CLOUDP-244266: Add connect e2e tests (#2888)

Co-authored-by: Andrea Angiolillo <andrea.angiolillo@mongodb.com> Co-authored-by: Ciprian Tibulca <ciprian.tibulca@mongodb.com>
mongodb · Apr 25, 2024 · b769557 · b769557
1 parent 91bd8d1
commit b769557
Show file tree

Hide file tree

Showing 2 changed files with 129 additions and 80 deletions.
diff --git a/test/e2e/atlas/helper_test.go b/test/e2e/atlas/helper_test.go
@@ -101,6 +101,7 @@ const (
 	federatedAuthenticationEntity = "federatedAuthentication"
 	federationSettingsEntity      = "federationSettings"
 	identityProviderEntity        = "identityProvider"
+	connectedOrgsConfigsEntity    = "connectedOrgConfigs"
 	deletingState                 = "DELETING"
 	authEntity                    = "auth"
 )

diff --git a/test/e2e/atlas/identity_providers_test.go b/test/e2e/atlas/identity_providers_test.go
@@ -35,7 +35,8 @@ func TestIdentityProviders(t *testing.T) {
 	req.NoError(err)
 
 	var federationSettingsID string
-	var oidcIdentityProviderID string
+	var oidcWorkloadIdpID string
+	var oidcIWorkforceIdpID string
 
 	t.Run("Describe an org federation settings", func(t *testing.T) {
 		cmd := exec.Command(cliPath,
@@ -58,18 +59,33 @@ func TestIdentityProviders(t *testing.T) {
 		federationSettingsID = settings.GetId()
 	})
 
-	t.Run("List OIDC IdPs WORKFORCE", func(_ *testing.T) {
+	t.Run("Create OIDC IdP WORKLOAD", func(t *testing.T) {
+		idpName, err := RandIdentityProviderName()
+		req.NoError(err)
+
 		cmd := exec.Command(cliPath,
 			federatedAuthenticationEntity,
 			federationSettingsEntity,
 			identityProviderEntity,
-			"list",
+			"create",
+			"oidc",
+			idpName,
 			"--federationSettingsId",
 			federationSettingsID,
-			"--protocol",
-			"OIDC",
+			"--audience",
+			idpName, // using random as audience also should be unique
+			"--authorizationType",
+			"GROUP",
+			"--desc",
+			"CLI TEST Provider",
+			"--groupsClaim",
+			"groups",
 			"--idpType",
-			"WORKFORCE",
+			"WORKLOAD",
+			"--issuerUri",
+			"https://accounts.google.com",
+			"--userClaim",
+			"user",
 			"-o=json",
 		)
 
@@ -79,20 +95,43 @@ func TestIdentityProviders(t *testing.T) {
 
 		var provider atlasv2.FederationIdentityProvider
 		req.NoError(json.Unmarshal(resp, &provider))
+
+		assert.NotEmpty(t, provider.GetId())
+		oidcWorkloadIdpID = provider.GetId()
 	})
 
-	t.Run("List OIDC IdPs WORKLOAD", func(_ *testing.T) {
+	t.Run("Create OIDC IdP WORKFORCE", func(t *testing.T) {
+		idpName, err := RandIdentityProviderName()
+		fmt.Println(idpName)
+		req.NoError(err)
+
 		cmd := exec.Command(cliPath,
 			federatedAuthenticationEntity,
 			federationSettingsEntity,
 			identityProviderEntity,
-			"list",
+			"create",
+			"oidc",
+			idpName,
 			"--federationSettingsId",
 			federationSettingsID,
-			"--protocol",
-			"OIDC",
+			"--audience",
+			idpName, // using random as audience also should be unique
+			"--authorizationType",
+			"GROUP",
+			"--clientId",
+			"cliClients",
+			"--desc",
+			"CLI TEST Provider",
+			"--groupsClaim",
+			"groups",
 			"--idpType",
-			"WORKLOAD",
+			"WORKFORCE",
+			"--issuerUri",
+			"https://accounts.google.com",
+			"--userClaim",
+			"user",
+			"--associatedDomain",
+			"iam-test-domain-dev.com",
 			"-o=json",
 		)
 
