Skip to content

Commit

Permalink
Improve Federated Authetication test (#1469)
Browse files Browse the repository at this point in the history
  • Loading branch information
@helderjs
helderjs authored Mar 25, 2024
1 parent 065d6f0 commit ecb65e7
Show file tree
Hide file tree
Showing 2 changed files with 40 additions and 2 deletions.
23 changes: 21 additions & 2 deletions config/samples/atlas_v1_atlasfederatedauth.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,25 @@
apiVersion: atlas.mongodb.com/v1
kind: AtlasFederatedAuth
metadata:
name: atlasfederatedauth-sample
name: atlas-default-federated-auth
namespace: mongodb-atlas-system
spec:
# TODO(user): Add fields here
enabled: true
connectionSecretRef:
name: my-org-secret
namespace: mongodb-atlas-system
domainAllowList:
- my-org-domain.com
domainRestrictionEnabled: true
ssoDebugEnabled: false
postAuthRoleGrants:
- ORG_MEMBER
roleMappings:
- externalGroupName: org-admin
roleAssignments:
- role: ORG_OWNER
- externalGroupName: dev-team
roleAssignments:
- role: ORG_GROUP_CREATOR
- projectName: dev-project
role: GROUP_OWNER
19 changes: 19 additions & 0 deletions test/int/federated_auth_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@ import (
"github.com/mongodb/mongodb-atlas-kubernetes/v2/internal/pointer"
akov2 "github.com/mongodb/mongodb-atlas-kubernetes/v2/pkg/api/v1"
"github.com/mongodb/mongodb-atlas-kubernetes/v2/pkg/api/v1/common"
"github.com/mongodb/mongodb-atlas-kubernetes/v2/pkg/api/v1/project"
"github.com/mongodb/mongodb-atlas-kubernetes/v2/pkg/api/v1/status"
"github.com/mongodb/mongodb-atlas-kubernetes/v2/test/helper/resources"
)
Expand All @@ -24,6 +25,7 @@ var _ = Describe("AtlasFederatedAuth test", Label("AtlasFederatedAuth", "federat
var stopManager context.CancelFunc
var connectionSecret corev1.Secret

var akoProject *akov2.AtlasProject
var originalConnectedOrgConfig *admin.ConnectedOrgConfig
var originalFederationSettings *admin.OrgFederationSettings
var originalIdp *admin.FederationIdentityProvider
Expand Down Expand Up @@ -75,6 +77,16 @@ var _ = Describe("AtlasFederatedAuth test", Label("AtlasFederatedAuth", "federat
connectionSecret = buildConnectionSecret(fmt.Sprintf("%s-atlas-key", testNamespace.Name))
Expect(k8sClient.Create(ctx, &connectionSecret)).To(Succeed())
})

By("Creating a project", func() {
akoProject = akov2.DefaultProject(namespace.Name, connectionSecret.Name).
WithIPAccessList(project.NewIPAccessList().WithCIDR("0.0.0.0/0"))

Expect(k8sClient.Create(context.Background(), akoProject)).To(Succeed())
Eventually(func() bool {
return resources.CheckCondition(k8sClient, akoProject, status.TrueCondition(status.ReadyType))
}).WithTimeout(5 * time.Minute).WithPolling(interval).Should(BeTrue())
})
})

It("Should be able to update existing Organization's federations settings", func() {
Expand Down Expand Up @@ -111,6 +123,7 @@ var _ = Describe("AtlasFederatedAuth test", Label("AtlasFederatedAuth", "federat
ExternalGroupName: newRoleMapName,
RoleAssignments: []akov2.RoleAssignment{
{Role: "ORG_OWNER"},
{Role: "GROUP_OWNER", ProjectName: akoProject.Spec.Name},
},
},
)
Expand Down Expand Up @@ -176,6 +189,12 @@ var _ = Describe("AtlasFederatedAuth test", Label("AtlasFederatedAuth", "federat
})

AfterEach(func() {
By("Should delete project", func() {
Expect(k8sClient.Delete(ctx, akoProject)).To(Succeed())

Eventually(checkAtlasProjectRemoved(akoProject.ID())).WithTimeout(5 * time.Minute).WithPolling(PollingInterval).Should(BeTrue())
})

By("Should delete connection secret", func() {
Expect(k8sClient.Delete(ctx, &connectionSecret)).To(Succeed())
})
Expand Down

0 comments on commit ecb65e7

Please sign in to comment.