Fix scripts used by `dartboard load` command (#103)

* remove nonexistent roles/bindings * remove nonexistent roles/bindings
2025-07-31 14:34:00 -04:00 · 2025-07-31 14:34:00 -04:00 · 1d779acbe2
parent 3ffbe61e4f
commit 1d779acbe2
3 changed files with 164 additions and 152 deletions
--- a/k6/generic/create_projects.js
+++ b/k6/generic/create_projects.js
@ -1,10 +1,10 @@
-import {check, fail, sleep} from 'k6';
+import { check, fail, sleep } from 'k6';
 import exec from 'k6/execution';
 import http from 'k6/http';
-import {Gauge} from 'k6/metrics';
+import { Gauge } from 'k6/metrics';
 import * as projectUtil from "../projects/project_utils.js";
-import {getCookies, login} from "../rancher/rancher_utils.js";
-import {getPrincipalIds, getCurrentUserPrincipalId, getClusterIds} from "../rancher/rancher_users_utils.js"
+import { getCookies, login } from "../rancher/rancher_utils.js";
+import { getPrincipalIds, getCurrentUserPrincipalId, getClusterIds } from "../rancher/rancher_users_utils.js"

 // Parameters
 const projectCount = Number(__ENV.PROJECT_COUNT)
@ -18,22 +18,22 @@ const password = __ENV.PASSWORD

 // Option setting
 export const options = {
-    insecureSkipTLSVerify: true,
+  insecureSkipTLSVerify: true,

-    setupTimeout: '8h',
+  setupTimeout: '8h',

-    scenarios: {
-        createProjects: {
-            executor: 'shared-iterations',
-            exec: 'createProjects',
-            vus: vus,
-            iterations: projectCount,
-            maxDuration: '1h',
-        },
+  scenarios: {
+    createProjects: {
+      executor: 'shared-iterations',
+      exec: 'createProjects',
+      vus: vus,
+      iterations: projectCount,
+      maxDuration: '1h',
    },
-    thresholds: {
-        checks: ['rate>0.99']
-    }
+  },
+  thresholds: {
+    checks: ['rate>0.99']
+  }
 }

 // Custom metrics
@ -42,133 +42,130 @@ const projectsMetric = new Gauge('test_projects')
 // Test functions, in order of execution

 export function setup() {
-    // log in
-    if (!login(baseUrl, {}, username, password).status === 200) {
-        fail(`could not login into cluster`)
-    }
-    const cookies = getCookies(baseUrl)
+  // log in
+  if (!login(baseUrl, {}, username, password).status === 200) {
+    fail(`could not login into cluster`)
+  }
+  const cookies = getCookies(baseUrl)

-    // delete leftovers, if any
-    cleanup(cookies)
-    // return data that remains constant throughout the test
-    return {
-        cookies: cookies,
-        principalIds: getPrincipalIds(baseUrl, cookies),
-        myId: getCurrentUserPrincipalId(baseUrl, cookies),
-        clusterIds: getClusterIds(baseUrl, cookies)
-    }
+  // delete leftovers, if any
+  cleanup(cookies)
+  // return data that remains constant throughout the test
+  return {
+    cookies: cookies,
+    principalIds: getPrincipalIds(baseUrl, cookies),
+    myId: getCurrentUserPrincipalId(baseUrl, cookies),
+    clusterIds: getClusterIds(baseUrl, cookies)
+  }
 }

