Address review comments

kubernetes · Jun 25, 2018 · 707d8aa · 707d8aa
1 parent f082ca9
commit 707d8aa
Show file tree

Hide file tree

Showing 2 changed files with 82 additions and 75 deletions.
diff --git a/cmd/e2e-test/basic_test.go b/cmd/e2e-test/basic_test.go
@@ -110,7 +110,7 @@ func TestBasic(t *testing.T) {
 			}
 
 			if err := e2e.WaitForIngressDeletion(ctx, Framework.Cloud, gclb, s, ing, false); err != nil {
-				t.Errorf("Failed to wait for ingress deletion: %v", err)
+				t.Errorf("e2e.WaitForIngressDeletion(..., %q, false) = %v, want nil", ing.Name, err)
 			}
 		})
 	}

diff --git a/cmd/e2e-test/security_policy_test.go b/cmd/e2e-test/security_policy_test.go
@@ -19,21 +19,18 @@ package main
 import (
 	"context"
 	"fmt"
+	"strings"
 	"testing"
 	"time"
 
-	"github.com/golang/glog"
 	computebeta "google.golang.org/api/compute/v0.beta"
 
-	"k8s.io/api/core/v1"
-	"k8s.io/api/extensions/v1beta1"
 	"k8s.io/apimachinery/pkg/util/intstr"
 	"k8s.io/apimachinery/pkg/util/wait"
 	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud"
 	"k8s.io/kubernetes/pkg/cloudprovider/providers/gce/cloud/meta"
 
 	"k8s.io/ingress-gce/pkg/annotations"
-	backendconfig "k8s.io/ingress-gce/pkg/apis/backendconfig/v1beta1"
 	"k8s.io/ingress-gce/pkg/e2e"
 	"k8s.io/ingress-gce/pkg/fuzz"
 	"k8s.io/ingress-gce/pkg/fuzz/features"
@@ -70,37 +67,53 @@ func buildPolicyDisallowAll(name string) *computebeta.SecurityPolicy {
 }
 
 func TestSecurityPolicyEnable(t *testing.T) {
+	ctx := context.Background()
 	t.Parallel()
 
 	Framework.RunWithSandbox("Security Policy Enable", t, func(t *testing.T, s *e2e.Sandbox) {
-		// ------ Step: Preparing test ------
-
-		ctx := context.Background()
 		policies := []*computebeta.SecurityPolicy{
 			buildPolicyAllowAll("enable-test-allow-all"),
 		}
 		defer func() {
-			if err := cleanupSecurityPolicies(ctx, Framework.Cloud, policies); err != nil {
-				t.Errorf("Failed to cleanup policies: %v", err)
+			if err := cleanupSecurityPolicies(t, ctx, Framework.Cloud, policies); err != nil {
+				t.Errorf("cleanupSecurityPolicies(...) =  %v, want nil", err)
 			}
 		}()
-		policies, err := prepareSecurityPolicies(ctx, Framework.Cloud, policies)
+		policies, err := createSecurityPolicies(t, ctx, Framework.Cloud, policies)
 		if err != nil {
-			t.Fatalf("Failed to prepare policies: %v", err)
+			t.Fatalf("createSecurityPolicies(...) = _, %v, want _, nil", err)
 		}
 		// Re-assign to get the populated self-link.
 		testSecurityPolicy := policies[0]
 
-		_, testSvc, testIng, err := prepareK8sResourcesForPolicyTest(ctx, Framework.Cloud, s, testSecurityPolicy.Name)
+		testBackendConfigAnnotation := map[string]string{
+			annotations.BackendConfigKey: `{"default":"backendconfig-1"}`,
+		}
+		_, testSvc, err := e2e.CreateEchoService(s, "service-1", testBackendConfigAnnotation)
 		if err != nil {
-			t.Fatalf("Failed to prepare k8s resources: %v", err)
+			t.Fatalf("e2e.CreateEchoService(s, service-1, %q) = _, _, %v, want _, _, nil", testBackendConfigAnnotation, err)
 		}
 
