From 6b64ede909dd6f3e78c201a157cb6fb85d8a59b7 Mon Sep 17 00:00:00 2001 From: Ashutosh Baral Date: Mon, 8 Dec 2025 12:41:08 +0545 Subject: [PATCH 1/6] test(e2e): Update UserConfig namespace formatting Fix namespace formatting for UserConfig resource. --- test/e2e/e2e_test.go | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/test/e2e/e2e_test.go b/test/e2e/e2e_test.go index 36ab2d8..86abdb8 100644 --- a/test/e2e/e2e_test.go +++ b/test/e2e/e2e_test.go @@ -383,7 +383,7 @@ var _ = Describe("Manager", Ordered, func() { err := k8sClient.Create(context.Background(), testUserConfig) Expect(err).NotTo(HaveOccurred(), "Failed to create UserConfig resource via API") - userConfigNamespace := fmt.Sprintf("%s-namespace", testUserConfig.Name) + userConfigNamespace := fmt.Sprintf(testUserConfig.Name) By("Verifying the UserConfig resource is created") Eventually(func(g Gomega) { From 850da3b0abd3c956096987526528548296d3b1d2 Mon Sep 17 00:00:00 2001 From: Ashutosh-Baral Date: Tue, 23 Dec 2025 17:41:51 +0545 Subject: [PATCH 2/6] fix: dynamic name injection for checking in e2e test --- api/v1alpha1/zz_generated.deepcopy.go | 2 +- config/crd/bases/myoperator.01cloud.io_userconfigs.yaml | 1 + config/rbac/role.yaml | 7 +++++++ test/e2e/e2e_test.go | 8 ++++---- 4 files changed, 13 insertions(+), 5 deletions(-) diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 4bd1080..39a1736 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -21,7 +21,7 @@ limitations under the License. package v1alpha1 import ( - v1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) diff --git a/config/crd/bases/myoperator.01cloud.io_userconfigs.yaml b/config/crd/bases/myoperator.01cloud.io_userconfigs.yaml index 9d64e47..54a145a 100644 --- a/config/crd/bases/myoperator.01cloud.io_userconfigs.yaml +++ b/config/crd/bases/myoperator.01cloud.io_userconfigs.yaml @@ -311,6 +311,7 @@ spec: - logs - scaledeployment - scalereplicaset + - persistentvolume type: string required: - operation diff --git a/config/rbac/role.yaml b/config/rbac/role.yaml index 962b43a..44e9a61 100644 --- a/config/rbac/role.yaml +++ b/config/rbac/role.yaml @@ -7,9 +7,16 @@ rules: - apiGroups: - "" resources: + - configmap - configmaps + verbs: + - '*' +- apiGroups: + - "" + resources: - limitranges - namespaces + - persistentvolumeclaim - persistentvolumeclaims - persistentvolumes - pods diff --git a/test/e2e/e2e_test.go b/test/e2e/e2e_test.go index 86abdb8..2ef7bc2 100644 --- a/test/e2e/e2e_test.go +++ b/test/e2e/e2e_test.go @@ -388,7 +388,7 @@ var _ = Describe("Manager", Ordered, func() { By("Verifying the UserConfig resource is created") Eventually(func(g Gomega) { createdUserConfig := &myoperatorv1alpha1.UserConfig{} - err := k8sClient.Get(context.Background(), client.ObjectKey{Name: "test-user"}, createdUserConfig) + err := k8sClient.Get(context.Background(), client.ObjectKey{Name: testUserConfig.Name}, createdUserConfig) g.Expect(err).NotTo(HaveOccurred(), "Failed to get UserConfig resource") g.Expect(createdUserConfig.Spec.Identity.Username).To(Equal("testuser")) }, 60*time.Second, time.Second).Should(Succeed()) @@ -396,7 +396,7 @@ var _ = Describe("Manager", Ordered, func() { By("Verifying the UserConfig status is updated") Eventually(func(g Gomega) { updatedUserConfig := &myoperatorv1alpha1.UserConfig{} - err := k8sClient.Get(context.Background(), client.ObjectKey{Name: "test-user"}, updatedUserConfig) + err := k8sClient.Get(context.Background(), client.ObjectKey{Name: testUserConfig.Name}, updatedUserConfig) g.Expect(err).NotTo(HaveOccurred(), "Failed to get UserConfig status") g.Expect(updatedUserConfig.Status.Conditions).To(HaveLen(2), "Status