 function cleanup(cookies) {
-    let res = http.get(`${baseUrl}/v1/management.cattle.io.projects`, {cookies: cookies})
-    check(res, {
-        '/v1/management.cattle.io.projects returns status 200': (r) => r.status === 200,
-    })
-    let { _, projectArray } = projectUtil.getNormanProjectsMatchingName(baseUrl, cookies, "Test ")
-      console.log(`Found ${projectArray.length} projects to clean up`)
-      projectArray.forEach(r => {
-        let delRes = projectUtil.deleteNormanProject(baseUrl, cookies, r["id"])
-        if (delRes.status !== 200 && delRes.status !== 204) deleteAllFailed = true
-        sleep(0.5)
-      })
+  let res = http.get(`${baseUrl}/v1/management.cattle.io.projects`, { cookies: cookies })
+  check(res, {
+    '/v1/management.cattle.io.projects returns status 200': (r) => r.status === 200,
+  })
+  let { _, projectArray } = projectUtil.getNormanProjectsMatchingName(baseUrl, cookies, "Test ")
+  console.log(`Found ${projectArray.length} projects to clean up`)
+  projectArray.forEach(r => {
+    let delRes = projectUtil.deleteNormanProject(baseUrl, cookies, r["id"])
+    if (delRes.status !== 200 && delRes.status !== 204) deleteAllFailed = true
+    sleep(0.5)
+  })
 }

 const mainRoleTemplateIds = ["project-owner", "project-member", "read-only", "custom"]
-const customRoleTemplateIds = ["create-ns", "configmaps-manage", "ingress-manage", "projectcatalogs-manage", "projectroletemplatebindings-manage", "secrets-manage", "serviceaccounts-manage", "services-manage", "persistentvolumeclaims-manage", "workloads-manage", "configmaps-view", "ingress-view", "monitoring-ui-view", "projectcatalogs-view", "projectroletemplatebindings-view", "secrets-view", "serviceaccounts-view", "services-view", "persistentvolumeclaims-view", "workloads-view"]
+const customRoleTemplateIds = [
+  "create-ns", "configmaps-manage", "ingress-manage", "projectroletemplatebindings-manage",
+  "secrets-manage", "serviceaccounts-manage", "services-manage", "persistentvolumeclaims-manage",
+  "workloads-manage", "configmaps-view", "ingress-view", "monitoring-ui-view", "projectroletemplatebindings-view",
+  "secrets-view", "serviceaccounts-view", "services-view", "persistentvolumeclaims-view", "workloads-view"
+]

 export function createProjects(data) {
-    let response
-    const i = exec.scenario.iterationInTest
-    const cookies = data.cookies
-    const myId = data.myId
-    const clusterId = data.clusterIds[i % data.clusterIds.length]
+  let response
+  const i = exec.scenario.iterationInTest
+  const cookies = data.cookies
+  const myId = data.myId
+  const clusterId = data.clusterIds[i % data.clusterIds.length]

