Skip to content

Commit

Permalink
fix fabric8io#4014: dropping support for older openshifts
Browse files Browse the repository at this point in the history
  • Loading branch information
@shawkins
shawkins committed Dec 21, 2022
1 parent cd86f2d commit ab0e886
Show file tree
Hide file tree
Showing 5 changed files with 15 additions and 397 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
View file
Expand Up @@ -15,6 +15,7 @@
#### _**Note**_: Breaking changes
* Fix #4574: fromServer has been deprecated - it no longer needs to be called. All get() operations will fetch the resource(s) from the api server. If you need the context item that was passed in from a resource, load, or resourceList methods, use the item or items method.
* Fix #4633: client.run().withRunConfig was deprecated. Use withNewRunConfig instead.
* Fix #4014: Support for Openshift 3.9 and 3.10 have been dropped because the RoleBinding logic no longer supports setting both the subjects and groups and the usernames and groupnames. You may still use a newer client against legacy versions if you take responsibility for setting the usernames and groupnames fields on your own.

### 6.3.1 (2022-12-15)

Expand Down
269 changes: 13 additions & 256 deletions ...tests/src/test/java/io/fabric8/openshift/client/server/mock/OpenshiftRoleBindingTest.java
View file
Expand Up @@ -16,24 +16,25 @@
package io.fabric8.openshift.client.server.mock;

import com.fasterxml.jackson.databind.ObjectMapper;
import io.fabric8.kubernetes.client.server.mock.EnableKubernetesMockClient;
import io.fabric8.kubernetes.client.server.mock.KubernetesMockServer;
import io.fabric8.openshift.api.model.RoleBinding;
import io.fabric8.openshift.api.model.RoleBindingBuilder;
import io.fabric8.openshift.client.OpenShiftClient;
import org.junit.jupiter.api.Test;

import static org.junit.jupiter.api.Assertions.assertEquals;

@EnableOpenShiftMockClient
@EnableKubernetesMockClient
class OpenshiftRoleBindingTest {

OpenShiftMockServer server;
KubernetesMockServer server;
OpenShiftClient client;

private RoleBinding expectedRoleBinding = new RoleBindingBuilder()
.withNewMetadata()
.withName("testrb")
.endMetadata()
.addToUserNames("testuser1", "testuser2", "system:serviceaccount:test:svcacct")
.addToGroupNames("testgroup")
.addNewSubject()
.withKind("User")
.withName("testuser1")
Expand All @@ -44,7 +45,6 @@ class OpenshiftRoleBindingTest {
.endSubject()
.addNewSubject()
.withKind("ServiceAccount")
.withNamespace("test")
.withName("svcacct")
.endSubject()
.addNewSubject()
Expand All @@ -62,9 +62,10 @@ void testCreateWithOnlySubjects() throws Exception {
.once();

RoleBinding response = client.roleBindings()
.create(
.resource(
new RoleBindingBuilder()
.withNewMetadata()
.withName("testrb")
.endMetadata()
.addNewSubject()
.withKind("User")
Expand All @@ -82,60 +83,14 @@ void testCreateWithOnlySubjects() throws Exception {
.withKind("Group")
.withName("testgroup")
.endSubject()
.build());
.build())
.create();
assertEquals(expectedRoleBinding, response);

assertEquals(expectedRoleBinding,
new ObjectMapper().readerFor(RoleBinding.class).readValue(server.getLastRequest().getBody().readByteArray()));
}

@Test
void testCreateWithUserNamesAndGroupsAndNoSubjects() throws Exception {
server.expect()
.post()
.withPath("/apis/authorization.openshift.io/v1/namespaces/test/rolebindings")
.andReturn(201, expectedRoleBinding)
.once();

RoleBinding response = client.roleBindings()
.create(
new RoleBindingBuilder()
.withNewMetadata()
.endMetadata()
.addToUserNames("testuser1", "testuser2", "system:serviceaccount:test:svcacct")
.addToGroupNames("testgroup")
.build());
assertEquals(expectedRoleBinding, response);
assertEquals(expectedRoleBinding,
new ObjectMapper().readerFor(RoleBinding.class).readValue(server.getLastRequest().getBody().inputStream()));
}

@Test
void testCreateWithUserNamesAndGroupsAndOverwriteSubjects() throws Exception {
server.expect()
.post()
.withPath("/apis/authorization.openshift.io/v1/namespaces/test/rolebindings")
.andReturn(201, expectedRoleBinding)
.once();

RoleBinding response = client.roleBindings()
.create(
new RoleBindingBuilder()
.withNewMetadata()
.endMetadata()
.addToUserNames("testuser1", "testuser2", "system:serviceaccount:test:svcacct")
.addToGroupNames("testgroup")
.addNewSubject()
.withKind("User")
.withName("unexpected")
.endSubject()
.build());
assertEquals(expectedRoleBinding, response);

assertEquals(expectedRoleBinding,
new ObjectMapper().readerFor(RoleBinding.class).readValue(server.getLastRequest().getBody().inputStream()));
}

