResourceQuotaDeployments(),
clusterResourceQuotaReplicas(),
clusterResourceQuotaRoutes(),
clusterResourceQuotaJobs(),
clusterResourceQuotaServicesNoLoadBalancers(),
clusterResourceQuotaBuildConfig(),
clusterResourceQuotaSecrets(),
clusterResourceQuotaConfigMap(),
numberOfClusterResourceQuotas(8),
idlers(172800, "dev"))
}

type intelLargeTierChecks struct {
intelMediumTierChecks
}

func (a *intelLargeTierChecks) GetNamespaceObjectChecks(_ string) []namespaceObjectsCheck {
checks := []namespaceObjectsCheck{
resourceQuotaComputeDeploy("16", "32Gi", "16", "32Gi"),
resourceQuotaComputeBuild("16", "32Gi", "16", "32Gi"),
resourceQuotaStorage("15Gi", "100Gi", "15Gi", "5"),
limitRange("1", "1000Mi", "10m", "64Mi"),
numberOfLimitRanges(1),
execPodsRole(),
crtadminPodsRoleBinding(),
crtadminViewRoleBinding(),
}
checks = append(checks, commonNetworkPolicyChecks()...)
checks = append(checks, networkPolicyAllowFromCRW(), networkPolicyAllowFromVirtualizationNamespaces(), networkPolicyAllowFromRedHatODSNamespaceToMariaDB(), networkPolicyAllowFromRedHatODSNamespaceToModelMesh(), numberOfNetworkPolicies(9))
return checks
}

// verifyNsTypes checks that there's a namespace.TemplateRef that begins with `<tier>-<type>` for each given templateRef (and no more, no less)
func verifyNsTypes(t *testing.T, tier string, templateRefs TemplateRefs, expectedNSTypes ...string) {
require.Len(t, templateRefs.Namespaces, len(expectedNSTypes))
Expand Down

0 comments on commit 0326e94

Please sign in to comment.