Merge pull request GoogleCloudPlatform#2280 from ziyue-101/fix-hub-test

fix gkehub test cases
gemmahou · Jul 12, 2024 · da86d3f · da86d3f
2 parents c3ba2c6 + 938338f
commit da86d3f
Show file tree

Hide file tree

Showing 12 changed files with 69 additions and 208 deletions.
diff --git a/mockgcp/mockgkehub/gkehubfeature.go b/mockgcp/mockgkehub/gkehubfeature.go
@@ -16,6 +16,7 @@ package mockgkehub
 
 import (
 	"context"
+	"fmt"
 
 	"cloud.google.com/go/longrunning/autogen/longrunningpb"
 	"google.golang.org/genproto/googleapis/longrunning"
@@ -61,6 +62,16 @@ func (s *GKEHubFeature) CreateFeature(ctx context.Context, req *pb.CreateFeature
 	obj := proto.Clone(req.Resource).(*pb.Feature)
 	obj.Name = fqn
 
+	// Mimic the GCP API validation logic.
+	for id, spec := range obj.MembershipSpecs {
+		acmSpec := spec.GetConfigmanagement()
+		if acmSpec != nil {
+			if acmSpec.GetConfigSync() == nil && acmSpec.GetHierarchyController() == nil && acmSpec.GetPolicyController() == nil {
+				return nil, fmt.Errorf("none of configsync or hierachycontroller or policycontroller is specified under configmanagement for memebership %s", id)
+			}
+		}
+	}
+
 	if err := s.storage.Create(ctx, fqn, obj); err != nil {
 		return nil, err
 	}

diff --git a/mockgcp/mockiam/serviceaccounts.go b/mockgcp/mockiam/serviceaccounts.go
@@ -89,6 +89,9 @@ func (s *ServerV1) CreateServiceAccount(ctx context.Context, req *pb.CreateServi
 	if accountID == "" {
 		return nil, status.Errorf(codes.InvalidArgument, "AccountId is required")
 	}
+	if len(accountID) < 6 || len(accountID) > 30 {
+		return nil, status.Errorf(codes.InvalidArgument, "AccountId  must be 6-30 characters long")
+	}
 
 	projectName, err := projects.ParseProjectName(req.Name)
 	if err != nil {

diff --git a/...cacmgkehubfeaturemembership/_generated_object_basicacmgkehubfeaturemembership.golden.yaml b/...cacmgkehubfeaturemembership/_generated_object_basicacmgkehubfeaturemembership.golden.yaml
@@ -17,7 +17,7 @@ spec:
     configSync:
       git:
         gcpServiceAccountRef:
-          name: iamserviceaccount-${uniqueId}
+          name: sa-${uniqueId}
         httpsProxy: https://github.com
         policyDir: config-connector
         secretType: none

diff --git a/...ta/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/_http.log b/...ta/basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/_http.log
@@ -673,7 +673,7 @@ Grpc-Metadata-Content-Type: application/grpc
 
 ---
 
-GET https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false
+GET https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false
 User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager
 
 404 Not Found
@@ -709,7 +709,7 @@ Content-Type: application/json
 User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager
 
 {
-  "accountId": "iamserviceaccount-${uniqueId}",
+  "accountId": "sa-${uniqueId}",
   "serviceAccount": {
     "displayName": "A Test Service Account"
   }
@@ -728,17 +728,17 @@ X-Xss-Protection: 0
 
 {
   "displayName": "A Test Service Account",
-  "email": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com",
+  "email": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com",
   "etag": "abcdef0123A=",
-  "name": "projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com",
+  "name": "projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com",
   "oauth2ClientId": "888888888888888888888",
   "projectId": "example-project-01",
   "uniqueId": "111111111111111111111"
 }
 
 ---
 
-GET https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false
+GET https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false
 User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager
 
