add e2e test for additional teams and members

e2e/tests/test_e2e.py

@@ -126,6 +126,7 @@ class EndToEndTestCase(unittest.TestCase):
                          "api-service.yaml",
                          "infrastructure-roles.yaml",
                          "infrastructure-roles-new.yaml",
+                         "custom-team-membership.yaml",
                          "e2e-storage-class.yaml"]:
             result = k8s.create_with_kubectl("manifests/" + filename)
             print("stdout: {}, stderr: {}".format(result.stdout, result.stderr))
@@ -174,6 +175,63 @@ class EndToEndTestCase(unittest.TestCase):
         self.eventuallyEqual(lambda: self.k8s.count_pods_with_container_capabilities(capabilities, cluster_label),
                              2, "Container capabilities not updated")
 
+    @timeout_decorator.timeout(TEST_TIMEOUT_SEC)
+    def test_additional_teams_and_members(self):
+        '''
+           Test PostgresTeam CRD with extra teams and members
+        '''
+        # enable PostgresTeam CRD and lower resync
+        enable_postgres_team_crd = {
+            "data": {
+                "enable_postgres_team_crd": "true",
+                "resync_period": "15s",
+            },
+        }
+        self.k8s.update_config(enable_postgres_team_crd)
+        self.eventuallyEqual(lambda: self.k8s.get_operator_state(), {"0": "idle"},
+                             "Operator does not get in sync")
+        
+        self.k8s.api.custom_objects_api.patch_namespaced_custom_object(
+        'acid.zalan.do', 'v1', 'default',
+        'postgresteams', 'custom-team-membership',
+        {
+            'spec': {
+                'additionalTeams': {
+                    'acid': [
+                        'e2e'
+                    ]
+                },
+                'additionalMembers': {
+                    'e2e': [
+                        'kind'
+                    ]
+                }
+            }
+        })
+
+        # make sure we let one sync pass and the new user being added
+        time.sleep(15)
+
+        leader = self.k8s.get_cluster_leader_pod('acid-minimal-cluster')
+        user_query = """
+            SELECT usename
+              FROM pg_catalog.pg_user
+             WHERE usename IN ('elephant', 'kind');
+        """
+        users = self.query_database(leader.metadata.name, "postgres", user_query)
+        self.eventuallyEqual(lambda: len(users), 2, 
+            "Not all additional users found in database: {}".format(users))
+
+        # revert config change
+        revert_resync = {
+            "data": {
+                "resync_period": "30m",
+            },
+        }
+        self.k8s.update_config(revert_resync)
+        self.eventuallyEqual(lambda: self.k8s.get_operator_state(), {"0": "idle"},
+                             "Operator does not get in sync")
+
     @timeout_decorator.timeout(TEST_TIMEOUT_SEC)
     def test_overwrite_pooler_deployment(self):
         self.k8s.create_with_kubectl("manifests/minimal-fake-pooler-deployment.yaml")
@@ -332,54 +390,19 @@ class EndToEndTestCase(unittest.TestCase):
         # Verify that all the databases have pooler schema installed.
         # Do this via psql, since otherwise we need to deal with
         # credentials.
-        dbList = []
+        db_list = []
 
         leader = k8s.get_cluster_leader_pod('acid-minimal-cluster')
-        dbListQuery = "select datname from pg_database"
+        schemas_query = """
-        schemasQuery = """
             select schema_name
             from information_schema.schemata
             where schema_name = 'pooler'
         """
-        exec_query = r"psql -tAq -c \"{}\" -d {}"
 
-        if leader:
+        db_list = self.list_databases(leader.metadata.name)
-            try:
+        for db in db_list:
-                q = exec_query.format(dbListQuery, "postgres")
+            self.eventuallyNotEqual(lambda: len(self.query_database(leader.metadata.name, db, schemas_query)), 0, 
-                q = "su postgres -c \"{}\"".format(q)
+                "Pooler schema not found in database {}".format(db))
-                print('Get databases: {}'.format(q))
-                result = k8s.exec_with_kubectl(leader.metadata.name, q)
-                dbList = clean_list(result.stdout.split(b'\n'))
-                print('dbList: {}, stdout: {}, stderr {}'.format(
-                    dbList, result.stdout, result.stderr
-                ))
-            except Exception as ex:
-                print('Could not get databases: {}'.format(ex))
-                print('Stdout: {}'.format(result.stdout))
-                print('Stderr: {}'.format(result.stderr))
-
-            for db in dbList:
-                if db in ('template0', 'template1'):
-                    continue
-
-                schemas = []
-                try:
-                    q = exec_query.format(schemasQuery, db)
-                    q = "su postgres -c \"{}\"".format(q)
-                    print('Get schemas: {}'.format(q))
-                    result = k8s.exec_with_kubectl(leader.metadata.name, q)
-                    schemas = clean_list(result.stdout.split(b'\n'))
-                    print('schemas: {}, stdout: {}, stderr {}'.format(
-                        schemas, result.stdout, result.stderr
-                    ))
-                except Exception as ex:
-                    print('Could not get databases: {}'.format(ex))
-                    print('Stdout: {}'.format(result.stdout))
-                    print('Stderr: {}'.format(result.stderr))
-
-                self.assertNotEqual(len(schemas), 0)
-        else:
-            print('Could not find leader pod')
 
