mirror of
https://github.com/projectcapsule/capsule.git
synced 2026-02-14 18:09:58 +00:00
c7237f802b
* feat: functional appsets * feat(api): add resourcepools api Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: fix gomod Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: correct webhooks Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: fix harpoon image Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: improve e2e Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: add labels to e2e test Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: fix status handling Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: fix racing conditions Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: make values compatible Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: fix custom resources test Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> * chore: correct metrics Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com> --------- Signed-off-by: Oliver Bähler <oliverbaehler@hotmail.com>
104 lines
2.7 KiB
Go
104 lines
2.7 KiB
Go
// Copyright 2020-2023 Project Capsule Authors.
|
|
// SPDX-License-Identifier: Apache-2.0
|
|
|
|
package e2e
|
|
|
|
import (
|
|
"context"
|
|
|
|
. "github.com/onsi/ginkgo/v2"
|
|
. "github.com/onsi/gomega"
|
|
metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
|
|
|
|
capsulev1beta2 "github.com/projectcapsule/capsule/api/v1beta2"
|
|
"github.com/projectcapsule/capsule/pkg/api"
|
|
)
|
|
|
|
var _ = Describe("creating a tenant with various forbidden regexes", Label("tenant"), func() {
|
|
//errorRegexes := []string{
|
|
// "(.*gitops|.*nsm).[k8s.io/((?!(resource)).*|trusted)](http://k8s.io/((?!(resource)).*%7Ctrusted))",
|
|
//}
|
|
//
|
|
//for _, annotationValue := range errorRegexes {
|
|
// It("should fail using a non-valid the regex on the annotation", func() {
|
|
// tnt := &capsulev1beta2.Tenant{
|
|
// ObjectMeta: metav1.ObjectMeta{
|
|
// Name: "namespace",
|
|
// },
|
|
// Spec: capsulev1beta2.TenantSpec{
|
|
// Owners: capsulev1beta2.OwnerListSpec{
|
|
// {
|
|
// Name: "alice",
|
|
// Kind: "User",
|
|
// },
|
|
// },
|
|
// },
|
|
// }
|
|
//
|
|
// EventuallyCreation(func() error {
|
|
// tnt.Spec.NamespaceOptions = &capsulev1beta2.NamespaceOptions{
|
|
// ForbiddenLabels: api.ForbiddenListSpec{
|
|
// Regex: annotationValue,
|
|
// },
|
|
// }
|
|
// return k8sClient.Create(context.TODO(), tnt)
|
|
// }).ShouldNot(Succeed())
|
|
//
|
|
// EventuallyCreation(func() error {
|
|
// tnt.Spec.NamespaceOptions = &capsulev1beta2.NamespaceOptions{
|
|
// ForbiddenAnnotations: api.ForbiddenListSpec{
|
|
// Regex: annotationValue,
|
|
// },
|
|
// }
|
|
// return k8sClient.Create(context.TODO(), tnt)
|
|
// }).ShouldNot(Succeed())
|
|
// })
|
|
//}
|
|
|
|
successRegexes := []string{
|
|
"",
|
|
"(.*gitops|.*nsm)",
|
|
}
|
|
for _, annotationValue := range successRegexes {
|
|
It("should succeed using a valid regex on the annotation", func() {
|
|
tnt := &capsulev1beta2.Tenant{
|
|
ObjectMeta: metav1.ObjectMeta{
|
|
Name: "namespace",
|
|
},
|
|
Spec: capsulev1beta2.TenantSpec{
|
|
Owners: capsulev1beta2.OwnerListSpec{
|
|
{
|
|
Name: "alice",
|
|
Kind: "User",
|
|
},
|
|
},
|
|
},
|
|
}
|
|
|
|
EventuallyCreation(func() error {
|
|
tnt.SetResourceVersion("")
|
|
|
|
tnt.Spec.NamespaceOptions = &capsulev1beta2.NamespaceOptions{
|
|
ForbiddenLabels: api.ForbiddenListSpec{
|
|
Regex: annotationValue,
|
|
},
|
|
}
|
|
return k8sClient.Create(context.TODO(), tnt)
|
|
}).Should(Succeed())
|
|
Expect(k8sClient.Delete(context.TODO(), tnt)).Should(Succeed())
|
|
|
|
EventuallyCreation(func() error {
|
|
tnt.SetResourceVersion("")
|
|
|
|
tnt.Spec.NamespaceOptions = &capsulev1beta2.NamespaceOptions{
|
|
ForbiddenAnnotations: api.ForbiddenListSpec{
|
|
Regex: annotationValue,
|
|
},
|
|
}
|
|
return k8sClient.Create(context.TODO(), tnt)
|
|
}).Should(Succeed())
|
|
Expect(k8sClient.Delete(context.TODO(), tnt)).Should(Succeed())
|
|
})
|
|
}
|
|
})
|