From fe4549ab5a3e1a7540ec06e03864091b2c820960 Mon Sep 17 00:00:00 2001 From: gangwgr Date: Mon, 29 Jun 2026 17:11:42 +0530 Subject: [PATCH] bump library-go funcs --- go.mod | 2 + go.sum | 4 +- test/e2e-encryption-kms/encryption_kms.go | 73 ++++++++++++++--- .../test/library/encryption/assertion_auth.go | 57 +++++++++++++ .../test/library/encryption/assertion_oas.go | 55 +++++++++++++ .../test/library/encryption/helpers.go | 7 +- .../test/library/encryption/helpers_auth.go | 80 +++++++++++++++++++ .../test/library/encryption/helpers_oas.go | 72 +++++++++++++++++ vendor/modules.txt | 3 +- 9 files changed, 336 insertions(+), 17 deletions(-) create mode 100644 vendor/github.com/openshift/library-go/test/library/encryption/assertion_auth.go create mode 100644 vendor/github.com/openshift/library-go/test/library/encryption/assertion_oas.go create mode 100644 vendor/github.com/openshift/library-go/test/library/encryption/helpers_auth.go create mode 100644 vendor/github.com/openshift/library-go/test/library/encryption/helpers_oas.go diff --git a/go.mod b/go.mod index 789d9d575..8053783f9 100644 --- a/go.mod +++ b/go.mod @@ -142,3 +142,5 @@ require ( ) replace github.com/onsi/ginkgo/v2 => github.com/openshift/onsi-ginkgo/v2 v2.6.1-0.20251001123353-fd5b1fb35db1 + +replace github.com/openshift/library-go => github.com/gangwgr/library-go v0.0.0-20260629123509-160942988b8b diff --git a/go.sum b/go.sum index 2a86a8f77..d59a932b5 100644 --- a/go.sum +++ b/go.sum @@ -52,6 +52,8 @@ github.com/fsnotify/fsnotify v1.9.0 h1:2Ml+OJNzbYCTzsxtv8vKSFD9PbJjmhYF14k/jKC7S github.com/fsnotify/fsnotify v1.9.0/go.mod h1:8jBTzvmWwFyi3Pb8djgCCO5IBqzKJ/Jwo8TRcHyHii0= github.com/fxamacker/cbor/v2 v2.9.0 h1:NpKPmjDBgUfBms6tr6JZkTHtfFGcMKsw3eGcmD/sapM= github.com/fxamacker/cbor/v2 v2.9.0/go.mod h1:vM4b+DJCtHn+zz7h3FFp/hDAI9WNWCsZj23V5ytsSxQ= +github.com/gangwgr/library-go v0.0.0-20260629123509-160942988b8b h1:ROkduY0k6MlsbLzJqA/r3RSUP60/xs64OJ42VqEr1xc= +github.com/gangwgr/library-go v0.0.0-20260629123509-160942988b8b/go.mod h1:8d0qQEDq2kpIZmaE1tKpvZ4pLeQZT+mW2JpqAh3iZIc= github.com/ghodss/yaml v1.0.0 h1:wQHKEahhL6wmXdzwWG11gIVCkOv05bNOh+Rxn0yngAk= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A= @@ -178,8 +180,6 @@ github.com/openshift/build-machinery-go v0.0.0-20251023084048-5d77c1a5e5af h1:Ui github.com/openshift/build-machinery-go v0.0.0-20251023084048-5d77c1a5e5af/go.mod h1:8jcm8UPtg2mCAsxfqKil1xrmRMI3a+XU2TZ9fF8A7TE= github.com/openshift/client-go v0.0.0-20260622130833-df412d4d283e h1:NrVmCwy3vBk6UTY+cNNFHbnB40FyusJmeUIInQod/v8= github.com/openshift/client-go v0.0.0-20260622130833-df412d4d283e/go.mod h1:lMQvYPtn6LrPO/YX2j5xdv2h6BRWgYVq1tMA3qA3N9k= -github.com/openshift/library-go v0.0.0-20260625074842-d80d43df888c h1:VqRxJg5ipu/TqDA0UXBc2O8SKVnUVh20cRUoec7J1dw= -github.com/openshift/library-go v0.0.0-20260625074842-d80d43df888c/go.mod h1:8d0qQEDq2kpIZmaE1tKpvZ4pLeQZT+mW2JpqAh3iZIc= github.com/openshift/multi-operator-manager v0.0.0-20241205181422-20aa3906b99d h1:Rzx23P63JFNNz5D23ubhC0FCN5rK8CeJhKcq5QKcdyU= github.com/openshift/multi-operator-manager v0.0.0-20241205181422-20aa3906b99d/go.mod h1:iVi9Bopa5cLhjG5ie9DoZVVqkH8BGb1FQVTtecOLn4I= github.com/openshift/oauth-apiserver v0.0.0-20260520145010-97a820bd5412 h1:oDB0GmUXLp8y85fWz+LGRE0hM5JqbXTfNPi5GjEqiX0= diff --git a/test/e2e-encryption-kms/encryption_kms.go b/test/e2e-encryption-kms/encryption_kms.go index d1de50db4..20d23f72c 100644 --- a/test/e2e-encryption-kms/encryption_kms.go +++ b/test/e2e-encryption-kms/encryption_kms.go @@ -8,7 +8,6 @@ import ( g "github.com/onsi/ginkgo/v2" "k8s.io/apimachinery/pkg/runtime" - operatorencryption "github.com/openshift/cluster-authentication-operator/test/library/encryption" library "github.com/openshift/library-go/test/library/encryption" librarykms "github.com/openshift/library-go/test/library/encryption/kms" ) @@ -42,15 +41,15 @@ func testKMSEncryptionOnOff(ctx context.Context, t testing.TB) { EncryptionConfigSecretName: "encryption-config-openshift-oauth-apiserver", EncryptionConfigSecretNamespace: "openshift-config-managed", OperatorNamespace: "openshift-authentication-operator", - TargetGRs: operatorencryption.DefaultTargetGRs, - AssertFunc: operatorencryption.AssertTokens, + TargetGRs: library.AuthTargetGRs, + AssertFunc: library.AssertTokens, }, CreateResourceFunc: func(t testing.TB, _ library.ClientSet, namespace string) runtime.Object { - return operatorencryption.CreateAndStoreTokenOfLife(context.TODO(), t, operatorencryption.GetClients(t)) + return library.CreateAndStoreTokenOfLife(context.TODO(), t, library.GetClients(t)) }, - AssertResourceEncryptedFunc: operatorencryption.AssertTokenOfLifeEncrypted, - AssertResourceNotEncryptedFunc: operatorencryption.AssertTokenOfLifeNotEncrypted, - ResourceFunc: func(t testing.TB, _ string) runtime.Object { return operatorencryption.TokenOfLife(t) }, + AssertResourceEncryptedFunc: library.AssertTokenOfLifeEncrypted, + AssertResourceNotEncryptedFunc: library.AssertTokenOfLifeNotEncrypted, + ResourceFunc: library.TokenOfLife, ResourceName: "TokenOfLife", EncryptionProvider: librarykms.DefaultVaultEncryptionProvider(ctx, t), }) @@ -72,15 +71,15 @@ func testKMSEncryptionProvidersMigration(ctx context.Context, t testing.TB) { EncryptionConfigSecretName: "encryption-config-openshift-oauth-apiserver", EncryptionConfigSecretNamespace: "openshift-config-managed", OperatorNamespace: "openshift-authentication-operator", - TargetGRs: operatorencryption.DefaultTargetGRs, - AssertFunc: operatorencryption.AssertTokens, + TargetGRs: library.AuthTargetGRs, + AssertFunc: library.AssertTokens, }, CreateResourceFunc: func(t testing.TB, _ library.ClientSet, namespace string) runtime.Object { - return operatorencryption.CreateAndStoreTokenOfLife(context.TODO(), t, operatorencryption.GetClients(t)) + return library.CreateAndStoreTokenOfLife(context.TODO(), t, library.GetClients(t)) }, - AssertResourceEncryptedFunc: operatorencryption.AssertTokenOfLifeEncrypted, - AssertResourceNotEncryptedFunc: operatorencryption.AssertTokenOfLifeNotEncrypted, - ResourceFunc: func(t testing.TB, _ string) runtime.Object { return operatorencryption.TokenOfLife(t) }, + AssertResourceEncryptedFunc: library.AssertTokenOfLifeEncrypted, + AssertResourceNotEncryptedFunc: library.AssertTokenOfLifeNotEncrypted, + ResourceFunc: library.TokenOfLife, ResourceName: "TokenOfLife", EncryptionProviders: library.ShuffleEncryptionProviders([]library.EncryptionProvider{ librarykms.DefaultVaultEncryptionProvider(ctx, t), @@ -88,3 +87,51 @@ func testKMSEncryptionProvidersMigration(ctx context.Context, t testing.TB) { }), }) } + +// testKMSToKMSMigration tests KMS-to-KMS migration (primary → secondary → primary → identity). +func testKMSToKMSMigration(ctx context.Context, t testing.TB) { + library.TestKMSToKMSMigration(ctx, t, library.KMSToKMSMigrationScenario{ + BasicScenario: library.BasicScenario{ + Namespace: "openshift-config-managed", + LabelSelector: "encryption.apiserver.operator.openshift.io/component" + "=" + "openshift-oauth-apiserver", + EncryptionConfigSecretName: "encryption-config-openshift-oauth-apiserver", + EncryptionConfigSecretNamespace: "openshift-config-managed", + OperatorNamespace: "openshift-authentication-operator", + TargetGRs: library.AuthTargetGRs, + AssertFunc: library.AssertTokens, + }, + CreateResourceFunc: func(t testing.TB, _ library.ClientSet, namespace string) runtime.Object { + return library.CreateAndStoreTokenOfLife(context.TODO(), t, library.GetClients(t)) + }, + AssertResourceEncryptedFunc: library.AssertTokenOfLifeEncrypted, + AssertResourceNotEncryptedFunc: library.AssertTokenOfLifeNotEncrypted, + ResourceFunc: library.TokenOfLife, + ResourceName: "TokenOfLife", + PrimaryProvider: librarykms.DefaultVaultEncryptionProvider(ctx, t), + SecondaryProvider: librarykms.SecondaryVaultEncryptionProvider(ctx, t), + }) +} + +// testKMSToKMSOnOff tests KMS on/off cycle with two distinct KMS providers. +func testKMSToKMSOnOff(ctx context.Context, t testing.TB) { + library.TestKMSToKMSOnOff(ctx, t, library.KMSToKMSMigrationScenario{ + BasicScenario: library.BasicScenario{ + Namespace: "openshift-config-managed", + LabelSelector: "encryption.apiserver.operator.openshift.io/component" + "=" + "openshift-oauth-apiserver", + EncryptionConfigSecretName: "encryption-config-openshift-oauth-apiserver", + EncryptionConfigSecretNamespace: "openshift-config-managed", + OperatorNamespace: "openshift-authentication-operator", + TargetGRs: library.AuthTargetGRs, + AssertFunc: library.AssertTokens, + }, + CreateResourceFunc: func(t testing.TB, _ library.ClientSet, namespace string) runtime.Object { + return library.CreateAndStoreTokenOfLife(context.TODO(), t, library.GetClients(t)) + }, + AssertResourceEncryptedFunc: library.AssertTokenOfLifeEncrypted, + AssertResourceNotEncryptedFunc: library.AssertTokenOfLifeNotEncrypted, + ResourceFunc: library.TokenOfLife, + ResourceName: "TokenOfLife", + PrimaryProvider: librarykms.DefaultVaultEncryptionProvider(ctx, t), + SecondaryProvider: librarykms.SecondaryVaultEncryptionProvider(ctx, t), + }) +} diff --git a/vendor/github.com/openshift/library-go/test/library/encryption/assertion_auth.go b/vendor/github.com/openshift/library-go/test/library/encryption/assertion_auth.go new file mode 100644 index 000000000..d32c82014 --- /dev/null +++ b/vendor/github.com/openshift/library-go/test/library/encryption/assertion_auth.go @@ -0,0 +1,57 @@ +package encryption + +import ( + "strings" + "testing" + + "github.com/stretchr/testify/require" + + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + + configv1 "github.com/openshift/api/config/v1" +) + +var AuthTargetGRs = []schema.GroupResource{ + {Group: "oauth.openshift.io", Resource: "oauthaccesstokens"}, + {Group: "oauth.openshift.io", Resource: "oauthauthorizetokens"}, +} + +func AssertTokenOfLifeEncrypted(t testing.TB, clientSet ClientSet, _ runtime.Object) { + t.Helper() + rawTokenValue := GetRawTokenOfLife(t, clientSet) + marker := "I have no special talents. I am only passionately curious" + if strings.Contains(rawTokenValue, marker) { + t.Errorf("access token not encrypted, etcd value contains refresh token marker in plain text") + } +} + +func AssertTokenOfLifeNotEncrypted(t testing.TB, clientSet ClientSet, _ runtime.Object) { + t.Helper() + rawTokenValue := GetRawTokenOfLife(t, clientSet) + marker := "I have no special talents. I am only passionately curious" + if !strings.Contains(rawTokenValue, marker) { + t.Errorf("access token not decrypted, etcd value does not contain refresh token marker in plain text") + } +} + +func AssertTokens(t testing.TB, clientSet ClientSet, expectedMode configv1.EncryptionType, namespace, labelSelector string) { + t.Helper() + assertAccessTokens(t, clientSet.Etcd, string(expectedMode)) + assertAuthTokens(t, clientSet.Etcd, string(expectedMode)) + AssertLastMigratedKey(t, clientSet.Kube, AuthTargetGRs, namespace, labelSelector) +} + +func