-		// ------ Step: Executing test ------
+		testBackendConfig := fuzz.NewBackendConfigBuilder("", "backendconfig-1").SetSecurityPolicy(testSecurityPolicy.Name).Build()
+		testBackendConfig, err = Framework.BackendConfigClient.CloudV1beta1().BackendConfigs(s.Namespace).Create(testBackendConfig)
+		if err != nil {
+			t.Fatalf("Error creating test backend config: %v", err)
+		}
+		t.Logf("Backend config %s/%s created", s.Namespace, testBackendConfig.Name)
+
+		port80 := intstr.FromInt(80)
+		testIng := fuzz.NewIngressBuilder("", "ingress-1", "").DefaultBackend("service-1", port80).AddPath("test.com", "/", "service-1", port80).Build()
+		testIng, err = Framework.Clientset.Extensions().Ingresses(s.Namespace).Create(testIng)
+		if err != nil {
+			t.Fatalf("error creating Ingress spec: %v", err)
+		}
+		t.Logf("Ingress %s/%s created", s.Namespace, testIng.Name)
+
+		t.Logf("Checking on relevant backend service whether security policy is properly attached")
 
 		testIng, err = e2e.WaitForIngress(s, testIng)
 		if err != nil {
-			t.Fatalf("Error waiting for Ingress to stabilize: %v", err)
+			t.Fatalf("e2e.WaitForIngress(s, %q) = _, %v; want _, nil", testIng.Name, err)
 		}
 		if len(testIng.Status.LoadBalancer.Ingress) < 1 {
 			t.Fatalf("Ingress does not have an IP: %+v", testIng.Status)
@@ -109,54 +122,68 @@ func TestSecurityPolicyEnable(t *testing.T) {
 		vip := testIng.Status.LoadBalancer.Ingress[0].IP
 		gclb, err := fuzz.GCLBForVIP(ctx, Framework.Cloud, vip, fuzz.FeatureValidators([]fuzz.Feature{features.SecurityPolicy}))
 		if err != nil {
-			t.Fatalf("Error getting GCP resources for LB with IP = %q", vip)
+			t.Fatalf("fuzz.GCLBForVIP(..., %q, %q) = _, %v; want _, nil", vip, features.SecurityPolicy, err)
 		}
 
-		if err := verifySecurityPolicy(gclb, s.Namespace, testSvc.Name, testSecurityPolicy.SelfLink); err != nil {
-			t.Errorf("Failed to verify security policy: %v", err)
+		if err := verifySecurityPolicy(t, gclb, s.Namespace, testSvc.Name, testSecurityPolicy.SelfLink); err != nil {
+			t.Errorf("verifySecurityPolicy(..., %q, %q, %q) = %v, want nil", s.Namespace, testSvc.Name, testSecurityPolicy.SelfLink, err)
 		}
 
-		// ------ Step: Cleaning up test ------
+		t.Logf("Cleaning up test")
 
 		if err := e2e.WaitForIngressDeletion(ctx, Framework.Cloud, gclb, s, testIng, false); err != nil {
-			t.Errorf("Failed to wait for ingress deletion: %v", err)
+			t.Errorf("e2e.WaitForIngressDeletion(..., %q, false) = %v, want nil", testIng.Name, err)
 		}
 	})
 }
 
 func TestSecurityPolicyTransition(t *testing.T) {
+	ctx := context.Background()
 	t.Parallel()
 
 	Framework.RunWithSandbox("Security Policy Transition", t, func(t *testing.T, s *e2e.Sandbox) {
-		// ------ Step: Preparing test ------
-
-		ctx := context.Background()
 		policies := []*computebeta.SecurityPolicy{
 			buildPolicyAllowAll("transition-test-allow-all"),
 			buildPolicyDisallowAll("transition-test-disallow-all"),
 		}
 		defer func() {
-			if err := cleanupSecurityPolicies(ctx, Framework.Cloud, policies); err != nil {
-				t.Errorf("Failed to cleanup policies: %v", err)
+			if err := cleanupSecurityPolicies(t, ctx, Framework.Cloud, policies); err != nil {
+				t.Errorf("cleanupSecurityPolicies(...) = %v, want nil", err)
 			}
 		}()
-		policies, err := prepareSecurityPolicies(ctx, Framework.Cloud, policies)
+		policies, err := createSecurityPolicies(t, ctx, Framework.Cloud, policies)
 		if err != nil {
-			t.Fatalf("Failed to prepare policies: %v", err)
+			t.Fatalf("createSecurityPolicies(...) = _, %v, want _, nil", err)
 		}
 		// Re-assign to get the populated self-link.
 		testSecurityPolicyAllow, testSecurityPolicyDisallow := policies[0], policies[1]
 
-		testCfg, testSvc, testIng, err := prepareK8sResourcesForPolicyTest(ctx, Framework.Cloud, s, testSecurityPolicyAllow.Name)
+		testBackendConfigAnnotation := map[string]string{
+			annotations.BackendConfigKey: `{"default":"backendconfig-1"}`,
+		}
+		_, testSvc, err := e2e.CreateEchoService(s, "service-1", testBackendConfigAnnotation)
+		if err != nil {
+			t.Fatalf("e2e.CreateEchoService(s, service-1, %q) = _, _, %v, want _, _, nil", testBackendConfigAnnotation, err)
+		}
+
+		testBackendConfig := fuzz.NewBackendConfigBuilder("", "backendconfig-1").SetSecurityPolicy(testSecurityPolicyAllow.Name).Build()
+		testBackendConfig, err = Framework.BackendConfigClient.CloudV1beta1().BackendConfigs(s.Namespace).Create(testBackendConfig)
 		if err != nil {
-			t.Fatalf("Failed to prepare k8s resources: %v", err)
+			t.Fatalf("Error creating test backend config: %v", err)
 		}
+		t.Logf("Backend config %s/%s created", s.Namespace, testBackendConfig.Name)
 