-    response = http.post(
-        `${baseUrl}/v3/projects`,
+  response = http.post(
+    `${baseUrl}/v3/projects`,
+    JSON.stringify({
+      "type": "project",
+      "name": `Test Project ${i}`,
+      "description": `Test Project ${i}`,
+      "annotations": {},
+      "labels": {},
+      "clusterId": clusterId,
+      "creatorId": `local://${myId}`,
+      "containerDefaultResourceLimit": {
+        "limitsCpu": "4m",
+        "limitsMemory": "5Mi",
+        "requestsCpu": "2m",
+        "limitsGpu": 6,
+        "requestsMemory": "3Mi"
+      },
+      "resourceQuota": {
+        "limit": {
+          "configMaps": "9",
+          "limitsMemory": "900Mi",
+          "limitsCpu": "90m",
+          "persistentVolumeClaims": "9000"
+        }
+      },
+      "namespaceDefaultResourceQuota": {
+        "limit": {
+          "configMaps": "6",
+          "limitsMemory": "600Mi",
+          "limitsCpu": "60m",
+          "persistentVolumeClaims": "6000"
+        }
+      }
+    }),
+    { cookies: cookies }
+  )
+  check(response, {
+    '/v3/projects returns status 201': (r) => r.status === 201,
+  })
+
+  const projectId = JSON.parse(response.body)["id"]
+
+  const principalId = data.principalIds[i % data.principalIds.length]
+  const mainRoleTemplateId = mainRoleTemplateIds[i % mainRoleTemplateIds.length]
+  const roleTemplateIds = mainRoleTemplateId !== "custom" ? [mainRoleTemplateId] : Array.from({ length: customRoleTemplateBindingsPerProject }, (_, j) => (
+    customRoleTemplateIds[i % customRoleTemplateIds.length]
+  ))
+
+  for (const roleTemplateId of roleTemplateIds) {
+
+    // HACK: creating projectroletemplatebindings might fail with 404 if the project controller is too slow
+    // allow up to 30 retries
+    let success = false
+    for (let j = 0; j < 30 && !success; j++) {
+      response = http.post(
+        `${baseUrl}/v3/projectroletemplatebindings`,
        JSON.stringify({
-            "type": "project",
-            "name": `Test Project ${i}`,
-            "description": `Test Project ${i}`,
-            "annotations": {},
-            "labels": {},
-            "clusterId": clusterId,
-            "creatorId": `local://${myId}`,
-            "containerDefaultResourceLimit": {
-                "limitsCpu": "4m",
-                "limitsMemory": "5Mi",
-                "requestsCpu": "2m",
-                "limitsGpu": 6,
-                "requestsMemory": "3Mi"
-            },
-            "resourceQuota": {
-                "limit": {
-                    "configMaps": "9",
-                    "limitsMemory": "900Mi",
-                    "limitsCpu": "90m",
-                    "persistentVolumeClaims": "9000"
-                }
-            },
-            "namespaceDefaultResourceQuota": {
-                "limit": {
-                    "configMaps": "6",
-                    "limitsMemory": "600Mi",
-                    "limitsCpu": "60m",
-                    "persistentVolumeClaims": "6000"
-                }
-            }
+          "type": "projectroletemplatebinding",
+          "roleTemplateId": roleTemplateId,
+          "userPrincipalId": `${principalId}`,
+          "projectId": projectId
        }),
        { cookies: cookies }
-    )
-    check(response, {
-        '/v3/projects returns status 201': (r) => r.status === 201,
-    })
+      )
+      check(response, {
+        '/v3/projectroletemplatebindings returns status 201 or 404': (r) => r.status === 201 || r.status === 404,
+      })

-    const projectId = JSON.parse(response.body)["id"]
-
-    response = http.post(
-        `${baseUrl}/v3/projects/${projectId.replace("/", ":")}?action=setpodsecuritypolicytemplate`,
-        JSON.stringify({"podSecurityPolicyTemplateId": null}),
-        { cookies: cookies }
-    )
-    check(response, {
-        'setpodsecuritypolicytemplate works': (r) => r.status === 200 || r.status === 409,
-    })
-
-    const principalId = data.principalIds[i % data.principalIds.length]
-    const mainRoleTemplateId = mainRoleTemplateIds[i % mainRoleTemplateIds.length]
-    const roleTemplateIds = mainRoleTemplateId !== "custom" ? [mainRoleTemplateId] : Array.from({length: customRoleTemplateBindingsPerProject}, (_, j) => (
-        customRoleTemplateIds[i % customRoleTemplateIds.length]
-    ))
-
-    for (const roleTemplateId of roleTemplateIds) {
-
-        // HACK: creating projectroletemplatebindings might fail with 404 if the project controller is too slow
-        // allow up to 30 retries
-        let success = false
-        for (let j = 0; j < 30 && !success; j++) {
-            response = http.post(
-                `${baseUrl}/v3/projectroletemplatebindings`,
-                JSON.stringify({
-                    "type": "projectroletemplatebinding",
-                    "roleTemplateId": roleTemplateId,
-                    "userPrincipalId": `local://${principalId}`,
-                    "projectId": projectId
-                }),
-                { cookies: cookies }
-            )
-            check(response, {
-                '/v3/projectroletemplatebindings returns status 201 or 404': (r) => r.status === 201 || r.status === 404,
-            })
-
-            success = response.status === 201
-            if (!success) {
-                sleep(Math.random())
-            }
-        }
-        if (!success) {
-            fail("/v3/projectroletemplatebindings did not return 201 after 30 attempts")
-        }
+      success = response.status === 201
+      if (!success) {
+        console.log(JSON.stringify(response, null, 2))
+        sleep(Math.random())
+      }
    }
+    if (!success) {
+      fail("/v3/projectroletemplatebindings did not return 201 after 30 attempts")
+    }
+  }

