def test_create_tenant(function_context, minio_client, api_instance,
rbac_api_instance):
data = json.dumps({
'name': TENANT_NAME,
'cert': CERT,
'scope': SCOPE_NAME,
'quota': QUOTA,
})
url = TENANTS_MANAGEMENT_API_URL
response = requests.post(url, data=data, headers=ADMIN_HEADERS)
function_context.add_object(object_type='tenant',
object_to_delete={'name': TENANT_NAME})
assert response.text == 'Tenant {} created\n'.format(TENANT_NAME)
assert response.status_code == 200
assert check_namespace_availability(
api_instance, namespace=TENANT_NAME) == CheckResult.RESOURCE_AVAILABLE
assert check_bucket_existence(
minio_client, bucket=TENANT_NAME) == CheckResult.RESOURCE_AVAILABLE
assert check_role_existence(
rbac_api_instance, namespace=TENANT_NAME,
role=TENANT_NAME) == CheckResult.RESOURCE_AVAILABLE
assert check_rolebinding_existence(
rbac_api_instance, namespace=TENANT_NAME,
rolebinding=TENANT_NAME) == CheckResult.RESOURCE_AVAILABLE
def test_delete_tenant(minio_client, api_instance):
url = TENANTS_MANAGEMENT_API_URL
new_tenant_name = TENANT_NAME + '-delete'
data = json.dumps({
'cert': CERT,
'scope': SCOPE_NAME,
'name': new_tenant_name,
'quota': QUOTA,
})
requests.post(url, data=data, headers=ADMIN_HEADERS)
data = json.dumps({
'name': new_tenant_name,
})
response = requests.delete(url, data=data, headers=ADMIN_HEADERS)
assert response.text == 'Tenant {} deleted\n'.format(new_tenant_name)
assert response.status_code == 200
assert check_bucket_existence(
minio_client,
bucket=new_tenant_name) == CheckResult.RESOURCE_DOES_NOT_EXIST
namespace_status = check_namespace_availability(api_instance,
namespace=new_tenant_name)
assert namespace_status == CheckResult.\
RESOURCE_DOES_NOT_EXIST or namespace_status == CheckResult.RESOURCE_BEING_DELETED
def test_portable_secrets_propagation_succeeded(function_context, minio_client,
api_instance):
data = json.dumps({
'cert': CERT,
'scope': SCOPE_NAME,
'name': TENANT_NAME,
'quota': QUOTA,
})
url = TENANTS_MANAGEMENT_API_URL
requests.post(url, data=data, headers=ADMIN_HEADERS)
function_context.add_object(object_type='tenant',
object_to_delete={'name': TENANT_NAME})
assert check_bucket_existence(
minio_client, bucket=TENANT_NAME) == CheckResult.RESOURCE_AVAILABLE
assert check_namespace_availability(
api_instance, namespace=TENANT_NAME) == CheckResult.RESOURCE_AVAILABLE
for secret_path in PORTABLE_SECRETS_PATHS:
secret_namespace, secret_name = secret_path.split('/')
assert check_namespaced_secret_existence(
api_instance, secret_name,
secret_namespace=TENANT_NAME) == CheckResult.RESOURCE_AVAILABLE
assert check_copied_secret_data_matching_original(
api_instance,
secret_name,
secret_namespace,
copied_secret_namespace=TENANT_NAME
) == CheckResult.CONTENTS_MATCHING
def _wait_tenant_deletion(self, name):
bucket_status = check_bucket_existence(self.minio_client, name)
namespace_status = check_namespace_availability(
self.k8s_client_api, name)
completed = (bucket_status == CheckResult.RESOURCE_DOES_NOT_EXIST and
namespace_status == CheckResult.RESOURCE_DOES_NOT_EXIST)
if bucket_status == CheckResult.ERROR or namespace_status == CheckResult.ERROR:
logging.error(
"Error occurred during bucket or namespace status check")
return OperationStatus.TERMINATED
if completed:
return OperationStatus.SUCCESS
raise Exception
def test_not_create_tenant_improper_body(wrong_body, expected_error,
expected_message, minio_client,
api_instance):
data = json.dumps(wrong_body)
url = TENANTS_MANAGEMENT_API_URL
response = requests.post(url, data=data, headers=ADMIN_HEADERS)
assert expected_message in response.text
assert expected_error == response.status_code
if 'name' in wrong_body and wrong_body['name']:
assert check_bucket_existence(minio_client, bucket=wrong_body['name']) == \
CheckResult.RESOURCE_DOES_NOT_EXIST
assert check_namespace_availability(
api_instance, namespace=wrong_body['name']
) == CheckResult.RESOURCE_DOES_NOT_EXIST
def test_not_create_tenant_wrong_quota(quota_wrong_values, expected_error,
minio_client, api_instance):
data = json.dumps({
'name': TENANT_NAME,
'cert': CERT,
'scope': SCOPE_NAME,
'quota': quota_wrong_values,
})
url = TENANTS_MANAGEMENT_API_URL
response = requests.post(url, data=data, headers=ADMIN_HEADERS)
assert expected_error.format(QUOTA_REGEX) in response.text
assert response.status_code == 400
assert check_bucket_existence(
minio_client,
bucket=TENANT_NAME) == CheckResult.RESOURCE_DOES_NOT_EXIST
assert check_namespace_availability(api_instance, namespace=TENANT_NAME) == CheckResult. \
RESOURCE_DOES_NOT_EXIST
def test_not_create_tenant_already_exists(session_tenant, minio_client,
api_instance):
name, _ = session_tenant
data = {
'name': name,
'cert': CERT,
'scope': SCOPE_NAME,
'quota': QUOTA,
}
url = TENANTS_MANAGEMENT_API_URL
data['quota']['limits.cpu'] = '3'
response = requests.post(url, data=json.dumps(data), headers=ADMIN_HEADERS)
data['quota'].pop('maxEndpoints')
assert response.status_code == 409
assert check_namespace_availability(
api_instance, namespace=name) == CheckResult.RESOURCE_AVAILABLE
assert check_bucket_existence(
minio_client, bucket=name) == CheckResult.RESOURCE_AVAILABLE
assert check_resource_quota_matching_provided(
api_instance, name,
provided_quota=data['quota']) == CheckResult.CONTENTS_MISMATCHING