@Test
void testReplaceWithOnlySubjects() throws Exception {
server.expect()
Expand All @@ -150,10 +105,10 @@ void testReplaceWithOnlySubjects() throws Exception {
.once();

RoleBinding response = client.roleBindings()
.withName("testrb")
.replace(
.resource(
new RoleBindingBuilder()
.withNewMetadata()
.withName("testrb")
.endMetadata()
.addNewSubject()
.withKind("User")
Expand All @@ -171,210 +126,12 @@ void testReplaceWithOnlySubjects() throws Exception {
.withKind("Group")
.withName("testgroup")
.endSubject()
.build());
.build())
.replace();
assertEquals(expectedRoleBinding, response);

assertEquals(expectedRoleBinding,
new ObjectMapper().readerFor(RoleBinding.class).readValue(server.getLastRequest().getBody().inputStream()));
}

@Test
void testReplaceWithUserNamesAndGroupsAndNoSubjects() throws Exception {
server.expect()
.get()
.withPath("/apis/authorization.openshift.io/v1/namespaces/test/rolebindings/testrb")
.andReturn(200, expectedRoleBinding)
.once();
server.expect()
.put()
.withPath("/apis/authorization.openshift.io/v1/namespaces/test/rolebindings/testrb")
.andReturn(200, expectedRoleBinding)
.once();

RoleBinding response = client.roleBindings()
.withName("testrb")
.replace(
new RoleBindingBuilder()
.withNewMetadata()
.endMetadata()
.addToUserNames("testuser1", "testuser2", "system:serviceaccount:test:svcacct")
.addToGroupNames("testgroup")
.build());
assertEquals(expectedRoleBinding, response);

assertEquals(expectedRoleBinding,
new ObjectMapper().readerFor(RoleBinding.class).readValue(server.getLastRequest().getBody().inputStream()));
}

@Test
void testReplaceWithUserNamesAndGroupsAndOverwriteSubjects() throws Exception {
server.expect()
.get()
.withPath("/apis/authorization.openshift.io/v1/namespaces/test/rolebindings/testrb")
.andReturn(200, expectedRoleBinding)
.once();
server.expect()
.put()
.withPath("/apis/authorization.openshift.io/v1/namespaces/test/rolebindings/testrb")
.andReturn(200, expectedRoleBinding)
.once();

RoleBinding response = client.roleBindings()
.withName("testrb")
.replace(
new RoleBindingBuilder()
.withNewMetadata()
.endMetadata()
.addToUserNames("testuser1", "testuser2", "system:serviceaccount:test:svcacct")
.addToGroupNames("testgroup")
.addNewSubject()
.withKind("User")
.withName("unexpected")
.endSubject()
.build());
assertEquals(expectedRoleBinding, response);

assertEquals(expectedRoleBinding,
new ObjectMapper().readerFor(RoleBinding.class).readValue(server.getLastRequest().getBody().inputStream()));
}

@Test
void testPatchWithOnlySubjects() throws Exception {
server.expect()
.get()
.withPath("/apis/authorization.openshift.io/v1/namespaces/test/rolebindings/testrb")
.andReturn(200, new RoleBindingBuilder().addToUserNames("unexpected").build())
.once();
server.expect()
.patch()
.withPath("/apis/authorization.openshift.io/v1/namespaces/test/rolebindings/testrb")
.andReturn(200, expectedRoleBinding)
.once();

RoleBinding response = client.roleBindings()
.withName("testrb")
.patch(
new RoleBindingBuilder()
.withNewMetadata()
.endMetadata()
.addNewSubject()
.withKind("User")
.withName("testuser1")
.endSubject()
.addNewSubject()
.withKind("User")
.withName("testuser2")
.endSubject()
.addNewSubject()
.withKind("ServiceAccount")
.withName("svcacct")
.endSubject()
.addNewSubject()
.withKind("Group")
.withName("testgroup")
.endSubject()
.build());
assertEquals(expectedRoleBinding, response);

assertEquals(
"[{\"op\":\"replace\",\"path\":\"/userNames/0\",\"value\":\"testuser1\"},{\"op\":\"add\",\"path\":\"/userNames/1\",\"value\":\"testuser2\"},{\"op\":\"add\",\"path\":\"/userNames/2\",\"value\":\"system:serviceaccount:test:svcacct\"},{\"op\":\"add\",\"path\":\"/metadata\",\"value\":{}},{\"op\":\"add\",\"path\":\"/groupNames\",\"value\":[\"testgroup\"]},{\"op\":\"add\",\"path\":\"/subjects\",\"value\":[{\"kind\":\"User\",\"name\":\"testuser1\"},{\"kind\":\"User\",\"name\":\"testuser2\"},{\"kind\":\"ServiceAccount\",\"name\":\"svcacct\",\"namespace\":\"test\"},{\"kind\":\"Group\",\"name\":\"testgroup\"}]}]",
server.getLastRequest().getBody().readUtf8());
}

