Skip to content

Commit 043f6e7

Browse files
committed
Resolve cyclic imports in e2e tests
1 parent 0f58ef3 commit 043f6e7

File tree

238 files changed

+982
-747
lines changed

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

238 files changed

+982
-747
lines changed

docker/mongodb-kubernetes-tests/kubetester/__init__.py

Lines changed: 0 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -11,8 +11,6 @@
1111

1212
# Re-exports
1313
from .kubetester import fixture as find_fixture
14-
from .mongodb import MongoDB
15-
from .mongodb_community import MongoDBCommunity
1614
from .security_context import (
1715
assert_pod_container_security_context,
1816
assert_pod_security_context,

docker/mongodb-kubernetes-tests/kubetester/certs.py

Lines changed: 1 addition & 165 deletions
Original file line numberDiff line numberDiff line change
@@ -21,8 +21,7 @@
2121
read_secret,
2222
)
2323
from kubetester.kubetester import KubernetesTester
24-
from kubetester.mongodb import Phase
25-
from kubetester.mongodb_multi import MongoDBMulti, MultiClusterClient
24+
from kubetester.phase import Phase
2625
from opentelemetry import trace
2726
from tests import test_logger
2827
from tests.vaultintegration import (
@@ -379,169 +378,6 @@ def multi_cluster_external_service_fqdns(
379378
return service_fqdns
380379