-		// ------ Step: Executing test ------
+		port80 := intstr.FromInt(80)
+		testIng := fuzz.NewIngressBuilder("", "ingress-1", "").DefaultBackend("service-1", port80).AddPath("test.com", "/", "service-1", port80).Build()
+		testIng, err = Framework.Clientset.Extensions().Ingresses(s.Namespace).Create(testIng)
+		if err != nil {
+			t.Fatalf("error creating Ingress spec: %v", err)
+		}
+		t.Logf("Ingress %s/%s created", s.Namespace, testIng.Name)
 
 		ing, err := e2e.WaitForIngress(s, testIng)
 		if err != nil {
-			t.Fatalf("Error waiting for Ingress to stabilize: %v", err)
+			t.Fatalf("e2e.WaitForIngress(s, %q) = _, %v; want _, nil", testIng.Name, err)
 		}
 		if len(ing.Status.LoadBalancer.Ingress) < 1 {
 			t.Fatalf("Ingress does not have an IP: %+v", ing.Status)
@@ -183,22 +210,23 @@ func TestSecurityPolicyTransition(t *testing.T) {
 		}
 
 		for _, step := range steps {
-			testCfg.Spec.SecurityPolicy.Name = step.securityPolicyToSet
-			testCfg, err = Framework.BackendConfigClient.CloudV1beta1().BackendConfigs(s.Namespace).Update(testCfg)
+			testBackendConfig.Spec.SecurityPolicy.Name = step.securityPolicyToSet
+			testBackendConfig, err = Framework.BackendConfigClient.CloudV1beta1().BackendConfigs(s.Namespace).Update(testBackendConfig)
 			if err != nil {
 				t.Fatalf("Error updating test backend config: %v", err)
 			}
-			glog.Infof("Backend config %s/%s updated", testCfg.Name, s.Namespace)
+			t.Logf("Backend config %s/%s updated", testBackendConfig.Name, s.Namespace)
+
+			t.Logf("Checking on relevant backend service whether security policy is properly updated")
 
-			// Wait for security policy to be updated
 			if err := wait.Poll(policyUpdateInterval, policyUpdateTimeout, func() (bool, error) {
 				gclb, err = fuzz.GCLBForVIP(ctx, Framework.Cloud, vip, fuzz.FeatureValidators([]fuzz.Feature{features.SecurityPolicy}))
 				if err != nil {
-					t.Fatalf("Error getting GCP resources for LB with IP = %q", vip)
+					t.Fatalf("fuzz.GCLBForVIP(..., %q, %q) = _, %v; want _, nil", vip, features.SecurityPolicy, err)
 				}
 
-				if err := verifySecurityPolicy(gclb, s.Namespace, testSvc.Name, step.expectedpolicyLink); err != nil {
-					glog.Errorf("Failed to verify security policy: %v", err)
+				if err := verifySecurityPolicy(t, gclb, s.Namespace, testSvc.Name, step.expectedpolicyLink); err != nil {
+					t.Logf("verifySecurityPolicy(..., %q, %q, %q) = %v, want nil", s.Namespace, testSvc.Name, step.expectedpolicyLink, err)
 					return false, nil
 				}
 				return true, nil
@@ -207,22 +235,22 @@ func TestSecurityPolicyTransition(t *testing.T) {
 			}
 		}
 
-		// ------ Step: Cleaning up test ------
+		t.Logf("Cleaning up test")
 
 		if err := e2e.WaitForIngressDeletion(ctx, Framework.Cloud, gclb, s, ing, false); err != nil {
-			t.Errorf("Failed to wait for ingress deletion: %v", err)
+			t.Errorf("e2e.WaitForIngressDeletion(..., %q, false) = %v, want nil", ing.Name, err)
 		}
 	})
 }
 