@@ -102,18 +141,20 @@ func TestIdentityProviders(t *testing.T) {
 
 		var provider atlasv2.FederationIdentityProvider
 		req.NoError(json.Unmarshal(resp, &provider))
+
+		assert.NotEmpty(t, provider.GetId())
+		oidcIWorkforceIdpID = provider.Id
 	})
 
-	t.Run("List SAML IdPs", func(_ *testing.T) {
+	t.Run("Describe OIDC IdP WORKFORCE", func(t *testing.T) {
 		cmd := exec.Command(cliPath,
 			federatedAuthenticationEntity,
 			federationSettingsEntity,
 			identityProviderEntity,
-			"list",
+			"describe",
+			oidcIWorkforceIdpID,
 			"--federationSettingsId",
 			federationSettingsID,
-			"--protocol",
-			"SAML",
 			"-o=json",
 		)
 
@@ -123,58 +164,69 @@ func TestIdentityProviders(t *testing.T) {
 
 		var provider atlasv2.FederationIdentityProvider
 		req.NoError(json.Unmarshal(resp, &provider))
+
+		assert.NotEmpty(t, provider.GetId())
 	})
 
-	t.Run("Create OIDC IdP WORKLOAD", func(t *testing.T) {
-		idpName, err := RandIdentityProviderName()
-		req.NoError(err)
+	t.Run("Connect OIDC IdP WORKFORCE", func(t *testing.T) {
+		cmd := exec.Command(cliPath,
+			federatedAuthenticationEntity,
+			federationSettingsEntity,
+			connectedOrgsConfigsEntity,
+			"connect",
+			"--identityProviderId",
+			oidcIWorkforceIdpID,
+			"--federationSettingsId",
+			federationSettingsID,
+			"-o=json",
+		)
 
+		cmd.Env = os.Environ()
+		resp, err := cmd.CombinedOutput()
+		req.NoError(err, string(resp))
+
+		var config atlasv2.ConnectedOrgConfig
+		req.NoError(json.Unmarshal(resp, &config))
+
+		assert.NotEmpty(t, config.DataAccessIdentityProviderIds)
+		assert.Contains(t, config.GetDataAccessIdentityProviderIds(), oidcIWorkforceIdpID)
+	})
+
+	t.Run("Disconnect OIDC IdP WORKFORCE", func(t *testing.T) {
 		cmd := exec.Command(cliPath,
 			federatedAuthenticationEntity,
 			federationSettingsEntity,
-			identityProviderEntity,
-			"create",
-			"oidc",
-			idpName,
+			connectedOrgsConfigsEntity,
+			"disconnect",
+			"--identityProviderId",
+			oidcIWorkforceIdpID,
 			"--federationSettingsId",
 			federationSettingsID,
-			"--audience",
-			"AtlasCLIAudience",
-			"--authorizationType",
-			"GROUP",
-			"--desc",
-			"CLI TEST Provider",
-			"--groupsClaim",
-			"groups",
-			"--idpType",
-			"WORKLOAD",
-			"--issuerUri",
-			"https://accounts.google.com",
-			"--userClaim",
-			"user",
 			"-o=json",
 		)
 
 		cmd.Env = os.Environ()
 		resp, err := cmd.CombinedOutput()
 		req.NoError(err, string(resp))
 
-		var provider atlasv2.FederationIdentityProvider
-		req.NoError(json.Unmarshal(resp, &provider))
+		var config atlasv2.ConnectedOrgConfig
+		req.NoError(json.Unmarshal(resp, &config))
 
-		assert.NotEmpty(t, provider.GetId())
-		oidcIdentityProviderID = provider.GetId()
+		assert.NotContains(t, config.GetDataAccessIdentityProviderIds(), oidcIWorkforceIdpID)
 	})
 
-	t.Run("Describe OIDC IdP WORKFORCE", func(t *testing.T) {
+	t.Run("List OIDC IdPs WORKFORCE", func(_ *testing.T) {
 		cmd := exec.Command(cliPath,
 			federatedAuthenticationEntity,
 			federationSettingsEntity,
 			identityProviderEntity,
-			"describe",
-			oidcIdentityProviderID,
+			"list",
 			"--federationSettingsId",
 			federationSettingsID,
+			"--protocol",
+			"OIDC",
+			"--idpType",
+			"WORKFORCE",
 			"-o=json",
 		)
 
