Add python tests for cert-manager and external-dns

ciarams87 · ciarams87 · commit e4cfa01e38f2 · 2022-11-25T15:05:26.000Z
diff --git a/tests/suite/test_app_protect_watch_namespace_label.py b/tests/suite/test_app_protect_watch_namespace_label.py
@@ -123,7 +123,7 @@ def fin():
 
 
 @pytest.mark.skip_for_nginx_oss
-@pytest.mark.cs
+@pytest.mark.appprotect
 @pytest.mark.parametrize(
     "crd_ingress_controller_with_ap",
     [
diff --git a/tests/suite/test_virtual_server_certmanager.py b/tests/suite/test_virtual_server_certmanager.py
@@ -1,7 +1,12 @@
 import pytest
 from settings import TEST_DATA
 from suite.utils.custom_assertions import wait_and_assert_status_code
-from suite.utils.resources_utils import create_secret_from_yaml, is_secret_present, wait_before_test
+from suite.utils.resources_utils import (
+    create_secret_from_yaml,
+    is_secret_present,
+    patch_namespace_with_label,
+    wait_before_test,
+)
 from suite.utils.vs_vsr_resources_utils import patch_virtual_server_from_yaml
 from suite.utils.yaml_utils import get_secret_name_from_vs_yaml
 
@@ -94,3 +99,53 @@ def test_virtual_server_no_cm(self, kube_apis, crd_ingress_controller, create_ce
         )
         wait_and_assert_status_code(200, virtual_server_setup.backend_1_url, virtual_server_setup.vs_host)
         wait_and_assert_status_code(200, virtual_server_setup.backend_2_url, virtual_server_setup.vs_host)
+
+
+@pytest.mark.vs
+@pytest.mark.smoke
+@pytest.mark.parametrize(
+    "crd_ingress_controller, create_certmanager, virtual_server_setup",
+    [
+        (
+            {
+                "type": "complete",
+                "extra_args": [
+                    f"-enable-custom-resources",
+                    f"-enable-cert-manager",
+                    f"-watch-namespace-label=app=watch",
+                ],
+            },
+            {"issuer_name": "self-signed"},
+            {"example": "virtual-server-certmanager", "app_type": "simple"},
+        )
+    ],
+    indirect=True,
+)
+class TestCertManagerVirtualServerWatchLabel:
+    def test_responses_after_setup(
+        self, kube_apis, crd_ingress_controller, create_certmanager, virtual_server_setup, test_namespace
+    ):
+        print("\nStep 1: Not watching namespace - verify secret does not exist")
+        secret_name = get_secret_name_from_vs_yaml(
+            f"{TEST_DATA}/virtual-server-certmanager/standard/virtual-server.yaml"
+        )
+        # add a wait to avoid a false negative
+        wait_before_test(10)
+        check = is_secret_present(kube_apis.v1, secret_name, virtual_server_setup.namespace)
+        assert check == False
+
+        print("\nStep 2: Add label to namespace - Verify secret exists now")
+        patch_namespace_with_label(kube_apis.v1, test_namespace, "watch", f"{TEST_DATA}/common/ns-patch.yaml")
+        wait_before_test()
+        secret_name = get_secret_name_from_vs_yaml(
+            f"{TEST_DATA}/virtual-server-certmanager/standard/virtual-server.yaml"
+        )
+        retry = 0
+        while (not is_secret_present(kube_apis.v1, secret_name, virtual_server_setup.namespace)) and retry <= 10:
+            wait_before_test(1)
+            retry += 1
+            print(f"Retrying {retry}")
+
+        print("\nStep 2: verify connectivity")
+        wait_and_assert_status_code(200, virtual_server_setup.backend_1_url, virtual_server_setup.vs_host)
+        wait_and_assert_status_code(200, virtual_server_setup.backend_2_url, virtual_server_setup.vs_host)
diff --git a/tests/suite/test_virtual_server_externaldns.py b/tests/suite/test_virtual_server_externaldns.py
@@ -2,7 +2,7 @@
 from settings import TEST_DATA
 from suite.utils.custom_assertions import assert_event
 from suite.utils.custom_resources_utils import is_dnsendpoint_present
-from suite.utils.resources_utils import get_events, wait_before_test
+from suite.utils.resources_utils import get_events, patch_namespace_with_label, wait_before_test
 from suite.utils.vs_vsr_resources_utils import patch_virtual_server_from_yaml
 from suite.utils.yaml_utils import get_name_from_yaml, get_namespace_from_yaml
 
