diff --git a/Makefile b/Makefile index c7072061..fe999826 100644 --- a/Makefile +++ b/Makefile @@ -49,7 +49,7 @@ authorino: poetry-no-dev authorino-standalone: ## Run only test capable of running with standalone Authorino authorino-standalone: poetry-no-dev - $(PYTEST) -n4 -m 'authorino and not kuadrant_only' --runxfail --dist loadfile --enforce --standalone $(flags) testsuite/tests/kuadrant/authorino + $(PYTEST) -n4 -m 'authorino and not kuadrant_only' --dist loadfile --enforce --standalone $(flags) testsuite/tests/kuadrant/authorino limitador: ## Run only Limitador related tests limitador: poetry-no-dev diff --git a/testsuite/tests/kuadrant/authorino/dinosaur/conftest.py b/testsuite/tests/kuadrant/authorino/dinosaur/conftest.py index 2304a058..6c6c311b 100644 --- a/testsuite/tests/kuadrant/authorino/dinosaur/conftest.py +++ b/testsuite/tests/kuadrant/authorino/dinosaur/conftest.py @@ -3,6 +3,7 @@ """ import pytest +from openshift_client import OpenShiftPythonException from testsuite.httpx.auth import HttpxOidcClientAuth from testsuite.oidc.keycloak import Keycloak @@ -28,6 +29,22 @@ def admin_rhsso(blame, keycloak): return info +@pytest.fixture(scope="module", autouse=True) +def commit(request, authorization): + """ + xFails tests if the commit fails with Too many branches exception + https://github.com/Kuadrant/kuadrant-operator/issues/566 + This should happen only when using Kuadrant. The test should pass on AuthConfig + """ + request.addfinalizer(authorization.delete) + try: + authorization.commit() + authorization.wait_for_ready() + except OpenShiftPythonException as exc: + if "Too many" in exc.result.err(): + pytest.xfail("AuthPolicy max limit") + + @pytest.fixture() def admin_auth(admin_rhsso): """Returns Keycloak authentication object for HTTPX""" @@ -116,7 +133,7 @@ def authorization(authorization, keycloak, terms_and_conditions, cluster_info, a "user-sso", keycloak.well_known["issuer"], ttl=3600, - defaults_properties={"org_id": ValueFrom("auth.identity.middle_name")}, + defaults_properties={"org_id": ValueFrom("auth.identity.family_name")}, ) authorization.identity.add_oidc( "admin-sso", admin_rhsso.well_known["issuer"], ttl=3600, when=[PatternRef("admin-route")] @@ -231,30 +248,31 @@ def authorization(authorization, keycloak, terms_and_conditions, cluster_info, a @pytest.fixture(scope="module") def user_with_valid_org_id(keycloak, blame): """ - Creates new user with valid middle name. - Middle name is mapped to org ID in auth config. + Creates new user with valid last name. + last name is mapped to org ID in auth config. """ - user = keycloak.realm.create_user(blame("someuser"), blame("password")) - user.assign_attribute({"middleName": "123"}) + user = keycloak.realm.create_user(blame("someuser"), blame("password"), lastName="123") return HttpxOidcClientAuth.from_user(keycloak.get_token, user=user) -@pytest.fixture(scope="module", params=["321", None]) -def user_with_invalid_org_id(keycloak, blame, request): +# https://github.com/Kuadrant/testsuite/issues/396 +# @pytest.fixture(scope="module", params=["321", None]) +@pytest.fixture(scope="module") +def user_with_invalid_org_id(keycloak, blame): """ - Creates new user with valid middle name. - Middle name is mapped to org ID in auth config. + Creates new user with valid last name. + last name is mapped to org ID in auth config. """ - user = keycloak.realm.create_user(blame("someuser"), blame("password")) - user.assign_attribute({"middleName": request.param}) + user = keycloak.realm.create_user(blame("someuser"), blame("password"), lastName="321") return HttpxOidcClientAuth.from_user(keycloak.get_token, user=user) @pytest.fixture(scope="module") def user_with_invalid_email(keycloak, blame): """Creates new user with invalid email""" - user = keycloak.realm.create_user(blame("someuser"), blame("password"), email="denied-test-user1@example.com") - user.assign_attribute({"middleName": "123"}) + user = keycloak.realm.create_user( + blame("someuser"), blame("password"), email="denied-test-user1@example.com", lastName="123" + ) return HttpxOidcClientAuth.from_user(keycloak.get_token, user=user) diff --git a/testsuite/tests/kuadrant/authorino/dinosaur/test_dinosaur.py b/testsuite/tests/kuadrant/authorino/dinosaur/test_dinosaur.py index b3a596e6..45625aaf 100644 --- a/testsuite/tests/kuadrant/authorino/dinosaur/test_dinosaur.py +++ b/testsuite/tests/kuadrant/authorino/dinosaur/test_dinosaur.py @@ -3,14 +3,9 @@ """ import pytest -from openshift_client import OpenShiftPythonException pytestmark = [ pytest.mark.authorino, - pytest.mark.xfail( - reason="AuthPolicy max limit", - raises=OpenShiftPythonException, - ), pytest.mark.issue("https://github.com/Kuadrant/kuadrant-operator/issues/566"), ]