diff --git a/test/openshift/e2e/ginkgo/parallel/1-031_validate_toolchain_test.go b/test/openshift/e2e/ginkgo/parallel/1-031_validate_toolchain_test.go index d489f2fcfa0..261481d361f 100644 --- a/test/openshift/e2e/ginkgo/parallel/1-031_validate_toolchain_test.go +++ b/test/openshift/e2e/ginkgo/parallel/1-031_validate_toolchain_test.go @@ -19,9 +19,7 @@ package parallel import ( "context" "os" - - // "os" - + "path/filepath" "strings" "time" @@ -35,6 +33,7 @@ import ( corev1 "k8s.io/api/core/v1" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/util/wait" + "sigs.k8s.io/yaml" "sigs.k8s.io/controller-runtime/pkg/client" ) @@ -84,25 +83,6 @@ var _ = Describe("GitOps Operator Parallel E2E Tests", func() { It("verifies that toolchain versions have the expected values", func() { - // These variables need to be maintained according to the component matrix: https://spaces.redhat.com/display/GITOPS/GitOps+Component+Matrix - expected_kustomizeVersion := "v5.8.1" - expected_helmVersion := "v3.19.4" - expected_argocdVersion := "v3.3.2" - - var expected_dexVersion string - var expected_redisVersion string - - if os.Getenv("CI") == "prow" { - // when running against openshift-ci - expected_dexVersion = "v2.43.0" - expected_redisVersion = "8.2.3" - - } else { - // when running against RC/ released version of gitops - expected_dexVersion = "v2.41.1" - expected_redisVersion = "7.2.11" - } - By("locating pods containing toolchain in openshift-gitops") gitops_server_pod, err := getPodName("openshift-gitops-server") @@ -142,6 +122,17 @@ var _ = Describe("GitOps Operator Parallel E2E Tests", func() { // argocd-server: v2.13.1+af54ef8 Expect(err).NotTo(HaveOccurred()) + // Extract the version from "argocd-server: v3.3.0+af54ef8" and strip the + suffix, + // since the test intent is to match the base version only (ContainSubstring was used previously for this reason). + argocdVersionLine := strings.TrimSpace(argocdVersion) + argocdVersionClean := argocdVersionLine + if idx := strings.LastIndex(argocdVersionLine, " "); idx != -1 { + argocdVersionClean = argocdVersionLine[idx+1:] + } + if idx := strings.Index(argocdVersionClean, "+"); idx != -1 { + argocdVersionClean = argocdVersionClean[:idx] + } + By("extracting the dex version from container") dexVersionOutput, err := osFixture.ExecCommand("bash", "-c", "oc -n openshift-gitops exec "+dex_pod+" -- dex version") Expect(err).ToNot(HaveOccurred()) @@ -172,17 +163,39 @@ var _ = Describe("GitOps Operator Parallel E2E Tests", func() { // After: v=6.2.7 Expect(err).NotTo(HaveOccurred()) - By("verifying containers have expected toolchain versions") + By("collecting all toolchain versions") - Expect(kustomizeVersion).To(Equal(expected_kustomizeVersion)) - Expect(helmVersion).To(Equal(expected_helmVersion)) - Expect(dexVersion).To(Equal(expected_dexVersion)) + collectedVersions := map[string]string{ + "argocd": argocdVersionClean, + "dex": dexVersion, + "helm": helmVersion, + "kustomize": kustomizeVersion, + "redis": redisVersion, + } + + snapshotPath := "../snapshots/valid_toolchain_versions_release.yaml" + + if os.Getenv("CI") == "prow" { + snapshotPath = "../snapshots/valid_toolchain_versions_prow.yaml" + } + + By("comparing collected versions against snapshot") + + snapshotData, readErr := os.ReadFile(snapshotPath) + Expect(readErr).NotTo(HaveOccurred(), "snapshot file not found at %s; run with E2E_UPDATE_SNAPSHOTS=1 to create it", snapshotPath) + + if os.Getenv("E2E_UPDATE_SNAPSHOTS") == "1" { + By("updating snapshot file with collected versions") + data, marshalErr := yaml.Marshal(collectedVersions) + Expect(marshalErr).NotTo(HaveOccurred()) + Expect(os.MkdirAll(filepath.Dir(snapshotPath), 0755)).To(Succeed()) + Expect(os.WriteFile(snapshotPath, data, 0644)).To(Succeed()) + } - // We are as argocdVersion contains