assertAccessTokens(t testing.TB, etcdClient EtcdClient, expectedMode string) { + t.Logf("Checking if all OauthAccessTokens where encrypted/decrypted for %q mode", expectedMode) + totalAccessTokens, err := VerifyResources(t, etcdClient, "/openshift.io/oauth/accesstokens/", expectedMode, true) + t.Logf("Verified %d OauthAccessTokens", totalAccessTokens) + require.NoError(t, err) +} + +func assertAuthTokens(t testing.TB, etcdClient EtcdClient, expectedMode string) { + t.Logf("Checking if all OAuthAuthorizeTokens where encrypted/decrypted for %q mode", expectedMode) + totalAuthTokens, err := VerifyResources(t, etcdClient, "/openshift.io/oauth/authorizetokens/", expectedMode, true) + t.Logf("Verified %d OAuthAuthorizeTokens", totalAuthTokens) + require.NoError(t, err) +} diff --git a/vendor/github.com/openshift/library-go/test/library/encryption/assertion_oas.go b/vendor/github.com/openshift/library-go/test/library/encryption/assertion_oas.go new file mode 100644 index 000000000..6735b1d33 --- /dev/null +++ b/vendor/github.com/openshift/library-go/test/library/encryption/assertion_oas.go @@ -0,0 +1,55 @@ +package encryption + +import ( + "strings" + "testing" + + "github.com/stretchr/testify/require" + + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + + configv1 "github.com/openshift/api/config/v1" + routev1 "github.com/openshift/api/route/v1" +) + +var OASTargetGRs = []schema.GroupResource{ + {Group: "route.openshift.io", Resource: "routes"}, +} + +func AssertRouteOfLifeEncrypted(t testing.TB, clientSet ClientSet, resource runtime.Object) { + t.Helper() + routeOfLife, ok := resource.(*routev1.Route) + if !ok { + t.Fatalf("expected *routev1.Route, got %T", resource) + } + rawRouteValue := GetRawRouteOfLife(t, clientSet, routeOfLife.Namespace) + if strings.Contains(rawRouteValue, routeOfLife.Spec.To.Name) { + t.Errorf("route not encrypted, etcd value contains target name %q in plain text", routeOfLife.Spec.To.Name) + } +} + +func AssertRouteOfLifeNotEncrypted(t testing.TB, clientSet ClientSet, resource runtime.Object) { + t.Helper() + routeOfLife, ok := resource.(*routev1.Route) + if !ok { + t.Fatalf("expected *routev1.Route, got %T", resource) + } + rawRouteValue := GetRawRouteOfLife(t, clientSet, routeOfLife.Namespace) + if !strings.Contains(rawRouteValue, routeOfLife.Spec.To.Name) { + t.Errorf("route not decrypted, etcd value does not contain target name %q in plain text", routeOfLife.Spec.To.Name) + } +} + +func AssertRoutes(t testing.TB, clientSet ClientSet, expectedMode configv1.EncryptionType, namespace, labelSelector string) { + t.Helper() + assertRoutes(t, clientSet.Etcd, string(expectedMode)) + AssertLastMigratedKey(t, clientSet.Kube, OASTargetGRs, namespace, labelSelector) +} + +func assertRoutes(t testing.TB, etcdClient EtcdClient, expectedMode string) { + t.Logf("Checking if all Routes where encrypted/decrypted for %q mode", expectedMode) + totalRoutes, err := VerifyResources(t, etcdClient, "/openshift.io/routes/", expectedMode, false) + t.Logf("Verified %d Routes", totalRoutes) + require.NoError(t, err) +} diff --git a/vendor/github.com/openshift/library-go/test/library/encryption/helpers.go b/vendor/github.com/openshift/library-go/test/library/encryption/helpers.go index 2278ecb84..e0f836bee 100644 --- a/vendor/github.com/openshift/library-go/test/library/encryption/helpers.go +++ b/vendor/github.com/openshift/library-go/test/library/encryption/helpers.go @@ -19,6 +19,7 @@ import ( "k8s.io/apimachinery/pkg/runtime/schema" "k8s.io/apimachinery/pkg/util/rand" "k8s.io/apimachinery/pkg/util/wait" + "k8s.io/client-go/dynamic" "k8s.io/client-go/kubernetes" "k8s.io/client-go/util/retry" @@ -47,6 +48,7 @@ type ClientSet struct { Etcd EtcdClient ApiServerConfig configv1client.APIServerInterface Kube kubernetes.Interface + DynamicClient dynamic.Interface } type EncryptionKeyMeta struct { @@ -132,7 +134,10 @@ func GetClients(t testing.TB) ClientSet { kubeClient := kubernetes.NewForConfigOrDie(kubeConfig) etcdClient := NewEtcdClient(kubeClient) - return ClientSet{Etcd: etcdClient, ApiServerConfig: apiServerConfigClient, Kube: kubeClient} + dynamicClient, err := dynamic.NewForConfig(kubeConfig) + require.NoError(t, err) + + return ClientSet{Etcd: etcdClient, ApiServerConfig: apiServerConfigClient, Kube: kubeClient, DynamicClient: dynamicClient} } func WaitForEncryptionKeyBasedOn(t testing.TB, kubeClient kubernetes.Interface, prevKeyMeta EncryptionKeyMeta, encryptionType configv1.EncryptionType, defaultTargetGRs []schema.GroupResource, namespace, labelSelector string) { diff --git a/vendor/github.com/openshift/library-go/test/library/encryption/helpers_auth.go b/vendor/github.com/openshift/library-go/test/library/encryption/helpers_auth.go new file mode 100644 index 000000000..a5c559480 --- /dev/null +++ b/vendor/github.com/openshift/library-go/test/library/encryption/helpers_auth.go @@ -0,0 +1,80 @@ +package encryption + +import ( + "context" + "fmt" + "testing" + "time" + + "github.com/stretchr/testify/require" + + "k8s.io/apimachinery/pkg/api/errors" + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + + oauthapiv1 "github.com/openshift/api/oauth/v1" +) + +var oauthAccessTokenGVR = schema.GroupVersionResource{Group: "oauth.openshift.io", Version: "v1", Resource: "oauthaccesstokens"} + +const tokenOfLifeName = "sha256~token-aaaaaaaa-of-aaaaaaaa-life-aaaaaaaa" + +func CreateAndStoreTokenOfLife(ctx context.Context, t testing.TB, cs ClientSet) runtime.Object { + t.Helper() + tokens := cs.DynamicClient.Resource(oauthAccessTokenGVR) + + oldToken, err := tokens.Get(ctx, tokenOfLifeName, metav1.GetOptions{}) + if err != nil && !errors.IsNotFound(err) { + t.Fatalf("Failed to check if the token already exists: %v", err) + } + if oldToken != nil && len(oldToken.GetName()) > 0 { + t.Log("The access token already exists, removing it first") + require.NoError(t, tokens.Delete(ctx, oldToken.GetName(), metav1.DeleteOptions{})) + } + + t.Logf("Creating %q at cluster scope level", tokenOfLifeName) + token := TokenOfLife(t, "") + obj, err := runtime.DefaultUnstructuredConverter.ToUnstructured(token) + require.NoError(t, err) + + created, err := tokens.Create(ctx, &unstructured.Unstructured{Object: obj}, metav1.CreateOptions{}) + require.NoError(t, err) + + var result oauthapiv1.OAuthAccessToken + err = runtime.DefaultUnstructuredConverter.FromUnstructured(created.Object, &result) + require.NoError(t, err) + return &result +} + +func TokenOfLife(_ testing.TB, _ string) runtime.Object { + return &oauthapiv1.OAuthAccessToken{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "oauth.openshift.io/v1", + Kind: "OAuthAccessToken", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: tokenOfLifeName, + }, + RefreshToken: "I have no special talents. I am only passionately curious", + UserName: "kube:admin", + Scopes: []string{"user:full"}, + RedirectURI: "redirect.me.to.token.of.life", + ClientName: "console", + UserUID: "non-existing-user-id", + } +} + +func GetRawTokenOfLife(t testing.TB, clientSet ClientSet) string { + t.Helper() + timeout, cancel := context.WithTimeout(context.Background(), 5*time.Minute) + defer cancel() + + tokenOfLifeKey := fmt.Sprintf("/openshift.io/oauth/accesstokens/%s", tokenOfLifeName) + resp, err := clientSet.Etcd.Get(timeout, tokenOfLifeKey) + require.NoError(t, err) + require.Len(t, resp.Kvs, 