Wait for the UDN namespaces to have SA's created

Should fix: pods "red-pod-0" is forbidden: error looking up service account e2e-network-segmentation-e2e-6878-red/default: serviceaccount "default" not found { ErrStatus: code: 403 details: kind: pods name: red-pod-0 message: 'pods "red-pod-0" is forbidden: error looking up service account e2e-network-segmentation-e2e-6878-red/default: serviceaccount "default" not found' metadata: {} reason: Forbidden status: Failure, Also change the vanilla create namespaces calls done in the tests to use the framework create Signed-off-by: Surya Seetharaman <[email protected]>
openshift · Feb 3, 2025 · c07df86 · c07df86
1 parent d8e21e6
commit c07df86
Show file tree

Hide file tree

Showing 2 changed files with 28 additions and 81 deletions.
diff --git a/test/extended/networking/network_segmentation.go b/test/extended/networking/network_segmentation.go
@@ -212,15 +212,8 @@ var _ = Describe("[sig-network][OCPFeatureGate:NetworkSegmentation][Feature:User
 						f.Namespace = ns
 						By("Creating second namespace for default network pods")
 						defaultNetNamespace := f.Namespace.Name + "-default"
-						_, err = cs.CoreV1().Namespaces().Create(context.Background(), &v1.Namespace{
-							ObjectMeta: metav1.ObjectMeta{
-								Name: defaultNetNamespace,
-							},
-						}, metav1.CreateOptions{})
+						_, err = f.CreateNamespace(context.TODO(), defaultNetNamespace, nil)
 						Expect(err).NotTo(HaveOccurred())
-						defer func() {
-							Expect(cs.CoreV1().Namespaces().Delete(context.Background(), defaultNetNamespace, metav1.DeleteOptions{})).To(Succeed())
-						}()
 
 						By("creating the network")
 						netConfigParams.namespace = f.Namespace.Name
@@ -501,21 +494,10 @@ var _ = Describe("[sig-network][OCPFeatureGate:NetworkSegmentation][Feature:User
 
 						for _, namespace := range []string{namespaceRed, namespaceBlue} {
 							By("Creating namespace " + namespace)
-							_, err := cs.CoreV1().Namespaces().Create(context.Background(), &v1.Namespace{
-								ObjectMeta: metav1.ObjectMeta{
-									Name:   namespace,
-									Labels: l,
-								},
-							}, metav1.CreateOptions{})
+							_, err := f.CreateNamespace(context.TODO(), namespace, l)
+							Expect(err).NotTo(HaveOccurred())
+							err = udnWaitForOpenShift(oc, namespace)
 							Expect(err).NotTo(HaveOccurred())
-							defer func() {
-								By("Removing namespace " + namespace)
-								Expect(cs.CoreV1().Namespaces().Delete(
-									context.Background(),
-									namespace,
-									metav1.DeleteOptions{},
-								)).To(Succeed())
-							}()
 						}
 						networkNamespaceMap := map[string]string{namespaceRed: red, namespaceBlue: blue}
 						for namespace, network := range networkNamespaceMap {
@@ -853,27 +835,17 @@ var _ = Describe("[sig-network][OCPFeatureGate:NetworkSegmentation][Feature:User
 
 				By("Creating test tenants namespaces")
 				for _, nsName := range testTenantNamespaces {
-					_, err := cs.CoreV1().Namespaces().Create(context.Background(), &v1.Namespace{
-						ObjectMeta: metav1.ObjectMeta{
-							Name:   nsName,
-							Labels: map[string]string{RequiredUDNNamespaceLabel: ""},
-						}}, metav1.CreateOptions{})
+					l := map[string]string{RequiredUDNNamespaceLabel: ""}
+					_, err := f.CreateNamespace(context.TODO(), nsName, l)
+					Expect(err).NotTo(HaveOccurred())
+					err = udnWaitForOpenShift(oc, nsName)
 					Expect(err).NotTo(HaveOccurred())
-					DeferCleanup(func() error {
-						err := cs.CoreV1().Namespaces().Delete(context.Background(), nsName, metav1.DeleteOptions{})
-						return err
-					})
 				}
 				// default cluster network namespace, for use when only testing secondary UDNs/NADs
-				defaultNetNamespace = &v1.Namespace{
-					ObjectMeta: metav1.ObjectMeta{
-						Name: f.Namespace.Name + "-default",
-					},
-				}
-				f.AddNamespacesToDelete(defaultNetNamespace)
-				_, err = cs.CoreV1().Namespaces().Create(context.Background(), defaultNetNamespace, metav1.CreateOptions{})
+				defaultNetNamespace := f.Namespace.Name + "-default"
+				_, err = f.CreateNamespace(context.TODO(), defaultNetNamespace, nil)
 				Expect(err).NotTo(HaveOccurred())
-				testTenantNamespaces = append(testTenantNamespaces, defaultNetNamespace.Name)
+				testTenantNamespaces = append(testTenantNamespaces, defaultNetNamespace)
 			})
 
 			var testClusterUdnName string
@@ -938,16 +910,11 @@ var _ = Describe("[sig-network][OCPFeatureGate:NetworkSegmentation][Feature:User
 					1*time.Minute, 3*time.Second).Should(Succeed())
 