         # remove config section to make test work next time
         k8s.api.custom_objects_api.patch_namespaced_custom_object(
@@ -1219,6 +1242,60 @@ class EndToEndTestCase(unittest.TestCase):
         k8s.wait_for_pod_start('spilo-role=replica')
         return True
 
+    def list_databases(self, pod_name):
+        '''
+           Get list of databases we might want to iterate over
+        '''
+        k8s = self.k8s
+        result_set = []
+        db_list = []
+        db_list_query = "select datname from pg_database"
+        exec_query = r"psql -tAq -c \"{}\" -d {}"
+
+        try:
+            q = exec_query.format(db_list_query, "postgres")
+            q = "su postgres -c \"{}\"".format(q)
+            print('Get databases: {}'.format(q))
+            result = k8s.exec_with_kubectl(pod_name, q)
+            db_list = clean_list(result.stdout.split(b'\n'))
+            print('db_list: {}, stdout: {}, stderr {}'.format(
+                db_list, result.stdout, result.stderr
+            ))
+        except Exception as ex:
+            print('Could not get databases: {}'.format(ex))
+            print('Stdout: {}'.format(result.stdout))
+            print('Stderr: {}'.format(result.stderr))
+
+        for db in db_list:
+            if db in ('template0', 'template1'):
+                continue
+            result_set.append(db)
+
+        return result_set
+
+    def query_database(self, pod_name, db_name, query):
+        '''
+           Query database and return result as a list
+        '''
+        k8s = self.k8s
+        result_set = []
+        exec_query = r"psql -tAq -c \"{}\" -d {}"
+
+        try:
+            q = exec_query.format(query, db_name)
+            q = "su postgres -c \"{}\"".format(q)
+            print('Send query: {}'.format(q))
+            result = k8s.exec_with_kubectl(pod_name, q)
+            result_set = clean_list(result.stdout.split(b'\n'))
+            print('result: {}, stdout: {}, stderr {}'.format(
+                result_set, result.stdout, result.stderr
+            ))
+        except Exception as ex:
+            print('Error on query execution: {}'.format(ex))
+            print('Stdout: {}'.format(result.stdout))
+            print('Stderr: {}'.format(result.stderr))
+
+        return result_set
 
 if __name__ == '__main__':
     unittest.main()

pkg/cluster/util.go

@@ -240,9 +240,10 @@ func (c *Cluster) getTeamMembers(teamID string) ([]string, error) {
 
 	c.logger.Debugf("fetching possible additional team members for team %q", teamID)
 	members := []string{}
-	additionalMembers := []string{}
 
 	if c.OpConfig.EnablePostgresTeamCRD && c.Config.PgTeamMap != nil {
+		additionalMembers := []string{}
+
 		for team, membership := range *c.Config.PgTeamMap {
 			if team == teamID {
 				additionalMembers = membership.AdditionalMembers

pkg/controller/util.go

@@ -400,7 +400,6 @@ func (c *Controller) loadPostgresTeams() {
 	}
 
 	c.pgTeamMap.Load(pgTeams)
-	c.logger.Debugf("Internal Postgres Team Cache: %#v", c.pgTeamMap)
 }
 
 func (c *Controller) postgresTeamAdd(obj interface{}) {

pkg/teams/postgres_team.go

@@ -94,6 +94,7 @@ func (ptm *PostgresTeamMap) GetAdditionalSuperuserTeams(team string, transitive
 
 // Load function to import data from PostgresTeam CRD
 func (ptm *PostgresTeamMap) Load(pgTeams *acidv1.PostgresTeamList) {
+	// reset the team map
 	var emptyTeamMap = make(PostgresTeamMap, 0)
 	*ptm = emptyTeamMap