381380

382-
def create_multi_cluster_tls_certs(
383-
multi_cluster_issuer: str,
384-
secret_name: str,
385-
central_cluster_client: kubernetes.client.ApiClient,
386-
member_clients: List[MultiClusterClient],
387-
mongodb_multi: Optional[MongoDBMulti] = None,
388-
namespace: Optional[str] = None,
389-
secret_backend: Optional[str] = None,
390-
additional_domains: Optional[List[str]] = None,
391-
service_fqdns: Optional[List[str]] = None,
392-
clusterwide: bool = False,
393-
spec: Optional[dict] = None,
394-
) -> str:
395-
if service_fqdns is None:
396-
service_fqdns = [f"{mongodb_multi.name}-svc.{mongodb_multi.namespace}.svc.cluster.local"]
397-
398-
for client in member_clients:
399-
cluster_spec = mongodb_multi.get_item_spec(client.cluster_name)
400-
try:
401-
external_domain = cluster_spec["externalAccess"]["externalDomain"]
402-
except KeyError:
403-
external_domain = None
404-
service_fqdns.extend(
405-
multi_cluster_service_fqdns(
406-
mongodb_multi.name,
407-
mongodb_multi.namespace,
408-
external_domain,
409-
client.cluster_index,
410-
cluster_spec["members"],
411-
)
412-
)
413-
414-
if namespace is None:
415-
namespace = mongodb_multi.namespace
416-
417-
generate_cert(
418-
namespace=namespace,
419-
pod="tmp",
420-
dns="",
421-
issuer=multi_cluster_issuer,
422-
additional_domains=additional_domains,
423-
multi_cluster_mode=True,
424-
api_client=central_cluster_client,
425-
secret_backend=secret_backend,
426-
secret_name=secret_name,
427-
vault_subpath="database",
428-
dns_list=service_fqdns,
429-
spec=spec,
430-
clusterwide=clusterwide,
431-
)
432-
433-
return secret_name
434-
435-
436-
def create_multi_cluster_agent_certs(
437-
multi_cluster_issuer: str,
438-
secret_name: str,
439-
central_cluster_client: kubernetes.client.ApiClient,
440-
mongodb_multi: MongoDBMulti,
441-
secret_backend: Optional[str] = None,
442-
) -> str:
443-
agents = ["mms-automation-agent"]
444-
subject = copy.deepcopy(SUBJECT)
445-
subject["organizationalUnits"] = [mongodb_multi.namespace]
446-
447-
spec = {
448-
"subject": subject,
449-
"usages": ["client auth"],
450-
}
451-
spec["dnsNames"] = agents
452-
spec["commonName"] = "mms-automation-agent"
453-
return generate_cert(
454-
namespace=mongodb_multi.namespace,
455-
pod="tmp",
456-
dns="",
457-
issuer=multi_cluster_issuer,
458-
spec=spec,
459-
multi_cluster_mode=True,
460-
api_client=central_cluster_client,
461-
secret_backend=secret_backend,
462-
secret_name=secret_name,
463-
vault_subpath="database",
464-
)
465-
466-
467-
def create_multi_cluster_x509_agent_certs(
468-
multi_cluster_issuer: str,
469-
secret_name: str,
470-
central_cluster_client: kubernetes.client.ApiClient,
471-
mongodb_multi: MongoDBMulti,
472-
secret_backend: Optional[str] = None,
473-
) -> str:
474-
spec = get_agent_x509_subject(mongodb_multi.namespace)
475-
476-
return generate_cert(
477-
namespace=mongodb_multi.namespace,
478-
pod="tmp",
479-
dns="",
480-
issuer=multi_cluster_issuer,
481-
spec=spec,
482-
multi_cluster_mode=True,
483-
api_client=central_cluster_client,
484-
secret_backend=secret_backend,
485-
secret_name=secret_name,
486-
vault_subpath="database",
487-
)
488-
489-
490-
def create_multi_cluster_mongodb_tls_certs(
491-
multi_cluster_issuer: str,
492-
bundle_secret_name: str,
493-
member_cluster_clients: List[MultiClusterClient],
494-
central_cluster_client: kubernetes.client.ApiClient,
495-
mongodb_multi: Optional[MongoDBMulti] = None,
496-
namespace: Optional[str] = None,
497-
additional_domains: Optional[List[str]] = None,
498-
service_fqdns: Optional[List[str]] = None,
499-
clusterwide: bool = False,
500-
) -> str:
501-
# create the "source-of-truth" tls cert in central cluster
502-
create_multi_cluster_tls_certs(
503-
multi_cluster_issuer=multi_cluster_issuer,
504-
central_cluster_client=central_cluster_client,
505-
member_clients=member_cluster_clients,
506-
secret_name=bundle_secret_name,
507-
mongodb_multi=mongodb_multi,
508-
namespace=namespace,
509-
additional_domains=additional_domains,
510-
service_fqdns=service_fqdns,
511-
clusterwide=clusterwide,
512-
)
513-
514-
return bundle_secret_name
515-
516-
517-
def create_multi_cluster_mongodb_x509_tls_certs(
518-
multi_cluster_issuer: str,
519-
bundle_secret_name: str,
520-
member_cluster_clients: List[MultiClusterClient],
521-
central_cluster_client: kubernetes.client.ApiClient,
522-
mongodb_multi: MongoDBMulti,
523-
additional_domains: Optional[List[str]] = None,
524-
service_fqdns: Optional[List[str]] = None,
525-
clusterwide: bool = False,
526-
) -> str:
527-
spec = get_mongodb_x509_subject(mongodb_multi.namespace)
528-
529-
# create the "source-of-truth" tls cert in central cluster
530-
create_multi_cluster_tls_certs(
531-
multi_cluster_issuer=multi_cluster_issuer,
532-
central_cluster_client=central_cluster_client,
533-
member_clients=member_cluster_clients,
534-
secret_name=bundle_secret_name,
535-
mongodb_multi=mongodb_multi,
536-
additional_domains=additional_domains,
537-
service_fqdns=service_fqdns,
538-
clusterwide=clusterwide,
539-
spec=spec,
540-
)
541-
542-
return bundle_secret_name
543-
544-
545381
def create_x509_mongodb_tls_certs(
546382
issuer: str,
547383
namespace: str,
Lines changed: 177 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,177 @@
1+
import copy
2+
from typing import List, Optional
3+
4+
import kubernetes
5+
