Skip to content

ROX-33246: add more assertions to compliance test #19393

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
stehessel wants to merge 1 commit into
base: master
Choose a base branch
from
Open

ROX-33246: add more assertions to compliance test #19393

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
34 changes: 24 additions & 10 deletions tests/compliance_operator_v2_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -125,14 +125,28 @@ func waitForComplianceSuiteToComplete(t *testing.T, client dynclient.Client, sui
callCtx, callCancel := context.WithTimeout(ctx, interval)
defer callCancel()

var suite complianceoperatorv1.ComplianceSuite
// Assert that ScanSetting and ScanSettingBinding have been created.
var scanSetting complianceoperatorv1.ScanSetting
err := client.Get(callCtx,
types.NamespacedName{Name: suiteName, Namespace: "openshift-compliance"},
&suite,
types.NamespacedName{Name: suiteName, Namespace: coNamespaceV2},
&scanSetting,
)
assert.NoErrorf(c, err, "failed to get ScanSetting %s", suiteName)

var scanSettingBinding complianceoperatorv1.ScanSettingBinding
err = client.Get(callCtx,
types.NamespacedName{Name: suiteName, Namespace: coNamespaceV2},
&scanSettingBinding,
)
require.NoError(c, err, "failed to get ComplianceSuite %s", suiteName)
assert.NoErrorf(c, err, "failed to get ScanSettingBinding %s", suiteName)

require.Equal(c, complianceoperatorv1.PhaseDone, suite.Status.Phase,
var suite complianceoperatorv1.ComplianceSuite
err = client.Get(callCtx,
types.NamespacedName{Name: suiteName, Namespace: coNamespaceV2},
&suite,
)
assert.NoErrorf(c, err, "failed to get ComplianceSuite %s", suiteName)
require.Equalf(c, complianceoperatorv1.PhaseDone, suite.Status.Phase,
"ComplianceSuite %s not DONE (current phase is %q)", suiteName, suite.Status.Phase)
}, timeout, interval)
t.Logf("ComplianceSuite %s has reached DONE phase", suiteName)
Expand Down Expand Up @@ -177,7 +191,7 @@ func assertResourceDoesNotExist[T any, PT interface {
func assertScanSetting(ctx context.Context, t testutils.T, client dynclient.Client, name, namespace string, scanConfig *v2.ComplianceScanConfiguration) {
scanSetting := &complianceoperatorv1.ScanSetting{}
err := client.Get(ctx, types.NamespacedName{Name: name, Namespace: namespace}, scanSetting)
require.NoError(t, err, "ScanSetting %s/%s does not exist", namespace, name)
require.NoErrorf(t, err, "ScanSetting %s/%s does not exist", namespace, name)

cron, err := schedule.ConvertToCronTab(service.ConvertV2ScheduleToProto(scanConfig.GetScanConfig().GetScanSchedule()))
require.NoError(t, err)
Expand All @@ -192,7 +206,7 @@ func assertScanSetting(ctx context.Context, t testutils.T, client dynclient.Clie
func assertScanSettingBinding(ctx context.Context, t testutils.T, client dynclient.Client, name, namespace string, scanConfig *v2.ComplianceScanConfiguration) {
scanSettingBinding := &complianceoperatorv1.ScanSettingBinding{}
err := client.Get(ctx, types.NamespacedName{Name: name, Namespace: namespace}, scanSettingBinding)
require.NoError(t, err, "ScanSettingBinding %s/%s does not exist", namespace, name)
require.NoErrorf(t, err, "ScanSettingBinding %s/%s does not exist", namespace, name)

assert.Equal(t, scanConfig.GetScanName(), scanSettingBinding.GetName())
for _, profile := range scanSettingBinding.Profiles {
Expand Down Expand Up @@ -698,7 +712,7 @@ func TestComplianceV2ComplianceObjectMetadata(t *testing.T) {
types.NamespacedName{Name: testName, Namespace: "openshift-compliance"},
&scanSetting,
)
require.NoError(c, err, "failed to get ScanSetting %s", testName)
require.NoErrorf(c, err, "failed to get ScanSetting %s", testName)
}, defaultTimeout, defaultInterval)

assert.Contains(t, scanSetting.Labels, "app.kubernetes.io/name")
Expand All @@ -708,7 +722,7 @@ func TestComplianceV2ComplianceObjectMetadata(t *testing.T) {

var scanSettingBinding complianceoperatorv1.ScanSetting
err = dynClient.Get(context.TODO(), types.NamespacedName{Name: testName, Namespace: "openshift-compliance"}, &scanSettingBinding)
require.NoError(t, err, "failed to get ScanSettingBinding %s", testName)
require.NoErrorf(t, err, "failed to get ScanSettingBinding %s", testName)
assert.Contains(t, scanSettingBinding.Labels, "app.kubernetes.io/name")
assert.Equal(t, scanSettingBinding.Labels["app.kubernetes.io/name"], "stackrox")
assert.Contains(t, scanSettingBinding.Annotations, "owner")
Expand Down Expand Up @@ -768,7 +782,7 @@ func TestComplianceV2ScheduleRescan(t *testing.T) {

// Invoke a rescan
_, err = client.RunComplianceScanConfiguration(context.TODO(), &v2.ResourceByID{Id: scanConfig.GetId()})
require.NoError(t, err, "failed to rerun scan schedule %s", scanConfigName)
require.NoErrorf(t, err, "failed to rerun scan schedule %s", scanConfigName)

// Assert the scan is rerunning on the cluster using the Compliance Operator CRDs
waitForComplianceSuiteToComplete(t, dynClient, scanConfig.GetScanName(), waitForDoneInterval, waitForDoneTimeout)
Expand Down
Loading