add public-viewer support to MemberClusterService #450
Conversation
this commit is part of the effort of splitting PR codeready-toolchain#443 Signed-off-by: Francesco Ilario <filario@redhat.com>
filariow
requested review from
MatousJobanek,
xcoulon,
alexeykazakov,
rajivnathan,
ranakan19,
sbryzak and
mfrancisc
as code owners
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #450 +/- ##
==========================================
+ Coverage 78.40% 78.56% +0.15%
==========================================
Files 42 42
Lines 2677 2696 +19
==========================================
+ Hits 2099 2118 +19
Misses 487 487
Partials 91 91
Flags with carried forward coverage won't be shown. Click here to find out more. ☔ View full report in Codecov by Sentry. |
|
One comment I have is that the unit tests are becoming more complicated to follow now, I wonder if we really need to check all the cases with the additional layers , or if we could just add new test cases targeting the public viewer scenarios and configure the existing tests with publicViewer set to |
Signed-off-by: Francesco Ilario <filario@redhat.com>
Signed-off-by: Francesco Ilario <filario@redhat.com>
Signed-off-by: Francesco Ilario <filario@redhat.com>
Signed-off-by: Francesco Ilario <filario@redhat.com>
Signed-off-by: Francesco Ilario <filario@redhat.com>
When public-viewer is enabled we expect the same behavior we have when public-viewer is disabled with a few exception for the KubesawAuthenticated user. So IMO to test it correctly we need to test the the same tests are passing with either public-viewer enabled and disabled. Unfortunately this complicates tests. |
I looked into it and eventually decided to not add this test case because
Btw, it should not be neither difficult nor harmful to have this test case. WDYT, should we add it anyway? |
There was a problem hiding this comment.
kube is in the list of forbidden prefixes so it should never happen as kubesaw-authenticated matches it
even if it existed, it would be treated as a normal user (scenario already tested)
Btw, it should not be neither difficult nor harmful to have this test case. WDYT, should we add it anyway?
OK. It makes sense. The only reason for such test would be to make sure that using kubesaw-authenticated would still require the public viewer feature to be enabled. See my comment below.
the public viewer access is disabled but the public viewer authenticated username is used Signed-off-by: Francesco Ilario <filario@redhat.com>
Signed-off-by: Francesco Ilario <filario@redhat.com>
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: alexeykazakov, filariow, mfrancisc The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
Signed-off-by: Francesco Ilario <filario@redhat.com>
|
|
/test e2e |
|
/retest |
|
/retest worker setup is failing when downloading Go SDK |
|
/retest |
This PR is part of the effort of splitting PR #443
Signed-off-by: Francesco Ilario filario@redhat.com