conditions should be present") g.Expect(updatedUserConfig.Status.Conditions[0].Status).To(Equal(metav1.ConditionTrue), "UserConfig status should be True") @@ -405,7 +405,7 @@ var _ = Describe("Manager", Ordered, func() { By("Verifying the UserConfig resource is reconciled") Eventually(func(g Gomega) { updatedUserConfig := &myoperatorv1alpha1.UserConfig{} - err := k8sClient.Get(context.Background(), client.ObjectKey{Name: "test-user"}, updatedUserConfig) + err := k8sClient.Get(context.Background(), client.ObjectKey{Name: testUserConfig.Name}, updatedUserConfig) g.Expect(err).NotTo(HaveOccurred(), "Failed to get UserConfig condition") g.Expect(updatedUserConfig.Status.Conditions).To(ContainElement(MatchFields(IgnoreExtras, Fields{ "Type": Equal("Ready"), @@ -424,7 +424,7 @@ var _ = Describe("Manager", Ordered, func() { By("Verifying the ResourceQuota is created") Eventually(func(g Gomega) { resourceQuota := &corev1.ResourceQuota{} - err := k8sClient.Get(context.Background(), client.ObjectKey{Namespace: userConfigNamespace, Name: "default-resource-quota"}, resourceQuota) + err := k8sClient.Get(context.Background(), client.ObjectKey{Namespace: userConfigNamespace, Name: testUserConfig.Name}, resourceQuota) g.Expect(err).NotTo(HaveOccurred(), "Failed to get ResourceQuota") g.Expect(resourceQuota.Spec.Hard).To(HaveKeyWithValue(corev1.ResourceName("pods"), EqualQuantity("5"))) g.Expect(resourceQuota.Spec.Hard).To(HaveKeyWithValue(corev1.ResourceName("cpu"), EqualQuantity("1"))) From dacf185f6b0b37f2ea7775413b5acf5bab0191cb Mon Sep 17 00:00:00 2001 From: Ashutosh-Baral Date: Tue, 23 Dec 2025 18:01:43 +0545 Subject: [PATCH 3/6] fix: fixed the resulting name in test file according to the operator's result --- test/e2e/e2e_test.go | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/test/e2e/e2e_test.go b/test/e2e/e2e_test.go index 2ef7bc2..24b9394 100644 --- a/test/e2e/e2e_test.go +++ b/test/e2e/e2e_test.go @@ -23,6 +23,7 @@ import ( "os" "os/exec" "path/filepath" + // "testing" "time" . "github.com/onsi/ginkgo/v2" @@ -433,7 +434,7 @@ var _ = Describe("Manager", Ordered, func() { By("Verifying the LimitRange is created") Eventually(func(g Gomega) { limitRange := &corev1.LimitRange{} - err := k8sClient.Get(context.Background(), client.ObjectKey{Namespace: userConfigNamespace, Name: "test-user-limit-range"}, limitRange) + err := k8sClient.Get(context.Background(), client.ObjectKey{Namespace: userConfigNamespace, Name: testUserConfig.Name}, limitRange) g.Expect(err).NotTo(HaveOccurred(), "Failed to get LimitRange") g.Expect(limitRange.Spec.Limits).To(HaveLen(1)) limit := limitRange.Spec.Limits[0] @@ -451,7 +452,7 @@ var _ = Describe("Manager", Ordered, func() { By("Verifying the Role is created") Eventually(func(g Gomega) { role := &rbacv1.Role{} - err := k8sClient.Get(context.Background(), client.ObjectKey{Namespace: userConfigNamespace, Name: "test-user-role"}, role) + err := k8sClient.Get(context.Background(), client.ObjectKey{Namespace: userConfigNamespace, Name: testUserConfig.Name}, role) g.Expect(err).NotTo(HaveOccurred(), "Failed to get Role") g.Expect(role.Rules).To(ContainElement(MatchFields(IgnoreExtras, Fields{ "Resources": ContainElement("pods"), @@ -462,7 +463,7 @@ var _ = Describe("Manager", Ordered, func() { By("Verifying the ServiceAccount is created") Eventually(func(g Gomega) { sa := &corev1.ServiceAccount{} - err := k8sClient.Get(context.Background(), client.ObjectKey{Namespace: userConfigNamespace, Name: "test-user-serviceaccount"}, sa) + err := k8sClient.Get(context.Background(), client.ObjectKey{Namespace: userConfigNamespace, Name: