2023-04-10 15:36:59 +00:00
|
|
|
// Copyright (c) HashiCorp, Inc.
|
|
|
|
// SPDX-License-Identifier: MPL-2.0
|
|
|
|
|
2023-04-06 19:35:22 +00:00
|
|
|
package acl
|
|
|
|
|
|
|
|
import (
|
|
|
|
"testing"
|
|
|
|
|
|
|
|
"github.com/hashicorp/go-set"
|
|
|
|
"github.com/hashicorp/nomad/api"
|
|
|
|
"github.com/shoenig/test"
|
|
|
|
"github.com/shoenig/test/must"
|
|
|
|
)
|
|
|
|
|
|
|
|
// TestResourceType indicates what the resource is so the Cleanup process can
|
|
|
|
// use the correct API.
|
|
|
|
type TestResourceType int
|
|
|
|
|
|
|
|
const (
|
|
|
|
NamespaceTestResourceType TestResourceType = iota
|
|
|
|
ACLPolicyTestResourceType
|
|
|
|
ACLRoleTestResourceType
|
|
|
|
ACLTokenTestResourceType
|
|
|
|
)
|
|
|
|
|
|
|
|
// Cleanup stores Nomad resources that have been created by a test which will
|
|
|
|
// need to be deleted once the test exits. This ensures other tests can run in
|
|
|
|
// a clean environment and reduces the potential for conflicts.
|
|
|
|
type Cleanup struct {
|
|
|
|
namespaces *set.Set[string]
|
|
|
|
aclPolicies *set.Set[string]
|
|
|
|
aclRoles *set.Set[string]
|
|
|
|
aclTokens *set.Set[string]
|
|
|
|
}
|
|
|
|
|
|
|
|
// NewCleanup generates an initialized Cleanup object for immediate use.
|
|
|
|
func NewCleanup() *Cleanup {
|
|
|
|
return &Cleanup{
|
|
|
|
namespaces: set.New[string](0),
|
|
|
|
aclPolicies: set.New[string](0),
|
|
|
|
aclRoles: set.New[string](0),
|
|
|
|
aclTokens: set.New[string](0),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Run triggers a Cleanup of all the stored resources. This should typically be
|
|
|
|
// called via defer, so it will always Run no matter if the test fails or not.
|
|
|
|
// Any failure will ultimately fail the test, but will not stop the attempts to
|
|
|
|
// delete all the resources.
|
|
|
|
func (c *Cleanup) Run(t *testing.T, nomadClient *api.Client) {
|
|
|
|
for _, namespace := range c.namespaces.Slice() {
|
|
|
|
_, err := nomadClient.Namespaces().Delete(namespace, nil)
|
|
|
|
test.NoError(t, err)
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, policy := range c.aclPolicies.Slice() {
|
|
|
|
_, err := nomadClient.ACLPolicies().Delete(policy, nil)
|
|
|
|
test.NoError(t, err)
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, role := range c.aclRoles.Slice() {
|
|
|
|
_, err := nomadClient.ACLRoles().Delete(role, nil)
|
|
|
|
test.NoError(t, err)
|
|
|
|
}
|
|
|
|
|
|
|
|
for _, token := range c.aclTokens.Slice() {
|
|
|
|
_, err := nomadClient.ACLTokens().Delete(token, nil)
|
|
|
|
test.NoError(t, err)
|
|
|
|
}
|
|
|
|
|
|
|
|
must.NoError(t, nomadClient.System().GarbageCollect())
|
|
|
|
}
|
|
|
|
|
|
|
|
// Add the resource identifier to the resource tracker. It will be removed by
|
|
|
|
// the Cleanup function once it is triggered.
|
|
|
|
func (c *Cleanup) Add(id string, resourceType TestResourceType) {
|
|
|
|
switch resourceType {
|
|
|
|
case NamespaceTestResourceType:
|
|
|
|
c.namespaces.Insert(id)
|
|
|
|
case ACLPolicyTestResourceType:
|
|
|
|
c.aclPolicies.Insert(id)
|
|
|
|
case ACLRoleTestResourceType:
|
|
|
|
c.aclRoles.Insert(id)
|
|
|
|
case ACLTokenTestResourceType:
|
|
|
|
c.aclTokens.Insert(id)
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
// Remove the resource identifier from the resource tracker, indicating it is
|
|
|
|
// no longer existing on the cluster and does not need to be cleaned.
|
|
|
|
func (c *Cleanup) Remove(id string, resourceType TestResourceType) {
|
|
|
|
switch resourceType {
|
|
|
|
case NamespaceTestResourceType:
|
|
|
|
c.namespaces.Remove(id)
|
|
|
|
case ACLPolicyTestResourceType:
|
|
|
|
c.aclPolicies.Remove(id)
|
|
|
|
case ACLRoleTestResourceType:
|
|
|
|
c.aclRoles.Remove(id)
|
|
|
|
case ACLTokenTestResourceType:
|
|
|
|
c.aclTokens.Remove(id)
|
|
|
|
}
|
|
|
|
}
|