 200 OK
@@ -754,9 +754,9 @@ X-Xss-Protection: 0
 
 {
   "displayName": "A Test Service Account",
-  "email": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com",
+  "email": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com",
   "etag": "abcdef0123A=",
-  "name": "projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com",
+  "name": "projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com",
   "oauth2ClientId": "888888888888888888888",
   "projectId": "example-project-01",
   "uniqueId": "111111111111111111111"
@@ -1091,6 +1091,9 @@ User-Agent: kcc/controller-manager DeclarativeClientLib/0.0.1
   "membershipSpecs": {
     "projects/example-project-01/locations/global/memberships/gkehubmembership-basic-acm-${uniqueId}": {
       "configmanagement": {
+        "configSync": {
+          "sourceFormat": "unstructured"
+        },
         "version": "1.18.1"
       }
     }
@@ -1153,6 +1156,9 @@ X-Xss-Protection: 0
     "membershipSpecs": {
       "projects/example-project-01/locations/global/memberships/gkehubmembership-basic-acm-${uniqueId}": {
         "configmanagement": {
+          "configSync": {
+            "sourceFormat": "unstructured"
+          },
           "version": "1.18.1"
         }
       }
@@ -1190,6 +1196,9 @@ X-Xss-Protection: 0
   "membershipSpecs": {
     "projects/example-project-01/locations/global/memberships/gkehubmembership-basic-acm-${uniqueId}": {
       "configmanagement": {
+        "configSync": {
+          "sourceFormat": "unstructured"
+        },
         "version": "1.18.1"
       }
     }
@@ -1210,7 +1219,7 @@ User-Agent: kcc/controller-manager DeclarativeClientLib/0.0.1
       "configmanagement": {
         "configSync": {
           "git": {
-            "gcpServiceAccountEmail": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com",
+            "gcpServiceAccountEmail": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com",
             "httpsProxy": "https://github.com",
             "policyDir": "config-connector",
             "secretType": "none",
@@ -1290,7 +1299,7 @@ X-Xss-Protection: 0
         "configmanagement": {
           "configSync": {
             "git": {
-              "gcpServiceAccountEmail": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com",
+              "gcpServiceAccountEmail": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com",
               "httpsProxy": "https://github.com",
               "policyDir": "config-connector",
               "secretType": "none",
@@ -1345,7 +1354,7 @@ X-Xss-Protection: 0
       "configmanagement": {
         "configSync": {
           "git": {
-            "gcpServiceAccountEmail": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com",
+            "gcpServiceAccountEmail": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com",
             "httpsProxy": "https://github.com",
             "policyDir": "config-connector",
             "secretType": "none",
@@ -1547,92 +1556,7 @@ X-Xss-Protection: 0
 
 ---
 
-GET https://gkehub.googleapis.com/v1beta/projects/example-project-01/locations/global/features/configmanagement?alt=json
-Content-Type: application/json
-User-Agent: kcc/controller-manager DeclarativeClientLib/0.0.1
-
-200 OK
-Cache-Control: private
-Content-Type: application/json; charset=UTF-8
-Server: ESF
-Vary: Origin
-Vary: X-Origin
-Vary: Referer
-X-Content-Type-Options: nosniff
-X-Frame-Options: SAMEORIGIN
-X-Xss-Protection: 0
-
-{
-  "labels": {
-    "cnrm-test": "true",
-    "managed-by-cnrm": "true"
-  },
-  "membershipSpecs": {
-    "projects/example-project-01/locations/global/memberships/gkehubmembership-basic-acm-${uniqueId}": {}
-  },
-  "name": "projects/example-project-01/locations/global/features/configmanagement",
-  "updateTime": "2024-04-01T12:34:56.123456Z"
-}
-
----
-
-DELETE https://gkehub.googleapis.com/v1beta/projects/example-project-01/locations/global/features/configmanagement?alt=json
-Content-Type: application/json
-User-Agent: kcc/controller-manager DeclarativeClientLib/0.0.1
-
-200 OK
-Cache-Control: private
-Content-Type: application/json; charset=UTF-8
-Server: ESF
-Vary: Origin
-Vary: X-Origin
-Vary: Referer
-X-Content-Type-Options: nosniff
-X-Frame-Options: SAMEORIGIN
-X-Xss-Protection: 0
-
-{
-  "done": true,
-  "metadata": {
-    "@type": "type.googleapis.com/google.cloud.gkehub.v1beta.OperationMetadata",
-    "createTime": "2024-04-01T12:34:56.123456Z",
-    "endTime": "2024-04-01T12:34:56.123456Z",
-    "target": "projects/example-project-01/locations/global/features/configmanagement"
-  },
-  "name": "projects/example-project-01/locations/global/features/configmanagement/operations/${operationID}",
-  "response": {
-    "@type": "type.googleapis.com/google.cloud.gkehub.v1beta.Feature"
-  }
-}
-
----
-
-GET https://gkehub.googleapis.com/v1beta/projects/example-project-01/locations/global/features/configmanagement?alt=json
-Content-Type: application/json
-User-Agent: kcc/controller-manager DeclarativeClientLib/0.0.1
-
-404 Not Found
-Cache-Control: private
-Content-Type: application/json; charset=UTF-8
-Server: ESF
-Vary: Origin
-Vary: X-Origin
-Vary: Referer
-X-Content-Type-Options: nosniff
-X-Frame-Options: SAMEORIGIN
-X-Xss-Protection: 0
-
-{
-  "error": {
-    "code": 404,
-    "message": "feature \"projects/example-project-01/locations/global/features/configmanagement\" not found",
-    "status": "NOT_FOUND"
-  }
-}
-
----
-
-GET https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false
+GET https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false
 User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager
 