@@ -65,3 +65,60 @@ def test_update_to_ed_in_vs(
         wait_before_test(5)
         events = get_events(kube_apis.v1, virtual_server_setup.namespace)
         assert_event(vs_event_update_text, events)
+
+
+@pytest.mark.vs
+@pytest.mark.smoke
+@pytest.mark.parametrize(
+    "crd_ingress_controller_with_ed, create_externaldns, virtual_server_setup",
+    [
+        (
+            {
+                "type": "complete",
+                "extra_args": [
+                    f"-enable-custom-resources",
+                    f"-enable-external-dns",
+                    f"-watch-namespace-label=app=watch",
+                ],
+            },
+            {},
+            {"example": "virtual-server-external-dns", "app_type": "simple"},
+        )
+    ],
+    indirect=True,
+)
+class TestExternalDNSVirtualServerWatchLabel:
+    def test_responses_after_setup(
+        self, kube_apis, crd_ingress_controller_with_ed, create_externaldns, virtual_server_setup, test_namespace
+    ):
+        dns_ep_name = get_name_from_yaml(VS_YAML)
+        print("\nStep 0: Verify DNSEndpoint is not created without watched label")
+        retry = 0
+        dep = is_dnsendpoint_present(kube_apis.custom_objects, dns_ep_name, virtual_server_setup.namespace)
+        # add a wait to avoid a false negative
+        wait_before_test(30)
+        dep = is_dnsendpoint_present(kube_apis.custom_objects, dns_ep_name, virtual_server_setup.namespace)
+        assert dep is False
+        print("\nStep 1: Verify DNSEndpoint exists after label is added to namespace")
+        patch_namespace_with_label(kube_apis.v1, test_namespace, "watch", f"{TEST_DATA}/common/ns-patch.yaml")
+        wait_before_test()
+        retry = 0
+        dep = is_dnsendpoint_present(kube_apis.custom_objects, dns_ep_name, virtual_server_setup.namespace)
+        while dep == False and retry <= 60:
+            dep = is_dnsendpoint_present(kube_apis.custom_objects, dns_ep_name, virtual_server_setup.namespace)
+            retry += 1
+            wait_before_test(1)
+            print(f"DNSEndpoint not created, retrying... #{retry}")
+        assert dep is True
+        print("\nStep 2: Verify external-dns picked up the record")
+        pod_ns = get_namespace_from_yaml(f"{TEST_DATA}/virtual-server-external-dns/external-dns.yaml")
+        pod_name = kube_apis.v1.list_namespaced_pod(pod_ns).items[0].metadata.name
+        log_contents = kube_apis.v1.read_namespaced_pod_log(pod_name, pod_ns)
+        wanted_string = "CREATE: virtual-server.example.com 0 IN A"
+        retry = 0
+        while wanted_string not in log_contents and retry <= 60:
+            log_contents = kube_apis.v1.read_namespaced_pod_log(pod_name, pod_ns)
+            retry += 1
+            wait_before_test(1)
+            print(f"External DNS not updated, retrying... #{retry}")
+        assert wanted_string in log_contents

Original file line number	Diff line number	Diff line change
`@@ -123,7 +123,7 @@ def fin():`
`123`	`123`
`124`	`124`
`125`	`125`	`@pytest.mark.skip_for_nginx_oss`
`126`		`-@pytest.mark.cs`
	`126`	`+@pytest.mark.appprotect`
`127`	`127`	`@pytest.mark.parametrize(`
`128`	`128`	`"crd_ingress_controller_with_ap",`
`129`	`129`	`[`