v2.7.6+00c914a suffix addition to the version no. - // So, we are checking if expected_argocdVersion is substring of the actual version - Expect(argocdVersion).To(ContainSubstring(expected_argocdVersion)) + var snapshotVersions map[string]string + Expect(yaml.Unmarshal(snapshotData, &snapshotVersions)).To(Succeed()) - Expect(redisVersion).To(Equal(expected_redisVersion)) + Expect(collectedVersions).To(Equal(snapshotVersions)) }) diff --git a/test/openshift/e2e/ginkgo/parallel/1-031_validate_toolchain_test.go.orig b/test/openshift/e2e/ginkgo/parallel/1-031_validate_toolchain_test.go.orig new file mode 100644 index 00000000000..77e77c630f4 --- /dev/null +++ b/test/openshift/e2e/ginkgo/parallel/1-031_validate_toolchain_test.go.orig @@ -0,0 +1,224 @@ +/* +Copyright 2025. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/ + +package parallel + +import ( + "context" + "os" + "path/filepath" + "strings" + "time" + + . "github.com/onsi/ginkgo/v2" + . "github.com/onsi/gomega" + routev1 "github.com/openshift/api/route/v1" + "github.com/redhat-developer/gitops-operator/test/openshift/e2e/ginkgo/fixture" + k8sFixture "github.com/redhat-developer/gitops-operator/test/openshift/e2e/ginkgo/fixture/k8s" + osFixture "github.com/redhat-developer/gitops-operator/test/openshift/e2e/ginkgo/fixture/os" + fixtureUtils "github.com/redhat-developer/gitops-operator/test/openshift/e2e/ginkgo/fixture/utils" + corev1 "k8s.io/api/core/v1" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/util/wait" + "sigs.k8s.io/yaml" + + "sigs.k8s.io/controller-runtime/pkg/client" +) + +var _ = Describe("GitOps Operator Parallel E2E Tests", func() { + + Context("1-031_validate_toolchain", func() { + + var ( + k8sClient client.Client + ) + + BeforeEach(func() { + fixture.EnsureParallelCleanSlate() + k8sClient, _ = fixtureUtils.GetE2ETestKubeClient() + }) + + // getPodName waits for there to exist a running pod with name 'name' in openshift-gitops + getPodName := func(name string) (string, error) { + + var podName string + + if err := wait.PollUntilContextTimeout(context.Background(), time.Second*5, time.Minute*2, true, func(ctx context.Context) (done bool, err error) { + + var podList corev1.PodList + if err := k8sClient.List(ctx, &podList, client.InNamespace("openshift-gitops")); err != nil { + GinkgoWriter.Println(err) + return false, nil + } + + for _, pod := range podList.Items { + if pod.Status.Phase == corev1.PodRunning { + if strings.Contains(pod.Name, name) { + podName = pod.Name + return true, nil + } + } + } + return false, nil + + }); err != nil { + return "", err + } + + return podName, nil + } + + It("verifies that toolchain versions have the expected values", func() { + +<<<<<<< Updated upstream + // These variables need to be maintained according to the component matrix: https://spaces.redhat.com/display/GITOPS/GitOps+Component+Matrix + expected_kustomizeVersion := "v5.8.1" + expected_helmVersion := "v3.19.4" + expected_argocdVersion := "v3.3.2" + + var expected_dexVersion string + var expected_redisVersion string + + if os.Getenv("CI") == "prow" { + // when running against openshift-ci + expected_dexVersion = "v2.43.0" + expected_redisVersion = "8.2.3" + + } else { + // when running against RC/ released version of gitops + expected_dexVersion = "v2.43.1" + expected_redisVersion = "7.2.11" + } + +======= +>>>>>>> Stashed changes + By("locating pods containing toolchain in openshift-gitops") + + gitops_server_pod, err := getPodName("openshift-gitops-server") + Expect(err).ToNot(HaveOccurred()) + dex_pod, err := getPodName("openshift-gitops-dex-server") + Expect(err).ToNot(HaveOccurred()) + redis_pod, err := getPodName("openshift-gitops-redis") + Expect(err).ToNot(HaveOccurred()) + + serverRoute := &routev1.Route{ObjectMeta: metav1.ObjectMeta{Name: "openshift-gitops-server", Namespace: "openshift-gitops"}} + Eventually(serverRoute).Should(k8sFixture.ExistByName()) + + By("extracting the kustomize version from container") + + kustomizeVersion, err := osFixture.ExecCommand("bash", "-c", "oc -n openshift-gitops exec "+gitops_server_pod+" -- kustomize version") + + Expect(err).NotTo(HaveOccurred()) + kustomizeVersion = strings.TrimSpace(kustomizeVersion) + + By("extracting the helm version from container") + helmVersion, err := osFixture.ExecCommand("bash", "-c", "oc -n openshift-gitops exec "+gitops_server_pod+" -- helm version") + Expect(err).NotTo(HaveOccurred()) + + // output format: + // version.BuildInfo{Version:"v3.15.4", GitCommit:"fa9efb07d9d8debbb4306d72af76a383895aa8c4", GitTreeState:"", GoVersion:"go1.22.9 (Red Hat 1.22.9-1.module+el8.10.0+22500+aee717ef)" + helmVersion = helmVersion[strings.Index(helmVersion, "Version:"):] + // After: Version:"v3.15.4" (...) + helmVersion = helmVersion[strings.Index(helmVersion, "\"")+1:] + // After: v3.15.4" (...) + helmVersion = helmVersion[:strings.Index(helmVersion, "\"")] + // After: v3.15.4 + + By("extracting the argo cd server version from container") + argocdVersion, err := osFixture.ExecCommand("bash", "-c", "oc -n openshift-gitops exec "+gitops_server_pod+" -- argocd version --short --server "+serverRoute.Spec.Host+" --insecure | grep 'argocd-server'") + argocdVersion = strings.ReplaceAll(argocdVersion, "+unknown", "") + // output format: + // argocd-server: v2.13.1+af54ef8 + Expect(err).NotTo(HaveOccurred()) + + // Extract the version from "argocd-server: v3.3.0+af54ef8" and strip the + suffix, + // since the test intent is to match the base version only (ContainSubstring was used previously for this reason). + argocdVersionLine := strings.TrimSpace(argocdVersion) + argocdVersionClean := argocdVersionLine + if idx := strings.LastIndex(argocdVersionLine, " "); idx != -1 { + argocdVersionClean = argocdVersionLine[idx+1:] + } + if idx := strings.Index(argocdVersionClean, "+"); idx != -1 { + argocdVersionClean = argocdVersionClean[:idx] + } + + By("extracting the dex version from container") + dexVersionOutput, err := osFixture.ExecCommand("bash", "-c", "oc -n openshift-gitops exec "+dex_pod+" -- dex version") + Expect(err).ToNot(HaveOccurred()) + // Output format: + // Defaulted container "dex" out of: dex, copyutil (init) + // Dex Version: v2.41.1-1-ga7854d65 + + var dexVersion string + dexVersionOutputSplit := strings.Split(dexVersionOutput, "\n") + for _, line := range dexVersionOutputSplit { + if strings.Contains(line, "Dex Version:") { + dexVersion = line + dexVersion = dexVersion[strings.Index(dexVersion, ":")+1:] + // After: ' v2.41.1-1-ga7854d65' + dexVersion = strings.TrimSpace(dexVersion) + // After: 'v2.41.1-1-ga7854d65' + break + } + } + Expect(dexVersion).ToNot(BeEmpty()) + + By("extracting the redis version from container") + redisVersion, err := osFixture.ExecCommand("bash", "-c", "oc -n openshift-gitops exec "+redis_pod+" -- redis-server -v") + // output format: Redis server v=6.2.7 sha=00000000:0 malloc=jemalloc-5.1.0 bits=64 build=5d88ce217879027a + redisVersion = redisVersion[strings.Index(redisVersion, "v=")+2:] + // After: v=6.2.7 (...) + redisVersion = redisVersion[0:strings.Index(redisVersion, " ")] + // After: v=6.2.7 + Expect(err).NotTo(HaveOccurred()) + + By("collecting all toolchain versions") + + collectedVersions := map[string]string{ + "argocd": argocdVersionClean, + "dex": dexVersion, + "helm": helmVersion, + "kustomize": kustomizeVersion, + "redis": redisVersion, + } + + snapshotPath := "../snapshots/valid_toolchain_versions_release.yaml" + if os.Getenv("CI") == "prow" { + snapshotPath = "../snapshots/valid_toolchain_versions_prow.yaml" + } + + if os.Getenv("E2E_UPDATE_SNAPSHOTS") == "1" { + By("updating snapshot