@Test
void testPatchWithUserNamesAndGroupsAndNoSubjects() throws Exception {
server.expect()
.get()
.withPath("/apis/authorization.openshift.io/v1/namespaces/test/rolebindings/testrb")
.andReturn(200, new RoleBindingBuilder().addToUserNames("unexpected").build())
.once();
server.expect()
.patch()
.withPath("/apis/authorization.openshift.io/v1/namespaces/test/rolebindings/testrb")
.andReturn(200, expectedRoleBinding)
.once();

RoleBinding response = client.roleBindings()
.withName("testrb")
.patch(
new RoleBindingBuilder()
.withNewMetadata()
.endMetadata()
.addToUserNames("testuser1", "testuser2", "system:serviceaccount:test:svcacct")
.addToGroupNames("testgroup")
.build());
assertEquals(expectedRoleBinding, response);

assertEquals(
"[{\"op\":\"replace\",\"path\":\"/userNames/0\",\"value\":\"testuser1\"},{\"op\":\"add\",\"path\":\"/userNames/1\",\"value\":\"testuser2\"},{\"op\":\"add\",\"path\":\"/userNames/2\",\"value\":\"system:serviceaccount:test:svcacct\"},{\"op\":\"add\",\"path\":\"/metadata\",\"value\":{}},{\"op\":\"add\",\"path\":\"/groupNames\",\"value\":[\"testgroup\"]},{\"op\":\"add\",\"path\":\"/subjects\",\"value\":[{\"kind\":\"User\",\"name\":\"testuser1\"},{\"kind\":\"User\",\"name\":\"testuser2\"},{\"kind\":\"ServiceAccount\",\"name\":\"svcacct\",\"namespace\":\"test\"},{\"kind\":\"Group\",\"name\":\"testgroup\"}]}]",
server.getLastRequest().getBody().readUtf8());
}

@Test
void testPatchWithUserNamesAndGroupsAndOverwriteSubjects() throws Exception {
server.expect()
.get()
.withPath("/apis/authorization.openshift.io/v1/namespaces/test/rolebindings/testrb")
.andReturn(200, new RoleBindingBuilder().addToUserNames("unexpected").build())
.once();
server.expect()
.patch()
.withPath("/apis/authorization.openshift.io/v1/namespaces/test/rolebindings/testrb")
.andReturn(200, expectedRoleBinding)
.once();

RoleBinding response = client.roleBindings()
.withName("testrb")
.patch(
new RoleBindingBuilder()
.withNewMetadata()
.endMetadata()
.addToUserNames("testuser1", "testuser2", "system:serviceaccount:test:svcacct")
.addToGroupNames("testgroup")
.addNewSubject()
.withKind("User")
.withName("unexpected")
.endSubject()
.build());
assertEquals(expectedRoleBinding, response);

assertEquals(
"[{\"op\":\"replace\",\"path\":\"/userNames/0\",\"value\":\"testuser1\"},{\"op\":\"add\",\"path\":\"/userNames/1\",\"value\":\"testuser2\"},{\"op\":\"add\",\"path\":\"/userNames/2\",\"value\":\"system:serviceaccount:test:svcacct\"},{\"op\":\"add\",\"path\":\"/metadata\",\"value\":{}},{\"op\":\"add\",\"path\":\"/groupNames\",\"value\":[\"testgroup\"]},{\"op\":\"add\",\"path\":\"/subjects\",\"value\":[{\"kind\":\"User\",\"name\":\"testuser1\"},{\"kind\":\"User\",\"name\":\"testuser2\"},{\"kind\":\"ServiceAccount\",\"name\":\"svcacct\",\"namespace\":\"test\"},{\"kind\":\"Group\",\"name\":\"testgroup\"}]}]",
server.getLastRequest().getBody().readUtf8());
}

@Test
void testCreateInline() throws Exception {
server.expect()
.post()
.withPath("/apis/authorization.openshift.io/v1/namespaces/test/rolebindings")
.andReturn(201, expectedRoleBinding)
.once();

RoleBinding response = client.roleBindings()
.create(new RoleBindingBuilder()
.withNewMetadata()
.endMetadata()
.addNewSubject()
.withKind("User")
.withName("testuser1")
.endSubject()
.addNewSubject()
.withKind("User")
.withName("testuser2")
.endSubject()
.addNewSubject()
.withKind("ServiceAccount")
.withName("svcacct")
.endSubject()
.addNewSubject()
.withKind("Group")
.withName("testgroup")
.endSubject()
.build());
assertEquals(expectedRoleBinding, response);
assertEquals(expectedRoleBinding,
new ObjectMapper().readerFor(RoleBinding.class).readValue(server.getLastRequest().getBody().inputStream()));
}

}

0 comments on commit ab0e886

Please sign in to comment.