From 700c43ed57d75c05aebf38dcd468d1c26bf872c8 Mon Sep 17 00:00:00 2001 From: averevki Date: Wed, 18 Oct 2023 21:52:45 +0200 Subject: [PATCH] Fix tls secret deletion --- testsuite/openshift/objects/gateway_api/gateway.py | 12 +++++++++++- testsuite/tests/mgc/conftest.py | 1 + 2 files changed, 12 insertions(+), 1 deletion(-) diff --git a/testsuite/openshift/objects/gateway_api/gateway.py b/testsuite/openshift/objects/gateway_api/gateway.py index c5f319b4..e17defb5 100644 --- a/testsuite/openshift/objects/gateway_api/gateway.py +++ b/testsuite/openshift/objects/gateway_api/gateway.py @@ -113,7 +113,7 @@ def create_instance( def get_tls_cert(self) -> Certificate: """Returns TLS certificate used by the gateway""" - tls_cert_secret_name = self.model.spec.listeners[0].tls.certificateRefs[0].name + tls_cert_secret_name = self.cert_secret_name tls_cert_secret = self.openshift.get_secret(tls_cert_secret_name) tls_cert = Certificate( key=tls_cert_secret["tls.key"], @@ -122,6 +122,11 @@ def get_tls_cert(self) -> Certificate: ) return tls_cert + def delete_tls_secret(self): + """Deletes secret with TLS certificate used by the gateway""" + tls_secret = self.openshift.get_secret(self.cert_secret_name) + tls_secret.delete(ignore_not_found=True) + def get_spoke_gateway(self, spokes: dict[str, OpenShiftClient]) -> "MGCGateway": """ Returns spoke gateway on an arbitrary, and sometimes, random spoke cluster. @@ -156,6 +161,11 @@ def delete(self, ignore_not_found=True, cmd_args=None): with timeout(90): super().delete(ignore_not_found, cmd_args) + @property + def cert_secret_name(self): + """Returns name of the secret with generated TLS certificate""" + return self.model.spec.listeners[0].tls.certificateRefs[0].name + class GatewayProxy(Proxy): """Wrapper for Gateway object to make it a Proxy implementation e.g. exposing hostnames outside of the cluster""" diff --git a/testsuite/tests/mgc/conftest.py b/testsuite/tests/mgc/conftest.py index bfc9044a..6a380b0f 100644 --- a/testsuite/tests/mgc/conftest.py +++ b/testsuite/tests/mgc/conftest.py @@ -41,6 +41,7 @@ def upstream_gateway(request, openshift, blame, hostname, module_label): placement="http-gateway", labels={"app": module_label}, ) + request.addfinalizer(upstream_gateway.delete_tls_secret) # pylint: disable=no-member request.addfinalizer(upstream_gateway.delete) upstream_gateway.commit() # we cannot wait here because of referencing not yet existent tls secret which would be provided later by tlspolicy