from kubeobject import CustomObject
6+
from kubetester.certs import (
7+
SUBJECT,
8+
generate_cert,
9+
get_agent_x509_subject,
10+
get_mongodb_x509_subject,
11+
multi_cluster_service_fqdns,
12+
)
13+
from kubetester.mongodb_multi import MongoDBMulti
14+
from kubetester.multicluster_client import MultiClusterClient
15+
16+
17+
def create_multi_cluster_agent_certs(
18+
multi_cluster_issuer: str,
19+
secret_name: str,
20+
central_cluster_client: kubernetes.client.ApiClient,
21+
mongodb_multi: MongoDBMulti,
22+
secret_backend: Optional[str] = None,
23+
) -> str:
24+
agents = ["mms-automation-agent"]
25+
subject = copy.deepcopy(SUBJECT)
26+
subject["organizationalUnits"] = [mongodb_multi.namespace]
27+
28+
spec = {
29+
"subject": subject,
30+
"usages": ["client auth"],
31+
}
32+
spec["dnsNames"] = agents
33+
spec["commonName"] = "mms-automation-agent"
34+
return generate_cert(
35+
namespace=mongodb_multi.namespace,
36+
pod="tmp",
37+
dns="",
38+
issuer=multi_cluster_issuer,
39+
spec=spec,
40+
multi_cluster_mode=True,
41+
api_client=central_cluster_client,
42+
secret_backend=secret_backend,
43+
secret_name=secret_name,
44+
vault_subpath="database",
45+
)
46+
47+
48+
def create_multi_cluster_x509_agent_certs(
49+
multi_cluster_issuer: str,
50+
secret_name: str,
51+
central_cluster_client: kubernetes.client.ApiClient,
52+
mongodb_multi: MongoDBMulti,
53+
secret_backend: Optional[str] = None,
54+
) -> str:
55+
spec = get_agent_x509_subject(mongodb_multi.namespace)
56+
57+
return generate_cert(
58+
namespace=mongodb_multi.namespace,
59+
pod="tmp",
60+
dns="",
61+
issuer=multi_cluster_issuer,
62+
spec=spec,
63+
multi_cluster_mode=True,
64+
api_client=central_cluster_client,
65+
secret_backend=secret_backend,
66+
secret_name=secret_name,
67+
vault_subpath="database",
68+
)
69+
70+
71+
def create_multi_cluster_mongodb_tls_certs(
72+
multi_cluster_issuer: str,
73+
bundle_secret_name: str,
74+
member_cluster_clients: List[MultiClusterClient],
75+
central_cluster_client: kubernetes.client.ApiClient,
76+
mongodb_multi: Optional[MongoDBMulti] = None,
77+
namespace: Optional[str] = None,
78+
additional_domains: Optional[List[str]] = None,
79+
service_fqdns: Optional[List[str]] = None,
80+
clusterwide: bool = False,
81+
) -> str:
82+
# create the "source-of-truth" tls cert in central cluster
83+
create_multi_cluster_tls_certs(
84+
multi_cluster_issuer=multi_cluster_issuer,
85+
central_cluster_client=central_cluster_client,
86+
member_clients=member_cluster_clients,
87+
secret_name=bundle_secret_name,
88+
mongodb_multi=mongodb_multi,
89+
namespace=namespace,
90+
additional_domains=additional_domains,
91+
service_fqdns=service_fqdns,
92+
clusterwide=clusterwide,
93+
)
94+
95+
return bundle_secret_name
96+
97+
98+
def create_multi_cluster_mongodb_x509_tls_certs(
99+
multi_cluster_issuer: str,
100+
bundle_secret_name: str,
101+
member_cluster_clients: List[MultiClusterClient],
102+
central_cluster_client: kubernetes.client.ApiClient,
103+
mongodb_multi: MongoDBMulti,
104+
additional_domains: Optional[List[str]] = None,
105+
service_fqdns: Optional[List[str]] = None,
106+
clusterwide: bool = False,
107+
) -> str:
108+
spec = get_mongodb_x509_subject(mongodb_multi.namespace)
109+
110+
# create the "source-of-truth" tls cert in central cluster
111+
create_multi_cluster_tls_certs(
112+
multi_cluster_issuer=multi_cluster_issuer,
113+
central_cluster_client=central_cluster_client,
114+
member_clients=member_cluster_clients,
115+
secret_name=bundle_secret_name,
116+
mongodb_multi=mongodb_multi,
117+
additional_domains=additional_domains,
118+
service_fqdns=service_fqdns,
119+
clusterwide=clusterwide,
120+
spec=spec,
121+
)
122+
123+
return bundle_secret_name
124+
125+
126+
def create_multi_cluster_tls_certs(
127+
multi_cluster_issuer: str,
128+
secret_name: str,
129+
central_cluster_client: kubernetes.client.ApiClient,
130+
member_clients: List[MultiClusterClient],
131+
mongodb_multi: Optional[CustomObject] = None,
132+
namespace: Optional[str] = None,
133+
secret_backend: Optional[str] = None,
134+
additional_domains: Optional[List[str]] = None,
135+
service_fqdns: Optional[List[str]] = None,
136+
clusterwide: bool = False,
137+
spec: Optional[dict] = None,
138+
) -> str:
139+
if service_fqdns is None:
140+
service_fqdns = [f"{mongodb_multi.name}-svc.{mongodb_multi.namespace}.svc.cluster.local"]
141+
142+
for client in member_clients:
143+
cluster_spec = mongodb_multi.get_item_spec(client.cluster_name)
144+
try:
145+
external_domain = cluster_spec["externalAccess"]["externalDomain"]
146+
except KeyError:
147+
external_domain = None
148+
service_fqdns.extend(
149+
multi_cluster_service_fqdns(
150+
mongodb_multi.name,
151+
mongodb_multi.namespace,
152+
external_domain,
153+
client.cluster_index,
154+
cluster_spec["members"],
155+
)
156+
)
157+
158+
if namespace is None:
159+
namespace = mongodb_multi.namespace
160+
161+
generate_cert(
162+
namespace=namespace,
163+
pod="tmp",
164+
dns="",
165+
issuer=multi_cluster_issuer,
166+
additional_domains=additional_domains,
167+
multi_cluster_mode=True,
168+
api_client=central_cluster_client,
169+
secret_backend=secret_backend,
170+
secret_name=secret_name,
171+
vault_subpath="database",
172+
dns_list=service_fqdns,
173+
spec=spec,
174+
clusterwide=clusterwide,
175+
)
176+
177+
return secret_name

0 commit comments

Comments
 (0)