From ec533cd781d390130887c06aaa44cb2e44f76b57 Mon Sep 17 00:00:00 2001 From: Ryan Richard Date: Wed, 8 Jun 2022 12:57:00 -0700 Subject: [PATCH] Skip some recently added integration tests when LDAP is unavailable Also refactor to use shared test helper for skipping LDAP and AD tests. --- test/integration/e2e_test.go | 44 +++++++------------- test/integration/supervisor_login_test.go | 9 +--- test/integration/supervisor_warnings_test.go | 12 ++---- test/testlib/skip.go | 23 +++++++++- 4 files changed, 41 insertions(+), 47 deletions(-) diff --git a/test/integration/e2e_test.go b/test/integration/e2e_test.go index 1c07b48eb..9bafffde7 100644 --- a/test/integration/e2e_test.go +++ b/test/integration/e2e_test.go @@ -634,15 +634,13 @@ func TestE2EFullIntegration_Browser(t *testing.T) { // Add an LDAP upstream IDP and try using it to authenticate during kubectl commands // by interacting with the CLI's username and password prompts. t.Run("with Supervisor LDAP upstream IDP using username and password prompts", func(t *testing.T) { + testlib.SkipTestWhenLDAPIsUnavailable(t, env) + testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute) t.Cleanup(cancel) tempDir := testutil.TempDir(t) // per-test tmp dir to avoid sharing files between tests - if len(env.ToolsNamespace) == 0 && !env.HasCapability(testlib.CanReachInternetLDAPPorts) { - t.Skip("LDAP integration test requires connectivity to an LDAP server") - } - expectedUsername := env.SupervisorUpstreamLDAP.TestUserMailAttributeValue expectedGroups := env.SupervisorUpstreamLDAP.TestUserDirectGroupsDNs @@ -696,15 +694,13 @@ func TestE2EFullIntegration_Browser(t *testing.T) { // Add an LDAP upstream IDP and try using it to authenticate during kubectl commands // by passing username and password via environment variables, thus avoiding the CLI's username and password prompts. t.Run("with Supervisor LDAP upstream IDP using PINNIPED_USERNAME and PINNIPED_PASSWORD env vars", func(t *testing.T) { + testlib.SkipTestWhenLDAPIsUnavailable(t, env) + testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute) t.Cleanup(cancel) tempDir := testutil.TempDir(t) // per-test tmp dir to avoid sharing files between tests - if len(env.ToolsNamespace) == 0 && !env.HasCapability(testlib.CanReachInternetLDAPPorts) { - t.Skip("LDAP integration test requires connectivity to an LDAP server") - } - expectedUsername := env.SupervisorUpstreamLDAP.TestUserMailAttributeValue expectedGroups := env.SupervisorUpstreamLDAP.TestUserDirectGroupsDNs @@ -770,18 +766,13 @@ func TestE2EFullIntegration_Browser(t *testing.T) { // Add an Active Directory upstream IDP and try using it to authenticate during kubectl commands // by interacting with the CLI's username and password prompts. t.Run("with Supervisor ActiveDirectory upstream IDP using username and password prompts", func(t *testing.T) { + testlib.SkipTestWhenActiveDirectoryIsUnavailable(t, env) + testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute) t.Cleanup(cancel) tempDir := testutil.TempDir(t) // per-test tmp dir to avoid sharing files between tests - if len(env.ToolsNamespace) == 0 && !env.HasCapability(testlib.CanReachInternetLDAPPorts) { - t.Skip("Active Directory integration test requires connectivity to an LDAP server") - } - if env.SupervisorUpstreamActiveDirectory.Host == "" { - t.Skip("Active Directory hostname not specified") - } - expectedUsername := env.SupervisorUpstreamActiveDirectory.TestUserPrincipalNameValue expectedGroups := env.SupervisorUpstreamActiveDirectory.TestUserIndirectGroupsSAMAccountPlusDomainNames @@ -835,19 +826,13 @@ func TestE2EFullIntegration_Browser(t *testing.T) { // Add an ActiveDirectory upstream IDP and try using it to authenticate during kubectl commands // by passing username and password via environment variables, thus avoiding the CLI's username and password prompts. t.Run("with Supervisor ActiveDirectory upstream IDP using PINNIPED_USERNAME and PINNIPED_PASSWORD env vars", func(t *testing.T) { + testlib.SkipTestWhenActiveDirectoryIsUnavailable(t, env) + testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute) t.Cleanup(cancel) tempDir := testutil.TempDir(t) // per-test tmp dir to avoid sharing files between tests - if len(env.ToolsNamespace) == 0 && !env.HasCapability(testlib.CanReachInternetLDAPPorts) { - t.Skip("ActiveDirectory integration test requires connectivity to an LDAP server") - } - - if env.SupervisorUpstreamActiveDirectory.Host == "" { - t.Skip("Active Directory hostname not specified") - } - expectedUsername := env.SupervisorUpstreamActiveDirectory.TestUserPrincipalNameValue expectedGroups := env.SupervisorUpstreamActiveDirectory.TestUserIndirectGroupsSAMAccountPlusDomainNames @@ -912,6 +897,8 @@ func TestE2EFullIntegration_Browser(t *testing.T) { // Add an LDAP upstream IDP and try using it to authenticate during kubectl commands, using the browser flow. t.Run("with Supervisor LDAP upstream IDP and browser flow with with form_post automatic authcode delivery to CLI", func(t *testing.T) { + testlib.SkipTestWhenLDAPIsUnavailable(t, env) + testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute) t.Cleanup(cancel) @@ -966,6 +953,8 @@ func TestE2EFullIntegration_Browser(t *testing.T) { // Add an Active Directory upstream IDP and try using it to authenticate during kubectl commands, using the browser flow. t.Run("with Supervisor Active Directory upstream IDP and browser flow with with form_post automatic authcode delivery to CLI", func(t *testing.T) { + testlib.SkipTestWhenActiveDirectoryIsUnavailable(t, env) + testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute) t.Cleanup(cancel) @@ -974,13 +963,6 @@ func TestE2EFullIntegration_Browser(t *testing.T) { // Start a fresh browser driver because we don't want to share cookies between the various tests in this file. page := browsertest.Open(t) - if len(env.ToolsNamespace) == 0 && !env.HasCapability(testlib.CanReachInternetLDAPPorts) { - t.Skip("Active Directory integration test requires connectivity to an LDAP server") - } - if env.SupervisorUpstreamActiveDirectory.Host == "" { - t.Skip("Active Directory hostname not specified") - } - expectedUsername := env.SupervisorUpstreamActiveDirectory.TestUserPrincipalNameValue expectedGroups := env.SupervisorUpstreamActiveDirectory.TestUserIndirectGroupsSAMAccountPlusDomainNames @@ -1027,6 +1009,8 @@ func TestE2EFullIntegration_Browser(t *testing.T) { // Add an LDAP upstream IDP and try using it to authenticate during kubectl commands, using the env var to choose the browser flow. t.Run("with Supervisor LDAP upstream IDP and browser flow selected by env var override with with form_post automatic authcode delivery to CLI", func(t *testing.T) { + testlib.SkipTestWhenLDAPIsUnavailable(t, env) + testCtx, cancel := context.WithTimeout(context.Background(), 5*time.Minute) t.Cleanup(cancel) diff --git a/test/integration/supervisor_login_test.go b/test/integration/supervisor_login_test.go index 3c2f045a4..47587db75 100644 --- a/test/integration/supervisor_login_test.go +++ b/test/integration/supervisor_login_test.go @@ -48,17 +48,12 @@ func TestSupervisorLogin_Browser(t *testing.T) { skipLDAPTests := func(t *testing.T) { t.Helper() - if len(env.ToolsNamespace) == 0 && !env.HasCapability(testlib.CanReachInternetLDAPPorts) { - t.Skip("LDAP integration test requires connectivity to an LDAP server") - } + testlib.SkipTestWhenLDAPIsUnavailable(t, env) } skipActiveDirectoryTests := func(t *testing.T) { t.Helper() - skipLDAPTests(t) - if env.SupervisorUpstreamActiveDirectory.Host == "" { - t.Skip("Active Directory hostname not specified") - } + testlib.SkipTestWhenActiveDirectoryIsUnavailable(t, env) } basicOIDCIdentityProviderSpec := func() idpv1alpha1.OIDCIdentityProviderSpec { diff --git a/test/integration/supervisor_warnings_test.go b/test/integration/supervisor_warnings_test.go index f4ae43efc..74b5aab06 100644 --- a/test/integration/supervisor_warnings_test.go +++ b/test/integration/supervisor_warnings_test.go @@ -103,9 +103,7 @@ func TestSupervisorWarnings_Browser(t *testing.T) { ) t.Run("LDAP group refresh flow", func(t *testing.T) { - if len(env.ToolsNamespace) == 0 && !env.HasCapability(testlib.CanReachInternetLDAPPorts) { - t.Skip("LDAP integration test requires connectivity to an LDAP server") - } + testlib.SkipTestWhenLDAPIsUnavailable(t, env) expectedUsername := env.SupervisorUpstreamLDAP.TestUserMailAttributeValue @@ -242,13 +240,9 @@ func TestSupervisorWarnings_Browser(t *testing.T) { t.Logf("second kubectl command took %s", time.Since(startTime2).String()) }) + t.Run("Active Directory group refresh flow", func(t *testing.T) { - if len(env.ToolsNamespace) == 0 && !env.HasCapability(testlib.CanReachInternetLDAPPorts) { - t.Skip("LDAP integration test requires connectivity to an LDAP server") - } - if env.SupervisorUpstreamActiveDirectory.Host == "" { - t.Skip("Active Directory hostname not specified") - } + testlib.SkipTestWhenActiveDirectoryIsUnavailable(t, env) expectedUsername, password := testlib.CreateFreshADTestUser(t, env) t.Cleanup(func() { diff --git a/test/testlib/skip.go b/test/testlib/skip.go index 6f7de6433..8a382b181 100644 --- a/test/testlib/skip.go +++ b/test/testlib/skip.go @@ -1,4 +1,4 @@ -// Copyright 2020 the Pinniped contributors. All Rights Reserved. +// Copyright 2020-2022 the Pinniped contributors. All Rights Reserved. // SPDX-License-Identifier: Apache-2.0 package testlib @@ -8,7 +8,28 @@ import "testing" // skipUnlessIntegration skips the current test if `-short` has been passed to `go test`. func skipUnlessIntegration(t *testing.T) { t.Helper() + if testing.Short() { t.Skip("skipping integration test because of '-short' flag") } } + +func SkipTestWhenLDAPIsUnavailable(t *testing.T, env *TestEnv) { + t.Helper() + + if len(env.ToolsNamespace) == 0 && !env.HasCapability(CanReachInternetLDAPPorts) { + t.Skip("LDAP integration test requires connectivity to an LDAP server") + } +} + +func SkipTestWhenActiveDirectoryIsUnavailable(t *testing.T, env *TestEnv) { + t.Helper() + + if !env.HasCapability(CanReachInternetLDAPPorts) { + t.Skip("Active Directory integration test requires network connectivity to an AD server") + } + + if IntegrationEnv(t).SupervisorUpstreamActiveDirectory.Host == "" { + t.Skip("Active Directory hostname not specified") + } +}