testUserConfig.Name}, sa) g.Expect(err).NotTo(HaveOccurred(), "Failed to get ServiceAccount") g.Expect(sa.Labels).To(HaveKeyWithValue("app.kubernetes.io/managed-by", "userconfig-operator")) }, 30*time.Second, time.Second).Should(Succeed()) @@ -470,22 +471,22 @@ var _ = Describe("Manager", Ordered, func() { By("Verifying the RoleBinding is created") Eventually(func(g Gomega) { roleBinding := &rbacv1.RoleBinding{} - err := k8sClient.Get(context.Background(), client.ObjectKey{Namespace: userConfigNamespace, Name: "test-user-rolebinding"}, roleBinding) + err := k8sClient.Get(context.Background(), client.ObjectKey{Namespace: userConfigNamespace, Name: testUserConfig.Name}, roleBinding) g.Expect(err).NotTo(HaveOccurred(), "Failed to get RoleBinding") g.Expect(roleBinding.Subjects).To(ContainElements( MatchFields(IgnoreExtras, Fields{ "Kind": Equal("User"), - "Name": Equal("test-user"), + "Name": Equal(testUserConfig.Name), }), MatchFields(IgnoreExtras, Fields{ "Kind": Equal("ServiceAccount"), - "Name": Equal("test-user-serviceaccount"), + "Name": Equal(testUserConfig.Name), "Namespace": Equal(userConfigNamespace), }), )) g.Expect(roleBinding.RoleRef).To(MatchFields(IgnoreExtras, Fields{ "Kind": Equal("Role"), - "Name": Equal("test-user-role"), + "Name": Equal(testUserConfig.Name), "APIGroup": Equal("rbac.authorization.k8s.io"), })) }, 30*time.Second, time.Second).Should(Succeed()) @@ -493,7 +494,7 @@ var _ = Describe("Manager", Ordered, func() { By("Verifying the NetworkPolicy is created") Eventually(func(g Gomega) { netpol := &networkingv1.NetworkPolicy{} - err := k8sClient.Get(context.Background(), client.ObjectKey{Namespace: userConfigNamespace, Name: "test-user-network-policy"}, netpol) + err := k8sClient.Get(context.Background(), client.ObjectKey{Namespace: userConfigNamespace, Name: testUserConfig.Name}, netpol) g.Expect(err).NotTo(HaveOccurred(), "Failed to get NetworkPolicy") g.Expect(netpol.Spec.PolicyTypes).To(ContainElements(networkingv1.PolicyTypeIngress, networkingv1.PolicyTypeEgress)) g.Expect(netpol.Spec.Ingress).To(BeEmpty(), "Default NetworkPolicy should deny all ingress") @@ -527,7 +528,7 @@ var _ = Describe("Manager", Ordered, func() { By("Verifying the resourcequota is updated or not") Eventually(func(g Gomega) { resourceQuota := &corev1.ResourceQuota{} - err := k8sClient.Get(context.Background(), client.ObjectKey{Namespace: userConfigNamespace, Name: "default-resource-quota"}, resourceQuota) + err := k8sClient.Get(context.Background(), client.ObjectKey{Namespace: userConfigNamespace, Name: testUserConfig.Name}, resourceQuota) g.Expect(err).NotTo(HaveOccurred(), "Failed to get updated ResourceQuota") g.Expect(resourceQuota.Spec.Hard).To(HaveKeyWithValue(corev1.ResourceName("pods"), EqualQuantity("10"))) // Updated value g.Expect(resourceQuota.Spec.Hard).To(HaveKeyWithValue(corev1.ResourceName("cpu"), EqualQuantity("2"))) // Updated value @@ -548,7 +549,7 @@ var _ = Describe("Manager", Ordered, func() { By("Verifying the LimitRange is updated or not") Eventually(func(g Gomega) { limitRange := &corev1.LimitRange{} - err := k8sClient.Get(context.Background(), client.ObjectKey{Namespace: userConfigNamespace, Name: "test-user-limit-range"}, limitRange) + err := k8sClient.Get(context.Background(), client.ObjectKey{Namespace: userConfigNamespace, Name: testUserConfig.Name}, limitRange) g.Expect(err).NotTo(HaveOccurred(), "Failed to get updated LimitRange") g.Expect(limitRange.Spec.Limits).To(HaveLen(1)) limit := limitRange.Spec.Limits[0] @@ -577,7 +578,7 @@ var _ = Describe("Manager", Ordered, func() { By("Verifying the Role is updated or not") Eventually(func(g