-func prepareSecurityPolicies(ctx context.Context, c cloud.Cloud, policies []*computebeta.SecurityPolicy) ([]*computebeta.SecurityPolicy, error) {
-	glog.Infof("Creating security policies...")
+func createSecurityPolicies(t *testing.T, ctx context.Context, c cloud.Cloud, policies []*computebeta.SecurityPolicy) ([]*computebeta.SecurityPolicy, error) {
+	t.Logf("Creating security policies...")
 	createdPolicies := []*computebeta.SecurityPolicy{}
 	for _, policy := range policies {
 		if err := c.BetaSecurityPolicies().Insert(ctx, meta.GlobalKey(policy.Name), policy); err != nil {
 			return nil, fmt.Errorf("error creating security policy %q: %v", policy.Name, err)
 		}
-		glog.Infof("Security policy %q created", policy.Name)
+		t.Logf("Security policy %q created", policy.Name)
 		policy, err := c.BetaSecurityPolicies().Get(ctx, meta.GlobalKey(policy.Name))
 		if err != nil {
 			return nil, fmt.Errorf("error getting security policy %q: %v", policy.Name, err)
@@ -232,43 +260,22 @@ func prepareSecurityPolicies(ctx context.Context, c cloud.Cloud, policies []*com
 	return createdPolicies, nil
 }
 
-func cleanupSecurityPolicies(ctx context.Context, c cloud.Cloud, policies []*computebeta.SecurityPolicy) error {
-	glog.Infof("Deleting security policies...")
+func cleanupSecurityPolicies(t *testing.T, ctx context.Context, c cloud.Cloud, policies []*computebeta.SecurityPolicy) error {
+	t.Logf("Deleting security policies...")
+	var errs []string
 	for _, policy := range policies {
 		if err := c.BetaSecurityPolicies().Delete(ctx, meta.GlobalKey(policy.Name)); err != nil {
-			return fmt.Errorf("failed to delete security policy %q: %v", policy.Name, err)
+			errs = append(errs, err.Error())
 		}
+		t.Logf("Security policy %q deleted", policy.Name)
 	}
-	return nil
-}
-
-func prepareK8sResourcesForPolicyTest(ctx context.Context, c cloud.Cloud, s *e2e.Sandbox, initialPolicyName string) (*backendconfig.BackendConfig, *v1.Service, *v1beta1.Ingress, error) {
-	port80 := intstr.FromInt(80)
-	testIng := fuzz.NewIngressBuilder("", "ingress-1", "").DefaultBackend("service-1", port80).AddPath("test.com", "/", "service-1", port80).Build()
-	testBackendConfig := fuzz.NewBackendConfigBuilder("", "backendconfig-1").SetSecurityPolicy(initialPolicyName).Build()
-	testBackendConfigAnnotation := map[string]string{
-		annotations.BackendConfigKey: `{"default":"backendconfig-1"}`,
+	if len(errs) != 0 {
+		return fmt.Errorf("failed to delete security policies: %s", strings.Join(errs, "\n"))
 	}
-
-	testBackendConfig, err := Framework.BackendConfigClient.CloudV1beta1().BackendConfigs(s.Namespace).Create(testBackendConfig)
-	if err != nil {
-		return nil, nil, nil, fmt.Errorf("error creating test backend config: %v", err)
-	}
-	glog.Infof("Backend config %s/%s created", testBackendConfig.Name, s.Namespace)
-
-	_, testSvc, err := e2e.CreateEchoService(s, "service-1", testBackendConfigAnnotation)
-	if err != nil {
-		return nil, nil, nil, fmt.Errorf("error creating echo service: %v", err)
-	}
-
-	testIng, err = Framework.Clientset.Extensions().Ingresses(s.Namespace).Create(testIng)
-	if err != nil {
-		return nil, nil, nil, fmt.Errorf("error creating Ingress spec: %v", err)
-	}
-	return testBackendConfig, testSvc, testIng, nil
+	return nil
 }
 
-func verifySecurityPolicy(gclb *fuzz.GCLB, svcNamespace, svcName, policyLink string) error {
+func verifySecurityPolicy(t *testing.T, gclb *fuzz.GCLB, svcNamespace, svcName, policyLink string) error {
 	numBsWithPolicy := 0
 	for _, bs := range gclb.BackendService {
 		// Check on relevant backend services.
@@ -283,7 +290,7 @@ func verifySecurityPolicy(gclb *fuzz.GCLB, svcNamespace, svcName, policyLink str
 		if bs.Beta.SecurityPolicy != policyLink {
 			return fmt.Errorf("backend service %q has security policy %q, want %q", bs.Beta.Name, bs.Beta.SecurityPolicy, policyLink)
 		}
-		glog.Infof("Backend service %q has the expected security policy %q attached", bs.Beta.Name, bs.Beta.SecurityPolicy)
+		t.Logf("Backend service %q has the expected security policy %q attached", bs.Beta.Name, bs.Beta.SecurityPolicy)
 		numBsWithPolicy = numBsWithPolicy + 1
 	}
 	if numBsWithPolicy != 1 {