file with collected versions") + data, marshalErr := yaml.Marshal(collectedVersions) + Expect(marshalErr).NotTo(HaveOccurred()) + Expect(os.MkdirAll(filepath.Dir(snapshotPath), 0755)).To(Succeed()) + Expect(os.WriteFile(snapshotPath, data, 0644)).To(Succeed()) + } + + By("comparing collected versions against snapshot") + + snapshotData, readErr := os.ReadFile(snapshotPath) + Expect(readErr).NotTo(HaveOccurred(), "snapshot file not found at %s; run with E2E_UPDATE_SNAPSHOTS=1 to create it", snapshotPath) + + var snapshotVersions map[string]string + Expect(yaml.Unmarshal(snapshotData, &snapshotVersions)).To(Succeed()) + + Expect(collectedVersions).To(Equal(snapshotVersions)) + + }) + + }) +}) diff --git a/test/openshift/e2e/ginkgo/parallel/1-090_validate_permissions_test.go b/test/openshift/e2e/ginkgo/parallel/1-090_validate_permissions_test.go index a47de6eb3fa..1c01a21540b 100644 --- a/test/openshift/e2e/ginkgo/parallel/1-090_validate_permissions_test.go +++ b/test/openshift/e2e/ginkgo/parallel/1-090_validate_permissions_test.go @@ -19,6 +19,8 @@ package parallel import ( "context" "fmt" + "os" + "path/filepath" "strings" . "github.com/onsi/ginkgo/v2" @@ -59,652 +61,6 @@ var _ = Describe("GitOps Operator Parallel E2E Tests", func() { return } - By("checking that the expected CSV matches the actual CSV on the cluster") - - csvString := ` -apiVersion: operators.coreos.com/v1alpha1 -kind: ClusterServiceVersion -metadata: - name: openshift-gitops-operator.v1.16.0 - namespace: openshift-operators -spec: - install: - spec: - clusterPermissions: - - rules: - - apiGroups: - - "" - resources: - - configmaps - - endpoints - - events - - namespaces - - pods - - secrets - - serviceaccounts - - services - - services/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - "" - resources: - - configmaps - - endpoints - - events - - persistentvolumeclaims - - pods - - secrets - - serviceaccounts - - services - - services/finalizers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - "" - resources: - - deployments - verbs: - - get - - list - - watch - - apiGroups: - - "" - resources: - - namespaces - - resourcequotas - verbs: - - create - - delete - - get - - list - - update - - watch - - apiGroups: - - "" - resources: - - pods/eviction - verbs: - - create - - apiGroups: - - "" - resources: - - pods/log - verbs: - - get - - apiGroups: - - "" - resources: - - podtemplates - verbs: - - get - - list - - watch - - apiGroups: - - apiextensions.k8s.io - resources: - - customresourcedefinitions - verbs: - - get - - list - - watch - - apiGroups: - - apiregistration.k8s.io - resources: - - apiservices - verbs: - - get - - list - - apiGroups: - - appmesh.k8s.aws - resources: - - virtualnodes - - virtualrouters - verbs: - - get - - list - - patch - - update - - watch - - apiGroups: - - appmesh.k8s.aws - resources: - - virtualservices - verbs: - - get - - list - - watch - - apiGroups: - - apps - resources: - - daemonsets - - deployments - - replicasets - - statefulsets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - apps - resources: - - deployments - - podtemplates - - replicasets - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - apps - resources: - - deployments/finalizers - verbs: - - update - - apiGroups: - - apps - resourceNames: - - gitops-operator - resources: - - deployments/finalizers - verbs: - - update - - apiGroups: - - apps.openshift.io - resources: - - '*' - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - argoproj.io - resources: - - analysisruns - - analysisruns/finalizers - - experiments - - experiments/finalizers - verbs: - - create - - delete - - deletecollection - - get - - list - - patch - - update - - watch - - apiGroups: - - argoproj.io - resources: - - analysistemplates - verbs: - - create - - delete - - deletecollection - - get - - list - - patch - - update - - watch - - apiGroups: - - argoproj.io - resources: - - applications - - appprojects - - argocds - - argocds/finalizers - - argocds/status - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - argoproj.io - resources: - - clusteranalysistemplates - verbs: - - create - - delete - - deletecollection - - get - - list - - patch - - update - - watch - - apiGroups: - - argoproj.io - resources: - - notificationsconfigurations - - notificationsconfigurations/finalizers - verbs: - - '*' - - apiGroups: - - argoproj.io - resources: - - rolloutmanagers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - argoproj.io - resources: - - rolloutmanagers/finalizers - verbs: - - update - - apiGroups: - - argoproj.io - resources: - - rolloutmanagers/status - verbs: - - get - - patch - - update - - apiGroups: - - argoproj.io - resources: - - rollouts - - rollouts/finalizers - - rollouts/scale - - rollouts/status - verbs: - - create - - delete - - deletecollection - - get - - list - - patch - - update - - watch - - apiGroups: - - autoscaling - resources: - - horizontalpodautoscalers - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - batch - resources: - - cronjobs - - jobs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - batch - resources: - - jobs - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - config.openshift.io - resources: - - clusterversions - verbs: - - get - - list - - watch - - apiGroups: - - console.openshift.io - resources: - - consoleclidownloads - verbs: - - create - - get - - list - - patch - - update - - watch - - apiGroups: - - console.openshift.io - resources: - - consolelinks - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - console.openshift.io - resources: - - consoleplugins - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - coordination.k8s.io - resources: - - leases - verbs: - - create - - get - - update - - apiGroups: - - elbv2.k8s.aws - resources: - - targetgroupbindings - verbs: - - get - - list - - apiGroups: - - extensions - resources: - - ingresses - verbs: - - create - - get - - list - - patch - - watch - - apiGroups: - - getambassador.io - resources: - - ambassadormappings - - mappings - verbs: - - create - - delete - - get - - list - - update - - watch - - apiGroups: - - monitoring.coreos.com - resources: - - prometheuses - - prometheusrules - - servicemonitors - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - networking.istio.io - resources: - - destinationrules - - virtualservices - verbs: - - get - - list - - patch - - update - - watch - - apiGroups: - - networking.k8s.io - resources: - - ingresses - verbs: - - create - - get - - list - - patch - - update - - watch - - apiGroups: - - networking.k8s.io - resources: - - ingresses - - networkpolicies - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - oauth.openshift.io - resources: - - oauthclients - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - operators.coreos.com - resources: - - clusterserviceversions - - operatorgroups - - subscriptions - verbs: - - create - - get - - list - - watch - - apiGroups: - - pipelines.openshift.io - resources: - - '*' - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - pipelines.openshift.io - resources: - - gitopsservices - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - pipelines.openshift.io - resources: - - gitopsservices/finalizers - verbs: - - update - - apiGroups: - - pipelines.openshift.io - resources: - - gitopsservices/status - verbs: - - get - - patch - - update - - apiGroups: - - rbac.authorization.k8s.io - resources: - - '*' - verbs: - - bind - - create - - delete - - deletecollection - - escalate - - get - - list - - patch - - update - - watch - - apiGroups: - - rbac.authorization.k8s.io - resources: - - clusterrolebindings - - clusterroles - verbs: - - bind - - create - - delete - - deletecollection - - escalate - - get - - list - - patch - - update - - watch - - apiGroups: - - rbac.authorization.k8s.io - resources: - - rolebindings - - roles - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - route.openshift.io - resources: - - '*' - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - route.openshift.io - resources: - - routes - - routes/custom-host - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - split.smi-spec.io - resources: - - trafficsplits - verbs: - - create - - get - - patch - - update - - watch - - apiGroups: - - template.openshift.io - resources: - - templateconfigs - - templateinstances - - templates - verbs: - - create - - delete - - get - - list - - patch - - update - - watch - - apiGroups: - - traefik.containo.us - resources: - - traefikservices - verbs: - - get - - update - - watch - - apiGroups: - - x.getambassador.io - resources: - - ambassadormappings - - mappings - verbs: - - create - - delete - - get - - list - - update - - watch - - apiGroups: - - authentication.k8s.io - resources: - - tokenreviews - verbs: - - create - - apiGroups: - - authorization.k8s.io - resources: - - subjectaccessreviews - verbs: - - create` - - expectedCsv := &olmv1alpha1.ClusterServiceVersion{} - - Expect(yaml.UnmarshalStrict([]byte(csvString), expectedCsv)).To(Succeed()) - By("looking for a ClusterServiceVersion for openshift-gitops across all namespaces") gitopsCSVsFound := []olmv1alpha1.ClusterServiceVersion{} var csvList olmv1alpha1.ClusterServiceVersionList @@ -712,6 +68,10 @@ spec: for index := range csvList.Items { csv := csvList.Items[index] if strings.Contains(csv.Name, "openshift-gitops-operator") { + // OLM copies CSVs to other namespaces; skip those copies + if _, copied := csv.Labels["olm.copiedFrom"]; copied { + continue + } gitopsCSVsFound = append(gitopsCSVsFound, csv) } } @@ -730,9 +90,25 @@ spec: Expect(actualCsv.Spec.InstallStrategy.StrategySpec.ClusterPermissions).To(HaveLen(1)) actualCsv.Spec.InstallStrategy.StrategySpec.ClusterPermissions[0].ServiceAccountName = "" - Expect(expectedCsv.Spec.InstallStrategy.StrategySpec.ClusterPermissions).To(HaveLen(1)) + snapshotPath := "../snapshots/valid_csv_permissions.yaml" + + if os.Getenv("E2E_UPDATE_SNAPSHOTS") == "1" { + By("updating snapshot file with actual CSV cluster permissions") + data, marshalErr := yaml.Marshal(actualCsv.Spec.InstallStrategy.StrategySpec.ClusterPermissions) + Expect(marshalErr).NotTo(HaveOccurred()) + Expect(os.MkdirAll(filepath.Dir(snapshotPath), 0755)).To(Succeed()) + Expect(os.WriteFile(snapshotPath, data, 0644)).To(Succeed()) + } + + By("checking that the expected CSV cluster permissions match the actual CSV on the cluster") + + snapshotData, readErr := os.ReadFile(snapshotPath) + Expect(readErr).NotTo(HaveOccurred(), "snapshot file not found at %s; run with E2E_UPDATE_SNAPSHOTS=1 to create it", snapshotPath) + + var snapshotPermissions []olmv1alpha1.StrategyDeploymentPermissions + Expect(yaml.Unmarshal(snapshotData, &snapshotPermissions)).To(Succeed()) - Expect(actualCsv.Spec.InstallStrategy.StrategySpec.ClusterPermissions).To(Equal(expectedCsv.Spec.InstallStrategy.StrategySpec.ClusterPermissions)) + Expect(actualCsv.Spec.InstallStrategy.StrategySpec.ClusterPermissions).To(Equal(snapshotPermissions)) By("checking that the specific fields in gitopsservices.pipelines.openshift.io CRD that we are looking for are present and have the expected values") diff --git a/test/openshift/e2e/ginkgo/parallel/1-077_validate_disable_dex_removed_test.go b/test/openshift/e2e/ginkgo/sequential/1-077_validate_disable_dex_removed_test.go similarity index 97% rename from test/openshift/e2e/ginkgo/parallel/1-077_validate_disable_dex_removed_test.go rename to