Gomega) { role := &rbacv1.Role{} - err := k8sClient.Get(context.Background(), client.ObjectKey{Namespace: userConfigNamespace, Name: "test-user-role"}, role) + err := k8sClient.Get(context.Background(), client.ObjectKey{Namespace: userConfigNamespace, Name: testUserConfig.Name}, role) g.Expect(err).NotTo(HaveOccurred(), "Failed to get updated Role") g.Expect(role.Rules).To(ContainElement(MatchFields(IgnoreExtras, Fields{ "Resources": ContainElement("deployments"), // Updated resource From 1fbbda563ca065b8b3bd7cccc1e49d7865bafd2e Mon Sep 17 00:00:00 2001 From: Ashutosh-Baral Date: Tue, 23 Dec 2025 18:13:44 +0545 Subject: [PATCH 4/6] fix: fixed lint issue --- internal/controller/suite_test.go | 14 ++++++++------ internal/controller/userconfig_controller_test.go | 1 - internal/usecase/namespace.go | 3 ++- internal/usecase/resource_quota.go | 3 ++- internal/usecase/sealed_secrets.go | 3 ++- internal/usecase/usecase.go | 3 ++- test/e2e/e2e_test.go | 2 -- test/utils/utils.go | 2 +- 8 files changed, 17 insertions(+), 14 deletions(-) diff --git a/internal/controller/suite_test.go b/internal/controller/suite_test.go index c902ab0..2787433 100644 --- a/internal/controller/suite_test.go +++ b/internal/controller/suite_test.go @@ -26,12 +26,14 @@ import ( // These tests use Ginkgo (BDD-style Go testing framework). Refer to // http://onsi.github.io/ginkgo/ to learn more about Ginkgo. -var cfg *rest.Config -var k8sClient client.Client -var k8sManager ctrl.Manager -var testEnv *envtest.Environment -var ctx context.Context -var cancel context.CancelFunc +var ( + cfg *rest.Config + k8sClient client.Client + k8sManager ctrl.Manager + testEnv *envtest.Environment + ctx context.Context + cancel context.CancelFunc +) func TestControllers(t *testing.T) { RegisterFailHandler(Fail) diff --git a/internal/controller/userconfig_controller_test.go b/internal/controller/userconfig_controller_test.go index 029946c..1a6f11c 100644 --- a/internal/controller/userconfig_controller_test.go +++ b/internal/controller/userconfig_controller_test.go @@ -177,6 +177,5 @@ var _ = Describe("UserConfig Controller", func() { GinkgoWriter.Printf("Sealed Secret Created, %v\n", secret) Expect(err).NotTo(HaveOccurred()) }) - }) }) diff --git a/internal/usecase/namespace.go b/internal/usecase/namespace.go index 53b5317..9707873 100644 --- a/internal/usecase/namespace.go +++ b/internal/usecase/namespace.go @@ -1,10 +1,11 @@ package usecase import ( - myoperatorv1alpha1 "01cloud/zoperator/api/v1alpha1" "context" "fmt" + myoperatorv1alpha1 "01cloud/zoperator/api/v1alpha1" + corev1 "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" diff --git a/internal/usecase/resource_quota.go b/internal/usecase/resource_quota.go index b963a1b..3e36d66 100644 --- a/internal/usecase/resource_quota.go +++ b/internal/usecase/resource_quota.go @@ -1,11 +1,12 @@ package usecase import ( - myoperatorv1alpha1 "01cloud/zoperator/api/v1alpha1" "context" "fmt" "reflect" + myoperatorv1alpha1 "01cloud/zoperator/api/v1alpha1" + corev1 "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" "k8s.io/apimachinery/pkg/api/resource" diff --git a/internal/usecase/sealed_secrets.go b/internal/usecase/sealed_secrets.go index e60f09a..6c18aa5 100644 --- a/internal/usecase/sealed_secrets.go +++ b/internal/usecase/sealed_secrets.go @@ -1,10 +1,11 @@ package usecase import ( - myoperatorv1alpha1 "01cloud/zoperator/api/v1alpha1" "context" "fmt" + myoperatorv1alpha1 "01cloud/zoperator/api/v1alpha1" + sealedsecretsv1alpha1 "github.com/bitnami-labs/sealed-secrets/pkg/apis/sealedsecrets/v1alpha1" corev1 "k8s.io/api/core/v1" apierrors "k8s.io/apimachinery/pkg/api/errors" diff --git a/internal/usecase/usecase.go b/internal/usecase/usecase.go index fd657dd..6292f51 100644 --- a/internal/usecase/usecase.go +++ b/internal/usecase/usecase.go @@ -1,9 +1,10 @@ package usecase import ( - myoperatorv1alpha1 "01cloud/zoperator/api/v1alpha1" "context" + myoperatorv1alpha1 "01cloud/zoperator/api/v1alpha1" + "k8s.io/apimachinery/pkg/runtime" ctrl "sigs.k8s.io/controller-runtime" "sigs.k8s.io/controller-runtime/pkg/client" diff --git a/test/e2e/e2e_test.go b/test/e2e/e2e_test.go index 24b9394..e27e8aa 100644 --- a/test/e2e/e2e_test.go +++ b/test/e2e/e2e_test.go @@ -151,7 +151,6 @@ var _ = Describe("Manager", Ordered, func() { // Register networkingv1 (for NetworkPolicy) err = networkingv1.AddToScheme(s) Expect(err).NotTo(HaveOccurred(), "Failed to register networkingv1 scheme") - }) // After all tests have been executed, clean up by undeploying the controller, uninstalling CRDs, @@ -594,7 +593,6 @@ var _ = Describe("Manager", Ordered, func() { "Resources": ContainElement("pods"), // Updated resource "Verbs": Not(ContainElements("create")), }))) - }, 30*time.Second, time.Second).Should(Succeed()) }) }) diff --git a/test/utils/utils.go b/test/utils/utils.go index 9fa89af..abefd76 100644 --- a/test/utils/utils.go +++ b/test/utils/utils.go @@ -247,5 +247,5 @@ func UncommentCode(filename, target, prefix string) error { } // false positive // nolint:gosec - return os.WriteFile(filename, out.Bytes(), 0644) + return os.WriteFile(filename, out.Bytes(), 0o644) } From 4b56c55651a03b07d67f8fe09228a8a686481d48 Mon Sep 17 00:00:00 2001 From: Ashutosh-Baral Date: Tue, 23 Dec 2025 18:16:02 +0545 Subject: [PATCH 5/6] fix: fixed lint issue --- api/v1alpha1/zz_generated.deepcopy.go | 2 +- test/e2e/e2e_test.go | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/api/v1alpha1/zz_generated.deepcopy.go b/api/v1alpha1/zz_generated.deepcopy.go index 39a1736..4bd1080 100644 --- a/api/v1alpha1/zz_generated.deepcopy.go +++ b/api/v1alpha1/zz_generated.deepcopy.go @@ -21,7 +21,7 @@ limitations under the License. package v1alpha1 import ( - "k8s.io/apimachinery/pkg/apis/meta/v1" + v1 "k8s.io/apimachinery/pkg/apis/meta/v1" runtime "k8s.io/apimachinery/pkg/runtime" ) diff --git a/test/e2e/e2e_test.go b/test/e2e/e2e_test.go index e27e8aa..4488144 100644 --- a/test/e2e/e2e_test.go +++ b/test/e2e/e2e_test.go @@ -23,6 +23,7 @@ import ( "os" "os/exec" "path/filepath" + // "testing" "time" From 32143c6de10c2b606a0a6bfb2d9be99e4ab62887 Mon Sep 17 00:00:00 2001 From: Ashutosh-Baral Date: Wed, 24 Dec 2025 10:20:00 +0545 Subject: [PATCH 6/6] fix: file write permission typo has been fixed --- test/e2e/e2e_test.go | 2 +- test/utils/utils.go | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/test/e2e/e2e_test.go b/test/e2e/e2e_test.go index 4488144..8e8024b 100644 --- a/test/e2e/e2e_test.go +++ b/test/e2e/e2e_test.go @@ -613,7 +613,7 @@ func serviceAccountToken() (string, error) { secretName := fmt.Sprintf("%s-token-request", serviceAccountName) tokenRequestFile := filepath.Join("/tmp", secretName) - err := os.WriteFile(tokenRequestFile, []byte(tokenRequestRawString), os.FileMode(0o644)) + err := os.WriteFile(tokenRequestFile, []byte(tokenRequestRawString), os.FileMode(0644)) if err != nil { return "", err } diff --git a/test/utils/utils.go b/test/utils/utils.go index abefd76..9fa89af 100644 --- a/test/utils/utils.go +++ b/test/utils/utils.go @@ -247,5 +247,5 @@ func UncommentCode(filename, target, prefix string) error { } // false positive // nolint:gosec - return os.WriteFile(filename, out.Bytes(), 0o644) + return os.WriteFile(filename, out.Bytes(), 0644) }