1, "expected exactly one key from etcd for token-of-life") + + return string(resp.Kvs[0].Value) +} diff --git a/vendor/github.com/openshift/library-go/test/library/encryption/helpers_oas.go b/vendor/github.com/openshift/library-go/test/library/encryption/helpers_oas.go new file mode 100644 index 000000000..ff2f04938 --- /dev/null +++ b/vendor/github.com/openshift/library-go/test/library/encryption/helpers_oas.go @@ -0,0 +1,72 @@ +package encryption + +import ( + "context" + "fmt" + "testing" + "time" + + "github.com/stretchr/testify/require" + + metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" + "k8s.io/apimachinery/pkg/apis/meta/v1/unstructured" + "k8s.io/apimachinery/pkg/runtime" + "k8s.io/apimachinery/pkg/runtime/schema" + "k8s.io/apimachinery/pkg/util/intstr" + + routev1 "github.com/openshift/api/route/v1" +) + +var routeGVR = schema.GroupVersionResource{Group: "route.openshift.io", Version: "v1", Resource: "routes"} + +func CreateAndStoreRouteOfLife(ctx context.Context, t testing.TB, cs ClientSet, ns string) runtime.Object { + t.Helper() + t.Logf("Creating %q in %q namespace", "route-of-life", ns) + + route := RouteOfLife(t, ns) + obj, err := runtime.DefaultUnstructuredConverter.ToUnstructured(route) + require.NoError(t, err) + + created, err := cs.DynamicClient.Resource(routeGVR).Namespace(ns).Create(ctx, &unstructured.Unstructured{Object: obj}, metav1.CreateOptions{}) + require.NoError(t, err) + + var result routev1.Route + err = runtime.DefaultUnstructuredConverter.FromUnstructured(created.Object, &result) + require.NoError(t, err) + return &result +} + +func RouteOfLife(_ testing.TB, ns string) runtime.Object { + return &routev1.Route{ + TypeMeta: metav1.TypeMeta{ + APIVersion: "route.openshift.io/v1", + Kind: "Route", + }, + ObjectMeta: metav1.ObjectMeta{ + Name: "route-of-life", + Namespace: ns, + }, + Spec: routev1.RouteSpec{ + Host: "devcluster.openshift.io", + Port: &routev1.RoutePort{ + TargetPort: intstr.FromInt(2014), + }, + To: routev1.RouteTargetReference{ + Name: "dummyroute", + }, + }, + } +} + +func GetRawRouteOfLife(t testing.TB, clientSet ClientSet, ns string) string { + t.Helper() + timeout, cancel := context.WithTimeout(context.Background(), 5*time.Minute) + defer cancel() + + routeOfLifeKey := fmt.Sprintf("/openshift.io/routes/%s/%s", ns, "route-of-life") + resp, err := clientSet.Etcd.Get(timeout, routeOfLifeKey) + require.NoError(t, err) + require.Len(t, resp.Kvs, 1, "expected exactly one key from etcd for route-of-life") + + return string(resp.Kvs[0].Value) +} diff --git a/vendor/modules.txt b/vendor/modules.txt index 0bab55928..83eada756 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -411,7 +411,7 @@ github.com/openshift/client-go/user/applyconfigurations/internal github.com/openshift/client-go/user/applyconfigurations/user/v1 github.com/openshift/client-go/user/clientset/versioned/scheme github.com/openshift/client-go/user/clientset/versioned/typed/user/v1 -# github.com/openshift/library-go v0.0.0-20260625074842-d80d43df888c +# github.com/openshift/library-go v0.0.0-20260625074842-d80d43df888c => github.com/gangwgr/library-go v0.0.0-20260629123509-160942988b8b ## explicit; go 1.25.0 github.com/openshift/library-go/pkg/apiserver/jsonpatch github.com/openshift/library-go/pkg/apps/deployment @@ -1687,3 +1687,4 @@ sigs.k8s.io/structured-merge-diff/v6/value ## explicit; go 1.22 sigs.k8s.io/yaml # github.com/onsi/ginkgo/v2 => github.com/openshift/onsi-ginkgo/v2 v2.6.1-0.20251001123353-fd5b1fb35db1 +# github.com/openshift/library-go => github.com/gangwgr/library-go v0.0.0-20260629123509-160942988b8b