-    projectsMetric.add(projectCount)
+  projectsMetric.add(projectCount)
 }
--- a/k6/generic/create_roles_users.js
+++ b/k6/generic/create_roles_users.js
@ -136,10 +136,9 @@ export function createRoles(cookies) {
 }

 const bindings = [
-    "user", "restricted-admin", "user-base", "authn-manage", "kontainerdrivers-manage",
-    "clustertemplaterevisions-create", "catalogs-use", "features-manage", "clusters-create", "catalogs-manage",
-    "settings-manage", "view-rancher-metrics", "nodedrivers-manage", "clustertemplates-create",
-    "podsecuritypolicytemplates-manage", "users-manage"
+    "user", "admin", "user-base", "authn-manage", "kontainerdrivers-manage", "settings-manage",
+    "clusters-create", "features-manage", "nodedrivers-manage", "roles-manage",
+    "view-rancher-metrics"
 ]

 export function createUsers(cookies) {
--- a/k6/rancher/rancher_users_utils.js
+++ b/k6/rancher/rancher_users_utils.js
@ -3,10 +3,10 @@ import http from 'k6/http'

 export function getCurrentUserId(baseUrl, cookies) {
  let response = http.get(`${baseUrl}/v3/users?me=true`, {
-      headers: {
-          accept: 'application/json',
-      },
-      cookies: cookies,
+    headers: {
+      accept: 'application/json',
+    },
+    cookies: cookies,
  })
  check(response, {
    'reading user details was successful': (r) => r.status === 200,
@ -20,10 +20,10 @@ export function getCurrentUserId(baseUrl, cookies) {

 export function getUserPreferences(baseUrl, cookies) {
  let response = http.get(`${baseUrl}/v1/userpreferences`, {
-      headers: {
-          accept: 'application/json',
-      },
-      cookies: cookies,
+    headers: {
+      accept: 'application/json',
+    },
+    cookies: cookies,
  })
  check(response, {
    'preferences can be queried': (r) => r.status === 200,
@ -33,15 +33,15 @@ export function getUserPreferences(baseUrl, cookies) {

 export function setUserPreferences(baseUrl, cookies, userId, userPreferences) {
  let response = http.put(
-      `${baseUrl}/v1/userpreferences/${userId}`,
-      JSON.stringify(userPreferences),
-      {
-          headers: {
-              accept: 'application/json',
-              'content-type': 'application/json',
-          },
-          cookies: cookies,
-      }
+    `${baseUrl}/v1/userpreferences/${userId}`,
+    JSON.stringify(userPreferences),
+    {
+      headers: {
+        accept: 'application/json',
+        'content-type': 'application/json',
+      },
+      cookies: cookies,
+    }
  )
  check(response, {
    'preferences can be set': (r) => r.status === 200,
@ -58,7 +58,7 @@ export function getPrincipalIds(baseUrl, cookies) {
    fail('could not list users')
  }
  const users = JSON.parse(response.body).data
-  return users.filter(u => u["username"] != null).map(u => u["principalIds"][0])
+  return users.filter(u => u["username"] != null && u["username"] !== undefined).map(u => u["principalIds"][0])
 }

 export function getPrincipalById(baseUrl, cookies, id) {
@ -137,6 +137,22 @@ export function createUser(baseUrl, params = null, suffix) {
  return JSON.parse(res.body)
 }

+export function getUsers(baseUrl, cookies) {
+  const res = http.get(`${baseUrl}/v3/users`, { cookies: cookies })
+  check(res, {
+    '/v3/users returns status 200': (r) => r.status === 200 || r.status === 204,
+  })
+  return res
+}
+
+export function getUser(baseUrl, cookies, userId) {
+  const res = http.get(`${baseUrl}/v1/management.cattle.io.users/${userId}`, { cookies: cookies })
+  check(res, {
+    '/v1/management.cattle.io.users/ returns status 200': (r) => r.status === 200 || r.status === 204,
+  })
+  return res
+}
+
 export function deleteUser(baseUrl, cookies, userId) {
  const res = http.del(`${baseUrl}/v3/users/${userId}`, { cookies: cookies })
  check(res, {