test/openshift/e2e/ginkgo/sequential/1-077_validate_disable_dex_removed_test.go index 9ed8dbcb714..cdb96a28764 100644 --- a/test/openshift/e2e/ginkgo/parallel/1-077_validate_disable_dex_removed_test.go +++ b/test/openshift/e2e/ginkgo/sequential/1-077_validate_disable_dex_removed_test.go @@ -14,7 +14,7 @@ See the License for the specific language governing permissions and limitations under the License. */ -package parallel +package sequential import ( "context" @@ -30,7 +30,7 @@ import ( "sigs.k8s.io/controller-runtime/pkg/client" ) -var _ = Describe("GitOps Operator Parallel E2E Tests", func() { +var _ = Describe("GitOps Operator Sequential E2E Tests", func() { Context("1-077_validate_disable_dex_removed", func() { diff --git a/test/openshift/e2e/ginkgo/snapshots/valid_csv_permissions.yaml b/test/openshift/e2e/ginkgo/snapshots/valid_csv_permissions.yaml new file mode 100644 index 00000000000..0b594f012fd --- /dev/null +++ b/test/openshift/e2e/ginkgo/snapshots/valid_csv_permissions.yaml @@ -0,0 +1,470 @@ +- rules: + - apiGroups: + - "" + resources: + - configmaps + - endpoints + - events + - namespaces + - persistentvolumeclaims + - pods + - secrets + - serviceaccounts + - services + - services/finalizers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - "" + resources: + - deployments + - podtemplates + verbs: + - get + - list + - watch + - apiGroups: + - "" + resources: + - pods/eviction + verbs: + - create + - apiGroups: + - "" + resources: + - pods/log + verbs: + - get + - apiGroups: + - "" + resources: + - resourcequotas + verbs: + - create + - delete + - get + - list + - update + - watch + - apiGroups: + - apiextensions.k8s.io + resources: + - customresourcedefinitions + verbs: + - get + - list + - watch + - apiGroups: + - apiregistration.k8s.io + resources: + - apiservices + verbs: + - get + - list + - apiGroups: + - appmesh.k8s.aws + resources: + - virtualnodes + - virtualrouters + verbs: + - get + - list + - patch + - update + - watch + - apiGroups: + - appmesh.k8s.aws + resources: + - virtualservices + verbs: + - get + - list + - watch + - apiGroups: + - apps + resources: + - daemonsets + - deployments + - podtemplates + - replicasets + - statefulsets + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - apps + resources: + - deployments/finalizers + verbs: + - update + - apiGroups: + - apps + resourceNames: + - gitops-operator + resources: + - deployments/finalizers + verbs: + - update + - apiGroups: + - apps.openshift.io + resources: + - '*' + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - argoproj.io + resources: + - analysisruns + - analysisruns/finalizers + - analysistemplates + - clusteranalysistemplates + - experiments + - experiments/finalizers + - namespacemanagements + - namespacemanagements/status + - rollouts + - rollouts/finalizers + - rollouts/scale + - rollouts/status + verbs: + - create + - delete + - deletecollection + - get + - list + - patch + - update + - watch + - apiGroups: + - argoproj.io + resources: + - applications + - appprojects + - argocds + - argocds/finalizers + - argocds/status + - rolloutmanagers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - argoproj.io + resources: + - notificationsconfigurations + - notificationsconfigurations/finalizers + verbs: + - '*' + - apiGroups: + - argoproj.io + resources: + - rolloutmanagers/finalizers + verbs: + - update + - apiGroups: + - argoproj.io + resources: + - rolloutmanagers/status + verbs: + - get + - patch + - update + - apiGroups: + - autoscaling + resources: + - horizontalpodautoscalers + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - batch + resources: + - cronjobs + - jobs + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - config.openshift.io + resources: + - authentications + - clusterversions + - ingresses + verbs: + - get + - list + - watch + - apiGroups: + - console.openshift.io + resources: + - consoleclidownloads + verbs: + - create + - get + - list + - patch + - update + - watch + - apiGroups: + - console.openshift.io + resources: + - consolelinks + - consoleplugins + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - coordination.k8s.io + resources: + - leases + verbs: + - create + - get + - update + - apiGroups: + - elbv2.k8s.aws + resources: + - targetgroupbindings + verbs: + - get + - list + - apiGroups: + - extensions + resources: + - ingresses + verbs: + - create + - get + - list + - patch + - watch + - apiGroups: + - getambassador.io + - x.getambassador.io + resources: + - ambassadormappings + - mappings + verbs: + - create + - delete + - get + - list + - update + - watch + - apiGroups: + - monitoring.coreos.com + resources: + - prometheuses + - prometheusrules + - servicemonitors + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - networking.istio.io + resources: + - destinationrules + - virtualservices + verbs: + - get + - list + - patch + - update + - watch + - apiGroups: + - networking.k8s.io + resources: + - ingresses + - networkpolicies + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - oauth.openshift.io + resources: + - oauthclients + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - operators.coreos.com + resources: + - clusterserviceversions + - operatorgroups + - subscriptions + verbs: + - create + - get + - list + - watch + - apiGroups: + - pipelines.openshift.io + resources: + - '*' + - gitopsservices + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - pipelines.openshift.io + resources: + - gitopsservices/finalizers + verbs: + - update + - apiGroups: + - pipelines.openshift.io + resources: + - gitopsservices/status + verbs: + - get + - patch + - update + - apiGroups: + - rbac.authorization.k8s.io + resources: + - '*' + - clusterrolebindings + - clusterroles + verbs: + - bind + - create + - delete + - deletecollection + - escalate + - get + - list + - patch + - update + - watch + - apiGroups: + - rbac.authorization.k8s.io + resources: + - rolebindings + - roles + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - route.openshift.io + resources: + - '*' + - routes + - routes/custom-host + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - split.smi-spec.io + resources: + - trafficsplits + verbs: + - create + - get + - patch + - update + - watch + - apiGroups: + - template.openshift.io + resources: + - templateconfigs + - templateinstances + - templates + verbs: + - create + - delete + - get + - list + - patch + - update + - watch + - apiGroups: + - traefik.containo.us + resources: + - traefikservices + verbs: + - get + - update + - watch + - nonResourceURLs: + - /metrics + verbs: + - get + - apiGroups: + - authentication.k8s.io + resources: + - tokenreviews + verbs: + - create + - apiGroups: + - authorization.k8s.io + resources: + - subjectaccessreviews + verbs: + - create + serviceAccountName: "" diff --git a/test/openshift/e2e/ginkgo/snapshots/valid_toolchain_versions_prow.yaml b/test/openshift/e2e/ginkgo/snapshots/valid_toolchain_versions_prow.yaml new file mode 100644 index 00000000000..26dc3f01d60 --- /dev/null +++ b/test/openshift/e2e/ginkgo/snapshots/valid_toolchain_versions_prow.yaml @@ -0,0 +1,5 @@ +argocd: v3.3.2 +dex: v2.43.0 +helm: v3.19.4 +kustomize: v5.8.1 +redis: 8.2.3 \ No newline at end of file diff --git a/test/openshift/e2e/ginkgo/snapshots/valid_toolchain_versions_release.yaml b/test/openshift/e2e/ginkgo/snapshots/valid_toolchain_versions_release.yaml new file mode 100644 index 00000000000..cc71319548a --- /dev/null +++ b/test/openshift/e2e/ginkgo/snapshots/valid_toolchain_versions_release.yaml @@ -0,0 +1,5 @@ +argocd: v3.3.2 +dex: v2.43.0 +helm: v3.19.4 +kustomize: v5.8.1 +redis: 7.2.11 \ No newline at end of file