@@ -184,60 +236,41 @@ func TestIdentityProviders(t *testing.T) {
 
 		var provider atlasv2.FederationIdentityProvider
 		req.NoError(json.Unmarshal(resp, &provider))
-
-		assert.NotEmpty(t, provider.GetId())
 	})
 
-	t.Run("Delete OIDC IdP WORKFORCE", func(_ *testing.T) {
+	t.Run("List OIDC IdPs WORKLOAD", func(_ *testing.T) {
 		cmd := exec.Command(cliPath,
 			federatedAuthenticationEntity,
 			federationSettingsEntity,
 			identityProviderEntity,
-			"delete",
-			oidcIdentityProviderID,
+			"list",
 			"--federationSettingsId",
 			federationSettingsID,
-			"--force",
+			"--protocol",
+			"OIDC",
+			"--idpType",
+			"WORKLOAD",
 			"-o=json",
 		)
 
 		cmd.Env = os.Environ()
 		resp, err := cmd.CombinedOutput()
 		req.NoError(err, string(resp))
-	})
 
-	t.Run("Create OIDC IdP WORKFORCE", func(t *testing.T) {
-		idpName, err := RandIdentityProviderName()
-		fmt.Println(idpName)
-		req.NoError(err)
+		var provider atlasv2.FederationIdentityProvider
+		req.NoError(json.Unmarshal(resp, &provider))
+	})
 
+	t.Run("List SAML IdPs", func(_ *testing.T) {
 		cmd := exec.Command(cliPath,
 			federatedAuthenticationEntity,
 			federationSettingsEntity,
 			identityProviderEntity,
-			"create",
-			"oidc",
-			idpName,
+			"list",
 			"--federationSettingsId",
 			federationSettingsID,
-			"--audience",
-			"AtlasCLIAudience",
-			"--authorizationType",
-			"GROUP",
-			"--clientId",
-			"cliClients",
-			"--desc",
-			"CLI TEST Provider",
-			"--groupsClaim",
-			"groups",
-			"--idpType",
-			"WORKFORCE",
-			"--issuerUri",
-			"https://accounts.google.com",
-			"--userClaim",
-			"user",
-			"--associatedDomain",
-			"iam-test-domain-dev.com",
+			"--protocol",
+			"SAML",
 			"-o=json",
 		)
 
@@ -247,9 +280,6 @@ func TestIdentityProviders(t *testing.T) {
 
 		var provider atlasv2.FederationIdentityProvider
 		req.NoError(json.Unmarshal(resp, &provider))
-
-		assert.NotEmpty(t, provider.GetId())
-		oidcIdentityProviderID = provider.Id
 	})
 
 	t.Run("Describe OIDC IdP WORKFORCE", func(t *testing.T) {
@@ -258,7 +288,7 @@ func TestIdentityProviders(t *testing.T) {
 			federationSettingsEntity,
 			identityProviderEntity,
 			"describe",
-			oidcIdentityProviderID,
+			oidcIWorkforceIdpID,
 			"--federationSettingsId",
 			federationSettingsID,
 			"-o=json",
@@ -279,7 +309,25 @@ func TestIdentityProviders(t *testing.T) {
 			federationSettingsEntity,
 			identityProviderEntity,
 			"delete",
-			oidcIdentityProviderID,
+			oidcIWorkforceIdpID,
+			"--federationSettingsId",
+			federationSettingsID,
+			"--force",
+			"-o=json",
+		)
+
+		cmd.Env = os.Environ()
+		resp, err := cmd.CombinedOutput()
+		req.NoError(err, string(resp))
+	})
+
+	t.Run("Delete OIDC IdP WORKLOAD", func(_ *testing.T) {
+		cmd := exec.Command(cliPath,
+			federatedAuthenticationEntity,
+			federationSettingsEntity,
+			identityProviderEntity,
+			"delete",
+			oidcWorkloadIdpID,
 			"--federationSettingsId",
 			federationSettingsID,
 			"--force",