 200 OK
@@ -1648,17 +1572,17 @@ X-Xss-Protection: 0
 
 {
   "displayName": "A Test Service Account",
-  "email": "iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com",
+  "email": "sa-${uniqueId}@example-project-01.iam.gserviceaccount.com",
   "etag": "abcdef0123A=",
-  "name": "projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com",
+  "name": "projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com",
   "oauth2ClientId": "888888888888888888888",
   "projectId": "example-project-01",
   "uniqueId": "111111111111111111111"
 }
 
 ---
 
-DELETE https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/iamserviceaccount-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false
+DELETE https://iam.googleapis.com/v1/projects/example-project-01/serviceAccounts/sa-${uniqueId}@example-project-01.iam.gserviceaccount.com?alt=json&prettyPrint=false
 User-Agent: google-api-go-client/0.5 Terraform/ (+https://www.terraform.io) Terraform-Plugin-SDK/2.10.1 terraform-provider-google-beta/kcc/controller-manager
 
 200 OK

diff --git a/.../basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/create.yaml b/.../basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/create.yaml
@@ -25,4 +25,6 @@ spec:
   featureRef:
     name: gkehubfeature-basic-acm-${uniqueId}
   configmanagement:
+    configSync:
+      sourceFormat: unstructured
     version: "1.18.1"
diff --git a/.../gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/dependencies.yaml b/.../gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/dependencies.yaml
@@ -70,14 +70,17 @@ kind: IAMServiceAccount
 metadata:
   annotations:
     cnrm.cloud.google.com/project-id: ${TEST_DEPENDENT_ORG_PROJECT_ID}
-  name: iamserviceaccount-${uniqueId}
+  name: sa-${uniqueId}
 spec:
   displayName: A Test Service Account
 ---
 apiVersion: gkehub.cnrm.cloud.google.com/v1beta1
 kind: GKEHubFeature
 metadata:
   name: gkehubfeature-basic-acm-${uniqueId}
+  annotations:
+   # Abondon the feature resource as it is global within a project and we would hit issues when running two tests in parallel.
+    cnrm.cloud.google.com/deletion-policy: "abandon"
 spec:
   projectRef:
     name: gkehubfm-${uniqueId}

diff --git a/.../basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/update.yaml b/.../basic/gkehub/v1beta1/gkehubfeaturemembership/basicacmgkehubfeaturemembership/update.yaml
@@ -30,7 +30,7 @@ spec:
       sourceFormat: hierarchy
       git:
         gcpServiceAccountRef:
-          name: iamserviceaccount-${uniqueId} 
+          name: sa-${uniqueId} 
         httpsProxy: "https://github.com"
         syncRepo: "https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit"
         syncBranch: "master"

diff --git a/...llacmgkehubfeaturemembership/_generated_object_fullacmgkehubfeaturemembership.golden.yaml b/...llacmgkehubfeaturemembership/_generated_object_fullacmgkehubfeaturemembership.golden.yaml
@@ -17,7 +17,7 @@ spec:
     configSync:
       git:
         gcpServiceAccountRef:
-          name: iamserviceaccount-${uniqueId}
+          name: sa-${uniqueId}
         httpsProxy: https://github.com
         policyDir: config-sync-quickstart/multirepo/root
         secretType: none