e2e: test machineconfigs are removed custom policy enabled

Starting in version 4.18, NROP MachineConfigs containing the custom SELinux policy are expected to be removed unless a specific annotation is set in the NUMAResourcesOperator CR to enforce the use of the custom (legacy) SELinux policy. To ensure this behavior, we added a test that verifies MachineConfigs are removed when the annotation is absent in the CR. Signed-off-by: Ronny Baturov <[email protected]>
openshift-kni · Nov 14, 2024 · b569a7e · b569a7e
1 parent 972f82b
commit b569a7e
Showing 1 changed file with 16 additions and 0 deletions.
diff --git a/test/e2e/install/install_test.go b/test/e2e/install/install_test.go
@@ -38,6 +38,7 @@ import (
 	"github.com/k8stopologyawareschedwg/deployer/pkg/manifests/rte"
 	nropv1 "github.com/openshift-kni/numaresources-operator/api/numaresourcesoperator/v1"
 	"github.com/openshift-kni/numaresources-operator/internal/api/annotations"
+	"github.com/openshift-kni/numaresources-operator/pkg/objectnames"
 	"github.com/openshift-kni/numaresources-operator/pkg/status"
 	machineconfigv1 "github.com/openshift/machine-config-operator/pkg/apis/machineconfiguration.openshift.io/v1"
 
@@ -143,6 +144,21 @@ var _ = Describe("[Install] continuousIntegration", func() {
 			rteContainer, err := findContainerByName(*ds, containerNameRTE)
 			Expect(err).ToNot(HaveOccurred())
 			Expect(rteContainer.SecurityContext.SELinuxOptions.Type).To(Equal(selinux.RTEContextType), "container %s is running with wrong selinux context", rteContainer.Name)
+
+			By("checking numaresources machine config don't exist when no custom policy is enabled")
+			if !annotations.IsCustomPolicyEnabled(updatedNROObj.Annotations) {
+				mcps, err := nropmcp.GetListByNodeGroupsV1(context.TODO(), e2eclient.Client, updatedNROObj.Spec.NodeGroups)
+				Expect(err).NotTo(HaveOccurred())
+				for _, mcp := range mcps {
+					mc := &machineconfigv1.MachineConfig{}
+					// Check mc not created
+					mcKey := client.ObjectKey{
+						Name: objectnames.GetMachineConfigName(updatedNROObj.Name, mcp.Name),
+					}
+					err := e2eclient.Client.Get(context.TODO(), mcKey, mc)
+					Expect(errors.IsNotFound(err)).To(BeTrue(), "MachineConfig %s is expected to not be found", mcKey.String())
+				}
+			}
 		})
 	})
 })