 				By("create the new target namespace")
-				_, err = cs.CoreV1().Namespaces().Create(context.Background(), &v1.Namespace{
-					ObjectMeta: metav1.ObjectMeta{
-						Name:   testNewNs,
-						Labels: map[string]string{RequiredUDNNamespaceLabel: ""},
-					}}, metav1.CreateOptions{})
+				l := map[string]string{RequiredUDNNamespaceLabel: ""}
+				_, err = f.CreateNamespace(context.TODO(), testNewNs, l)
+				Expect(err).NotTo(HaveOccurred())
+				err = udnWaitForOpenShift(oc, testNewNs)
 				Expect(err).NotTo(HaveOccurred())
-				DeferCleanup(func() error {
-					err := cs.CoreV1().Namespaces().Delete(context.Background(), testNewNs, metav1.DeleteOptions{})
-					return err
-				})
 
 				expectedActiveNamespaces := append(testTenantNamespaces, testNewNs)
 				Eventually(
@@ -967,16 +934,11 @@ var _ = Describe("[sig-network][OCPFeatureGate:NetworkSegmentation][Feature:User
 					testNewNs := f.Namespace.Name + "green"
 
 					By("create new namespace")
-					_, err := cs.CoreV1().Namespaces().Create(context.Background(), &v1.Namespace{
-						ObjectMeta: metav1.ObjectMeta{
-							Name:   testNewNs,
-							Labels: map[string]string{RequiredUDNNamespaceLabel: ""},
-						}}, metav1.CreateOptions{})
+					l := map[string]string{RequiredUDNNamespaceLabel: ""}
+					_, err := f.CreateNamespace(context.TODO(), testNewNs, l)
+					Expect(err).NotTo(HaveOccurred())
+					err = udnWaitForOpenShift(oc, testNewNs)
 					Expect(err).NotTo(HaveOccurred())
-					DeferCleanup(func() error {
-						err := cs.CoreV1().Namespaces().Delete(context.Background(), testNewNs, metav1.DeleteOptions{})
-						return err
-					})
 
 					By("add new namespace to CR namespace-selector")
 					patch := fmt.Sprintf(`[{"op": "add", "path": "./spec/namespaceSelector/matchExpressions/0/values/-", "value": "%s"}]`, testNewNs)
@@ -1101,16 +1063,11 @@ var _ = Describe("[sig-network][OCPFeatureGate:NetworkSegmentation][Feature:User
 			}
 			By("Creating test tenants namespaces")
 			for _, nsName := range testTenantNamespaces {
-				_, err := cs.CoreV1().Namespaces().Create(context.Background(), &v1.Namespace{
-					ObjectMeta: metav1.ObjectMeta{
-						Name:   nsName,
-						Labels: map[string]string{RequiredUDNNamespaceLabel: ""},
-					}}, metav1.CreateOptions{})
+				l := map[string]string{RequiredUDNNamespaceLabel: ""}
+				_, err = f.CreateNamespace(context.TODO(), nsName, l)
+				Expect(err).NotTo(HaveOccurred())
+				err = udnWaitForOpenShift(oc, nsName)
 				Expect(err).NotTo(HaveOccurred())
-				DeferCleanup(func() error {
-					err := cs.CoreV1().Namespaces().Delete(context.Background(), nsName, metav1.DeleteOptions{})
-					return err
-				})
 			}
 
 			By("create primary network NAD in one of the tenant namespaces")
@@ -1193,15 +1150,8 @@ var _ = Describe("[sig-network][OCPFeatureGate:NetworkSegmentation][Feature:User
 			It("should react to k8s.ovn.org/open-default-ports annotations changes", func() {
 				By("Creating second namespace for default network pod")
 				defaultNetNamespace := f.Namespace.Name + "-default"
-				_, err := cs.CoreV1().Namespaces().Create(context.Background(), &v1.Namespace{
-					ObjectMeta: metav1.ObjectMeta{
-						Name: defaultNetNamespace,
-					},
-				}, metav1.CreateOptions{})
+				_, err := f.CreateNamespace(context.TODO(), defaultNetNamespace, nil)
 				Expect(err).NotTo(HaveOccurred())
-				defer func() {
-					Expect(cs.CoreV1().Namespaces().Delete(context.Background(), defaultNetNamespace, metav1.DeleteOptions{})).To(Succeed())
-				}()
 
 				By("creating default network client pod")
 				defaultClientPod := frameworkpod.CreateExecPodOrFail(

diff --git a/test/extended/networking/network_segmentation_policy.go b/test/extended/networking/network_segmentation_policy.go
@@ -63,14 +63,11 @@ var _ = ginkgo.Describe("[sig-network][OCPFeatureGate:NetworkSegmentation][Featu
 			namespaceBlue := getNamespaceName(f, namespaceBlueSuffix)
 			for _, namespace := range []string{namespaceYellow, namespaceBlue} {
 				ginkgo.By("Creating namespace " + namespace)
-				ns, err := cs.CoreV1().Namespaces().Create(context.Background(), &v1.Namespace{
-					ObjectMeta: metav1.ObjectMeta{
-						Name:   namespace,
-						Labels: map[string]string{RequiredUDNNamespaceLabel: ""},
-					},
-				}, metav1.CreateOptions{})
+				l := map[string]string{RequiredUDNNamespaceLabel: ""}
+				_, err := f.CreateNamespace(context.TODO(), namespace, l)
+				gomega.Expect(err).NotTo(gomega.HaveOccurred())
+				err = udnWaitForOpenShift(oc, namespace)
 				gomega.Expect(err).NotTo(gomega.HaveOccurred())
-				f.AddNamespacesToDelete(ns)
 			}
 		})