From c9ef83d0fb6335a8728a8c2fe796d2f30168295b Mon Sep 17 00:00:00 2001
From: Genadi Chereshnya <gcheresh@redhat.com>
Date: Sun, 14 Apr 2019 15:11:31 +0300
Subject: [PATCH] Create/delete network policy in non-default namespace

Create network policy on non-default namespace and make sure that
CRD and SG were created for that policy
Remove network policy in non-default namespace and make sure
the network policy CRD and SG were deleted

Change-Id: I8a0a4b3a8ef18072eef0db05eb98eb1f7ca57553
---
 .../tests/scenario/test_network_policy.py     | 49 +++++++++++++++++++
 1 file changed, 49 insertions(+)

diff --git a/kuryr_tempest_plugin/tests/scenario/test_network_policy.py b/kuryr_tempest_plugin/tests/scenario/test_network_policy.py
index ecc66d88..eef60e59 100644
--- a/kuryr_tempest_plugin/tests/scenario/test_network_policy.py
+++ b/kuryr_tempest_plugin/tests/scenario/test_network_policy.py
@@ -181,3 +181,52 @@ class TestNetworkPolicyScenario(base.BaseKuryrScenarioTest):
             time.sleep(1)
         if time.time() - start >= TIMEOUT_PERIOD:
             raise lib_exc.TimeoutException('Sec group ID still exists')
+
+    @decorators.idempotent_id('24577a9b-1d46-419b-8b60-da3c49d777c3')
+    def test_create_delete_network_policy_non_default_ns(self):
+        ns_name, ns = self.create_namespace()
+        match_labels = {'role': 'db'}
+        np = self.create_network_policy(match_labels=match_labels,
+                                        namespace=ns_name)
+        LOG.debug("Creating network policy %s" % np)
+        network_policy_name = np.metadata.name
+        kuryr_netpolicy_crd_name = 'np-' + network_policy_name
+        network_policies = self.list_network_policies(namespace=ns_name)
+        kuryrnetpolicies = ''
+        start = time.time()
+        while time.time() - start < TIMEOUT_PERIOD:
+            try:
+                kuryrnetpolicies = self.get_kuryr_netpolicy_crds(
+                    name=kuryr_netpolicy_crd_name, namespace=ns_name)
+                break
+            except kubernetes.client.rest.ApiException:
+                time.sleep(1)
+                continue
+        sg_id = kuryrnetpolicies['spec']['securityGroupId']
+        sgs = self.list_security_groups(fields='id')
+        sg_ids = [sg['id'] for sg in sgs]
+        self.assertIn(network_policy_name, network_policies)
+        self.assertEqual(kuryr_netpolicy_crd_name,
+                         str(kuryrnetpolicies['metadata']['name']))
+        self.assertIn(sg_id, sg_ids)
+        self.delete_network_policy(network_policy_name, namespace=ns_name)
+        start = time.time()
+        while time.time() - start < TIMEOUT_PERIOD:
+            time.sleep(1)
+            if network_policy_name in self.list_network_policies(
+                    namespace=ns_name):
+                continue
+            try:
+                self.get_kuryr_netpolicy_crds(name=kuryr_netpolicy_crd_name,
+                                              namespace=ns_name)
+            except kubernetes.client.rest.ApiException:
+                break
+        start = time.time()
+        while time.time() - start < TIMEOUT_PERIOD:
+            sgs_after = self.list_security_groups(fields='id')
+            sg_ids_after = [sg['id'] for sg in sgs_after]
+            if sg_id not in sg_ids_after:
+                break
+            time.sleep(1)
+        if time.time() - start >= TIMEOUT_PERIOD:
+            raise lib_exc.TimeoutException('Sec group ID still exists')