diff --git a/server/clusterworkflowtemplate/cluster_workflow_template_server_test.go b/server/clusterworkflowtemplate/cluster_workflow_template_server_test.go index 637cc23debb4..abb3ac35ba17 100644 --- a/server/clusterworkflowtemplate/cluster_workflow_template_server_test.go +++ b/server/clusterworkflowtemplate/cluster_workflow_template_server_test.go @@ -147,10 +147,12 @@ func init() { }`, &cwftObj3) } +const userEmailLabel = "my-sub.at.your.org" + func getClusterWorkflowTemplateServer() (clusterwftmplpkg.ClusterWorkflowTemplateServiceServer, context.Context) { kubeClientSet := fake.NewSimpleClientset() wfClientset := wftFake.NewSimpleClientset(&unlabelled, &cwftObj2, &cwftObj3) - ctx := context.WithValue(context.WithValue(context.WithValue(context.TODO(), auth.WfKey, wfClientset), auth.KubeKey, kubeClientSet), auth.ClaimsKey, &types.Claims{Claims: jwt.Claims{Subject: "my-sub"}}) + ctx := context.WithValue(context.WithValue(context.WithValue(context.TODO(), auth.WfKey, wfClientset), auth.KubeKey, kubeClientSet), auth.ClaimsKey, &types.Claims{Claims: jwt.Claims{Subject: "my-sub"}, Email: "my-sub@your.org"}) return NewClusterWorkflowTemplateServer(instanceid.NewService("my-instanceid"), nil, nil), ctx } @@ -180,6 +182,7 @@ func TestWorkflowTemplateServer_CreateClusterWorkflowTemplate(t *testing.T) { // ensure the label is added assert.Contains(t, cwftRsp.Labels, common.LabelKeyControllerInstanceID) assert.Contains(t, cwftRsp.Labels, common.LabelKeyCreator) + assert.Equal(t, userEmailLabel, cwftRsp.Labels[common.LabelKeyCreatorEmail]) }) } @@ -239,6 +242,7 @@ func TestWorkflowTemplateServer_LintClusterWorkflowTemplate(t *testing.T) { require.NoError(t, err) assert.Contains(t, resp.Labels, common.LabelKeyControllerInstanceID) assert.Contains(t, resp.Labels, common.LabelKeyCreator) + assert.Equal(t, userEmailLabel, resp.Labels[common.LabelKeyCreatorEmail]) }) t.Run("Without param values", func(t *testing.T) { @@ -266,6 +270,7 @@ func TestWorkflowTemplateServer_UpdateClusterWorkflowTemplate(t *testing.T) { require.NoError(t, err) assert.Contains(t, cwftRsp.Labels, common.LabelKeyActor) assert.Equal(t, string(creator.ActionUpdate), cwftRsp.Labels[common.LabelKeyAction]) + assert.Equal(t, userEmailLabel, cwftRsp.Labels[common.LabelKeyActorEmail]) assert.Equal(t, "alpine:latest", cwftRsp.Spec.Templates[0].Container.Image) }) t.Run("Unlabelled", func(t *testing.T) { diff --git a/server/cronworkflow/cron_workflow_server_test.go b/server/cronworkflow/cron_workflow_server_test.go index 91d69852b590..eb327c282872 100644 --- a/server/cronworkflow/cron_workflow_server_test.go +++ b/server/cronworkflow/cron_workflow_server_test.go @@ -58,7 +58,8 @@ metadata: wftmplStore := workflowtemplate.NewWorkflowTemplateClientStore() cwftmplStore := clusterworkflowtemplate.NewClusterWorkflowTemplateClientStore() server := NewCronWorkflowServer(instanceid.NewService("my-instanceid"), wftmplStore, cwftmplStore, nil) - ctx := context.WithValue(context.WithValue(context.TODO(), auth.WfKey, wfClientset), auth.ClaimsKey, &types.Claims{Claims: jwt.Claims{Subject: "my-sub"}}) + ctx := context.WithValue(context.WithValue(context.TODO(), auth.WfKey, wfClientset), auth.ClaimsKey, &types.Claims{Claims: jwt.Claims{Subject: "my-sub"}, Email: "my-sub@your.org"}) + userEmailLabel := "my-sub.at.your.org" t.Run("CreateCronWorkflow", func(t *testing.T) { created, err := server.CreateCronWorkflow(ctx, &cronworkflowpkg.CreateCronWorkflowRequest{ @@ -79,6 +80,7 @@ metadata: assert.NotNil(t, wf) assert.Contains(t, wf.Labels, common.LabelKeyControllerInstanceID) assert.Contains(t, wf.Labels, common.LabelKeyCreator) + assert.Equal(t, userEmailLabel, wf.Labels[common.LabelKeyCreatorEmail]) }) t.Run("ListCronWorkflows", func(t *testing.T) { cronWfs, err := server.ListCronWorkflows(ctx, &cronworkflowpkg.ListCronWorkflowsRequest{Namespace: "my-ns"}) @@ -107,6 +109,7 @@ metadata: cronWf, err := server.UpdateCronWorkflow(ctx, &cronworkflowpkg.UpdateCronWorkflowRequest{Namespace: "my-ns", CronWorkflow: &cronWf}) assert.Contains(t, cronWf.Labels, common.LabelKeyActor) assert.Equal(t, string(creator.ActionUpdate), cronWf.Labels[common.LabelKeyAction]) + assert.Equal(t, userEmailLabel, cronWf.Labels[common.LabelKeyActorEmail]) require.NoError(t, err) assert.NotNil(t, cronWf) }) diff --git a/server/workflow/workflow_server_test.go b/server/workflow/workflow_server_test.go index aeb6550ac947..2f33b16b5c1b 100644 --- a/server/workflow/workflow_server_test.go +++ b/server/workflow/workflow_server_test.go @@ -572,6 +572,8 @@ const clusterworkflowtmpl = ` } ` +const userEmailLabel = "my-sub.at.your.org" + func getWorkflowServer() (workflowpkg.WorkflowServiceServer, context.Context) { var unlabelledObj, wfObj1, wfObj2, wfObj3, wfObj4, wfObj5, failedWfObj v1alpha1.Workflow var wftmpl v1alpha1.WorkflowTemplate @@ -625,7 +627,7 @@ func getWorkflowServer() (workflowpkg.WorkflowServiceServer, context.Context) { }) wfClientset := v1alpha.NewSimpleClientset(&unlabelledObj, &wfObj1, &wfObj2, &wfObj3, &wfObj4, &wfObj5, &failedWfObj, &wftmpl, &cronwfObj, &cwfTmpl) wfClientset.PrependReactor("create", "workflows", generateNameReactor) - ctx := context.WithValue(context.WithValue(context.WithValue(context.TODO(), auth.WfKey, wfClientset), auth.KubeKey, kubeClientSet), auth.ClaimsKey, &types.Claims{Claims: jwt.Claims{Subject: "my-sub"}}) + ctx := context.WithValue(context.WithValue(context.WithValue(context.TODO(), auth.WfKey, wfClientset), auth.KubeKey, kubeClientSet), auth.ClaimsKey, &types.Claims{Claims: jwt.Claims{Subject: "my-sub"}, Email: "my-sub@your.org"}) listOptions := &metav1.ListOptions{} instanceIdSvc := instanceid.NewService("my-instanceid") instanceIdSvc.With(listOptions) @@ -676,6 +678,7 @@ func TestCreateWorkflow(t *testing.T) { assert.NotNil(t, wf) assert.Contains(t, wf.Labels, common.LabelKeyControllerInstanceID) assert.Contains(t, wf.Labels, common.LabelKeyCreator) + assert.Equal(t, userEmailLabel, wf.Labels[common.LabelKeyCreatorEmail]) } type testWatchWorkflowServer struct { @@ -814,11 +817,13 @@ func TestSuspendResumeWorkflow(t *testing.T) { assert.True(t, *wf.Spec.Suspend) assert.Contains(t, wf.Labels, common.LabelKeyActor) assert.Equal(t, string(creator.ActionSuspend), wf.Labels[common.LabelKeyAction]) + assert.Equal(t, userEmailLabel, wf.Labels[common.LabelKeyActorEmail]) wf, err = server.ResumeWorkflow(ctx, &workflowpkg.WorkflowResumeRequest{Name: wf.Name, Namespace: wf.Namespace}) require.NoError(t, err) assert.NotNil(t, wf) assert.Contains(t, wf.Labels, common.LabelKeyActor) assert.Equal(t, string(creator.ActionResume), wf.Labels[common.LabelKeyAction]) + assert.Equal(t, userEmailLabel, wf.Labels[common.LabelKeyActorEmail]) assert.Nil(t, wf.Spec.Suspend) } @@ -855,6 +860,7 @@ func TestTerminateWorkflow(t *testing.T) { assert.Equal(t, v1alpha1.ShutdownStrategyTerminate, wf.Spec.Shutdown) assert.Contains(t, wf.Labels, common.LabelKeyActor) assert.Equal(t, string(creator.ActionTerminate), wf.Labels[common.LabelKeyAction]) + assert.Equal(t, userEmailLabel, wf.Labels[common.LabelKeyActorEmail]) require.NoError(t, err) rsmWfReq = workflowpkg.WorkflowTerminateRequest{ @@ -877,6 +883,7 @@ func TestStopWorkflow(t *testing.T) { assert.Equal(t, v1alpha1.WorkflowRunning, wf.Status.Phase) assert.Contains(t, wf.Labels, common.LabelKeyActor) assert.Equal(t, string(creator.ActionStop), wf.Labels[common.LabelKeyAction]) + assert.Equal(t, userEmailLabel, wf.Labels[common.LabelKeyActorEmail]) } func TestResubmitWorkflow(t *testing.T) { @@ -956,6 +963,7 @@ func TestSubmitWorkflowFromResource(t *testing.T) { assert.NotNil(t, wf) assert.Contains(t, wf.Labels, common.LabelKeyControllerInstanceID) assert.Contains(t, wf.Labels, common.LabelKeyCreator) + assert.Equal(t, userEmailLabel, wf.Labels[common.LabelKeyCreatorEmail]) }) t.Run("SubmitFromCronWorkflow", func(t *testing.T) { wf, err := server.SubmitWorkflow(ctx, &workflowpkg.WorkflowSubmitRequest{ @@ -967,6 +975,7 @@ func TestSubmitWorkflowFromResource(t *testing.T) { assert.NotNil(t, wf) assert.Contains(t, wf.Labels, common.LabelKeyControllerInstanceID) assert.Contains(t, wf.Labels, common.LabelKeyCreator) + assert.Equal(t, userEmailLabel, wf.Labels[common.LabelKeyCreatorEmail]) }) t.Run("SubmitFromClusterWorkflowTemplate", func(t *testing.T) { wf, err := server.SubmitWorkflow(ctx, &workflowpkg.WorkflowSubmitRequest{ @@ -978,5 +987,6 @@ func TestSubmitWorkflowFromResource(t *testing.T) { assert.NotNil(t, wf) assert.Contains(t, wf.Labels, common.LabelKeyControllerInstanceID) assert.Contains(t, wf.Labels, common.LabelKeyCreator) + assert.Equal(t, userEmailLabel, wf.Labels[common.LabelKeyCreatorEmail]) }) } diff --git a/server/workflowtemplate/workflow_template_server_test.go b/server/workflowtemplate/workflow_template_server_test.go index eedf23fe6bd8..e8c877d8a8cf 100644 --- a/server/workflowtemplate/workflow_template_server_test.go +++ b/server/workflowtemplate/workflow_template_server_test.go @@ -163,6 +163,8 @@ const wftStr3 = `{ } }` +const userEmailLabel = "my-sub.at.your.org" + func getWorkflowTemplateServer() (workflowtemplatepkg.WorkflowTemplateServiceServer, context.Context) { var unlabelledObj, wftObj1, wftObj2 v1alpha1.WorkflowTemplate v1alpha1.MustUnmarshal(unlabelled, &unlabelledObj) @@ -170,7 +172,7 @@ func getWorkflowTemplateServer() (workflowtemplatepkg.WorkflowTemplateServiceSer v1alpha1.MustUnmarshal(wftStr3, &wftObj2) kubeClientSet := fake.NewSimpleClientset() wfClientset := wftFake.NewSimpleClientset(&unlabelledObj, &wftObj1, &wftObj2) - ctx := context.WithValue(context.WithValue(context.WithValue(context.TODO(), auth.WfKey, wfClientset), auth.KubeKey, kubeClientSet), auth.ClaimsKey, &types.Claims{Claims: jwt.Claims{Subject: "my-sub"}}) + ctx := context.WithValue(context.WithValue(context.WithValue(context.TODO(), auth.WfKey, wfClientset), auth.KubeKey, kubeClientSet), auth.ClaimsKey, &types.Claims{Claims: jwt.Claims{Subject: "my-sub"}, Email: "my-sub@your.org"}) wftmplStore := NewWorkflowTemplateClientStore() cwftmplStore := clusterworkflowtemplate.NewClusterWorkflowTemplateClientStore() return NewWorkflowTemplateServer(instanceid.NewService("my-instanceid"), wftmplStore, cwftmplStore), ctx @@ -206,6 +208,7 @@ func TestWorkflowTemplateServer_CreateWorkflowTemplate(t *testing.T) { assert.NotNil(t, wftRsp) assert.Contains(t, wftRsp.Labels, common.LabelKeyControllerInstanceID) assert.Contains(t, wftRsp.Labels, common.LabelKeyCreator) + assert.Equal(t, userEmailLabel, wftRsp.Labels[common.LabelKeyCreatorEmail]) }) } @@ -269,6 +272,7 @@ func TestWorkflowTemplateServer_UpdateWorkflowTemplate(t *testing.T) { require.NoError(t, err) assert.Contains(t, wftRsp.Labels, common.LabelKeyActor) assert.Equal(t, string(creator.ActionUpdate), wftRsp.Labels[common.LabelKeyAction]) + assert.Equal(t, userEmailLabel, wftRsp.Labels[common.LabelKeyActorEmail]) assert.Equal(t, "alpine:latest", wftRsp.Spec.Templates[0].Container.Image) }) t.Run("Unlabelled", func(t *testing.T) { diff --git a/workflow/creator/creator.go b/workflow/creator/creator.go index 7e88f0273198..fa867495177d 100644 --- a/workflow/creator/creator.go +++ b/workflow/creator/creator.go @@ -103,7 +103,7 @@ func UserActionLabel(ctx context.Context, action ActionType) map[string]string { res[common.LabelKeyActor] = dnsFriendly(claims.Subject) } if claims.Email != "" { - res[common.LabelKeyActorEmail] = dnsFriendly(claims.Email) + res[common.LabelKeyActorEmail] = dnsFriendly(strings.Replace(claims.Email, "@", ".at.", 1)) } if claims.PreferredUsername != "" { res[common.LabelKeyActorPreferredUsername] = dnsFriendly(claims.PreferredUsername)